The phishing campaign targeted users via texts impersonating Amazon, linked to the threat actor Chenlun
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Author: admin
Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats
Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
From the frontlines: Our CISO’s view of Pacific Rim
On beyond “Detect and Respond” and “Secure by Design”
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Pacific Rim: What’s it to you?
Thirty-five years after the first great cat-and-mouse infosecurity story, here we are again
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Pacific Rim: Learning to eat soup with a knife
What our incident responders know from five years of fighting an octopus
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Digital Detritus: The engine of Pacific Rim and a call to the industry for action
Decades of obsolete and unpatched hardware and software endanger us all
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns
Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Sophos Firewall hardening best practices
Make the most of your Sophos Firewall.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Simson Garfinkel on Spooky Cryptographic Action at a Distance
Excellent read. One example:
Consider the case of basic public key cryptography, in which a person’s public and private key are created together in a single operation. These two keys are entangled, not with quantum physics, but with math.
When I create a virtual machine server in the Amazon cloud, I am prompted for an RSA public key that will be used to control access to the machine. Typically, I create the public and private keypair on my laptop and upload the public key to Amazon, which bakes my public key into the server’s administrator account. My laptop and that remove server are thus entangled, in that the only way to log into the server is using the key on my laptop. And because that administrator account can do anything to that server—read the sensitivity data, hack the web server to install malware on people who visit its web pages, or anything else I might care to do—the private key on my laptop represents a security risk for that server.
Here’s why it’s impossible to evaluate a server and know if it is secure: as long that private key exists on my laptop, that server has a vulnerability. But if I delete that private key, the vulnerability goes away. By deleting the data, I have removed a security risk from the server and its security has increased. This is true entanglement! And it is spooky: not a single bit has changed on the server, yet it is more secure.
Read it all.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains
Law Enforcement Deanonymizes Tor Users
The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay.
Hacker News thread.
—————
Free Secure Email – Transcom Sigma
Boost Inflight Internet
Transcom Hosting
Transcom Premium Domains