Revealed: Yet Another Group Hacking For China’s Bottom Line
June 14, 2016 23:19
In the world of cyberespionage, the Chinese are king. More nation-state attacks are attributed to it than any other country. Though the assumption has been that the motive behind most of this spying was to gain a competitive advantage for Chinese companies, there had not been much proof. Until now. A new espionage campaign attributed to China shows an almost one-to-one correlation between the breaches and China’s economic interests.
The group, discovered last November by the Dutch security firm Fox-IT and dubbed Mofang, has struck more than a dozen targets in various industries and countries since at least February 2012, and is still active. Mofang has targeted government agencies in the US, military agencies in India and Myanmar, critical infrastructure in Singapore, research and development departments of automotive companies in Germany, and the weapons industry in India.
But one campaign in particular, conducted in relation to business dealings in Myanmar’s Kyaukphyu special economic zone, provides clues about the attackers’ motives. In that attack, Mofang targeted a consortium overseeing decisions about investments in the zone, where China’s National Petroleum Corporation hoped to build an oil and gas pipeline.
“It’s a really interesting campaign to see where initial investments by a China state-owned company [appeared to drive the breaches],” says Yonathan Klijnsma, senior threat intelligence analyst with Fox-IT. “Either they were afraid of losing this investment or they just wanted more [business opportunities].”
Finding Mofang
Fox-IT discovered the group after uncovering some of its malware on VirusTotal, a free online service owned by Google that aggregates more than three dozen antivirus scanners made by Symantec, Kaspersky Lab, F-Secure and others. Researchers, and anyone else who finds a suspicious file on their system, can upload the file to the site to see if any of the scanners tag it as malicious.
Fox-IT uncovered two primary tools the group uses: ShimRat (a remote access trojan) and ShimRatReporter (a tool for conducting reconnaissance). The malware is custom tooled for each victim, which allowed Fox-IT to identify targets in cases where the victim’s name appeared in email documents the attackers used.
Unlike many nation-state hacks attributed to China, the Mofango group doesn’t use zero-day exploits to get into systems but instead primarily relies on phishing attacks that direct victims to compromised web sites where the malware downloads to their system using already known vulnerabilities. The group also hijacks antivirus products to run their malware, so that if a victim looks at the list of processes running on their system, it looks like a legitimate antivirus program is running when really it’s malware.
The researchers arrived at the China attribution in part because some of the code the attackers use is similar to code attributed to other Chinese groups. Additionally, documents used in the phishing attacks were created in WPS Office or Kingsoft Office, a Chinese software similar to Microsoft Office.
The Attacks
The first campaign hit a government entity in Myanmar in May 2012. Mofang hacked a Ministry of Commerce server. That same month, they also targeted two German automotive companies, one engaged in developing technology for armored tanks and trucks for the military, the other involved in rocket-launching installations.
In August and September 2013 they struck targets in the US. In one case, they targeted US military and government workers by emailing them a registration form for Essentials of 21st Century Electronic Warfare, a training course for US government employees held in Virginia. They also targeted a US tech company doing solar cell research as well as exhibitors at the 2013 MSME DEFExpo in India—an annual defense, aerospace and homeland security expo for companies selling to governments. In 2014 they struck an unknown South Korean organization, and in April that year they targeted a Myanmar government agency using a document purporting to be about human rights and sanctions in Myanmar.
“The variety [of their targets] is big, but they always go after technology and research and development companies,” Klijnsma says.
But the most telling attack came last year when they targeted a Myanmar government entity and a Singapore-based company called CPG Corporation, both of whom were involved in making decisions about foreign investments in the Myanmar special economic zone known as Kyaukphyu, which entices foreign investors with tax breaks and extended land leases. The Kyaukphyu zone was of particular interest to the China National Petroleum Corporation which began investing there in 2009. The company signed a memorandum of understanding to build a seaport and develop, operate and manage an oil and gas pipeline connecting Myanmar to China to save the Chinese company from having to sail through the Strait of Malacca to deliver gas. The Chinese government may have feared that without a binding legal agreement, Myanmar would renege on the deal.
In March 2014 Myanmar chose a consortium led by the CPG Corporation in Singapore to help make decisions about development in the zone. In 2015, the consortium intended to reveal the companies that had won infrastructure investment rights but by July no results had been disclosed. That’s when the Mofang group hacked the CPG corporation, Klijnsma says. Fox-IT does not know what specific information was taken, but the timing is illustrative.
