Thursday, November 15, 2018

Foreign espionage hackers user publicly available tools; Russians could retaliate for de-plaforming of their fake news sites; phishing for election recounts




US Cert in Pittsburgh has a collaborative report between US DHS and the British Commonwealth (UK, Canada, Australia, New Zealand), an Alert AA18-284A. about “publicly available hacking tools” seen in worldwide cyber incidents.

Most of the tools presented here seem determined to provide hidden readers for corporate espionage.
But concern persists that China, North Korea, and Russia can continue to do destructive attacks on relatively innocuous American interests, “to prove we can”.

There were some sporadic backbone router outages early Monday Nov 12 which might have been malicious.  Since US social media companies and perhaps hosts have no-platformed what they believe to be Russian fake accounts and “fake news” bots, the Russians might attack legitimate smaller interests in the US (or, more likely, the infrastructure supporting them) just to prove they can, as retaliation.

 One other thing – there seems to be some phishing spam going around claiming to raise money for Florida recounts.

Thursday, November 01, 2018

Could spammers send out no-platforming phishing notices? Also -- soft "NSA" intelligence tips when your email or social media shows unusual content repeatedly



Just a quick security tip.

If you get unusual volumes of emails, texts, robocalls, twitter mentions, Facebook postings in your timeline (or page if you allow multiple admins – a dubious idea now) or even US mail letters – about causes to which you have no connection and have no interest in supporting – just be careful, and watch your back.

It can mean someone views you as a threat to them.  Perhaps you’re lowballing them in business, or they think you are.

This goes a little beyond depending on spam filters or being careful about emails purporting to be from parties you know but looking odd. 

This is a matter that intelligence services and CIA and NSA people know well.
  
It’s even conceivable that spammers will send out sham “no-platforming” takedown emails (from social media platforms, domain registrars or hosts, claiming some sort of connection to a terms of service violation).  The first place to verify is the sender address with a mouseover, but sometimes those are masqueraded successfully.