The Pointman
3.6K views | +0 today
Follow
The Pointman
The Eyes of PSYOP
Your new post is loading...
Your new post is loading...
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Regulate Weapons Like We Do in the Military, Says an Army Officer - TheAtlantic.com

Regulate Weapons Like We Do in the Military, Says an Army Officer - TheAtlantic.com | The Pointman | Scoop.it

Readers continue their conversation with James Fallows on firearms in the United States.

The Destroyer at #OpDejaVu's insight:

It's time for something new.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Financial Giants Adopt Military-Style Defense Tactics to Fight Cybercrime - Lifars.ocm

Financial Giants Adopt Military-Style Defense Tactics to Fight Cybercrime - Lifars.ocm | The Pointman | Scoop.it
One of the world’s most lucrative industries, cybercrime has cost over $445 billion in 2017 alone, up 30% in the last three years alone.Financial giants l...
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

How To Stop The NRA - trofire.com

How To Stop The NRA - trofire.com | The Pointman | Scoop.it
A police chief in Houston is standing for gun reform! Cenk Uygur and Ana Kasparian, hosts of The Young Turks, break it down.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Russian hackers sent death threats to US army wives posing as ISIS: Report - HackRead.com

Russian hackers sent death threats to US army wives posing as ISIS: Report - HackRead.com | The Pointman | Scoop.it
Apparently, US military wives and families were threatened with death threats by Russians impersonating as IS hackers.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Security Alert: VevoLocker Ransomware Hits Ukrainian Ministry - HeimdalSecurity.com

Security Alert: VevoLocker Ransomware Hits Ukrainian Ministry - HeimdalSecurity.com | The Pointman | Scoop.it
Security researchers observed a new ransomware strain dubbed “VevoLocker” which has already encrypted multiple websites, including the official webpage of the Ukrainian Ministry of Energy and several Danish webpages.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

You weren't hacked, Google tells Gmail users who received spam from themselves - TechRepublic.com

You weren't hacked, Google tells Gmail users who received spam from themselves - TechRepublic.com | The Pointman | Scoop.it

The method behind the spam glitch was spotted last year but ignored by Google...

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Tracing ransomware end-to-end - SecurityNewspaper.com