“The timeline is very specific,” he says. “It lines up ridiculously well [with the decision-making period].”
In 2016, China won the tender to build the oil and gas pipeline and seaport in Myanmar’s economic zone. And with that, the Mofang group’s motives seem clear.
Source link
Governo indica rumos das políticas de TI. Software é prioridade
June 14, 2016 21:50
Sem ampliar indústria de software, Brasil vai perder a competitividade. Essa é a opinião de Maximiliano Martinhão, engenheiro que assumiu recentemente a Secretaria de Política de Informática do Ministério de Ciência, Tecnologia, Inovação e Comunicaçoes. Ele chega ao posto com o desafio é ampliar a presença brasileira no mercado internacional de TI.
Desde 2011 no cargo de secretário de Telecomunicações do extinto Ministério das Comunicações, ELE foi nomeado para a Sepin pelo ministro Gilberto Kassab. Nascido em Campinas (SP), é advogado e engenheiro de telecomunicações com mestrado pela Universidade de Strathclyde, no Reino Unido.
Em entrevista ao Portal MCTIC, ele afirmou que a Lei de Informática é o principal instrumento para impulsionar as empresas do setor e estimular os investimentos nos centros de pesquisa e universidades. “Vamos cuidar para que esses investimentos atendam políticas públicas.”
Segundo o secretário, o setor de Tecnologia da Informação e Comunicação e a indústria de software são fundamentais para o desenvolvimento do país. “Se o Brasil não se debruçar para ampliar essa indústria, perdemos competitividade”, afirma.
Veja a integra da entrevista do secretário ao Portal MCTI.
Quais são as principais ações da Secretaria de Política de Informática?
Na secretaria, existe um conjunto de iniciativas em andamento relacionadas à microeletrônica e às startups, que têm tudo a ver com o mundo da internet. A Sepin também administra os incentivos previstos na Lei de Informática. O maior instrumento em execução é esta lei, que impulsiona empresas, que, em contrapartida, devem realizar investimentos nos centros de pesquisa ou universidades. Vamos cuidar para que esses investimentos atendam políticas públicas e dar uma orientação clara ao setor privado, que se beneficia da lei, sobre os investimentos que devem ser feitos. Essa é uma grande demanda do setor.
Quais os objetivos da sua gestão à frente da Sepin?
Vamos dar continuidade ao trabalho que já existe e ampliar o incentivo à pesquisa no país. É fundamental criar uma capacidade de inovação relacionada às TICs [Tecnologias de Informação e Comunicação]. Hoje, o Brasil está entre o quarto e o quinto mercado [dependendo do indicador] em telecomunicações e informática, mas participamos muito pouco do mercado mundial. Um dos desafios é ampliar a participação da indústria brasileira de software nos mercados nacional e mundial.
Como superar esse desafio?
Maximiliano: Com parcerias para expandir as empresas, trabalhar em conjunto com os grupos que existem no país e que já investem em desenvolvimento das TICs, para elevar o papel do Brasil na cadeia global de software. Outro aspecto é o trabalho com as instituições de ciência e tecnologia, as ICTs, e as universidades. É importante atrair recursos humanos para a área de pesquisa. Vamos aproximar a indústria e os centros de desenvolvimento tecnológico, para atrair mais investimentos.
Como a execução da Lei de Informática pode ser aprimorada?
Vamos fazer isso de maneira muito tranquila, interagindo com as secretarias do MCTIC, sob a coordenação do ministro Gilberto Kassab. Um ponto muito relevante é colocar a secretaria a favor da elaboração das políticas voltadas para o mundo cibernético. A Sepin tem grande potencial para formular uma política de longo prazo para o mundo cibernético. No momento, por exemplo, está em discussão no Congresso Nacional um projeto relacionado à Lei de Proteção dos Dados Pessoais. Isso tem a ver com a criação de um marco regulatório capaz de atrair investimentos em áreas como Internet das Coisas, sem trazer insegurança para o usuário em relação à privacidade de seus dados. A gente também precisa estabelecer uma política para cloud computing no Brasil. As TICs e a indústria de softwares são fundamentais para o desenvolvimento. Se o Brasil não se debruçar para ampliar essa indústria, perdemos competitividade. Há necessidade de dar maior unicidade e coerência às diferentes ações empreendidas na esfera pública com vistas aum grande programa de uso de TICs no país, e que a secretaria se enxerga como parceira dos demais ministérios, dos institutos de pesquisa, das associações de classe, do CGI [Comitê Gestor da Internet] e empresas para desenvolver uma estratégia digital brasileira.
