The following supporting documents comprise the design and development "cook book" of the CDS embedded device technology:
Cloud/Virtualization Technology Problems/Issues
Published McAfee 2016 Threat Predictions – Communications Obfuscation
Virtualization, like any technology, provides security benefits and weaknesses. Although it isolates and protects virtualservers and applications, it can also make lateral movement harder to detect.And how do you accurately track and attribute an attack, with all of the obfuscation possible with clouds and virtualization?
Honeypot Technology Problems/Issues
Published 2015 SANS – A Guide to various flavors of honeypots
While the concept of baiting adversaries in order to monitor their activities is nothing new, honeypotting has evolved into a critical tool in information security analysis. Recent years have given rise to advances in the detection of network intrusions such as honeynets, honeytokens and adaptive honeypots
Published August 3, 2015 Breaking Honeypots For Fun And Profit – Black Hat Conference 2015
The thing is, one of the main tools of the trade -- the honeypot at its current technology level – is simply not up to scratch. It can detect automatic malware infections, but not much else. For example, let’s say you are successful, and you managed to lead the attacker to your honeypot (which is an interesting discussion by itself), you’d then expect to be (a) alerted, and (b) for forensic data to be generated out of the attack.But there is an operational challenge at hand: what if the attackers can easily detect that your decoy, the sensor in your deception platform, is not a real machine? http://www.darkreading.com/attacks-breaches/breaking-honeypots-for-fun-and-profit/a/d-id/1321568
Shodan Hacking Tool - To detect the location of all honeypots
The defining characteristics of known honeypots were extracted and used to create a tool to let you identify honeypots!
Nmap Publishes How To Evade Firewalls, Etc
Quote from Nmap website:
Occasionally people suggest that Nmap should not offer features for evading firewall rules or sneaking past IDSs. They argue that these features are just as likely to be misused by attackers as used by administrators to enhance security. The problem with this logic Is that these methods would still be used by attackers, who would just find other tools or patch the functionality into Nmap.
Published 24 October 2015, Entitled:
TalkTalk cyber attack: Hacking tools open up crime to anyone
The growth of the market in hacking tools has allowed a new broad base
of 'unskilled, entry-level' cyber criminals
Published March 16, 2016 by FoxNews.com
Top DOJ prosecutor: ISIS 'actively' seeking cyberattack tools
the Islamic State is “actively attempting” to possess destructive cyber attack capabilities, adding that the group is intent on causing major damage via cyber means.
Published: 30 Jun 2016
Hackers: Ditch the malware, we're in... Just act like a normal network admin. *Whistles* Nmap in hand, they're soon working pwned systems like a boss – study
Hackers almost exclusively use standard network admin tools to move around a compromised network once they’ve broken in using malware or other hacking techniques.
Published April 3, 2016 - U.S. Infrastructure Can Be Hacked With Google, Simple Passwords
the dam hack is significant because prosecutors say it's the first time a simple, search engine-
driven hack of a piece of U.S. infrastructure has surfaced as the tool of choice.
Passive Intelligence Gathering
Published September 10, 2015
Intelligence Chief: OPM Hack Was Not a ‘Cyberattack’
Data was “simply stolen,” he said. “That's a passive intelligence collection activity -- just as we do," Clapper added.
Published February 8, 2016
DHS and FBI Hacked
The U.S. Department of Homeland Security and the FBI said Monday that they are dealing with hackers who somehow obtained personnel data on thousands of staff employees Homeland Security officials said they have no evidence that there was any breach of sensitive or personally identifiable information.
Monday night in Washington, both the FBI and Homeland Security officials acknowledge that they are looking into the "unauthorized access of a system ... containing employee contact information."
Published August 18, 2016
Security Experts Agree: The NSA Was Hacked
Analysis of the software tools made available by the Shadow Brokers suggests that they’re the real deal.
Fileless Attacks, Stealing Credentials, New Malware
Published McAfee 2016 Threat Predictions – Fileless attacks, etc
Malware is still very popular and growing, but the past year has marked the beginnings of a significant shift toward new threats that are more difficult to detect, including fileless attacks, exploits of remote shell and remote control protocols, encrypted infiltrations, and credential theft.
Published McAfee 2016 Threat Predictions – Steal User Credentials, etc
In other cases, attackers will work to steal user credentials so that they can legitimately use these protocols, which is even harder to catch.
Published April 13th 2016
Ransomware cyber-hack can install without clicking on infected link
An unusual strain of virus-like hacker software that exploits computer server vulnerabilities has been found, according to Cisco Systems.
Published: 16 March 2017
Title: Fileless Malware Campaigns Tied to Same Attacker
Source: Michael Mimoso, ThreatPost (Kaspersky Lab blog)
Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group.
“There is a high level of probability that we have attributed a whole bunch of attacks across the globe to one actor and this platform,” Dotan said."