- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- FN
- Forums
- HK
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Warriors
Archive for category Comms
Russian Hackers Attack Illinois Utility
Posted by Gary in Comms, News, Threat Watch on 19/Nov/2011 20:56
From: PopSci
The Illinois Statewide Terrorism and Intelligence Center released a “Public Water District Cyber Intrusion” report on November 10 that indicates that hackers may have had access to the system since September. Hackers using Russian IP addresses hacked the software vendor that makes the system. They were then able to access the vendor’s database of usernames and passwords, and used the stolen credentials for remote access to the SCADA system’s network. These vendors keep records of their customer’s access information for maintenance and upgrading the systems.
Two to three months before the discovery of the hack, operators noticed “glitches” in the remote access to the SCADA system. “They just figured it’s part of the normal instability of the system,” said Joe Weiss, cybersecurity expert and managing partner at Applied Control Solutions, who obtained a copy of the report. “But it wasn’t until the SCADA system actually turned on and off that they realized something was wrong.”
UK Police Intercepting Cell Traffic
From: Threat Level
Britain’s largest police force has been using covert surveillance technology that can masquerade as a mobile phone network to intercept communications and unique IDs from phones or even transmit a signal to shut off phones remotely, according to the Guardian.
The system, made by Datong in the United Kingdom, was purchased by the London Metropolitan police, which paid $230,000 to Datong for “ICT hardware” in 2008 and 2009.
The portable device, which is the size of a suitcase, pretends to be a legitimate cell phone tower that emits a signal to dupe thousands of mobile phones in a targeted area. Authorities can then intercept SMS messages, phone calls and phone data, such as unique IMSI and IMEI identity codes that allow authorities to track phone users’ movements in real-time, without having to request location data from a mobile phone carrier.
…
A spokesman for the U.S. Secret Service verified to CNET that the agency has done business with Datong, but would not say what sort of technology it bought from the company.
The FBI is known to use a similar technology called Triggerfish, which also pretends to be a legitimate cell tower base station to trick mobile phones into connecting to it. The Triggerfish system, however, collects only location and other identifying information, and does not intercept phone calls, text messages, and other data.
New Malware Brings Cyberwar One Step Closer
Posted by Gary in Comms, News, Threat Watch on 21/Oct/2011 03:29
From: MIT
A newly discovered piece of malicious code dubbed Duqu is closely related to the notorious Stuxnet worm that damaged Iran’s nuclear-enrichment centrifuges last year. Although it has no known target or author, it sets the stage for more industrial and cyberwar attacks, experts say.
“This is definitely a troubling development on a number of levels,” says Ronald Deibert, director of Citizen Lab, an Internet think-tank at the University of Toronto who leads research on cyberwarfare, censorship, and espionage. “In the context of the militarization of cyberspace, policymakers around the world should be concerned.”
Indeed, the spread of such code could be destabilizing. The Pentagon’s cyberwar strategy, for example, makes clear that computer attacks on industrial and civilian infrastructure like chemical factories or power grids as well as military networks could be regarded as equivalent to a conventional bombing or other attack, if civilians were endangered.
Appeals Court OKs Challenge to Warrantless Electronic Spying
Posted by Gary in Comms, Law, News, Threat Watch on 22/Sep/2011 08:19
From: Threat Level
A legal challenge questioning the constitutionality of a federal law authorizing warrantless electronic surveillance of Americans inched a step closer Wednesday toward resolution.
The 2nd U.S. Circuit Court of Appeals for the second time rejected the Obama administration’s contention that it should toss a lawsuit challenging the 2008 Foreign Intelligence Surveillance Amendments Act. Among other things, the government said the plaintiffs — Global Fund for Women, Global Rights, Human Rights Watch, International Criminal Defence Attorneys Association, The Nation magazine, PEN American Center, Service Employees International Union and others — don’t have standing to bring a constitutional challenge because they cannot demonstrate that they were subject to the eavesdropping or suffered hardships because of it.
9/11 Completely Changed Surveillance in U.S.
Posted by Gary in Comms, Law, News, Threat Watch on 12/Sep/2011 15:46
From: Wired
Former AT&T engineer Mark Klein handed a sheaf of papers in January 2006 to lawyers at the Electronic Frontier Foundation, providing smoking-gun evidence that the National Security Agency, with the cooperation of AT&T, was illegally sucking up American citizens’ internet usage and funneling it into a database.
The documents became the heart of civil liberties lawsuits against the government and AT&T. But Congress, including then-Sen. Barack Obama (D-Illinois), voted in July 2008 to override the rights of American citizens to petition for a redress of grievances.
Congress passed a law that absolved AT&T of any legal liability for cooperating with the warrantless spying. The bill, signed quickly into law by President George W. Bush, also largely legalized the government’s secret domestic-wiretapping program.
