Tag Archives: times

For Sale – MacBook Air (2017) 13-inch, Intel® Core™ i5, 8GB RAM, 128GB SSD

Been used a handful of times, can’t get my head around Mac OS sadly.

Pictures included below.

Looking for £670 plus whatever postage you want to do, with insurance. Collection also fine.

Price and currency: 670
Delivery: Delivery cost is not included
Payment method: Paypal
Location: Westcliff
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Amanda Rousseau on becoming a cybersecurity researcher

The relationship between law enforcement and the infosec community can be cordial and cooperative at times. But it can also be confrontational and divisive, as in the debate surrounding backdoors in strong encryption for lawful access or the arrest of cybersecurity researcher Marcus Hutchins on charges of creating and selling malware.

In this Q&A conducted at Black Hat USA 2018, Amanda Rousseau, senior security researcher at Endgame Inc., a cyber operations platform vendor based in Arlington, Va., explained why the term “hacker” is unhelpful and how cybersecurity researchers find their way from being a script kiddie to putting on the white, black or gray hat.

Editor’s note: This interview is part two of a Q&A with Amanda Rousseau, and it has been edited for clarity and length.

What is your take on the apparent tensions between the cybersecurity researcher community and law enforcement or the government? 

Amanda Rousseau: ‘Hackers’ is really a term for people that don’t know the industry. I don’t usually say ‘hacker,’ unless they don’t know what a security researcher is.

If I’m in my running group, and they ask me what I do for a living, I’m like, ‘Oh, I’m just an engineer — a security engineer.’ [And they ask,] ‘What’s that? It sounds boring.’ You know? 

But even people that started out as a black hat or a gray hat hacker when they’re young usually transition to white hat when they get older. Back in the day — like ’80s, ’90s — that was the case. You can probably find someone and ask them, ‘Hey, did you ever download off of Pirate Bay before?’ … And they’ll probably say, ‘Yeah.’

But now, because they have that knowledge, they are the white hats of today helping out law enforcement, because, now that they’re older, they know it’s bad. 

I mean, even with law enforcement, there’s a fine line between legal hacking and illegal hacking, right? 

What is the best way to explain to those outside the community the nuance that comes with being a cybersecurity researcher?

Amanda Rousseau, senior security researcher at Endgame Inc.Amanda Rousseau

Rousseau: I think that they’re marketing it wrong. They use Hollywood really heavily to show this cool hacker lifestyle. But there’s a whole other side to that. I see it in the military sense; I see it as my mission. It’s more like cyberwarfare to me — that it’s my duty to protect whoever I’m protecting from the digital threat. If you see it in a sense of being a protector or a blue-teamer, it’s much more approachable than the negative context of being a hacker, right? 

And ‘hacker,’ in the dictionary, it was considered as a negative term. But in reality, it’s someone who thinks outside the box, finds the bad thing and then tells people how to fix that. And it’s hard to explain that to people who are not in it. But I think if you explain it in military terms, it’s much more easy to consume.

If you’re going after someone’s assets, you want to protect those assets as the guard. But you have to actively monitor what’s going on and then fix it as you go. And that’s pretty much what we’re doing, [asking], ‘How can we think outside the box to protect ourselves?’ And, ‘Can we probe ourselves to make sure that we’re protected from ourselves, too?’ — which we call pen testing

With the military analogy, the defensive part is pretty easy to explain. But could you expand on the offensive pen-testing angle?

Rousseau: There [are] two sides of that spectrum of people doing the offensive work so that the bad guys don’t actually do it. And [there are] the people who are defending, [who] build those infrastructures to protect it. 

Somebody has to play the other side, but they can’t know anything about the other team. They have to figure it out during the exercise. And that’s where you evaluate whether or not your assets are protected, which we call ‘red versus blue.’

The analogy I like to use is my car analogy. You have a purse in your car or a bag, backpack, right? It’s out in the open; [the] bad guy sees it [and thinks], ‘I want that bag.’ He could just bust the window in and get it. And you’ll figure it out early, because the car alarm will go off, the window’s busted and your bag is stolen. So, you can immediately rectify the situation. 

But because the bad guys are learning and getting smarter, they’re finding stealthier ways to get the bag out of the car without you knowing about it. Say, they figured out how to open the door through the rearview mirror by messing with the switches and unlocking the door. And instead of just taking up the whole bag, what they do is they put in a decoy bag so that you think that nothing is wrong until you look inside and there’s nothing in there.

