<b>⌨ Feds Charge Three in Mass Seizure of Attack-for-hire Services ⌨</b>
<code>Authorities in the United States this week brought criminal hacking charges against three men as part of an unprecedented, international takedown targeting 15 different βbooterβ or βstresserβ sites β attack-for-hire services that helped paying customers launch tens of thousands of digital sieges capable of knocking Web sites and entire network providers offline.</code><code>Media</code><code>The seizure notice appearing on the homepage this week of more than a dozen popular βbooterβ or βstresserβ DDoS-for-hire Web sites.</code><code>As of Thursday morning, a seizure notice featuring the seals of the U.S. Justice Department, FBI and other law enforcement agencies appeared on the booter sites, including:</code><code>anonsecurityteam[.]com
booter[.]ninja
bullstresser[.]net
critical-boot[.]com
defcon[.]pro
defianceprotocol[.]com
downthem[.]org
layer7-stresser[.]xyz
netstress[.]org
quantumnstress[.]net
ragebooter[.]com
request[.]rip
str3ssed[.]me
torsecurityteam[.]org
vbooter[.]org</code><code>Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.</code><code>Cameron Schroeder, assistant U.S. attorney for the Central District of California, called this weekβs action the largest simultaneous seizure of booter service domains ever.</code><code>βThis is the biggest action U.S. law enforcement has taken against booter services, and weβre doing this in cooperation with a large number of industry and foreign law enforcement partners,β Schroeder said.</code><code>Booter services are typically advertised through variety of methods, including Dark Web forums, chat platforms and even youtube.com. They accept payment via PayPal, Google Wallet, and/or cryptocurrencies, and subscriptions can range in price from just a few dollars to several hundred per month. The services are priced according to the volume of traffic to be hurled at the target, the duration of each attack, and the number of concurrent attacks allowed.</code><code>Purveyors of stressers and booters claim they are not responsible for how customers use their services, and that they arenβt breaking the law because β like most security tools β stresser services can be used for good or bad purposes. For example, all of the above-mentioned booter sites contained wordy βterms of useβ agreements that required customers to agree they will only stress-test their own networks β and that they wonβt use the service to attack others.</code><code>But experts say todayβs announcement shreds that virtual fig leaf, and marks several important strategic shifts in how authorities intend to prosecute booter service operators going forward.</code><code>βThis action is predicated on the fact that running a booter service itself is illegal,β said Allison Nixon, director of security research at Flashpoint, a security firm based in New York City. βThatβs a slightly different legal argument that has been made in the past against other booter owners.β</code><code>For one thing, the booter services targeted in this takedown advertised the ability to βresolveβ or determine the true Internet address of a target. This is especially useful for customers seeking to harm targets whose real address is hidden behind mitigation services like Cloudflare (ironically, the same provider used by most of these booter services to withstand attacks by competing booter services).</code><code>Some resolvers also allowed customers to determine the Internet address of a target using nothing more than the targetβs Skype username.</code><code>βYou donβt need to use a Skype resolver just to attack yourself,β assistant U.S. Attorney Schroeder said. βClearly, the people running these booter services know their services are being used not by people targeting their own infrastructure, and have built in capabilities thatβ¦
<code>Authorities in the United States this week brought criminal hacking charges against three men as part of an unprecedented, international takedown targeting 15 different βbooterβ or βstresserβ sites β attack-for-hire services that helped paying customers launch tens of thousands of digital sieges capable of knocking Web sites and entire network providers offline.</code><code>Media</code><code>The seizure notice appearing on the homepage this week of more than a dozen popular βbooterβ or βstresserβ DDoS-for-hire Web sites.</code><code>As of Thursday morning, a seizure notice featuring the seals of the U.S. Justice Department, FBI and other law enforcement agencies appeared on the booter sites, including:</code><code>anonsecurityteam[.]com
booter[.]ninja
bullstresser[.]net
critical-boot[.]com
defcon[.]pro
defianceprotocol[.]com
downthem[.]org
layer7-stresser[.]xyz
netstress[.]org
quantumnstress[.]net
ragebooter[.]com
request[.]rip
str3ssed[.]me
torsecurityteam[.]org
