In operation since 2007, “Putter Panda” is latest group to be implicated by researchers
For Ars Technica, Dan Goodin reports: Investigators said they have identified a secretive hacking group that has spent years systematically targeting US partners in the space and satellite industry, most likely on behalf of the Chinese military.
“Putter Panda is a determined adversary group, conducting intelligence-gathering operations targeting the Government, Defense, Research, and Technology sectors in the United States, with specific targeting of the US Defense and European satellite and aerospace industries.”
— Crowdstrike researchers
The group typically gains a foothold in sensitive networks by attaching booby-trapped documents to e-mails, according to a 62-page report published Monday by Crowdstrike, a firm that conducts forensic investigations on behalf of customers who have suffered security breaches. When employees click on the documents, the attackers are able to gain control over their PCs. The attackers then use the PCs to take control of servers housing blueprints, customer lists, or other sensitive data. The group, dubbed as Putter Panda, is connected to Unit 61486 of the People Liberation Army’s (PLA’s) Third General Staff Department, according to the report. Read the rest of this entry »
Kremlin gets DDoS’d by Anonymous Caucasus
For Ars Technica, Sean Gallagher reports: In the latest round of a wave of cyberattacks on Russian targets, the official websites of the Russian Federation’s president and central bank were taken offline this morning in what the Kremlin’s press office called a “serious DDoS attack.” The attack also targeted “a number of other Web portals,” according to the Kremlin statement. The sites are back online for most users, but the attack is still ongoing.
“If you want me to do things only for ROI reasons, you should get out of this stock.”
As Glenn Reynolds says “Duly noted”
Fundamentalist militant groups sometimes fail at e-mail, too
An apparent slip of the hand by a Taliban spokesperson has revealed the members of the group’s mailing list, according to a report Friday from ABC News. The 400 e-mail addresses include many journalists, but also a few members of government as well as “academics and activists.”
The Taliban regularly sends e-mail blasts with press releases highlighting its latest activities, usually from the e-mail account of spokesperson Qari Yousuf Ahmedi. But this time, the press release Ahmedi intended to send was forwarded from the account of another spokesperson, Zabihullah Mujahid. Ahmedi forwarded the e-mail on to the mailing list, but CC’d all 400 members, rather than BCC’ing them, so the full list of e-mail addresses was laid bare to all who received it.
According to ABC News, the list included “a provincial governor, an Afghan legislator” and an “Afghan consultative committee.” We can only imagine the chain of reply-alls that followed, but we’re certain it’s the stuff of nightmares.
via Ars Technica