It’s similar to protecting your assets. How do you know someone’s in your network if they’re being sneaky about it? You have to bubble up all of these alerts and logs in order to respond to it. And respond to an alert that makes sense. 

In the Target breach, they didn’t know how to respond to the alert, because the alert was so vague that they didn’t do anything about it until it was too late. A lot of it comes in usability and scalability. Can I put it on 1,000 desktops? And can I manage it with one to two people? 

If you think about it, there are more people trying to attack you than you can defend. So, the whole science around all of these vendor tools and everything is trying to make those two guys’ — that are doing blue team — lives much easier in protecting a huge company.

What do you think when you see stories about something like the recently discovered Yale breach, where they didn’t realize that it happened for 10 years? 

Rousseau: That’s common. I’ve been in breaches where they didn’t know it was in there for six months. [The attackers] kept coming back in and stealing more, coming back in and stealing more. And they found out they came in from a previous breach, so there were multiple people in the same network stealing.

They thought that they were covered. Their internal team, they had these certain [security] tools, but they weren’t actively looking. When they did log analysis, they were manually printing them out and analyzing the logs one by one, thinking that they would catch something. But scaling-wise, you really can’t do that.

Even people that started out as a black hat or a gray hat hacker when they’re young usually transition to white hat when they get older.
Amanda Rousseausenior security researcher, Endgame

It comes down to data science to bubble up the things that are anomalies and are important. With all of these cloud servers and data all over the place, there’s so much information on the internet that you’ve got to be able to scale to that level. 

Even now, I’m having trouble going over just 1,000 samples an hour. I can’t make copies of myself. But I can make code that can do my job. 

There [are] not enough people in the industry that do these technical jobs. That’s why I try to give back to the reverse-engineering community as much as I can — doing workshops and talks like this and different code — because I know how hard it is. It took me forever to get to where I am. I didn’t have those types of resources growing up; I just had to sit there and figure it out. 

Even the trainings that people come out of the military with, or the DOD [Department of Defense], or law enforcement, they’re forced to get some trainings, but some of them are not up to par of today. I think Black Hat is probably the closest you’re going to get to training that people actually use. 

How do we scale training and education to create the next generation of cybersecurity researchers?

Rousseau: That’s a big question that I might not be able to solve.

Slowly, but surely. You look at how big this conference is now and how big DEFCON is and all the other conferences, how big RSA is. There [are] all these little tiny conferences spinning up, and we’re all sharing information, but we have to compete with all the other careers out there, like medicine and finance.

There are so many BSides out there that try to cater to people local in the area, like Minnesota, Chicago, the Midwest, pretty much. So, they’re trying, but the content has to be there, too. Everyone can do technical work, but not everyone can teach. That’s another thing.

If they don’t know their audience, it’s going to be intimidating to people, and they’re going to lose them through teaching it. That’s why you have to provide more opportunities for different learning styles. I’m a visual learner; if you don’t have slides up, I’m not going to absorb anything. Or, [some] people just like to listen; [some] people like to read.

It’s kind of a balance of who can actually learn the material, and who’s passionate about it. When I was young, I was going for art. And I didn’t know I would be really good in this field until I took a class. So, you never know what you’re good at until you actually try it. 

North Korea hacking threat still looms despite summit

Times may be changing for diplomatic relations between North Korea and the U.S., but the threat of North Korean hacking still looms.

This week’s summit between President Donald Trump and North Korean leader Kim Jong Un could lead to improved relations between the two countries and a possible denuclearization plan for North Korea. However, it’s unclear what impact, if any, the summit may have on nation-state cyberattacks coming from the country. According to various reports from the summit, the talks between Kim and Trump did not include any provisions concerning cyberattacks, and several cybersecurity companies have said there is evidence that North Korean hacking attacks may be ramping up this year.

Several notable cyberattacks have been attributed to the North Korean government in recent years, including the 2014 breach of Sony Pictures and last summer’s global WannayCry ransomware attacks. In addition, the FBI and the Department of Homeland Security recently issued a security advisory tying two well-known malware campaigns, Joanap and Brambul, to the North Korea hacking group Hidden Cobra, also known as Lazarus Group.

