Eset's report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims' computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads.
Read the rest
In an amazing, long, in-depth investigative piece, Wired's Andy Greenberg recounts the story of North Korean dissidents who have escaped, but who mastermind ambitious smuggling efforts that send thousands of USB sticks and SD cards over the border stuffed with pirate media: Read the rest
Buzzing around the internet this week: Polish security researcher and professor Wojciech Mazurczyk
(left) claims to be developing a way to hide secret, un-eavesdroppable messages in "silent" packets transmitted within Skype conversations
. He and his team plan to present SkypeHide at a steganography conference in Montpellier, France, this coming June. VentureBeat has a writeup here
. The ease with which Skype can be snooped by law enforcement is well-known
. I'll be interested to hear what other security researchers make of Mazurczyk's project, when and if it is eventually released. Read the rest
A new rev of the Great Firewall of China seeks out VPN connections (including, I assume, connections over The Onion Router) and terminates them. Only companies who register official VPNs with the Chinese government will be able to run them without interference. Registration is only available to Chinese companies, and I'll bet it involves escrowing your keys with the Chinese net-cops so they can spy on it.
Users in China suspected in May 2011 that the government there was trying to disrupt VPN use, and now VPN providers have begun to notice the effects.
Astrill, a VPN provider for users inside and outside China, has emailed its users to warn them that the "Great Firewall" system is blocking at least four of the common protocols used by VPNs, which means that they don't function. "This GFW update makes a lot of harm to business in China," the email says. "We believe [the] China censorship minister is a smart man … and this blockage will be removed and things will go back to normal."
But the company added that trying to stay ahead of the censors is a "cat-and-mouse game" – although it is working on a new system that it hopes will let it stay ahead of the detection system.
China tightens 'Great Firewall' internet control with new technology [Charles Arthur/The Guardian]
Read the rest