This is a typical example how malware authors make money.
They sell their programs and have other people make the attacks on you.
RSA blogs has the story – RSA is a security division of EMC company which has security encryption
RSA was one of the first practicable public-key cryptosystems and is widely used for secure data.
We recommend that you do not use SMS banking – as it is done over text. You should not use such a weak encrypted method
Here the EFF recommends not to text over SMS anything you dont want others to see.
GoodGearGuide out of Australia has a report:
Denial of service “attack” can cause a reboot of your phone.
It affects all Android 4.x firmware versions on Google Galaxy Nexus, 4 and 5.
When a phone receives a large number of SMS(Short Message Service- otherwise know known as text) messages it could reboot
A gang of 3 hackers were caught and have now been charged with conspiring to hack government computers.
A Wired story discusses the different hacks that occured:
1. gang is accused of using SQL-injection hacks and other methods to gain access to various systems including ones belonging to the U.S. National Geospatial Intelligence Agency
the most interesting point is how they went about doing it:
first a member scanned Internet websites for security vulnerabilities on protected computers, and especially to government, military and critical infrastructure sites.
Second they exploited the vulnerability by using SQL injection, and obtained the database schema.
Third, a member then saved the data
Fourth, upload the data to cloud storage websites – placing the data for public to see.
Fifth, they then claimed credit for the hack
Some websites were shutdown in order to fix the problems.
This is the court document on the Wired site.
ARIN – American registry for Internet Numbers
SANS – (SysAdmin, Audit, Networking, Security) A private company teaching the ins and outs of security
DIG – an excellent utility to check DNS (Domain name service on the net at Kloth.net
Virustotal – An excellent online malware analysis tool (wondering if a file has malware? upload and check.
ISC – Internet Storm Center , a daily update on Security concerns on the net (run by SANS)
More to come…
NIST Cybersecurity framework pdf
The Framework Core consists of
five concurrent and continuous Functions—Identify, Protect, Detect, Respond, Recover.
This Framework is designed to protect critical infrastructure of the United States (utilities, police, fire, and other government functions)
Small business owners can learn some things as to what to do in the primary function of the framework: to Identify your risk and develop organizational understanding to handle this.
It seems that this framework is not very specific, and may be helpful to some companies which have not put the time into making Cybersecurity a priority.