Obama pledged to revisit and roll back those increased powers if he became president. But, he did not.
“Defective” Chips could have caused U.S. military shut down by secret ‘back door’
Posted by Jack Sinclair in Comms, News, Threat Watch, Warrior Tools on 13/Jul/2011 11:03
“Sources have confirmed that the U.S. Department of Defense over recent months purchased 59,000 microchips to use in Navy equipment that control everything from missiles to transponders.
But all of the chips turned out to be cheap knock-offs from China, and they ultimately were not installed, according to sources.
Besides being subject to failure, the chips also were designed with a “back door” which would have allowed the chip, and the device it controlled, to be shut down remotely at any time, sources report.
Had the flaw not been detected, the chips could have shut down U.S. warships, aircraft, advanced weapons systems and encoded transponders that distinguish friendly aircraft from hostile attackers.”
Citi Credit Card Information Stolen
Posted by Brian in Comms, News, Threat Watch on 10/Jun/2011 13:41
Information on 200,000 Citi Credit Card Customers was stolen in an attack on their network.
Citi said no birth dates, Social Security numbers or card security codes were accessed by the hackers last month. They got away with account numbers and e-mail addresses. The financial institution said it would provide new cards to affected customers.
From Wired’s Threat Level
Cyber combat: act of war
Posted by Gary in Comms, Threat Watch on 3/Jun/2011 14:42
From: WSJ via Kurzweil AI
Cyber combat: act of war
June 1, 2011
Source: Wall Street Journal — May 31, 2011
The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, opening the door for the U.S. to respond using traditional military force.
Pentagon officials believe the most sophisticated computer attacks require the resources of a government. For instance, the weapons used in an assault such as taking down a power grid would likely have been developed with state support.
Defense officials refuse to discuss potential cyber adversaries, although military and intelligence officials say they have identified previous attacks originating in Russia and China.
Topics: Computers/Infotech/UI | Survival/Defense
EFF Demands Answers About Secret Surveillance Law Memo
From: EFF
EFF Demands Answers About Secret Surveillance Law Memo
EFF has filed a Freedom of Information Act suit against the Department of Justice (DOJ), demanding the release of a secret legal memo used to justify FBI access to Americans’ telephone records without any legal process or oversight. This suit stems from a report released last year by the DOJ’s own Inspector General that revealed how the FBI had come up with a new legal argument to justify secret, unchecked access to private telephone records. According to the report, the DOJ’s Office of the Legal Counsel had issued a legal opinion agreeing with the FBI’s theory. EFF’s lawsuit is seeking that legal opinion, which is a crucial piece of the puzzle in understanding the government’s efforts to expand and overreach their surveillance powers.
Bill Would Limit Amateur Radio’s Ability to Aid during Emergencies
Amateur Radio spectrum is a crutial part the country’s ability to respond to emergencies and disasters. During 9/11, the Space Shuttle Columbia Disaster, and virtually every storm and hurricane, that spectrum is used by unpaid volunteers to provide absolutely essential communication, often when government resources are not available. The Federal government is trying to sell an important and limited resource in a short-sighted attempt to pay for more toys for DHS. If DHS needs more equipment then they should make their case before congress and get the appropriations like the DOD and everyone else. Just because you dont personally use that radio spectrum doesn’t mean its not important to the nation. Why dont we just sell Yellowstone Park to the Chinese while we are at it, that would raise some cash too.
From: USA Today
Ham radio enthusiasts nationwide are concerned about a bill in Congress that they say would limit their ability to help in disasters and emergencies.
Rep. Pete King, R-N.Y., chairman of the Homeland Security Committee, introduced legislation last month aimed at enhancing emergency communications for first responders by reallocating certain frequencies exclusively for public safety.
To offset lost revenue from that change, the bill includes a provision that would allow the 420-440 MHz frequencies currently provided free to amateur radio to be auctioned off.
Those frequencies are used not just by hobbyists but also by hundreds of thousands of Amateur Radio Emergency Service volunteers and severe-weather spotters working with National Weather Service.
…”It’s a bad idea. It’s not good for public safety,” said Harlin McEwen, chairman of a technology committee for the International Association of Chiefs of Police and a spokesman for the National Public Safety Telecommunications Council.
Iranian hackers obtain fraudulent HTTPS certificates
Posted by Gary in Comms, News, Threat Watch on 28/Mar/2011 18:38
From: EFF
Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get?
On March 15th, an HTTPS/TLS Certificate Authority (CA) was tricked into issuing fraudulent certificates that posed a dire risk to Internet security. Based on currently available information, the incident got close to – but was not quite – an Internet-wide security meltdown. These events show why we urgently need to start reinforcing the system that is currently used to authenticate and identify secure websites and email systems.