*Do Portal MCTIC.
Fonte
DEVBEERS CE 3ª
June 14, 2016 19:19
Descrição do evento
É a terceira edição do devbeers Fortaleza! o/
O evento é focado em desenvolvedores e cerveja, então se você quer conversar sobre a sua linguagem de programação favorita e tomar uma cerveja, venha se juntar a nós.
Se você nunca foi no devbeers, selecione o ingresso “Estreantes” quando for se cadastrar. Caso eles acabem, pode selecionar o ingresso normal também. 
Dessa vez estaremos no Boozer’s Pub & Hostel! Ele fica na Aldeota, endereço Rua Carlos Vasconcelos, n° 834, esquina com Pereira Filgueiras, Fortaleza/CE.
Facebook: Boozer’s Pub & Hostel
Quando: 22 de junho de 2016, 19h30-23h
FAQs
O evento tem um código de conduta?
Sim! Ele pode ser encontrado aqui.
Preciso levar o ticket impresso?
Não! É só você procurar um dos organizadores do evento com o QR Code do ticket aberto no seu celular, ou se sua bateria acabou, é só falar o nome que já conseguimos fazer o check-in.
Aconteceu um imprevisto e não posso mais ir. 
Como faço para cancelar o ingresso?
A Sympla pode ajudar com isso! Seguem as instruções de como fazer:
A inscrição é pessoal (nominal) e será conferida digitalmente. É indispensável a apresentação de um documento de identificação com foto.
Transferência de titularidade só será aceita até 48 horas antes do dia do evento, entre em contato comsuporte@sympla.com.br;
Cancelamentos serão aceitos no prazo de 7 (sete) dias corridos, contados a partir da data da inscrição e desde que 48 horas antes do início do evento.
Caso não tenha recebido a inscrição em seu e-mail, você pode acessá-lo a qualquer momento, através do menu “Meus pedidos” na Sympla, ou entre em contato através do e-mail suporte@sympla.com.br;
Dúvidas sobre a forma de processamento do seu pagamento entre em contato direto com o processador de pagamentos MoIP: atendimentosympla@moip.com.br;
Outras informações podem ser encontradas em nossa Central de Ajuda;
Contato da organização do evento:
Github: https://github.com/devbeers/
Email: contato@devbeers.io
Twitter: devbeers
Facebook: devbeers
Website: http://devbeers.io
Organizadores:
Vinicius Carvalho
Felipe Mota
Filipe Costa
Relacionado
Nenhuma visualização ainda
Tags: Boozer’s, cerveja, Desenvolvimento, devbeers
Fonte
Blizzard may be teasing the next Hearthstone adventure
June 14, 2016 19:18
Images posted to the Brazilian and Latin American Hearthstone pages may be teases for the next Hearthstone Adventure, which a Reddit thread suggests “will probably be a travel agency themed adventure where you will visit different places of Azeroth.”
The images feature what appear to be travel brochures, while the text accompanying them, according to another helpful Redditor, translates to, “Discover the unexpected, the strange and the insane with C’thun Travel Agency, Vacations #OldGods Style.” The brochure itself teases travel to the land of the Pandaren, the enigmatic, panda-like race from World of Warcraft.
“Imagine you find yourself surrounded by trees with golden leaves and majestic mountains. You just crossed the impregnable door protected by the August Celestials and a waterfall welcomes you while you start your journey to an exotic world. Open your eyes and wonder with the Vale of Eternal Blossoms, located in the very heart of the ancient Pandaria.
Enjoy extraordinary panoramas and taste one of the best know local delights: the old fashion roasted bamboo sandwiches. It doesn’t matter how big your expectations are, you will have a PANDAstic time on your holidays!”
We’ve reached out to Blizzard to ask about these images, and we’ll let you know if we receive a reply. In the meantime, I think Reddit’s advice is probably worth taking: It’s time to start saving your gold.
Source link
Hack Brief: Russia’s Breach of the DNC Is About More Than Trump’s Dirt
June 14, 2016 19:16
Four decades ago, breaking into the files of the Democratic National Committee meant burglarizing the headquarters at the Watergate hotel. Today’s spies and saboteurs can breach the DNC’s computer network far more quietly.
