Capture The DARPA’s Flag

image

The DARPA stands for the Defense Advanced Research Projects Agency¬†(DARPA), or in plain English, one of Fox Mulder’s most favorite non-secret government agencies. You dream about it, they make it. The most unimaginable and crazy weapons among other things.

However, this time the DARPA’s men in black have decided to borrow some of Defcon’s strategies. If you want to earn two million dollars in two days, here is what you have to do. You or your team have to come up with a software, which has mastered the skill of superior self defense.

The intention is more than clear with this one. No price is too big to pay for the state-of-the-art software, which can withstand the most sophisticated cyber attacks. In addition, the DARPA is aiming high with this one. How high you may ask? Let us put it in this more understandable way.

The perfect software according to DARPA’s rigorous criteria is supposed not only to successfully defend itself, but also to strike back with all the power of a cyber vengeance. This is a true win-win the busy little bees in the DARPA are trying to achieve with this challenging contest.

Rombertik – The AI Malware

image

Oh dear, you have been so naive. For some childish reason, you thought that the modern day viruses are not going to develop and evolve. You really need to be one hell of a brainiac to come up with a successful malicious software solution. The call of the dark-cyber-side can be a huge temptation.

Meet the latest, brightest and deadliest member of the growing malicious family called – Rombertik. This fellow has a remarkable AI potential. Some even dare to classify it as a self-aware malware. So, what does it do? What is so special and dangerous about it? Are you ready for some bad news?

Well, while at “work” this malware is in a “regular” mode for any malicious software. It steals away your financial data, while doing its best to keep a low profile. On the other side, as soon as you run an antivirus software, Rombertik strikes back in an unprecedented way.

This malware would rather destroy itself including your precious device. Now, you get it. This is a genuine and a deadly Kamikaze virus. Unfortunately, there is no much you can do about it. If lucky enough, you can reinstall your computer. Otherwise, Rombertik will make you buy a new one.

2015 First Quarter With Kaspersky Lab

image

Every now and then, we simply have to include some of the dark cloud reports, which come from the Kaspersky Lab mountains. You know how it goes, don’t you? There is no good news with the busy little bees from the Kaspersky Lab. So, let us see what wrong has happened in 2015 first quarter for us to worry about.

The number of cyber threats and attacks have simply doubled in comparison to the identical period of the previous year. We are talking only about malware and viruses registered by the Kaspersky products and solutions. Unfortunately, that is only the beginning of bad news.

There is a new bad guy in our cyber-town and it is called the Equation Group. These guys are dead serious about their malicious work. They can infect your device’s firmware. How? That is something, Kaspersky would like to know, as well. What is the moral of this depressive story?

Well, for Kaspersky and other cyber security service providers the business is as usual. They will have plenty of work to do in the future. On the other side, we do not have a choice, than to become a little bit more religious. Pray that an Equation Group’s malware does not find you in the cyberspace.

Develop or Buy, Buy or Cry?

image

Should you develop your own fully customized cyber security solution, or rather simply buy an existing one? There is a third option, as well. You can adapt some solution, you have previously acquired. All options are free to use and explore. Just like there is no answer for this puzzle.

As always, it all comes down to your choice and inner voice. Do not waste your time looking for a universal advice, because you are going to end up in a huge disappointment. Maybe, we have moved in the wrong direction all of this time. Here is an additional explanation for this claim.

Do we really to trouble our brain over this unnecessary dilemma? The real question is quite a different one. What are you waiting for? Do you really need to think twice before introducing an appropriate solution, which may or may not be tailored to our specific needs? If this is a case, then what?

Then, you have already left an open door for the hackers. Then, you have lost a right to complain. While you are wondering what to do, the hackers are deciding where to attack. It is more than obvious that cyber security is not a place for philosophers, nor for dilemmas, such as to be or not to be my cyber security.

Androidageddon

image

Is there such a thing as the Android Armageddon? Is it possible, in the first place? Well, you should not raise your eyebrows. We are not talking about the SF movie, but rather about the real life situation. So, what needs to happen in order to reach the cyber Armageddon requirements?

Believe it or not,  according to the numerous cyber security experts there is a high level probability that the unimaginable DDoS attack of epic proportions may easily hit Android infrastructure, any moment now. How can this be possible? Is this an exaggeration?

Well, the unprecedented development in the Android field represents a strong encouragement for all bad Android boys and girls. You have a mobile OS, which is predominant in more than 90% of all smart devices. In addition, we are talking about the billions of potentially vulnerable devices.

As you can see our cyber stage is set for the worst case scenario. You do not have to wait too long for the volunteers, who are eager to build their hacker’s fame on the ruins of once powerful Android empire. Are we going to just sit and wait for Android Armageddon to happen?  