vbooter[.]org</code><code>Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.</code><code>Cameron Schroeder, assistant U.S. attorney for the Central District of California, called this weekβs action the largest simultaneous seizure of booter service domains ever.</code><code>βThis is the biggest action U.S. law enforcement has taken against booter services, and weβre doing this in cooperation with a large number of industry and foreign law enforcement partners,β Schroeder said.</code><code>Booter services are typically advertised through variety of methods, including Dark Web forums, chat platforms and even youtube.com. They accept payment via PayPal, Google Wallet, and/or cryptocurrencies, and subscriptions can range in price from just a few dollars to several hundred per month. The services are priced according to the volume of traffic to be hurled at the target, the duration of each attack, and the number of concurrent attacks allowed.</code><code>Purveyors of stressers and booters claim they are not responsible for how customers use their services, and that they arenβt breaking the law because β like most security tools β stresser services can be used for good or bad purposes. For example, all of the above-mentioned booter sites contained wordy βterms of useβ agreements that required customers to agree they will only stress-test their own networks β and that they wonβt use the service to attack others.</code><code>But experts say todayβs announcement shreds that virtual fig leaf, and marks several important strategic shifts in how authorities intend to prosecute booter service operators going forward.</code><code>βThis action is predicated on the fact that running a booter service itself is illegal,β said Allison Nixon, director of security research at Flashpoint, a security firm based in New York City. βThatβs a slightly different legal argument that has been made in the past against other booter owners.β</code><code>For one thing, the booter services targeted in this takedown advertised the ability to βresolveβ or determine the true Internet address of a target. This is especially useful for customers seeking to harm targets whose real address is hidden behind mitigation services like Cloudflare (ironically, the same provider used by most of these booter services to withstand attacks by competing booter services).</code><code>Some resolvers also allowed customers to determine the Internet address of a target using nothing more than the targetβs Skype username.</code><code>βYou donβt need to use a Skype resolver just to attack yourself,β assistant U.S. Attorney Schroeder said. βClearly, the people running these booter services know their services are being used not by people targeting their own infrastructure, and have built in capabilities thatβ¦
π΄ How to Optimize Security Spending While Reducing Risk π΄
π Read
via "Dark Reading: ".
Risk scoring is a way of getting everyone on the same page with a consistent, reliable method of gathering and analyzing security data.π Read
via "Dark Reading: ".
Darkreading
How to Optimize Security Spending While Reducing Risk
Risk scoring is a way of getting everyone on the same page with a consistent, reliable method of gathering and analyzing security data.
β U.S. Indicts China-Backed Duo for Massive, Years-Long Spy Campaign β
π Read
via "Threatpost | The first stop for security news".
The homeland security implications are significant: the two, working with Beijing-backed APT10, allegedly stole sensitive data from orgs like the Navy and NASA.π Read
via "Threatpost | The first stop for security news".
Threat Post
U.S. Indicts China-Backed Duo for Massive, Years-Long Spy Campaign
The Chinese duo, working with APT10, stole sensitive data from orgs like the Navy and NASA.
β Huawei Router Flaw Leaks Default Credential Status β
π Read
via "Threatpost | The first stop for security news".
It makes it simple for attackers to find devices to take over and add to botnets.π Read
via "Threatpost | The first stop for security news".
Threat Post
Huawei Router Flaw Leaks Default Credential Status
It makes it simple for attackers to find devices to take over and add to botnets.
π Russian infowar: A reminder your data is being bought and sold π
π Read
via "Security on TechRepublic".
Dan Patterson discusses the wake-up call provided by new reports for the Senate that detail Russia's pervasive interference in the 2016 presidential election.π Read
via "Security on TechRepublic".
TechRepublic
Russian infowar: A reminder your data is being bought and sold
Dan Patterson discusses the wake-up call provided by new reports for the Senate that detail Russia's pervasive interference in the 2016 presidential election.
π Russian infowar: A reminder your data is being bought and sold π
π Read
via "Security on TechRepublic".
Dan Patterson discusses the wake-up call provided by new reports for the Senate that detail Russia's pervasive interference in the 2016 presidential election.π Read
via "Security on TechRepublic".
TechRepublic
Russian infowar: A reminder your data is being bought and sold
Dan Patterson discusses the wake-up call provided by new reports for the Senate that detail Russia's pervasive interference in the 2016 presidential election.
π΄ Attackers Use Scripting Flaw in Internet Explorer, Forcing Microsoft Patch π΄
π Read
via "Dark Reading: ".
Microsoft issues an emergency update to its IE browser after researchers notified the company that a scripting engine flaw is being used to compromised systems.π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π΄ Security 101: How Businesses and Schools Bridge the Talent Gap π΄
π Read
via "Dark Reading: ".
Security experts share the skills companies are looking for, the skills students are learning, and how to best find talent you need.π Read
via "Dark Reading: ".
Dark Reading
Security 101: How Businesses and Schools Bridge the Talent Gap
Security experts share the skills companies are looking for, the skills students are learning, and how to best find talent you need.
β Update now! Microsoft patches another zero-day flaw β
π Read
via "Naked Security".