On Tuesday, security firm Crowdstrike revealed that not one but two groups of hackers believed to be based in Russia had done just that. The intruders, according to Crowdstrike and the DNC officials who spoke to the Washington Post, fully accessed the campaign organization’s emails and chats, and stole opposition research on Republican presidential front-runner Donald Trump.
“The security of our system is critical to our operation and to the confidence of the campaigns and state parties we work with,” congresswoman and DNC chair Debbie Wasserman Schultz wrote in a press statement. “When we discovered the intrusion, we treated this like the serious incident it is and reached out to CrowdStrike immediately. Our team moved as quickly as possible to kick out the intruders and secure our network.”
The Hack
In a blog post detailing the attack, Crowdstrike pointed to two groups of known Russian government-aligned hackers, one dubbed Cozy Bear and another called Fancy Bear. According to Crowdstrike, the two teams seemingly worked independently, either unaware of each others’ existence or even vying for dominance within the strange, internally competitive intelligence apparatus of Vladimir Putin’s regime.
Cozy Bear, Crowdstrike says, first breached the DNC a year ago, while Fancy Bear struck more recently, with the targeted goal of accessing the Trump research files. Crowdstrikes writes that though Cozy Bear typically uses spearphishing emails as its initial entrypoint, Fancy Bear has in previous attacks created spoofed web login pages for the organizations it targets to steal staffers’ credentials and gain a foothold. It’s unclear which methods were used here. Once in, both groups installed malware on the DNC’s servers and PCs to continually steal and send information back to “command-and-control” servers.
In fact, Crowdstrike writes that the groups changed their malware on a regular basis and frequently altered their “persistence” techniques to avoid deletion by antivirus programs or other security measures. All of that, along with the two groups’ histories of breaching targets from the White House to the State Department, points to Russian government espionage as the breach’s motive.
“We identified advanced methods consistent with nation-state level capabilities including deliberate targeting and ‘access management’ tradecraft,” Crowdstrike’s co-founder Dmitri Alperovitch wrote in his blog post. “Both adversaries engage in extensive political and economic espionage for the benefit of the government of the Russian Federation and are believed to be closely linked to the Russian government’s powerful and highly capable intelligence services.”
Who’s Affected?
The DNC’s breach should raise alarm bells beyond the Democratic campaign—and not just in the Trump camp, where the candidate’s staff are no doubt wondering what political dirt Putin’s spies have accessed and how it might be leveraged. (Given that Putin has showered Trump with praise—and vice versa—Trump may not be worried about how the Russian dictator would use it, but rather how the DNC and Clinton campaign ultimately might.) Neither the Trump nor Clinton campaigns responded to WIRED’s request for comment.
It’s the same thing we do: Let’s suck this target completely dry and turn it into signals intelligence product. Dave Aitel of security firm Immunity
The same hackers who breached the DNC have also probed the networks of both the Trump and Clinton campaigns, as well as some Republican political action committees, officials told the Post. And within the security community, there’s little doubt that well-resourced state-sponsored hackers can be stopped by the cybersecurity teams of those organizations, which despite their political ties don’t have the direct protection of the NSA or the Department of Homeland Security. Both the Obama and McCain campaigns were compromised by hackers in 2008, for instance. As Thomas Ptacek, the co-founder of security firm Matasano wrote on Twitter Tuesday, “The only thing interesting about the DNC hack is that they got caught this time.”
The only thing interesting about the DNC hack is that they got caught this time.
— Thomas {{Ptacek}}} (@tqbf) June 14, 2016
All of that means that the focus on the DNC’s opposition files may be a mere distraction for the Trump-obsessed media, says Dave Aitel, a former NSA analyst who now runs the security firm Immunity. He argues that both Republican and Democratic campaigns have likely been targeted by hackers seeking all sorts of data—not only Russian, but also Chinese and even Iranian—and that Crowdstrike’s efforts to remove those intruders won’t necessarily keep them from coming back for more. “People get confused because they assume they’re after one thing. But this is about long-term collection, not any particular piece of information,” says Aitel. He compares the Russian hackers with America’s own elite espionage teams in the signals intelligence division of the NSA. “It’s the same thing we do: Let’s suck this target completely dry and turn it into signals intelligence product. This is not a one-time event.”
How Serious is This?
