Iran Has Been Targeting VPN Servers to Plant Backdoors (zdnet.com) 49
"A new report published today reveals that Iran's government-backed hacking units have made a top priority last year to exploit VPN bugs as soon as they became public in order to infiltrate and plant backdoors in companies all over the world," writes ZDNet:
According to a report from Israeli cyber-security firm ClearSky, Iranian hackers have targeted companies "from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors." The report comes to dispel the notion that Iranian hackers are not sophisticated, and less talented than their Russian, Chinese, or North Korean counterparts. ClearSky says that "Iranian APT groups have developed good technical offensive capabilities and are able to exploit 1-day vulnerabilities in relatively short periods of time." [ATP stands for "advanced persistent threat" and is often used to describe nation-state backed cyberattackers.]
In some instances, ClearSky says it observed Iranian groups exploiting VPN flaws within hours after the bugs have been publicly disclosed...
According to the ClearSky report, the purpose of these attacks is to breach enterprise networks, move laterally throughout their internal systems, and plant backdoors to exploit at a later date.
In some instances, ClearSky says it observed Iranian groups exploiting VPN flaws within hours after the bugs have been publicly disclosed...
According to the ClearSky report, the purpose of these attacks is to breach enterprise networks, move laterally throughout their internal systems, and plant backdoors to exploit at a later date.
Iran blahblablah Russia blahblahblah (Score:3, Insightful)
The US OWNS the whole internet from day 1.
Planting backdoors in all vital Cisco equipment about which the media suddenly stays silent.
Re: (Score:2)
Why would anyone want to tap a hole that's been used by Trump?
Re: (Score:2)
In Soviet Putinistan, hole taps you!
Re: (Score:2)
Hey, that's pretty good.
Ah ah ah! What a country!
Downmod him all you want. He's still right. (Score:3, Insightful)
You and I might not like it, but he's factually correct.
Don't we all have our own filter bubble that we'd like to keep. ;)
You know, that is why Russian or Iranian people are more likeable. :)
They know their government is a piece of shit. They would never downmod somebody who said something like this about their government. They'd probably only complain because they already said that and said it first.
And call everyone who goes "yay Russia/Iran leaders" a nutter.
It's only Americans who collectively got this
Re:Downmod him all you want. He's still right. (Score:4, Interesting)
Which Americans? There's an entire political party dedicated to the idea of being at least closet anti-American.
Furthermore, the GP is committing a fallacy by assuming that, because the United States has backdoors in Cisco equipment (and elsewhere) that Iran isn't somehow trying to infiltrate VPNs. It's completely orthogonal to the story, which is why he was down-modded.
Re: (Score:2)
The Dem opponent running for Collins' Senate seat has adopted the head chopper from the Reign of Terror as her symbol for her campaign. That's pretty fucking anti-american.
Re: (Score:2)
Democrats are only pro-America if they control it. If it's controlled by someone else, they are not going to offer much support.
Re: (Score:1)
Re: (Score:3)
So has the United States (Score:5, Insightful)
Just saying we should be wary of these sorts of stories cropping up about Iran in particular. The current administration still would very much like a war, especially one before November.
Actually, remembering Ukraine.... (Score:3)
It was CIA "protesters" for a CIA leader on one side, and FSB "protesters" for a FSB leader on the other side. ^^
And we got sold it as "the orange revolution".
While Russia & co got sold it as the equivalent.
The damn actual people didn't even get a choice of a leader that's not a foreign puppet!
And then "we" backed the Swoboda... A party of literal Nazis, with SS rune tattoos and a leader that openly did the Hitler salute on camera!
As it it was actually the party on the side of the Ukranians... lol.
And R
Re: (Score:1)
1. Thats billable hours for NSA, CIA, MI6 workers and contractors that could slow down.
Think of the house, boat, education, international holidays that depends on that spending over decades.
2. International missions, thats gov support in nice holiday locations all year. With the better pay to enjoy the mission.
3. Workers who do not get enough pay and who are not enjoying gov/mil work tend to find Russian friends.
The Russians are very understanding o
Re: (Score:2, Interesting)
Fucking hell, you must read only foreign propaganda sites and nothing written by actual journalists telling the actual truth or something.
Yes, spy agencies can encourage unrest, and yes, maybe they can provoke a few tens of thousands of people on the streets to protest. What they can't do is control literally millions of people as you're implying to rise up and overthrow their government, if they could, it's a fairly simple logical jump to realise that every nation would currently be Western aligned, with W
Re: (Score:2)
According to a report from Israeli cyber-security firm ClearSky
Well, we can throw these allegations out the window. They may actually be infiltrating VPNs, but I'm not going to take the word of a group of ex-Mossad and IDF for it especially when they don't seem to be offering any sort of proof. This is likely about as reliable as Memri's insertion of "wipe Israel off the map" into a speech when that idiom doesn't even exist in Farsi.
Re: (Score:2)
and China. And North Korea. And Germany. And I'm pretty sure if we looked into it we could find Denmark and Somaliland had. Just saying we should be wary of these sorts of stories cropping up about Iran in particular. The current administration still would very much like a war, especially one before November.
