Reply With Quote
a·pol·o·gist
əˈpäləjəst/
noun
a person who offers an argument in defense of something controversial.
Apologist != Apology
Look, Yoni, you learned something today!
a·pol·o·gist
əˈpäləjəst/
noun
a person who offers an argument in defense of something controversial.
Apologist != Apology
Look, Yoni, you learned something today!
a·pol·o·gist
əˈpäləjəst/
noun
a person who offers an argument in defense of something controversial.
Apologist != Apology
Look, Yoni, you learned something today!
Now the FBI is saying it is confirmed:
FBI Shows North Korea Hacked Sony
Then, there's this...The FBI said Friday in an official statement that "the North Korean government is responsible" for the hacking of Sony Pictures Entertainment, and that the attack destroyed thousands of computers in the process.
"The FBI has determined that the intrusion into SPE’s network consisted of the deployment of destructive malware and the theft of proprietary information as well as employees’ personally identifiable information and confidential communications. The attacks also rendered thousands of SPE’s computers inoperable, forced SPE to take its entire computer network offline, and significantly disrupted the company’s business operations."
The FBI said its conclusion that North Korea was behind the hack is based, in part, on the following:
· Similarities in the data-deletion malware and other malware that the FBI knows North Korea previously developed. Specific lines of code, encryption algorithms, data deletion methods, and compromised networks are among the details.
· Significant overlap between the infrastructure used in this attack and other malicious activity the U.S. previously linked directly to North Korea. For example, the FBI discovered that several Internet protocol addresses associated with known North Korean infrastructure communicated with IP addresses that were hardcoded into the data deletion malware used in this attack.
· The tools used in the Sony attack have similarities to a cyber attack in March 2013 against South Korean banks and media outlets carried out by North Korea.
Sony hack: China may have helped North Korea, US states
China may have helped North Korea carry out the hacking attack on Sony Pictures, a US official has told Reuters.
The official, who spoke on condition of anonymity, said the conclusion of the US investigation was to be announced later by federal authorities.
The Chinese embassy in Washington later stated that China does not support "cyber illegalities".
There were also reports on Friday that Iran and Russia may have also helped the North Korean hackers.
The software used in the hacking was at a level of sophistication not previously seen in past North Korean attacks, a US intelligence source told Fox News, adding that China, Iran and Russia had all used the technology previously.
That is such ridiculous bull .
I guarantee you that China, Russia and Iran didn't all get together in a big conspiracy to help the dumb in North Korea hack SONY.
SONY got caught with their pants down and inadequate system security. All it took was stealing that system admins credentials and the party was on.
Simple as that.
Well, you're the expert with access to all the investigative products so, okay.
Our company is nobody in the big scheme of things and 99% of hack attempts come from China or Eastern Europe. It's been constant for many, many years. It's no secret who's trying to zombie and hack boxes.
That's why you use tools like fail2ban on your unix servers, update your security toolset, stay on top of security patches, etc, and make life miserable for the intruders. You also keep an eye on your logs and make sure you don't have a mole handing out passwords.
This is as old as the internet, there's no excuse for breaches like that.
Small sample of banned IPs in one of our servers:
[sendmail] Ban 213.87.130.160 - Russia
[ssh-iptables] Ban 116.10.191.202 - China
[dovecot] Ban 151.250.29.168 - Turkey
[ssh-iptables] Ban 61.174.51.225 - China
[ssh-iptables] Ban 116.10.191.215 - China
That's from Aug 24th, about a 30 secs sample...
Yep. Sony got caught with their pants not only down, but completely off.
crofl the North Korea "hack" was a SMB worm...
http://www.securityweek.com/hackers-...ol-attack-sony
North Korea is a pussy. They didn't give a over Team America. Who cares if they don't like a movie? em.
CROFL, you'd think a multibillion dollar company had heard of OpenBSD or FreeBSD.crofl the North Korea "hack" was a SMB worm...
http://www.securityweek.com/hackers-...ol-attack-sony
heck, throw CentOS in there...CROFL, you'd think a multibillion dollar company had heard of OpenBSD or FreeBSD.
Sony is a Japanese company. Let them deal with it. If NK commits a terrorist act on US soil, then it's our turn.
Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Corporation, based in Tokyo, Japan.
Sony's principal U.S. businesses include Sony Electronics Inc.,
Sony Mobile Communications (USA) Inc.,
Sony Computer Entertainment America LLC,
Sony Network Entertainment International LLC.,
Sony Pictures Entertainment Inc.,
Sony Music Entertainment,
Sony/ATV Music Publishing LLC,
and Sony Online Entertainment LLC.
http://www.sony.com/SCA/
Sony Corporation (ソニー株式会社 Sonī Kabushiki Gaisha?), commonly referred to as Sony, is a Japanese multinational conglomerate corporation headquartered in Kōnan Minato, Tokyo, Japan.[3] Its diversified business is primarily focused on the electronics (TV, Gaming Consoles, Refrigerators), game, entertainment and financial services sectors.[2] The company is one of the leading manufacturers of electronic products for the consumer and professional markets.[4] Sony is ranked 105th on the 2014 list of Fortune Global 500.[5]
Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Corporation, based in Tokyo, Japan.