USB Drives left at Dry Cleaners on the Rise
Posted by Gary in Comms, News, Threat Watch on 25/Mar/2011 14:59
Encrypt your USB Drives
From: SC Magazine UK
A survey of dry cleaners in the UK has found that more than 17,000 USB sticks were left behind in 2010.
More than 500 dry cleaners and launderettes in the UK were asked during December 2010 and January 2011 about removable media that was left behind. Estimated figures suggested that there was an increase on the number of USB sticks left in dry cleaners of more than 400 per cent when compared with figures from 2009, and almost double from what was found in 2008.
…With the best intentions in the world, the reality is devices are often left behind and the information they contain could be devastating if disclosed. Organizations need to plan for this when developing their security strategies.”
RSA compromise: Impacts on SecurID
Posted by Gary in Comms, News, Threat Watch on 23/Mar/2011 14:36
From: Dell SecureWorks
RSA is the security division of EMC software, best known for the popular SecurID two-factor authentication tokens used in high-security environments including some government networks. RSA announced that a cyberattack resulted in the compromise and disclosure of information “specifically related to RSA’s SecurID two-factor authentication products”. The full extent of the breach remains publicly unknown. RSA states that “this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.” Organizations that make use of SecurID should be alert for attempts at circumventing their authentication infrastructure, though no specific attacks are known to be occurring at the time of this publication.
RSA’s breach disclosure
On March 17, 2011, RSA announced [1] that a cyberattack on its systems was successful and resulted in the compromise and disclosure of information “specifically related to RSA’s SecurID two-factor authentication products”. While the full extent of the breach remains publicly undisclosed, RSA states that “this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”
Taming Chaos with a Personal Plan
Posted by Brian in Comms, Opinion, Threat Watch on 17/Mar/2011 14:53
Taming Chaos with a Personal Plan is republished with permission of STRATFOR.
By Scott Stewart
Over the past week we’ve seen a massive earthquake and tsunami in Japan that caused a nuclear accident, the Saudis sending troops into Bahrain to quell civil unrest there and the government of Yemen taking measures to expel foreign media as protests have swelled against Yemeni President Ali Abdullah Saleh.
We have also recently seen large-scale evacuations of expatriates from Tunisia, Egypt and Libya, and it is not unreasonable to assume that we might see a similar exodus from Bahrain and Yemen if developments in those countries deteriorate. Moreover, in Japan, the risk of radiation and conditions that are not yet under control at the Fukushima Daiichi nuclear power plant could force further evacuations there.
In light of this uncertain environment, STRATFOR thought it prudent to address once again the topic of personal contingency planning. Indeed, we also made this topic the subject of this week’s 
Above the Tearline video. While we have often discussed this topic in relation to terrorist attacks, its principles are also readily applicable to crises caused by natural disaster, war and civil unrest. When a crisis erupts, having an established personal contingency plan provides people with a head start and a set of tools that can help them avoid, or at least mitigate, the effects of the chaos and panic that accompany crisis events. Read the rest of this entry »
Using the Evolved Cyber Range – Free Webinar
Posted by Gary in Comms, Threat Watch, Training on 11/Mar/2011 19:04
From: IDGA
Using the Evolved Cyber Range to Arm and Train U.S. Warriors to Win Cyber War
Tuesday, April 5, 2011, 2:00 PM – 3:00 PM ET
Presenter: Scott Register
 |
How are military and intelligence organizations such as the U.S. Defense Information Systems Agency (DISA), the U.S. European Command (EUCOM), and Northrop Grumman (U.S. and U.K.) deploying cyber range technology? What are these organizations doing to develop the expertise of personnel and then equipping them with the advanced tools needed to fulfill cyber security missions?
Join BreakingPoint Systems, the global leader in cyber range technology, and learn how U.S. government and military can properly train personnel with the skills to defend against cyber terrorism, espionage, and theft of intellectual property.
Listen to the best practice case studies of DISA, EUCOM, and Northrop Grumman as they use the latest technology and establish a turnkey system to deliver a complete, scalable, and operational cyber range.
Learn how to use technology to simulate Internet-scale cyber war conditions in a controlled environment in order to establish IT certification methods and curriculum needed for assessing, training, and qualifying cyber warrior personnel.
View the Whitepaper
After attending this webinar you will know how to:
- Deploy and use a modern cyber range machine to create an operationally relevant environment that precisely mirrors the Global Information Grid (GIG), enabling sophisticated simulation of real-world cyber conditions
- Optimize and harden the resiliency—the performance, stability, and security—of next-generation deep packet inspection (DPI) devices to carry out effective Lawful Intercept programs and related missions
- Model and research advanced cyber threats including Stuxnet and botnet-driven distributed denial of service (DDoS) attacks
- Implement a scalable approach for training and certifying cyber warriors in critical Information Assurance (IA), Information Operations (IO), and Mission Assurance (MA) skills.
- Establish centralized command and control to monitor and manage a distributed network of remote cyber ranges