The name “Project Sauron” came from code contained in one of the malware’s configuration files. (credit: Kaspersky Lab) Security experts have discovered a malware platform that’s so advanced in its design and execution that it could probably have been developed only with the active support of a nation state. The malware—known alternatively as “ProjectSauron” by researchers from Kaspersky Lab and “Remsec” by their counterparts from Symantec—has been active since at least 2011 and has been discovered on 30 or so targets. Its ability to operate undetected for five years is a testament to its creators, who clearly studied other state-sponsored hacking groups in an attempt to replicate their advances and avoid their mistakes. State-sponsored groups have been responsible for malware like the Stuxnet- or National Security Agency-linked Flame , Duqu , and Regin . Much of ProjectSauron resides solely in computer memory and was written in the form of Binary Large Objects, making it hard to detect using antivirus. Because of the way the software was written, clues left behind by ProjectSauron in so-called software artifacts are unique to each of its targets. That means that clues collected from one infection don’t help researchers uncover new infections. Unlike many malware operations that reuse servers, domain names, or IP addresses for command and control channels, the people behind ProjectSauron chose a different one for almost every target. Read 8 remaining paragraphs | Comments
See the original post:
Researchers crack open unusually advanced malware that hid for 5 years
wiredmikey (1824622) writes The Operation Aurora attack was publicized in 2010 and impacted Google and a number of other high-profile companies. However, DHS responded to the request by releasing more than 800 pages of documents related to the ‘Aurora’ experiment conducted several years ago at the Idaho National Laboratory, where researchers demonstrated a way to damage a generator via a cyber-attack. Of the documents released by the DHS, none were related to the Operation Aurora cyber attack as requested. Many of the 840 pages are comprised of old weekly reports from the DHS’ Control System Security Program (CSSP) from 2007. Other pages that were released included information about possible examples of facilities that could be vulnerable to attack, such as water plants and gas pipelines. Read more of this story at Slashdot. 
AmiMoJo writes “A recent job posting by MI5 seeks to recruit ‘Data Exploitation Specialists.’ The core of the role is described as ‘provid[ing] tactical solutions and operational support to business users of information exploitation systems.’ In other words, industrial espionage. This open admission comes at a time when the UK and its partners are accusing China of the same thing. Pot, meet kettle?” Read more of this story at Slashdot.