Crowdstrike’s Alperovitch echoes the warning that the DNC breach may not be the last hack of the 2016 election season. “The 2016 presidential election has the world’s attention, and leaders of other states are anxiously watching and planning for possible outcomes,” Crowdstrike’s Alperovitch writes. “Attacks against electoral candidates and the parties they represent are likely to continue up until the election in November.”
In fact, the threat of hackers attacking campaign organizations could extend well beyond November. While opposition research information represents a juicy digital target, more troubling still would be the possibility for foreign governments’ intelligence agencies to influence domestic electoral politics by choosing a side and disrupting the other’s campaign strategy. U.S. federal agencies, for all their cybersecurity disasters, at least have massive national resources backing them. Political campaigns often don’t. And foreign cyberspies, both parties can agree, are one special interest group that has no place in American democracy.
Source link
Assinatura digital vira obrigatória para empresas com cinco funcionários
June 14, 2016 17:48
A partir de 1º de julho, empresas com mais de cinco funcionários passam a ser obrigadas a usarem certificação digital. A partir de 2017, a regra será expandida para companhias com mais de três empregados.
“A aplicação da exigência já era esperada pelo mercado”, enfatiza Renato Teixeira, diretor da Autoridade Certificadora Doccloud.
O executivo lembra que a identidade virtual já era obrigatória no dia a dia das empresas para envio de informações trabalhistas, fiscais e previdenciárias. “A tendência é cada vez mais fazer uso do registro eletrônico como meio de confirmar a autenticidade de documentos e declarações”, acrescenta.
Desde dezembro de 2015, o governo vem ampliando a exigência da adoção da identidade digital para as PJs (Pessoas Jurídicas). Naquele ano, incluiu as empresas com mais de 10 funcionários; em janeiro de 2016, estendeu a necessidade para a rotina operacional das PJs com mais de oito empregados e, agora, torna o requisito ainda mais abrangente.
Segundo Teixeira, a utilização do certificado digital trará mais segurança às transações e celeridade operacional a essas empresas, além de redução de custos, principalmente os relacionados com deslocamentos e autenticações.
Para os profissionais contábeis, a exigência não altera a rotina dos escritórios, já alertas ao cronograma de obrigações fiscais das empresas. O ponto de atenção é a validade do certificado digital, que precisa estar ativo para envio das informações.
Fonte
Consultor Técnico – Suporte Help Desk
June 14, 2016 15:17
Consultor Técnico – Suporte Help Desk
– Postado por wlissesbb
| 14 jun 2016
Condomínio Edifício Santos Dumont Center – Av. Santos Dumont, 905 – Aldeota, Fortaleza – CE, 60150-160, Brasil
Emprego
Descrição da Vaga
Resumo das Atividades a serem Executadas:
Atendimento ao cliente – suporte á sistemas interativo.
A atividade a ser desenvolvida é o auxilio ao cliente para o uso aos sistemas interativos desenvolvido pela empresa, com possibilidades para realização de atendimento externo ao cliente e acompanhamento em eventos (congressos, feiras, etc..)
Preferências: Pessoas com experiência na função de atendimento a sistemas, atendimento ao cliente, sistemas de eventos, sistemas financeiros ou afins.
ATENÇAO: A VAGA NAO É PARA SUPORTE A INFRA-ESTRUTURA
Habilidades:
Identificação e resolução de problemas, Acompanhamento de dependências, Habilidade na tratativa com o cliente, Ser organizado, Ter empatia, Ser solicito, Saber trabalhar em equipe.
Relacionado
Como aplicar
Interessados enviar currículo para: administrativo@itarget.com.br
Relacionado
Job Categories: Free.
Job Types: Emprego.
Job Tags: financeiro, gestão, sistemas, suporte e web.
Job Salaries: Não informado.
Vaga expira em 5 days
Você deve fazer login ou criar uma conta, a fim de enviar uma vaga
Fonte
The Legend of Zelda: Breath of the Wild Might Be The Open World Zelda We Always Wanted – IGN
June 14, 2016 15:15
IGN spent 35 minutes exploring and surviving in Nintendo’s fascinating open world Zelda game.
Source link
Computers and Education: Towards a Lifelong Learning Society
June 14, 2016 15:10
This volume contains a selection of papers on the most up-to-date experiences in the field of computers and education. It includes most relevant case studies and novel research results addressing technical and methodological aspects of computers and educations. It is relevant to researchers, practitioners, teaching staff and developers working in e-learning, computer-based education, educational software, distributed learning, lifelong learning, and open and distance learning.