Tracing ransomware end-to-end - SecurityNewspaper.com | The Pointman | Scoop.it

This article, it’s an insight into the ransomware business and how it operates, with data gathered over a period of two years. Moreover, since ransomware largely transacts using Bitcoin, the methods used by the information security research team to uncover and trace ransomware activity are also of interest in their own right. In this paper, we create a measurement framework that we use to perform a large-scale two-year, end-to-end measurement of ransomware payments, victims, and operators. In total we are able to track over $16 million in likely ransom payments made by 19,750 potential victims during a two-year period. In a brief explain, ransomware is a type of malware that encrypts a victim’s files and then demands a ransom in order to decrypt them. Bitcoin is the payment medium of choice for ransomware: it’s decentralized, largely unregulated, and parties in transactions are hidden behind pseudo-anonymous identities. It’s also widely available for victims to purchase, and transactions are irreversible. However, Bitcoin has a property that is undesirable to cybercriminals: all transactions are public by design. This enables information security researchers, through transaction clustering and tracing, to glean the financial inner workings of entire cybercriminal operations. Ransomware basics First malware is delivered to a victim’s machine using any of the available methods. When it executes, the ransomware silently encrypts files on the victim’s machine, and then displays a ransom note informing the user that their files have been encrypted and the contents will be lost forever unless they pay a ransom. The ransom note either includes a ransom address to which payment much be made, or a link to a payment website displaying this address. For the convenience of the victim, the note also often includes information on how to purchase the required Bitcoins from exchanges. When payment is confirmed, the ransomware either automatically decrypts the files, or instructs the user on how to download and execute a decryption binary. The operator doesn’t need to decrypt the user’s files at all of course, but in general I guess it’s bad for business if word gets out on the Internet that even if you pay the ransom you still won’t regain access to your files. Finding ransomware addresses To discern transactions attributable to ransom campaigns, we design a methodology to trace known-victim payments, cluster them with previously unknown victims, estimate potentially missing payments, and filter transactions to discard the ones that are likely not attributable to ransom payments. Real victim ransom addresses can be found by scraping reports of ransomware infection from public forums, and from proprietary sources such as ID Ransomware which maintain a record of ransomware victims and associated addresses. The number of deposit addresses that can be recovered this way is still fairly minimal though. In total, the authors gathered 25 seed random addresses from actual victims, across eight ransomware families: CoinVault, CryptXXX, CryptoDefense, CryptoLocker, CryptoWall, Dharma, Spora, and WannaCry. Using the sandbox environments, a further 32 ransom addresses are obtained for Cerber, and 28 for Locky. Following the money Starting with the seed addresses above, we can look for addresses that co-spent with them, and hence are highly likely to also be under the control of the ransomware operator. This is a refinement of the techniques described in ‘A fistful of Bitcoins’: …this method is now prone to incorrectly linking flows that use anonymization techniques, such as CoinJoin and CoinSwap. Moser and Bohme developed methods of detecting likely anonymized transactions. The information security experts use Chainalysis’s platform, which uses all these methods and additional proprietary techniques to detect and remove anonymized transactions, to trace flows of Bitcoins. The technique only works if the ransomware operator actually spends the Bitcoins. For the ransom addresses obtained via self-infection, that’s not going to happen unless the ransom is paid! Instead of paying the full ransom, the authors make micropayments of 0.001 Bitcoins to these addresses. All 28 micropayments made to Locky addresses were later co-spent by the operator in conjunction with other wallet addresses, “presumably in an attempt to aggregate ransom payments.” These lead to the discovery of a cluster of 7,093 addresses. All 32 micropayments made to Cerber addresses were moved into a unique aggregation address. This address is then used to move the funds on, co-spending with other addresses. This ultimately leads to the discovery of a cluster of 8,526 addresses. As a cross-check to see if there are potentially missed clusters, the information security analysts compare the timing of bitcoin inflow to the ransom addresses, Google Trends for ransomware family search terms, and the number of ransomware binaries on VirusTotal. How much money are ransomware operators collecting? Payments are checked to see if it’s likely they come from real victims. Two filters are applied. The first filter checks to see if the payment amounts match known ransom amounts. The second filter checks that the movement of bitcoin in the transaction graph matches the expected pattern for the ransomware in question. Based on this analysis, it’s possible to estimate each ransomware family’s revenue. In total the researchers are able to trace $16,322,006 US Dollars in 19,750 likely victim ransom payments for 5 ransomware families over 22 months. For Cerber and Locky, which generate unique addresses for each victim, it’s possible to estimate the number of paying victims over time. Looking at the outflows from ransomware addresses, we can trace movement to bitcoin exchanges. The Chainalysis API is used to obtain real-world identities of destination clusters. The top entities are BTC-e, CoinOne, and LocalBitcoins, along with BitMixer and Bitcoin Fog. …BTC-e is the biggest known exchange responsible for the outflows of Locky and CryptoDefense; $3,223,015 of Locky’s outflows entered BTC-e’s cluster. The paper also includes the result of reverse engineering the Cerber protocol and monitoring its UDP packets in the wild. Prevention, detection, and intervention Sometimes possible to trace ransomware payments to the point where ransomware operators cash out. It is also possible to disrupt the process by which victims pay the ransom, thus depriving operators of their profits. This introduces a unique ethical issue. We must consider the impact on victims before taking down ransomware infrastructure. Whereas disrupting conventional malware reduces the damage to victims, the effect could be the opposite for ransomware, information security professionals said. If every victim did not pay or was prevented from paying, the scale of the problem would likely decrease; however this would mean that some individuals would incur additional harm by not being able to recover their files. 

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Ransomware Attacks On The Rise As Hackers Prey On Consumer Information « CBS Baltimore

Ransomware Attacks On The Rise As Hackers Prey On Consumer Information « CBS Baltimore | The Pointman | Scoop.it

When it comes to spreading disruption, hackers who use ransomware are a growth industry.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Microsoft Engineer Charged in Reveton Ransomware Case - BleepingComputer.com 

Microsoft Engineer Charged in Reveton Ransomware Case - BleepingComputer.com  | The Pointman | Scoop.it

A Microsoft network engineer is facing federal charges in Florida for helping launder money obtained from victims of the Reventon ransomware.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Avoid and report Google scams - Google Help

Avoid and report Google scams - Google Help | The Pointman | Scoop.it

Here are a few common scams, and ways that you can avoid and report them.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

How To Make Social Media Secure For Kids? - Patch.com (Los Angeles)

How To Make Social Media Secure For Kids? - Patch.com (Los Angeles) | The Pointman | Scoop.it

The social media over the years has become dangerous for kids to the fullest. The reason behind the vulnerabilities of the social networking apps is the presence of online predators that has made the social platforms as their epicenter. It means, socially the instant messengers are governed by the cyber predators. They chase young teens and minors online and harm them online by using the social media apps as their cover.

