Tag Archives: North Korea

Security News Bites for the Week Ending February 1, 2019

GDPR Gone Crazy

I think we’re gonna need a bigger boat!

According to the European Commission, Europe’s data protection regulators received more than 95,000 complaints about possible data breaches in the first 8 months of GDPR.

At the same time businesses reported over 41,000 breaches.

But regulators only opened 255 investigations.

Many of the complaints were related to email marketing,  telemarketing and video surveillance.  Source: Bleeping Computer.

 

1987 and 1999 DNS Standards to be Enforced Soon

We often think about things moving at Internet speed.  Except when it comes to Internet standards.

On or about February 1, 2019, many major DNS resolver vendors are going to release upgrades that will stop supporting many DNS band-aids that have been implemented over the years to allow non-compliant DNS software to work – albeit slowly.  Major DNS providers such as Google, Cisco, Quad 9, Cloudflare and others have all agreed to rip off these band-aids in the next few weeks.  If your DNS vendor does not operate a fully 1987 or 1999 compliant DNS service, your web site will go dark to users of these major DNS resolvers.

You can test your DNS service provider by going to www.DNSFlagDay.Net and entering your domain name.  If it passes then there is nothing to worry about.  If it fails, talk to your DNS provider ASAP.  Source: DNSFlagDay .

 

Alastair Mactaggart Says He Thinks CCPA Will Survive

Alastair Mactaggart, who is the reason that the California Consumer Protection Act was passed, says that he believes that the CCPA will survive the attacks by telecom companies and the tech industry.  After all, with all of the negative news about tech companies, Congressional investigations, etc., the tech companies need to watch out for negative press.  Also, people are getting used to Europe’s GDPR.  Stay tuned – it doesn’t mean that they won’t try. Source: The Recorder.

 

Russia Targeting Robert Mueller’s Investigation Directly

Prosecutors revealed this week that The Kremlin sent reporters a trove of documents supposedly leaked from the Mueller investigation.

In reality, the Kremlin mixed documents that had actually been leaked or filed with the courts with fake documents that they created in an attempt to change the narrative around the investigation.

The reporters were very excited to receive the trove of documents but equally disappointed when they figured out that they were being targeted by a Russian disinformation campaign.

Obviously, the Russians have not given up their old ways and will continue to try and create disinformation if it works to their best interest.   Source: NBC.

 

FBI is Notifying Victims of North Korea Joanap Malware

The FBI and the Air Force have gotten the U.S. courts approval to infiltrate a North Korean botnet to create a map of Americans whose computers are infected.

While the malware is very old and can be detected by anti virus software, there are still large numbers of infected computers.

The FBI is using the map to get ISPs to notify users of infected computers and in some cases is directly contacting the infected users to clean up their computers.  Source:  Ars Technica.

 

Facebooktwitterredditlinkedinmailby feather

Sony – The Story That Just Never Ends

The New York Times is reporting that the NSA has been inside North Korea’s network since 2010 and that is how they knew that the Sony attack came from North Korea.  Hopefully, this is one NSA spying activity that no one in the U.S. is going to complain about.

The Times article said that North Korea had stolen the credentials of a Sony administrator, but the NSA didn’t realize that until after the attack.

General Clapper, the U.S. Director of National Intelligence went to North Korea in November as part of a secret plan to seek the release of two Americans being held there.  His host, Kim Yong-chol, head of the Reconnaissance General Bureau, Clapper says, later oversaw the Sony attack.

That information certainly adds some more credibility to the statement that North Korea is responsible for the attack and is an example of how sometimes, the government makes statements, leaving out facts for various reasons, and as a result, they don’t sound as credible as they would like.

Obviously, the downside of the Times article – disclosing “sources and methods” – which are generally very highly classified (There is a link in the Times article to a Der Spiegel leaked NSA document that is marked TOP SECRET//SI/TK//REL TO USA, FVEY.  For those of you who are familiar with the DoD classification markings, that document is definitely highly classified), will likely shut down the entry the NSA has into North Korea as the Koreans scramble to figure out how to deal with the leak of information.  Just as likely, the NSA is trying to (or maybe already has) figure out how to deal with this leak.

Mitch

Facebooktwitterredditlinkedinmailby feather