Priscilla Moriuchi, director of strategic threat development at Recorded Future, a threat intelligence provider based in Somerville, Mass., told SearchSecurity that while Kim’s regime wants to increase the country’s role in the international community, there’s no indication the government has curbed its hacking efforts.

In fact, she said there are signs that the opposite may be occurring.

“What we can say from looking at the data is that there are two stories: the data story, which shows us that North Korea increasingly cares about being monitored and watched, and that they are taking measures to hide their activity online; and the diplomacy story, where it’s telling the rest of the world that it’s ready to denuclearize and be more transparent,” Moriuchi said. “And the two stories just don’t match up.”

Recorded Future published research in April that showed a massive increase in anonymization of North Korean internet activity. “We conducted the research back in July, and we saw, for example, that less than 1% of all web browsing activity was anonymized — they didn’t even use HTTPS most of the time, let alone [virtual private networks (VPNs)],” she said, either because they didn’t care about hiding activity or because they didn’t know they could anonymize traffic. “But six months later, it was a completely different story — there was about a 12,000% increase in anonymization services and technology.”

Recorded Future issued another report last week detailing an increasingly large presence of U.S. technology in North Korean networks and usage by North Korean leadership, despite economic sanctions that prevent such trade. Moriuchi said North Korea has “professionalized sanctions evasion” over the last three-plus decades and found various ways to exploit weaknesses in U.S. export controls.

“We think this is a problem for two reasons. First, there are gaping holes in U.S. export control regime, and they’re being exploiting by this rogue nation,” she said. “Second, the U.S. government doesn’t want U.S. technology being used in cyberattacks from North Korea to harm businesses and government agencies.”

If Kim agrees to a denuclearization plan, there may be less incentive for the government to drops its hacking operations. Ross Rustici, senior director of intelligence services at Boston-based threat detection vendor Cybereason, believes North Korea’s hacking operations are a crucial bargaining chip for Kim and also present a unique threat to the Trump administration.

“North Korea currently lacks many options to force the U.S. into working inside a START [Strategic Arms Reduction Treaty] framework. Almost all of its military and foreign policy capabilities are defensive at this point,” Rustici wrote in a research post last month, prior to the summit. “The one exception is its cyberprogram. And, unfortunately, this is one domain where North Korea can impact the Trump brand in a way that it could not against any other President.”

Several vendors have reported increased sophistication and capabilities from suspected North Korean hacking groups this year. For example, Dragos Inc., a security firm based in Hanover, Md., that specializes in industrial control systems (ICS), published a threat report on a group it calls Covellite, which the company said uses malware and infrastructure similar to Hidden Cobra.

Dragos noted that Covellite, which had targeted U.S. organizations in the past, had recently abandoned North American companies and focused its attacks on European and Asian companies. Dragos also said that while Covellite lacks ICS-specific capabilities at this time, the group’s “rapidly improving capabilities, and history of aggressive targeting” made it a primary threat to the ICS industry.  

In addition to Hidden Cobra, FireEye earlier this year reported that another North Korean hacking group known as APT37 had demonstrated increased capabilities, including the use of an Adobe Flash zero-day vulnerability in attacks on South Korean targets. “Our analysis of APT37’s recent activity reveals that the group’s operations are expanding in scope and sophistication, with a toolset that includes access to zero-day vulnerabilities and wiper malware,” FireEye wrote, adding it has “high confidence” that the group is working on behalf of the North Korean government.

For Sale – HP ProBook 430 G4 – i5 7200u / 4GB DDR4 / 128GB SSD / 13.3″ display

I have a nearly new HP ProBook 430 G4 laptop for sale – only been turned on a few times. I have updated to latest version of Windows 10 Pro and installed Office 2016. Comes with Intel Core i5-7200u 3.1GHz cpu, 4GB DDR4 (spare slot), 500GB hard drive, Wireless AC network adapter, Fingerprint reader and 13.3″ HD display. UK keyboard and HP 45W power adapter. Comes in original box – warranty until October 2019 – like new cosmetic condition. Cash on collection available from Hampstead or Moorgate/Liverpool Street area.