The Destroyer at #OpDejaVu's insight:

In case you didn't get the memo, here you go.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Want to hack a voting machine? Hack the voting machine vendor first - CSOonline.com

Want to hack a voting machine? Hack the voting machine vendor first - CSOonline.com | The Pointman | Scoop.it

An attacker who managed to break into a voting machine vendor employee's work email, because the employee used the same password as on a breached site, could leverage that to gain access to the voting machines themselves. And if voting machine vendors install remote access software on voting machines, factory backdoors that vendor employees use to remotely access the machines for maintenance, troubleshooting or election setup purposes, this turns voting machine vendor employees into targets.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

20 Revelations From Facebook CEO Mark Zuckerberg's Apology Tour - Entrepreneur.com

20 Revelations From Facebook CEO Mark Zuckerberg's Apology Tour - Entrepreneur.com | The Pointman | Scoop.it

Zuckerberg finally spoke on Wednesday, via Facebook and in interviews with four major outlets, about the Cambridge Analytica data breach.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

After Santa Fe School Shooting, Texas Launches Mobile App To Help People Report Suspicious Activity – Houston Public Media

After Santa Fe School Shooting, Texas Launches Mobile App To Help People Report Suspicious Activity – Houston Public Media | The Pointman | Scoop.it
Nearly a month after Santa Fe high school shooting, Gov. Greg Abbott has launched a digital technology to make it easier for Texans to report unusual activity in schools and communities within minutes.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

FBI Urges After Russian Hacking: Reboot Your Routers « WCCO | CBS Minnesota

FBI Urges After Russian Hacking: Reboot Your Routers « WCCO | CBS Minnesota | The Pointman | Scoop.it
“The size and scope of the infrastructure impacted by VPNFilter malware is significant,” the FBI said.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Lack Of Paper Trail A Concern Amid Fears Of Election Hacking « CBS Chicago

Lack Of Paper Trail A Concern Amid Fears Of Election Hacking « CBS Chicago | The Pointman | Scoop.it
Last week, the Senate Intelligence Committee issued a report that recommended replacing machines that don't produce a paper record of the vote.
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Social media giant Facebook blasted for soaring abuse against judges - TheSun.co.uk

Social media giant Facebook blasted for soaring abuse against judges - TheSun.co.uk | The Pointman | Scoop.it
Public debate has been 'coarsened' and social media firms are to blame for a rise in abuse against judges, Justice Secretary David Gauke has claimed...
more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Sports world adapts to growing cybersecurity threats - Sportsnet.ca

Sports world adapts to growing cybersecurity threats - Sportsnet.ca | The Pointman | Scoop.it
Imagine the fallout if the NHL was hacked and its star players -- think Sidney Crosby, Auston Matthews and Connor McDavid -- had their home addresses, phone numbers and other personal information made accessible online.
more...
No comment yet.
Suggested by The Destroyer
Scoop.it!

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections • The Register

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections • The Register | The Pointman | Scoop.it

Assume we're going to get hacked next time and plan for it.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

This is Spartacus: new ransomware on the block - SecurityBoulevard.com

This is Spartacus: new ransomware on the block - SecurityBoulevard.com | The Pointman | Scoop.it

In this blog post, we'll analyse Spartacus, one of many new ransomware families popping up in 2018.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

63,500 patient records breached by New York provider's misconfigured database - HealthcareITnews.com

63,500 patient records breached by New York provider's misconfigured database - HealthcareITnews.com | The Pointman | Scoop.it

Middletown Medical left a radiology interface open to the public, exposing patient data in the process.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

HHS Warns of SamSam Ransomware Attacks - CareersInfoSecurity | BankInfoSecurity.com

HHS Warns of SamSam Ransomware Attacks - CareersInfoSecurity | BankInfoSecurity.com | The Pointman | Scoop.it

The Department of Health and Human Services is warning the healthcare sector about ongoing attacks involving SamSam ransomware that have impacted at least eight

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

FTC Says 'Warranty Void If Removed' Stickers Are Bullshit, Warns Manufacturers They're Breaking the Law - Motherboard

FTC Says 'Warranty Void If Removed' Stickers Are Bullshit, Warns Manufacturers They're Breaking the Law - Motherboard | The Pointman | Scoop.it

Federal law says you can repair your own things, and manufacturers cannot force you to use their own repair services.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

How to Be Anonymous on LinkedIn - PopSugar.com

How to Be Anonymous on LinkedIn - PopSugar.com | The Pointman | Scoop.it

If you're job hunting on LinkedIn, be aware that when you look at someone's profile on the network, they can find out if you're viewing them through the "Who's Viewed Your Profile?" feature. Although there are both perks and drawbacks of being visible, sometimes you just want your privacy. Here's how to make yourself invisible on LinkedIn

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Here Are The Clever Means Russia Used To Hack The Energy Industry - Forbes.com 

Here Are The Clever Means Russia Used To Hack The Energy Industry - Forbes.com  | The Pointman | Scoop.it

Russia used nifty tricks to hack our energy sector, getting to big targets by infiltrating smaller partners in the supply chain.

more...
No comment yet.
Scooped by The Destroyer at #OpDejaVu
Scoop.it!

Opposition fingers Cambridge Analytica in Kenya election hacking - RFI.fr

Opposition fingers Cambridge Analytica in Kenya election hacking - RFI.fr | The Pointman | Scoop.it

The main opposition party in Kenya has accused a controversial UK consultancy firm of being involved in alleged hacking that took place during the country's elections last year. Cambridge Analytica was caught on camera boasting that i

more...
No comment yet.