ICT Security-Sécurité PC et Internet

Der von Symantec entdeckte Super-Trojaner Regin ist seit 2008 im Netz unterwegs und späht Regierungen, Internet-Anbieter und Unternehmen aus. Nun gibt es ein kostenloses Prüf-Tool.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/

Britische und US-amerikanische Geheimdienste sollen mit der Spionagesoftware Regin den massiven Cyberangriff auf Belgacom und EU-Behörden ausgeführt haben. Die Malware kann auch Mobilfunk-Stationen überwachen.

Die seit dem Wochenende öffentlich bekannte Cyberwaffe Regin ist unter anderem für die ausgefeilten Cyber-Attacke auf das belgische Telekommunikationsunternehmen Belgacom eingesetzt worden, die der Konzern im Juli vorigen Jahres entdeckte. Dies berichten die Blogger von "The Intercept", zu denen auch der NSA-Enthüllungsreporter Glenn Greenwald gehört. Sie berufen sich dabei auf IT-Sicherheitsexperten und eigene technische Analysen.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/

It was the spring of 2011 when the European Commission discovered it had been hacked. The intrusion into the EU’s legislative body was sophisticated and widespread and used a zero-day exploit to get in. Once the attackers established a stronghold on the network, they were in for the long haul. They scouted the network architecture for additional victims and covered their tracks well. Eventually, they infected numerous systems belonging to the European Commission and the European Council before being discovered.

Two years later another big target was hacked. This time it was Belgacom, the partly state-owned Belgian telecom. In this case, too, the attack was sophisticated and complex. According to published news reports and documents leaked by Edward Snowden, the attackers targeted system administrators working for Belgacom and used their credentials to gain access to routers controlling the telecom’s cellular network. Belgacom publicly acknowledged the hack, but has never provided details about the breach.

Then five months after that announcement, news of another high-profile breach emerged—this one another sophisticated hack targeting prominent Belgian cryptographer Jean-Jacques Quisquater.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/

An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.

It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.

As outlined in a new technical whitepaper from Symantec, Backdoor.Regin is a multi-staged threat and each stage is hidden and encrypted, with the exception of the first stage.  Executing the first stage starts a domino chain of decryption and loading of each subsequent stage for a total of five stages.  Each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/

Two governments working together are said to have developed the state-sponsored malware that attacked the European Union. Guess what? One of the makers was an EU country.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/

A sophisticated group known as Regin has targeted high-profile entities around the world. Regin is one of the most sophisticated attack platforms we have ever analysed. The ability to penetrate and...

For more than a decade, a sophisticated group known as Regin has targeted high-profile entities around the world with an advanced malware platform. As far as we can tell, the operation is still active, although the malware may have been upgraded to more sophisticated versions. The most recent sample we've seen was from a 64-bit infection. This infection was still active in the spring of 2014.

The name Regin is apparently a reversed "In Reg", short for "In Registry", as the malware can store its modules in the registry. This name and detections first appeared in anti-malware products around March 2011.

From some points of view, the platform reminds us of another sophisticated malware: Turla. Some similarities include the use of virtual file systems and the deployment of communication drones to bridge networks together. Yet through their implementation, coding methods, plugins, hiding techniques and flexibility, Regin surpasses Turla as one of the most sophisticated attack platforms we have ever analysed.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum

- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar

- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA

- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO

- https://gustmees.wordpress.com/2012/05/21/visual-it-securitypart2-your-computer-as-a-possible-cyber-weapon/