Um, no, it would not like a war.
It was the previous one that enjoyed blowing things up, while still deliberately remaining weak. The current one prefers being strong and therefore deterring war when possible.
It's the dems who are floundering and need an October surprise. I'm sure they'll come up with several ...
Re: (Score:2)
They will if those corporations employ people like you.
Re: These are the idiots who shot down their own p (Score:2)
Those "idiots" also took down US drones to reprogram them for themselves. ^^
In any case, don't believe any media that is reporting on the leadership's enemies. In any country.
Because trust me, you and I don't know the tip of the tip of the iceberg of what's really going on.
(Disclaimer: I've got somebody in my family who does know what's going on.)
All we do, is useless bickering, and hating people we've never even met.
To what end? Being puppets in a mob of some asshole?
Focus on what's real, in front of you!
T
Re: (Score:2)
When a drone is shot down while cruising at 60,000 feet there's not much left after it hits the ground to "reprogram for themselves".
Using a VPN... (Score:4, Insightful)
Re: (Score:3)
This is about corporate VPNs... but sure, VPN services do little more than hack geolocation for most people, so it is sufficient to not own it yourself. It can also deal with traffic management issues and casual snooping. (Example: using a VPN might prevent a hotel with a lot of cameras from being able to also link screen data to IP traffic, so they might not get the full picture of what is going on as I check bank data or whatever, since they don’t even get DNS requests to work from.)
But, I sure wi
Re: (Score:1)
Here let me correct the line in the article "According to a report from Israeli cyber-security firm ClearSky, "Israeli hackers pretending to be Iranian hackers" have targeted companies "from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors."
Like anyone is stupid enough to believe anything from a country corrupt enough to claim self defence when shooting protestors using snipers at long range, yeah they felt threatened because there were rocks in the field inbetween the snip
Re: (Score:1)
Yes, that's it. It's the one progressive democratic country in the Middle East that's causing all the problems, not the stone age terrorist wackjobs. You figured it out.
Re: (Score:2)
It's a theocracy with a marginally representative government.
Re: (Score:1)
You are a copyright troll looking for some victims to sue. You see a connection from an IP address but it traces back to a VPN service that says it doesn't log and isn't legally obligated to help you. How do you sue them?
You are a copyright troll looking for some victims to sue. You see a connection from an IP address that belongs to a well known ISP. Reverse lookup even gives you the name of the suburb. How do you sue them?
Re: (Score:2)
Sure, it goes back to the purpose. Me, I am not concerned about Studio W going after me for a license violation of Netflix showing me a movie.
Re: (Score:2)
Not owning the VPN is actually the point of a lot of these services.
For anonymity it helps to mix your traffic in with a bunch of other people's and making tracing any of it to billing information impossible.
ATP stands for "advanced persistent threat" (Score:5, Funny)
No, it stands for "adenosine triphosphate".
Re: (Score:1)
Re: (Score:3)
No, it stands for "adenosine triphosphate".
Airline Transport Pilot
All This, Plus:
Association of Tennis Professionals
Automatic Train Protection
At This Point
and a few NSFW items such as this [urbandictionary.com].
But hey, it's a holiday in the US and the PoTUS would approve of the last one, so click away.
Seems like an awful lot of work to me (Score:5, Informative)
Considering most major companies, especially the Telecom industry, have so much outsourcing in India and Random-istan, that all you need to do to gain access to the networks in question is simply bribe an employee. Trust me when I tell you they have access to EVERYTHING.
Considering where said employees live, it wouldn't even cost all that much to do it.
Nuke everyone with state/government hackers (Score:1)
Re: Nuke everyone with state/government hackers (Score:2)
Lol, dumbasses be like "Let's murder the murderer, because murdering is wrong!"
Call humanity, when you're past mental puberty, kid.
Re: (Score:2)
Unfortunately, all the countries with nukes have state/government hackers. They'd be nuking themselves.
OpenVPN (Score:2)
In the last 3 years with the 120+ cores that I manage the only time I have detected a hack was on an Ubuntu 16.04 system running OpenVPN. Somebody managed to force a bitcoin miner into it. I never learned what the exploit was but now I wonder if it is still there.
Try having a few honeypots. (Score:2)
That way you can study them... Give them something juicy to download and run on their box, outside of a honeypot/VM, and turn the game around. :)
Lol, Israeli... (Score:2)
I have no doubt in Iran's government trying such things. They're not nice people.
Just ... You mean an Israeli hacking firm that probably sold it to them in the first place or sees them as direct competition or worse. ;)
Aka as pot and kettle situation. Except both are actually latrines. And the shit is overflowing at the top.
funny.. (Score:2)
Is there a really safe VPN? (Score:1)
By "safe" I mean run by a financially stable company and uses opensource encryption that can be audited/verified?
Most seem to be fly by night companies that could evaporate at the flip of a switch.
Maybe ill just roll my own
Enough of this neocon cyber BS (Score:2)