Microsoft has released an emergency patch for a remote code execution (RCE) zero-day vulnerability in Internet Explorerβs Jscript scripting engine affecting all versions of Windows, including Windows 10.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ 3 Reasons to Train Security Pros to Code π΄
π Read
via "Dark Reading: ".
United Health chief security strategist explains the benefits the organization reaped when it made basic coding training a requirement for security staff.π Read
via "Dark Reading: ".
Dark Reading
3 Reasons to Train Security Pros to Code
United Health chief security strategist explains the benefits the organization reaped when it made basic coding training a requirement for security staff.
ATENTIONβΌ New - CVE-2017-9732
π Read
via "National Vulnerability Database".
The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting another services running on the targeted host.π Read
via "National Vulnerability Database".
β Apple spams users with unwanted βCarpool Karaokeβ push notifications β
π Read
via "Naked Security".
It's U2 dΓ©jΓ vu: Apple's yet again shoving stuff at users without their say-so. This time, it's via the TV app, to some iOS users.π Read
via "Naked Security".
Naked Security
Apple spams users with unwanted βCarpool Karaokeβ push notifications
Itβs U2 dΓ©jΓ vu: Appleβs yet again shoving stuff at users without their say-so. This time, itβs via the TV app, to some iOS users.
β Nagging text messages can help you to quit smoking β
π Read
via "Naked Security".
Does nicotine have you in its addictive grip? Chinese researchers have found that you might be helped with an SMS-based intervention.π Read
via "Naked Security".
Naked Security
Nagging text messages can help you to quit smoking
Does nicotine have you in its addictive grip? Chinese researchers have found that you might be helped with an SMS-based intervention.
β Fortnite hackers making a fortune from reselling stolen accounts β
π Read
via "Naked Security".
Teenage hackers have been making thousands of pounds selling stolen accounts for popular online game Fortnite, it emerged this week.π Read
via "Naked Security".
Naked Security
Fortnite hackers making a fortune from reselling stolen accounts
Teenage hackers have been making thousands of pounds selling stolen accounts for popular online game Fortnite, it emerged this week.
π A year after Spectre and Meltdown, how well do patches work? π
π Read
via "Security on TechRepublic".
Attempts to mitigate the landmark vulnerabilities have caused crashes, sudden reboots, and performance degradations. Here's the progress report on the Spectre and Meltdown solution.π Read
via "Security on TechRepublic".
TechRepublic
A year after Spectre and Meltdown, how well do patches work?
Attempts to mitigate the landmark vulnerabilities have caused crashes, sudden reboots, and performance degradations. Here's the progress report on the Spectre and Meltdown solution.
π 12 ways to stay cybersecure over the holidays π
π Read
via "Security on TechRepublic".
Unboxing a new device gift can be exciting, but you need to follow these steps to ensure you don't invite hackers in, according to Palo Alto Networks.π Read
via "Security on TechRepublic".
TechRepublic
12 ways to stay cybersecure over the holidays
Unboxing a new device gift can be exciting, but you need to follow these steps to ensure you don't invite hackers in, according to Palo Alto Networks.
π΄ APT10 Indictments Show Shift to MSP Targets π΄
π Read
via "Dark Reading: ".
US brings more indictments against a cyber espionage group operating in China, but what will they accomplish?π Read
via "Dark Reading: ".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Microsoft gets users test driving Patch Tuesdayβs non-security updates β
π Read
via "Naked Security".
Are Microsoft's new C and D updates a good idea or a beta by another name?π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Criminals Move Markets to Remain in the Shadows π΄
π Read
via "Dark Reading: ".
While malware families and targets continue to evolve, the most important shift might be happening in the background.π Read
via "Dark Reading: ".
Dark Reading
Criminals Move Markets to Remain in the Shadows
While malware families and targets continue to evolve, the most important shift might be happening in the background.
π΄ US Indicts 2 APT10 Members for Years-Long Hacking Campaign π΄
π Read
via "Dark Reading: ".
In an indictment unsealed this morning, the US ties China's state security agency to a widespread campaign of personal and corporate information theft.π Read
via "Dark Reading: ".
Darkreading
US Indicts 2 APT10 Members for Years-Long Hacking Campaign
In an indictment unsealed this morning, the US ties China's state security agency to a widespread campaign of personal and corporate information theft.
π΄ APT10 Indictments Show Shift to MSP Targets π΄
π Read
via "Dark Reading: ".
US brings more indictments against a cyber espionage group operating in China, but what will they accomplish?π Read
via "Dark Reading: ".
Darkreading
APT10 Indictments Show Expansion of MSP Targeting, Cloud Hopper Campaign
US brings more indictments against the APT10 cyber espionage group operating in China for its Operation Cloud Hopper campaign against managed service providers, but what will those indictments accomplish?