Full specifications:

HP ProBook 430 G4 Notebook PC – Specifications | HP® Customer Support

Intel Core i5-7200U – turbo to 3.1GHz
Intel HD620 graphics
13.3″ HD display
4GB 2133MHz DDR4 memory (1 spare slot)
HDMI and VGA video outputs
USB Type-C port
USB 3.0 port
USB 2.0 port (power port)
Intel Gigabit Ethernet
Intel 7265 dual band Wireless AC + Bluetooth 4.2
HP 3-cell, Long Life 48 WHr Li-ion battery
UK keyboard
SD card slot (SDHC / SDXC)
Headphone/microphone combo
Webcam
Fingerprint reader
Weight: 1.49Kg

Choice of hard drives:
128GB SanDisk 2.5″ SSD or
500GB WD SATA 7200rpm hard drive (original drive) or
500GB Seagate SSHD 5400rpm hybrid drive
There is also a spare M.2 SSD slot

Windows 10 Pro installed with digital licence
Office 2016 Professional Plus with licence
HP warranty until 30/10/2019

Price and currency: 380
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – HP ProBook 430 G4 – i5 7200u / 4GB DDR4 / 128GB SSD / 13.3″ display

I have a nearly new HP ProBook 430 G4 laptop for sale – only been turned on a few times. I have updated to latest version of Windows 10 Pro and installed Office 2016. Comes with Intel Core i5-7200u 3.1GHz cpu, 4GB DDR4 (spare slot), 500GB hard drive, Wireless AC network adapter, Fingerprint reader and 13.3″ HD display. UK keyboard and HP 45W power adapter. Comes in original box – warranty until October 2019 – like new cosmetic condition. Cash on collection available from Hampstead or Moorgate/Liverpool Street area.

Full specifications:

HP ProBook 430 G4 Notebook PC – Specifications | HP® Customer Support

Intel Core i5-7200U – turbo to 3.1GHz
Intel HD620 graphics
13.3″ HD display
4GB 2133MHz DDR4 memory (1 spare slot)
HDMI and VGA video outputs
USB Type-C port
USB 3.0 port
USB 2.0 port (power port)
Intel Gigabit Ethernet
Intel 7265 dual band Wireless AC + Bluetooth 4.2
HP 3-cell, Long Life 48 WHr Li-ion battery
UK keyboard
SD card slot (SDHC / SDXC)
Headphone/microphone combo
Webcam
Fingerprint reader
Weight: 1.49Kg

Choice of hard drives:
128GB SanDisk 2.5″ SSD or
500GB WD SATA 7200rpm hard drive (original drive) or
500GB Seagate SSHD 5400rpm hybrid drive
There is also a spare M.2 SSD slot

Windows 10 Pro installed with digital licence
Office 2016 Professional Plus with licence
HP warranty until 30/10/2019

Price and currency: 380
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – HP ProBook 430 G4 – i5 7200u / 4GB DDR4 / 500GB HDD / 13.3″ display

I have a nearly new HP ProBook 430 G4 laptop for sale – only been turned on a few times. I have updated to latest version of Windows 10 Pro and installed Office 2016. Comes with Intel Core i5-7200u 3.1GHz cpu, 4GB DDR4 (spare slot), 500GB hard drive, Wireless AC network adapter, Fingerprint reader and 13.3″ HD display. UK keyboard and HP 45W power adapter. Comes in original box – warranty until October 2019 – like new cosmetic condition. Cash on collection available from Hampstead or Moorgate/Liverpool Street area.

Full specifications:

HP ProBook 430 G4 Notebook PC – Specifications | HP® Customer Support

Intel Core i5-7200U – turbo to 3.1GHz
Intel HD620 graphics
13.3″ HD display
4GB 2133MHz DDR4 memory (1 spare slot)
500GB WD SATA 7200rpm hard drive (spare M.2 SSD slot)
HDMI and VGA video outputs
USB Type-C port
USB 3.0 port
USB 2.0 port (power port)
Intel Gigabit Ethernet
Intel 7265 dual band Wireless AC + Bluetooth 4.2
HP 3-cell, Long Life 48 WHr Li-ion battery
UK keyboard
SD card slot (SDHC / SDXC)
Headphone/microphone combo
Webcam
Fingerprint reader
Weight: 1.49Kg

Windows 10 Pro installed with digital licence
Office 2016 Professional Plus with licence
HP warranty until 30/10/2019

Price and currency: 380
Delivery: Delivery cost is included within my country
Payment method: BT or PPG
Location: London
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.