Sony's principal U.S. businesses include Sony Electronics Inc.,
Sony Mobile Communications (USA) Inc.,
Sony Computer Entertainment America LLC,
Sony Network Entertainment International LLC.,
Sony Pictures Entertainment Inc.,
Sony Music Entertainment,
Sony/ATV Music Publishing LLC,
and Sony Online Entertainment LLC.
http://www.sony.com/SCA/
Sony Corporation of America (SCA), based in New York,[1] is the United States subsidiary of Japan's Sony Corporation, headquartered in Tokyo. It is the umbrella company under which all Sony companies operate in the United States.
Think before posting next time, idiot.
Sony is Japanese, so USA has no interest in Sony's problems, just like Sony has no interests in USA!
Fox News Host: Stephen Colbert Owes His Success To Us
"He should write an eight-figure check to Fox News," Gutfeld said, "because all of our gaffes made that man’s career."
http://talkingpointsmemo.com/livewire/greg-gutfeld-success-stephen-colbert?utm_source=feedburner&utm_medium=feed&utm_ campaign=Feed%3A+tpm-news+%28TPMNews%29
... as if it were only Fox's gaffes that Coal Bear ridiculed pitilessly.
Interests is one thing, responsibility is quite another. Shut up already.Sony is Japanese, so USA has no interest in Sony's problems, just like Sony has no interests in USA!
*
Last edited by CosmicCowboy; 12-22-2014 at 07:36 AM.
http://krypt3ia.wordpress.com/2014/12/20/fauxtribution/At the end of the day, if these are all the IP’s that the US is using as evidence that DPRK carried out this attack I think it is pretty weak as evidence goes. The majority of these systems are proxies and known to be such and the others are weak systems that have likely been compromised for use in this attack and maybe others because hackers share a lot of these C&C boxes. They do so to muddy the waters so to speak, the more groups using them the more confusion can be sewn.
The machine in NY is interesting in that it is still online. I would have thought that the authorities would want to take that into evidence but there it is, still online. Maybe they are still getting round to that… Or maybe they are just happy to make the pronouncement that it was DPRK and leave it be. I personally think that all of these systems together do not lead me or anyone using logic to believe that these are known infrastructures for DPRK unit 128.
Even if the likes of Crowdstrike and others may claim that DPRK has been known to use the same tactics or things like them or any other vague adjectives about the data that they have seen in the past none of it is anything that would be considered evidence in court. It is all considered cir stantial and that evidence is inadmissible. So, the US is going to base a theoretical response on a nation state level, as I said above, on cir stantial evidence?
Now that’s statecraft… Of course I remember a time a while back when we all were told that Iraq had massive WMD stocks and was in kahoots with Al Qaeda. In fact it was a SLAM DUNK according to the then CIA director.
Of course you all know how that all ended.
http://www.nytimes.com/2014/12/23/wo...collapses.htmlNorth Korea’s already tenuous links to the Internet went completely dark on Monday after days of instability, in what Internet monitors described as one of the worst North Korean network failures in years.The loss of service came just days after President Obama pledged that the United States would launch a “proportional response” to the recent attacks on Sony Pictures, which government officials have linked to North Korea. While an attack on North Korea’s networks was suspected, there was no definitive evidence of it.
Doug Madory, the director of Internet analysis at Dyn Research, an Internet performance management company, said that North Korean Internet access first became unstable late Friday. The situation worsened over the weekend, and by Monday, North Korea’s Internet was completely offline.
“Their networks are under duress,” Mr. Madory said. “This is consistent with a DDoS attack on their routers,” he said, referring to a distributed denial of service attack, in which attackers flood a network with traffic until it collapses under the load.
blow by blow:
https://www.riskbasedsecurity.com/20...014-sony-hack/
Jack Goldsmith squints his eyes at the US government's conclusions:
http://www.lawfareblog.com/2014/12/t...-surveillance/Today’s events demonstrate two huge problems for the government in addressing cyberattacks of this sort.
Attribution. One hears a lot in cybersecurity circles that the government has “solved” the attribution problem. The evidence presented today shows why it has not come close to solving it.
First, the “evidence” is of the most conclusory nature – it is really just unconfirmed statements by the USG. Second, on its face the evidence shows only that this attack has characteristics of prior attacks attributed to North Korea. We know nothing about the attribution veracity of those prior attacks. Much more importantly, it is at least possible that some other nation is spoofing a North Korean attack. For if the United States knows the characteristics or signatures of prior North Korean attacks, then so too might some third country that could use these characteristics or signatures – “specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” and similarities in the “infrastructure” and “tools” of prior attacks – to spoof the North Koreans in the Sony hack.
Third, the most significant line in the FBI statement is this: “While the need to protect sensitive sources and methods precludes us from sharing all of this information, our conclusion is based, in part, on the following.” Let us assume that the United States has a lot of other evidence, including human or electronic intelligence from inside Korea, that corroborates its attribution conclusion. This might give the USG confidence in the attribution and might support the legality of a proportionate response. But if protection of “sources and methods” prevents the United States from publicly revealing a lot more evidence, including intelligence beyond mere similar characteristics to past attacks, then there is no reason the rest of the world will or, frankly, should believe that a response on North Korea is justified. (Compare Adlai Stevenson and Colin Powell before the United Nations.) And if the United States’ response is significant, and has wider geo-political implications, this inability to prove attribution could be a huge problem. The important point: Even if the attribution problem is solved in the basement of Ft. Meade and in other dark places in the government, that does not mean the attribution problem is solved as far as public justification – and defense of legality – is concerned.
Update: Sony Pictures CEO ‘excited’ to release ‘The Interview’ on Christmas Day
Waiting to see if ADH will screen it here in Austin. Their website is a bit clunky at the moment.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions