the faces of the Pawnstorm brothers

Belated Birthday Present for @alannahablar!!!!!! 

✨🎨Blanc✨🎨

This is gift art for my dear friend @alannahablar of her baby Blanc

I saw this super cute pastel color block pullover that I think suited him so much💕

Blanc is one of her cuties that I've been wanting to draw, So I hope you like it✨🍰

Blanc @alannahablar

Art @artisticdreamer

We need more fangs uwu

I used your boi Swindle. Is it cool for you?

Look who came in the mail the other day!!! I FORGOT TO UPLOAD HIM AHHHH

@miss-twila I LOVE HIM SO MUCH HHHHH

And now him and Swindle can kiss.

Been doing some Mafia AU stuff with @alannahablar ~ and like I love drawing my sassy Mafia Chile so here’s her singin and Lana’s boyo Swindle playing the piano. its not proportional but ya know what thats fine lmao

Blue is also in the same bar with Red, XD. Blue Bet Red that someone will flirt with him wearing that.  He won. 

Swindle and Frenzy belong to @alannahablar

For suger

her boys Swindle and Frenzy 

hope you like it @alannahablar ))

His Royal Kingpin, Benton Pawnstorm.

@alannahablar

14 de Agosto, 2020

Internacional

Un nuevo malware dirigido a Linux

La Agencia de Seguridad Nacional advierte sobre las operaciones de espionaje de la Dirección de Inteligencia de Rusia (GRU) utilizando un conjunto de herramientas de malware de Linux no revelado anteriormente llamado Drovorub. El malware puede comunicarse directamente con la infraestructura C2 del actor de la amenaza, tiene capacidades de carga / descarga de archivos, ejecuta comandos arbitrarios con privilegios de 'root' y puede reenviar el tráfico de red a otras máquinas en la red.

 E.@. Según el informe, el rootkit tiene mucho éxito al esconderse en una máquina infectada y sobrevive a los reinicios "a menos que el arranque seguro UEFI [Interfaz de firmware extensible unificada] esté habilitado en el modo" Completo "o" Completo ". El informe de la NSA describe los detalles técnicos de cada parte de Drovorub, que se comunican entre sí a través de JSON a través de WebSockets y cifran el tráfico hacia y desde el módulo del servidor mediante el algoritmo RSA. 

Tanto la NSA como el FBI atribuyen el malware a la Dirección de Inteligencia Principal del Estado Mayor Ruso 85 Centro Principal de Servicios Especiales (GTsSS), unidad militar 26165. La actividad cibernética de esta organización está vinculada a campañas del colectivo de piratería avanzada conocido como Fancy Bear (APT28, Strontium, Group 74, PawnStorm, Sednit, Sofacy, Iron Twilight). 

Esta atribución se basa en la infraestructura de mando y control operativo que las empresas que se defienden contra los ciberataques han asociado públicamente con el GTsSS. Una pista es una dirección IP que Microsoft encontró en una campaña de Strontium que explotaba dispositivos IoT en abril de 2019 y que también se utilizó para acceder a un Drovorub C2 durante el mismo tiempo.

 Fuente

Российские хакеры, за которыми стоит государство, работают гораздо быстрее коллег

Анализ «операций» различных хакерских группировок в последние годы показывает, что российские хакеры, поддерживаемые государственными структурами, работают быстрее своих коллег из других враждебных Западу стран. К такому выводу, как пишет издание Times, пришли эксперты американской компании Crowdstrike. Например, такая хакерская группа, как Fancy Bear, которую обвиняют в кибератаках на правительственные и оборонные инфраструктуры в Европе и Америке, тратит в среднем 18 минут и 49 секунд на то, чтобы получить доступ из первого заражённого ими компьютера какой-либо организации в другие компьютеры той же внутренней сети. Северокорейским хакерам на это требуется в среднем два часа и 20 минут, а китайским – более четырёх часов. Напомним, что хакерская группа Fancy Bear, предположительно, работает под патронажем Главное разведывательного управления (ГРУ) России. Американские правоохранители подозревают её в планировании атак на серверы ядерной компании Westinghouse, которая поставляла Украине топливо для атомных реакторов, а также обвиняют в отмывании средств с использованием криптовалюты. В начале октября прошлого года прокурор западного округа штата Пенсильвания Скотт Брейди, которого процитировало РИА Новости, заявил: «Они использовали криптовалюты, такие как биткоин, чтобы оплатить инфраструктуру для осуществления своих планов (например, сервера, регистрацию доменов, услуги вендоров и приобретение других инструментов для взлома). Финансовые переводы происходили как минимум частично на территории Соединенных Штатов». В конце октября прошлого года власти Швейцарии разрешили прокуратуре страны выдать ордер на арест двух российских хакеров, обвиняемых в политическом шпионаже и отмывании денег через криптовалюты. Эти офицеры ГРУ и их коллеги, обвиняемые США, Великобританией, Нидерландами и Канадой в том, что они совершили ряд крупных кибератак на страны Запада, являются членами хакерских групп Fancy Bear, Pawnstorm и Tsar Team. По словам специалистов из Crowdstrike, они удивились, обнаружив, что российские хакеры работают в среднем в восемь раз быстрее конкурентов из других стран. Один из основателей компании Дмитрий Альперович заметил: «Мы ожидали, что они окажутся на первом месте, учитывая, насколько эффективно они работают по сравнению с остальными злоумышленниками, но даже мы были удивлены тем, как быстро они способны полностью проникнуть в компьютерную систему, заполучив к ней доступ». До сих пор никто не анализировал скорость работы хакеров. Компания Crowdstrike впервые проанализировала более 30 тысяч хакерских атак, зафиксированных в 2018 году, и отдала пальму первенства россиянам. Crowdstrike, работающая в 176 странах, заявляет, что вне зависимости от того, что говорят власти той или иной страны, кибершпионаж становится всё более широкомасштабным явлением. Эксперты компании пришли к выводу, что большинство зафиксированных кибератак исходили из России, Китая, Ирана и Северной Кореи. За ними следуют Южная Корея, Вьетнам, Индия и Пакистан. Read the full article

Doodle dump~ Enjoy @sweet-peachy @a-nani-mous  

UK says Russia’s GRU was behind a spate of chaotic cyber attacks between 2015 and 2017

The UK has directly accused Russia’s military intelligence agency of being behind a number of cyber attacks that took place between 2015 and 2017, calling them “indiscriminate and reckless” with a range of target types including political institutions, businesses, media and even sport.

It says the chaotic campaign of attacks by the GRU shows it is “working in secret to undermine international law and international institutions”.

The government has also identified 12 hacker group it believes the GRU to be associated with — including ‘Fancy Bear’, a group behind a string of cyber espionage attacks including the 2016 hack of the Democratic National Committee, which the government is also now directly linking to Russia’s military spy agency.

Of course it’s not the first time the Kremlin has been linked to politically motivated attacks (some of which haven’t even required actual hacking).

Nor is it the first time the GRU has been specifically linked to Fancy Bear. Cybersecurity firm Crowdstrike made the same link back in 2016 — with “high level confidence“.

But it’s a first for the UK government to make a link and public accusation of Russia for the attacks — likely intended to keep up geopolitical pressure on Putin in the wake of the Sailsbury poisonings which the government has also linked to two GRU agents.

The Kremlin later claimed the two were just tourists who happened to have been visiting the town on the same day as a former Russian double agent and his daughter were poisoned with a nerve agent.

The UK’s National Cyber Security Center, which is a public-facing branch of the UK’s GCHQ spy agency, has published the latest cyber attack claims — writing that it has “identified that a number of cyber actors widely known to have been conducting cyber attacks around the world are, in fact, the GRU”.

“These attacks have been conducted in flagrant violation of international law, have affected citizens in a large number of countries, including Russia, and have cost national economies millions of pounds,” it adds.

The full list of hacker groups being linked to the Kremlin and “almost certainly” to the GRU — with what the NCSC calls “high confidence” — are:

APT 28

Fancy Bear

Sofacy

Pawnstorm

Sednit

CyberCaliphate

Cyber Berkut

Voodoo Bear

BlackEnergy Actors

STRONTIUM

Tsar Team

Sandworm

The other cyber attacks the government has now also publicly attributed to the GRU include:

an October 2017 ransomware attack by BadRabbit, which encrypted hard drives and rendered IT inoperable — resulting in disruption including to the Kyiv metro, Odessa airport, Russia’s central bank and two Russian media outlets

an August 2017 attack on the World Anti-Doping Agency in which confidential medical files relating to a number of international athletes were released

a phishing-based attack on an unnamed small UK-based TV station, which took place between July and August 2015, in which multiple email accounts were accessed and content stolen

The government also lists two attacks it says it had previously attributed to the GRU:

a June 2017 cyber attack that targeted the Ukrainian financial, energy and government sectors but which also spread to impact other European and Russian businesses

an October 2017 attack involving the VPNFILTER malware which infected thousands of home and small business routers and network devices worldwide. The NCSC notes that the infection “potentially allowed attackers to control infected devices, render them inoperable and intercept or block network traffic”

Commenting in a statement, foreign secretary Jeremy Hunt said:

These cyber attacks serve no legitimate national security interest, instead impacting the ability of people around the world to go about their daily lives free from interference, and even their ability to enjoy sport.

