Paul Roberts

Verizon: Hacktivists Steal Most Data In 2011

It can be hard to parse the results of the Verizon Data Breach Investigation Report (DBIR), what with the shifts from year to year in the sources of breach data collected. Last year’s report, if you recall, found a stunning drop in incidents of data theft in 2010, even as tracking sites like Datalossdb.org reported no noticeable change that year.Frankly, it’s hard to read the DBIR and not have the term “sample bias” float into your head time and again. But the DBIR report has always been a good way to understand the security Zeitgeist, and this year’s report is no different, with more normal-seeming results and a focus on the actions of ideologically motivated hacking groups which, Verizon claims, were linked to 58% of all the data stolen from customers in 2011.

New Trojan For Mac Used In Attacks On Tibetan NGOs

The security firm Alienvault reports that its own research on phishing attacks against non governmental organizations supporting the Tibetan Government in Exile is now being used as bait in a new round of phishing attacks on those same NGOs.

HBGary’s Greg Hoglund: The Art Of RAT Hunting In the Enterprise

Threatpost spent much of the last year chasing after Greg Hoglund, the founder and CEO of HB Gary. First, it was to get his reaction to the bruising encounter his firm had with the hacking group Anonymous. Then it was an endless series of requests on the aftermath of that hack, including the departure of HBGary Federal CEO Aaron Barr, and the company’s decision to pull out of the RSA Conference in 2011. When Greg finally did speak out it wasn’t to us.So we were happy when Hoglund, whose firm was recently acquired by the company Mantech International Corp., agreed to speak at the Kaspersky Lab Security Analysts’ Summit in Cancun, Mexico in February. His talk there on “Lateral Movement and Other APT Interaction Patterns Within the Enterprise” reinforced Hoglund’s reputation as one of the top experts on malicious code.Threatpost editor Paul Roberts caught up with Hoglund after the speech. And, while Anonymous and HBGary Federal were not up for discussion on the record, Hoglund offered some great insights into the delicate art of tracking down remote access trojans (or RATs) after they have a foothold in your network, as well as the mistakes companies make in trying to prevent and respond to security incidents.


Microsoft said that it has not seen any evidence that hackers have figured out a way to take advantage of a critical vulnerability in the Windows Remote Desktop Protocol (RDP) that the company disclosed and patched on Tuesday. The statement comes in the wake of unconfirmed reports of working exploits for the RDP hole circulating online on Thursday. 

A new Ubuntu Linux distribution is being marketed as “Anonymous-OS” and comes pre-loaded with tools for hacking and protecting anonymity online. However, it is unclear whether the new operating system was created by the anarchic hacking group, or even has its endorsement.

When the long arm of the law reached in to arrest members of Anonymous’s senior leadership on Tuesday, speculation immediately turned to the identities of the six men behind the Guy Fawkes mask. With the benefit of hindsight, it turns out that many had been hiding in plain site, with day jobs, burgeoning online lives and – for those who knew where to look – plenty of clues about their extra curricular activities on behalf of the world’s most famous hacking crew.