SoylentNews is people
SoylentNews
Dan Goodin of Ars Technica writes about a newly-discovered hacking platform recently revealed by Kaspersky.
They are labeling the operators 'Equation Group,' and multiple zero-day exploits in the malware kit appear to be related to those which were used by Stuxnet to hack Iran's Natanz nuclear facility in 2010. It is by far the most advanced malware ever discovered, going so far as to flash malicious firmware on the hard disks of no fewer than 12 vendors. Much of the malware was distributed through usual channels such as Java vulnerabilities or ad networks, but it was even found on CDs which were mailed to attendees of a conference in Houston in 2009 which were intercepted and modified to deliver the malicious payload.
The sophistication of the operations and the malware itself leave little doubt that Equation Group is is a state-sponsored organization. The scariest part of it might be that the operation is over 14 years old and unfortunately, much of the malware is yet to be reverse-engineered. Kaspersky has been reaching out to white hats for further assistance in determining the nature and capabilities of the software.
(Score: 0) by Anonymous Coward on Tuesday February 17 2015, @08:51PM
Seems to be happening more often of late. http://i.imgur.com/pzTl0j1.png%22%20alt=%22Commercial%20Photography%22%3E%3C/a%3E [imgur.com]
(Score: 0) by Anonymous Coward on Tuesday February 17 2015, @10:06PM
That seems to be because the site is loading http://stats.soylentnews.org/piwik/piwik.php?idsite=1 [soylentnews.org] from a non-https URL. Assuming the soylentnews.org HTTPS private key hasn't been leaked, that soylentnews.org isn't using a vulnerable TLS implementation, and RSA hasn't been cracked, your HTTPS connection is still secure. Only that single-pixel image is loaded insecurely - so an MITM attacker could, for example, replace it with goatse and get your HTTP cookies (but not cookies restricted to HTTPS).