The GRU’s actions are reckless and indiscriminate: they try to undermine and interfere in elections in other countries; they are even prepared to damage Russian companies and Russian citizens.  This pattern of behaviour demonstrates their desire to operate without regard to international law or established norms and to do so with a feeling of impunity and without consequences.

Our message is clear: together with our allies, we will expose and respond to the GRU’s attempts to undermine international stability.

At the time of writing the Russian Embassy’s UK Twitter account had not yet issued any trolling responses to the UK government.

Well, unless this is it…

Good morning! (Pereslavl-Zalessky, Russia) pic.twitter.com/YJREdALfv6

— Russian Embassy, UK (@RussianEmbassy) October 4, 2018

Senate can’t protect senators, staff from cyber attacks, Wyden warns

Enlarge / The Senate's IT security team can't protect senators' and staffers' own devices and accounts. Sen. Ron Wyden (D-Ore.) wants to change that. (credit: Martin Falbisoner / Wikimedia Commons)

Sen. Ron Wyden has been a squeaky wheel about the US Senate's weak security posture for a while. In April, the Oregon Democrat raised objections over the lax physical security measures for Senate staff—including ID badges that just have pictures of smart chips like those on other access cards used across government agencies, rather than actual chips, and provide no access controls. Now, as the November mid-term election approaches, Wyden has written a letter to Senate leadership decrying the lack of assistance that the Senate's own information security team can provide in protecting senators' accounts and devices from targeted attacks, even as evidence mounts that such attacks are being staged.

According to Wyden, his office had discovered that "at least one major technology company" had recently detected targeted attacks against members of the Senate and their staffers—and that these attacks had apparently been staged by groups tied to foreign intelligence agencies.

Microsoft reported thwarting spear-phishing attacks staged by a group tied to Russia's Main Intelligence Directorate (GRU) against members of the Senate in August. And the US Senate's own systems have been targeted in the past, including a June 2017 effort by the same GRU group (known as "Fancy Bear," "Pawnstorm," and "Sofacy") that created a server spoofing the Senate's own Windows Active Directory Federation Services (ADFS), according to a report from Trend Micro.

Read 2 remaining paragraphs | Comments

Senate can’t protect senators, staff from cyber attacks, Wyden warns published first on https://medium.com/@HDDMagReview

Senate can’t protect senators, staff from cyber attacks, Wyden warns

Enlarge / The Senate's IT security team can't protect senators' and staffers' own devices and accounts. Sen. Ron Wyden (D-Ore.) wants to change that. (credit: Martin Falbisoner / Wikimedia Commons)

Sen. Ron Wyden has been a squeaky wheel about the US Senate's weak security posture for a while. In April, the Oregon Democrat raised objections over the lax physical security measures for Senate staff—including ID badges that just have pictures of smart chips like those on other access cards used across government agencies, rather than actual chips, and provide no access controls. Now, as the November mid-term election approaches, Wyden has written a letter to Senate leadership decrying the lack of assistance that the Senate's own information security team can provide in protecting senators' accounts and devices from targeted attacks, even as evidence mounts that such attacks are being staged.

According to Wyden, his office had discovered that "at least one major technology company" had recently detected targeted attacks against members of the Senate and their staffers—and that these attacks had apparently been staged by groups tied to foreign intelligence agencies.

Microsoft reported thwarting spear-phishing attacks staged by a group tied to Russia's Main Intelligence Directorate (GRU) against members of the Senate in August. And the US Senate's own systems have been targeted in the past, including a June 2017 effort by the same GRU group (known as "Fancy Bear," "Pawnstorm," and "Sofacy") that created a server spoofing the Senate's own Windows Active Directory Federation Services (ADFS), according to a report from Trend Micro.

Read 2 remaining paragraphs | Comments

Senate can’t protect senators, staff from cyber attacks, Wyden warns published first on https://medium.com/@CPUCHamp

Confirmation that #MacronLeaks traced to Russian Military Intelligence agency GRU, owners of APT-28 FANCY BEAR/PawnStorm Malware https://t.co/87jEXuMD4r— Malcolm Nance (@MalcolmNance) May 6, 2017

To the shock of nobody