Topic:  TECHNOLOGIES 

 



SOURCE:  Paul Szoldra for Techinsider.io

The Defense Advanced Research Projects Agency has been tasked with building breakthrough technologies for the US military since 1958, and plenty were on full display at the Pentagon last week.

Tech Insider went to DARPA's "Demo Day" on May 11 where more than 60 projects were shown to reporters, senior military leaders, and government contractors. We saw everything from underwater drones that autonomously search for enemy submarines to a game-changing prosthetic hand that looks like it's straight out of "Terminator 2."

There was a ton for us to see in the Pentagon's courtyard, but these are the ones we thought were most interesting.

Here's a rundown of DARPA's "Demo Day"

DARPA Demo Day provided the DoD community with an up-close look at the Agency's diverse portfolio of innovative technologies and military systems at various stages of development and readiness, spanning every military domain from undersea to outer space and across all of DARPA's strategic focus areas, from sensors and microsystems to cyber and spectrum to biological technologies and counterterrorism.

The event was open to Pentagon badge holders, visiting U.S. Government‎ civilian/military CAC holders, and Intelligence Community badge‎ holders. 

Topic: HACKING

 

 

 

Source:  http://www.homelandsecuritynewswire.com/

National Intelligence Director James Clapper said that the campaigns of all the candidates for president are being spied on by foreign hackers with “a variety of motivations.” Clapper said that the acts of espionage against the campaigns may only just be getting started. “As the campaigns intensify we’ll probably have more of it,” Clapper noted.

National Intelligence Director James Clapper said that the campaigns of all the candidates for president are being spied on by foreign hackers with “a variety of motivations.”

Clapper revealed the hacking effort in a talk to a conference organized by the Bipartisan Policy Center, in Washington D.C.

NBC News quotes Clapper to say that the acts of espionage against the campaigns may only just be getting started. “As the campaigns intensify we’ll probably have more of it,” Clapper noted.

The hackers breaking into the candidates’ networks include foreign governments seeking early information on policy thinking, or hackers with sabotage in mind. Clapper’s office recently released information about intrusions by foreign intelligence services into the campaigns for president back in 2008.

Clapper’s office emphasized that the risk to the campaigns was real. “We’re aware that campaigns and related organizations and individuals are targeted by actors with a variety of motivations — from philosophical differences to espionage — and capabilities — from defacements to intrusions,” Clapper’s spokesman Brian Hale said in a statement.

One hacking group not hiding its intentions is the cyber-anarchist group Anonymous, which has urged its supporters to attack the Web operations of Donald Trump.

The group said it was launching a “total war” against Trump, and a masked figure appeared on YouTube and claiming to speak for Anonymous, said: “Dear Donald Trump, we have been watching you for a long time and what we see is deeply disturbing.”

The National Intelligence Agency recently said that in 2008 it helped the two nominees — Barack Obama and John McCain — track and deal with cyber-intrusions during their campaigns for president. A document describing the extent of those operations was issued by Mr Clapper’s officer earlier this month.

Eight years ago, foreign intelligence services “met with campaign contacts and staff, used human source networks for policy insights, exploited technology to get otherwise sensitive data, engaged in perception management to influence policy,” the document said. “This exceeded traditional lobbying and public diplomacy.”

 

 

 

SOURCE: Tom Spring for threatpost.com

For online casinos, business begins to peak as gamblers punch out of work and belly-up to virtual blackjack tables. But on this Tuesday in February at 5p.m., the odds were not in the house’s favor. That’s when this virtual casino—with tens of millions of dollars in virtual transaction data, thousands of user profiles and millions invested in computer infrastructure—was hit with ransomware that risked turning a thriving business into an encrypted crime scene. The criminals behind this attack couldn’t have picked a better target. This legal online casino, located outside the US, is one of the largest operators in the gambling and entertainment business. On the condition Threatpost would not identify the casino, we were given rare insight into a high-stakes ransomware attack that serves as a cautionary tale for any company.

Constant Target

“Yes, ransomware was on our radar. But in this business—where uptime is critical–daily denial-of-service and APT attacks had always been our chief concerns,” said the online casino’s chief security officer who Threatpost will identify as Robert. “To be clear, we had extensive security protocols in place and tools guarding our network,” he said. The casino, with 1,000 employees, has an infrastructure that consists of two massive physical data centers and a cloud infrastructure. As for security, the casino uses a firewall from a top-tier supplier, data center security from another leading vendor and its client AV protection was from a mix of leading providers as well. It also had contracted real-time network monitoring from an outside service provider. “It would be an understatement to say security was our top concern. It is our utmost concern,” Robert said. But nonetheless, there are no perfect security solutions. And on that Tuesday, as gamblers were logging on and servers whirled and whirred into overdrive, the casino learned the hard way nothing is bulletproof. The attack started at 5p.m. with the hook of a phishing email and a bogus invoice sent to an external consultant working in-house. Working behind the company’s firewall onsite, the consultant received an email with the subject line “Requested receipt ID:084C9F.” The consultant didn’t think anything was fishy with the email or attachment named “segreteriagenerale_request_084C9F.zip.js”. The “js” portion of the attachment’s extension was obfuscated by the attacker; it was of course a malicious JavaScript attachment. In this case, the payload was the TeslaCrypt 3 ransomware. Using the Windows 7 Sony laptop assigned to him by the casino, the consultant opened the email message and double-clicked on the attachment unleashing the ransomware. Unknown to the casino was the fact that this consultant’s Sony laptop had zero security software running on it. Making matters worse, the laptop was misconfigured with the “C:\Users\username\Public” folder wrongly set up to be shared on the company’s network. Within minutes, the ransomware attacked the notebook’s default My Folders directory and began encrypting files, Robert said. The casino consultant recalls noticing the documents he had

 

 

SOURCE:  Kim Zetter for wired.com

STINGRAYS, A SECRETIVE law enforcement surveillance tool, are one of the most controversial technologies in the government’s spy kit. But prosecutors and law enforcement agencies around the country have exerted such great effort to deceive courts and the public about stingrays that learning how and when the technology is used is difficult. 

This week, the government even went so far as to assert in a court filing (.pdf) that articles published by WIRED and other media outlets that expose the deception “are full of unproven claims by defense attorneys and advocates [and] are not proper proof of anything.”

So what do we know? “Stingray” is the generic commercial term for a device otherwise known as an IMSI catcher. The stingray impersonates a legitimate cell tower to trick nearby mobile phones and other wireless communication devices, like air cards, into connecting to them and revealing their international mobile subscriber identity (IMSI) number. More importantly, though, the device also collects information that can point to a mobile device’s location.

By moving the stingray around a geographical area and gathering a wireless device’s signal strength from various locations in a neighborhood, authorities can pinpoint where the device is being used with more precision than with data obtained from a mobile network provider’s fixed tower location.

Although use of the spy technology goes back at least 20 years—the FBI used a primitive version of a stingray to track former hacker Kevin Mitnick in 1994—their use of it has grown in the last decade as mobile phones and devices have become ubiquitous. Today, they’re used by the military and CIA in conflict zones—to prevent adversaries from using a mobile phone to detonate roadside bombs, for example—as well as domestically by federal agencies like the FBI, DEA and US Marshals Service, and by local law enforcement agencies.

Stingrays have the ability to also capture call record data—such as the numbers being dialed from a phone—and some also have the ability to record the content of phone calls, as