Realtime map of cyber attacks

[nomo]

http://map.norsecorp.com

Norse Intelligence Platform

Every second, Norse collects and analyzes live threat intelligence from darknets in hundreds of locations in over 40 countries. The attacks shown are based on a small subset of live flows against the Norse honeypot infrastructure, representing actual worldwide cyber attacks by bad actors. At a glance, one can see which countries are aggressors or targets at the moment, using which type of attacks (services-ports).

Hovering over the ATTACK ORIGINS, ATTACK TARGETS, or ATTACK TYPES will highlight just the attacks emanating from that country or over that service-port respectively. Hovering over any bubble on the map, will highlight only the attacks from that location and type.

Norse exposes its threat intelligence via high-performance, machine-readable APIs in a variety of forms. Norse also provides products and solutions that assist organizations in protecting and mitigating cyber attacks.

For more information, please contact: inquiry@norse-corp.com

[zangtang]

quite pretty.....
- and not a little disturbing.

despite the US being the badguy in just about every perceived theatre,scenario,clusterfuck & brouhaha,
wonder how much, in dollar value or strategic advantage, the Chinese have of technology,IP,new product development,military secrets,biographic leverage, etc adinfinitum.......
STOLEN?

- should've learnt me that Cantonese.

[Wombaticus Rex]

Via: https://medium.com/message/everything-i ... e5f33a24e1

Recently an anonymous hacker wrote a script that took over embedded Linux devices. These owned computers scanned the whole rest of the internet and created a survey that told us more than we’d ever known about the shape of the internet. The little hacked boxes reported their data back (a full 10 TBs) and quietly deactivated the hack. It was a sweet and useful example of someone who hacked the planet to shit. If that malware had actually been malicious, we would have been so fucked.

This is because all computers are reliably this bad: the ones in hospitals and governments and banks, the ones in your phone, the ones that control light switches and smart meters and air traffic control systems. Industrial computers that maintain infrastructure and manufacturing are even worse. I don’t know all the details, but those who do are the most alcoholic and nihilistic people in computer security. Another friend of mine accidentally shut down a factory with a malformed ping at the beginning of a pen test. For those of you who don’t know, a ping is just about the smallest request you can send to another computer on the network. It took them a day to turn everything back on.

Computer experts like to pretend they use a whole different, more awesome class of software that they understand, that is made of shiny mathematical perfection and whose interfaces happen to have been shat out of the business end of a choleric donkey. This is a lie. The main form of security this offers is through obscurity — so few people can use this software that there’s no point in building tools to attack it. Unless, like the NSA, you want to take over sysadmins.

[82_28]

The best solution I can think of is "SecurID". Someone would have to rob me (it's a FOB that the login changes every minute) of it and then beat the living shit out of me for at least a dozen usernames and passwords in order to gain access to the systems I use. Then if they wanted to gain access to my personal Linux boxes they'd have to beat me up to gain access to my secured accounts for the PWDs. Thus, failure to get to anything I do online. I can tell you all that telco shit is very secure. There are so many steps in order to login.

[Zombie Glenn Beck]

“These bugs that happen, these mistakes in software that lead to vulnerabilities, they aren’t one-off problems. They’re systemic. There are patterns to them and patterns to how people take advantage of them. But it isn’t in any one particular company’s interest to dump a pile of their own resources into fixing even one of the problems, much less dump a pile of resources into an engineering effort to fight the pattern. Google could easily throw a pile of engineers at fixing OpenSSL, but it’d never be in their interest to do it, because they’d be handing Facebook and LinkedIn and Amazon a pile of free money in unspent remediation costs. They’ve got even less incentive to fix entire classes of vulnerabilities across the board. Same goes for everybody else in the game.

https://medium.com/message/how-i-explai ... 1dbcbe1099

[82_28]

Here's one that works and HAD to be an inside job but does not amount to hacking:

The Federal Bureau of investigation is stumped, and it's seeking the public's assistance in nabbing those responsible for severing fiber-optic cable throughout the San Francisco Bay Area.

In one of the latest incidents, happening in the Oakland suburb of Walnut Creek, cable responsible for landline and wireless AT&T customers was severed on June 9. AT&T is offering a $1,000 reward for info leading to the conviction of those responsible. At least 10 incidents, beginning last July in Berkeley, have knocked out various California telecom services.

Here are the dates and locations, according to the FBI:

7/6/2014, 9:44pm near 7th St. and Grayson St. in Berkeley.

7/6/2014 11:39pm near Niles Canyon Blvd. and Mission Blvd. in Fremont.

7/7/2014 12:24am near Jones Road and Iron Horse Trail in Walnut Creek.

7/7/2014 12:51am near Niles Canyon Blvd. and Alameda Creek in Fremont.

7/7/2014 2:13am near Stockton Ave. and University Ave. in San Jose.

2/24/2015 11:30pm near Niles Canyon Blvd. and Mission Blvd. in Fremont.

2/24/2015 11:30pm near Niles Canyon Blvd. and Alameda Creek in Fremont.

6/8/2015 11:00pm. near Danville Blvd. and Rudgear Road in Alamo.

6/8/2015 11:40pm near Overacker Ave and Mowry Ave in Fremont.

6/9/2015 1:38pm near Jones Road and Parkside Dr. in Walnut Creek.

http://arstechnica.com/tech-policy/2015 ... vandalism/

Granted this is physical damage, but someone with knowledge would have to know where the lines run.

[82_28]

Here's a good one and perhaps requires its own thread and is happening now 07/08/2015 and should be easily found on all your usual feeds:

Trading in all symbols was halted on the New York Stock Exchange floor Wednesday due to an apparent technical issue.