Through Congress To Security Progress

image

It may sound a little bit unorthodox, but in the world of cyber security a debate is actually a positive thing to witness first-hand. So, who has a responsibility of pushing the security things in the right direction? Some fingers pointing impatiently and with expectations in the Congress’ direction.

Do we really need a legislative “motivation” to improve the security standards associated with our credit cards and available online payment solutions? As you might have guessed from the enclosed picture in this post, there is no opinion free of dispute nor controversy.

Business representative would gladly accept the push from the Congress in this field. On the other side, the busy little bees behind the cyber security industry are surprisingly up to a more flexible approach. Why? If there is a law, there has to be some responsibility, as well. Right?

We sure hope that the hackers will not take an advantage of this ridiculous situation where two sides are arguing over a simple and painfully obvious thing. You do not have to go to Congress, in order to achieve security progress, do you? Or, maybe there is no other way?

AdultAdAttack

image

The ads are annoying. The ads are running your good mood. Yet, the notorious world of ads can be surprisingly innovative when attracting your attention is an absolute must for their basic business survival. Now, put some of the adult websites into this story and what do you get as a result?

The worst case scenario, that is for sure. If you can help yourself against the overwhelming online porn impulses, then you should be fully aware of the most recent changes in this field. It turns out that as soon as you visit some of the adult website you are already “adoomed” before you know it.

What is that supposed to mean exactly? Well, in order for your system to get infected with the ads you would not consider looking under the normal circumstances, you do not have to interact with a certain adult website. The simple visit is all what is required. And unfortunately, that is only the beginning.

These ads are going to be patient for a while before launching their merciless campaign of an endless annoyance. It seems that the bad-ad-boys did a proper homework. In case, you are already wondering how to get rid of these ads, we have to warn you. This is a hot topic for one of our next posts.

Cisco New Malware Disco

image

The busy little bees in the Cisco security department have an intriguing new concept for us. Are you eager to hear it? On the other hand, is there something we can do in order to radically improve our current cyber security situation? For real? We are not talking about the cosmetic changes.

Well, it is supposed to be, according to Cisco. This new guy-in-cyber-town is called the “layered defense”. You do not have to be a rocket scientist to figure it out with no additional explanations, do you? The only thing we are not quite certain about is the very structure of this layered cyber defense.

What is Cisco’s masterplan with this one? Are we talking about the cyber defense, which is structured and organized in a couple of rings? Or, maybe Cisco plans to introduce a principle, where the best is being saved for last. This means that your strongest security component will be activated at the end.

For Cisco, the things just could not be possibly simpler. Your worst nightmare malware can knock down a couple elements of your defense, but definitely not all of them. Yet, this is an extremely optimistic presumption that your layered defense is going to hold on till its very last line. Right?

XSS Bugs On WordPress Leaves

image

What is the thing between numerous bugs and the WordPress? You cure one, but before you know it the next one jumps in. The latest one is associated with the DOM or the Document Object Model, which gives the XSS cross-site scripting trouble in return. What is the cause?

Well, this bug was an unexpected “gift”, which was introduced with the WordPress 4.2.2. We do not claim to be WordPress gurus, but from what we have heard this update eliminated all non-critical HTML files. Could they have predicted that these operations would cause so many problems?

What kind of problems, exactly? First of all, in order to create a living hell for a certain website, you only need to be a registered user. In return, you could easily host all kinds of malware attacks, influence financial transactions or simply take over the entire website. Let us stop here.

There is no crystal ball for developers. However, you have to devote some of your precious time for predicting the most possible outcomes. Even the worst case scenarios. That would also mean less stress for the WordPress, as well. Or, how about some effective cyber insecticide for all of these bugs?

Banzai! Kamikaze Virus!

image

Here it goes. We have a bad and a less bad news for you. Why do you look so surprised? Take this innocent look off your face. Right now. There is no such a thing as a good news in the heartbreaking world of cyber security. So, which one of these two, you want to hear first?

Let us start with the bad one. There are some really nasty cyber guys, called the Kamikaze Viruses. You do not have to be a rocket scientist to know what these malicious busy little cyber bugs are all about, do you? They destroy both themselves and your computer as well. So, what now?

The only positive thing in this situation is that there are not too many of these killers. They are simply too bad for the business. What is the use for a hacker, if he or she kills your machine straight away? However, this does not mean that you will not hear banzai at some point in time.

So, what can you do about it? Buy yourself a new cyber ride. What else? In the meantime, think twice before you open a suspicious attachment. Yes, cyber boys and girls your own private Kamikaze Virus is not going to come out of the blue. You will hear gentle knocking on your door.