"NYSE/NYSE MKT has temporarily suspended trading in all symbols. Additional information will follow as soon as possible," the NYSE said in a statement on its status page.

Trading stopped around 11:30 a.m. ET. The exchange was investigating the issue that caused the halt, Reuters reported, citing a source.

They're saying "computer glitch" but yeah right. Glitch, my ass. That shit is a well oiled machine. What say you Wombat?

[Wombaticus Rex]

That shit is a well oiled machine. What say you Wombat?

It is "well oiled" in the sense that it is in flames, every day, and multiple ruptures in the casing have led to an even distribution of fuel throughout the chassis. My guess is that, like everyone else, they're frantically updating some of the 0days that the Hacking Team leaks exposed and fucked up their system. It is hard to over-emphasize how much things barely work on the infrastructure level.

That's not sexy. Here's a much more entertaining theory, though: http://economics-is-a-dogmatic-religion ... l?spref=tw

As such:

- All USA data regarding employment, GDP etc are simply made up

- All Federal Reserve data is incorrectly published on purpose and intended to mislead

- The value of S&P, Dow, UST yields,crude oil, gold etc are decided during last 1/2 hr of trade by the White House and Senate and House finance and banking committees.

- NSA computers and NSA employees are in charge of implementing orders as to what the ELECTRONIC VALUE of S&P, DOW, UST yields, crude oil, gold etc will end up being for the day

- So, let's say, if Dow is 15,540 and 3.30PM and the order comes that it must be between 16000 and 16100, then HFT computers at NSA or NY Fed but still NSA operated, would simply OVERRIDE the system and set Dow at 16050 at the end of trading day WITHOUT ANY TRADING DONE AT ALL. They will simply post a fake trading volume number.

- Same way with UST yields. NSA employees at NSA headquarters or NY Fed execute orders at the end of the day as to where 10 year yield would have to be. They simply OVERRIDE the system. So, let's say, the order comes that 10 year UST yields should be between 2.68 and 2.72 today, NSA employees simply set it as 2.70 by overriding the system without doing any trading at all or with minimal trading. They of course, would post a fake trading volume on the system.

- This operation is done with full cooperation of HFT computers of primary dealers around the world.

[Luther Blissett]

United airlines grounded flights, Wall Street Journal down, NYSE down?

[RocketMan]

United airlines grounded flights, Wall Street Journal down, NYSE down?

This is indeed a lot for one day...

http://gawker.com/ladies-and-gentlemen- ... socialflow

ITEM: The New York City subway system suffered an atrocious commute today, with some trains being inexplicably stranded in stations for long periods of time.

ITEM: The website “The Dissolve” folded today.

ITEM: United Airlines was forced to ground all of its flights after its computer system mysteriously stopped working.

ITEM: The New York Stock Exchange suspended trading today after its computerized trading system mysteriously stopped working.

ITEM: Immediately after, the Wall Street Journal’s website mysteriously stopped working.

ITEM: More than 2,500 people in Washington, DC mysteriously lost power.

[Luther Blissett]

I blew two fuses this morning, which I thought was odd. It had me thinking a lot about brownouts and power grid stress, etc.

[82_28]

Just read this comment at the denver post:

The algorithms wanted to deleverage, the rulers said no.

But all of this in one day is certainly weird. I was asked by my mom's friend the other day when I thought the "world was going to end". I said that it probably already has.

[zangtang]

maybe someone is testing your response to one of many possible opening salvoes?

[Nordic]

Today's date. 7 + 8 = 15

Just a thought.

The "Internet of "Things" is gonna be awesome!

Time to get my old 85 Mercedes back up and running.

[Wombaticus Rex]

Just read this comment at the denver post:

The algorithms wanted to deleverage, the rulers said no.

That strikes me as a very lucid and concise formulation of The Problem. Zang. Yes.

I'm fortunate to have some nerd friends in the HFT programming community and they are big supporters of the "Opaque Intelligence" concept...summarized in two:

...the problem isn’t artificial intelligence but opaque intelligence. Algorithms have now become so sophisticated that we human’s can’t really understand why they are telling us what they are telling us.

Dual angles of probably the same issue:

1. They can't explain a lot of the best successes. "Reverse tracing," my favorite stock mentor would call it -- working backwards to determine why decisions were made and then timing out when that trade could have been submitted even more profitably. It's also a great way to learn, backwards, how financial news coverage affects actual stock prices. Apparently this is usually impossible on the best picks a sophisticated, long-term algorithm / machine learning project makes. They are totally opaque to human observers.

2. Getting algorithms to lie is apparently hard. Humans, natural born liars that we be, are perfectly suited to the labyrinth of winks, nods and social signaling they need to negotiate even when interacting with other humans on a screen. HFT algos are more like a driven MMA fighter, immediately exploiting any weakness their penetration testing reveals -- that metaphor obviously falls apart because a human being can only be struck in the skull so many times, whereas you can extract a few billion from market liquidity in the space of ~60 seconds.

Really, it's a compelling argument for functional AI, isn't it? "We turned the robot broker on and he immediately concluded the entire market was over-valued, and it would be easy to scale enough paper/derivative leverage to force other players to agree."

I don't think that robot is broken...

All that said, the infosec working concept of APT - "Advanced Persistent Threats," folks who have you permanently, totally compromised and you don't know it - pales in comparison to HFT algorithms with a time preference on the scale of decades and a daily MO of total invisibility. Hopefully there are a couple dozen in play any given second NYSE is open.