Kübersõda ja häkkimine
Re: Kübersõda ja häkkimine
Saksamaal sattus rünnaku alla Oiltanking firma IT süsteemid. Maailma üks suurimaid kütusemahutite pakkuja sattus küberrünnaku alla ja selle IT süsteemid on maas.
In Germany, a part of its energy infrastructure appears to have been the target of a major cyber attack. All of Oiltanking's loading and unloading systems are paralyzed. It is one of the largest independent providers of tank space for mineral oils, chemicals and gases worldwide.
https://twitter.com/ALanoszka/status/14 ... 4827386887
In Germany, a part of its energy infrastructure appears to have been the target of a major cyber attack. All of Oiltanking's loading and unloading systems are paralyzed. It is one of the largest independent providers of tank space for mineral oils, chemicals and gases worldwide.
https://twitter.com/ALanoszka/status/14 ... 4827386887
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Järgmised Euroopa energiasüsteemis olulised kütuseterminalifirmad paugu saanud
European fuel terminals halted by ‘IT Issues’ amid German hack - numerous terminals in Amsterdam, Rotterdam and Antwerp have been impacted.
https://twitter.com/akihheikkinen/statu ... 7935493122
EDIT 02.02.2022-vähemalt 6 suurt kütuseterminali suurtes probleemides
"At least six oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) refining hub are having difficulty loading and unloading refined product cargoes, owing to a broad cyberattack on European oil terminals that began on 29 January."
https://twitter.com/vpkivimaki/status/1 ... 2875189266
Kokku vähemalt 17 terminali hädas
More on the cyberattack: At least 6 oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) refining hub are having difficulty loading and unloading refined product cargoes ... This adds to the 11 sites affected in Germany.
https://twitter.com/akihheikkinen/statu ... 9243267073
European fuel terminals halted by ‘IT Issues’ amid German hack - numerous terminals in Amsterdam, Rotterdam and Antwerp have been impacted.
https://twitter.com/akihheikkinen/statu ... 7935493122
EDIT 02.02.2022-vähemalt 6 suurt kütuseterminali suurtes probleemides
"At least six oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) refining hub are having difficulty loading and unloading refined product cargoes, owing to a broad cyberattack on European oil terminals that began on 29 January."
https://twitter.com/vpkivimaki/status/1 ... 2875189266
Kokku vähemalt 17 terminali hädas
More on the cyberattack: At least 6 oil storage terminals in the Amsterdam-Rotterdam-Antwerp (ARA) refining hub are having difficulty loading and unloading refined product cargoes ... This adds to the 11 sites affected in Germany.
https://twitter.com/akihheikkinen/statu ... 9243267073
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Tundub, et suunatud rünnak Lääne-Euroopa energiainfrastruktuuri vastu - Saksamaa, Belgia ja Holland tule all.
Juba kirjutatakse, et tõenäoliselt venelased asja taga:
https://time.com/6145144/ransomware-ger ... e-hackers/
Samal ajal natuke lõbusamaid uudiseid kah. Väidetavalt suutis üks vihaseks aetud häkker terve Põhja-Korea interneti umbe tõmmata. Kusjuures igasugused interneti petu- ja lunarahaskeemid on PK-le suht oluliseks sissetulekuallikaks.
https://www.businessinsider.com/lone-ha ... net-2022-2
Juba kirjutatakse, et tõenäoliselt venelased asja taga:
https://time.com/6145144/ransomware-ger ... e-hackers/
Samal ajal natuke lõbusamaid uudiseid kah. Väidetavalt suutis üks vihaseks aetud häkker terve Põhja-Korea interneti umbe tõmmata. Kusjuures igasugused interneti petu- ja lunarahaskeemid on PK-le suht oluliseks sissetulekuallikaks.
https://www.businessinsider.com/lone-ha ... net-2022-2
Re: Kübersõda ja häkkimine
Arvatavalt läheb see ka siia. Venemaal suur sidekatkestus.
Big Russian network outage. Telegram and WhatsApp down.
Major failure in Russian networks. Telecom operators and websites down, some foreign websites inaccessible
https://russia.liveuamap.com/en/2022/4- ... -operators
Big Russian network outage. Telegram and WhatsApp down.
Major failure in Russian networks. Telecom operators and websites down, some foreign websites inaccessible
https://russia.liveuamap.com/en/2022/4- ... -operators
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Küberrünnak võttis maha Portugali Vodafone 4G, 5G võrgu ja selle TV teenused. 3G suudeti püsti hoida.
Cyberattack brings down Vodafone Portugal mobile, voice, and TV services
https://twitter.com/OlgaNYC1211/status/ ... 4639440897
Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following “a deliberate and malicious cyberattack intended to cause damage and disruption.”
The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS, and voice/digital answering services are still offline following the attack.
“We have already recovered mobile voice services and mobile data services are available exclusively on the 3G network in almost the entire country but, unfortunately, the scale and seriousness of the criminal act to which we were subjected implies careful and prolonged work for all other services,” the company said in a statement published earlier today.
https://therecord.media/cyberattack-bri ... -services/
Euroopa ja USA pankadele anti soovitus valmistuda Venemaa poolseteks küberrünnakuteks
European, U.S. regulators tell banks to prepare for Russian cyberattack threat. Part of Russia’s destabilizing tactics that will continue to increase along w domestic division and destabilizing operations. The Kremlin should have already been sanctioned
https://www.reuters.com/markets/europe/ ... 022-02-09/
Cyberattack brings down Vodafone Portugal mobile, voice, and TV services
https://twitter.com/OlgaNYC1211/status/ ... 4639440897
Vodafone Portugal said today that a large chunk of its customer data services went offline overnight following “a deliberate and malicious cyberattack intended to cause damage and disruption.”
The company’s 4G and 5G mobile networks, along with fixed voice, television, SMS, and voice/digital answering services are still offline following the attack.
“We have already recovered mobile voice services and mobile data services are available exclusively on the 3G network in almost the entire country but, unfortunately, the scale and seriousness of the criminal act to which we were subjected implies careful and prolonged work for all other services,” the company said in a statement published earlier today.
https://therecord.media/cyberattack-bri ... -services/
Euroopa ja USA pankadele anti soovitus valmistuda Venemaa poolseteks küberrünnakuteks
European, U.S. regulators tell banks to prepare for Russian cyberattack threat. Part of Russia’s destabilizing tactics that will continue to increase along w domestic division and destabilizing operations. The Kremlin should have already been sanctioned
https://www.reuters.com/markets/europe/ ... 022-02-09/
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
USA energiafirmad on tegelemas viimastel päevadel tõsisema küberrünnakute lainega
Two independent sources claim US utilities companies are placed on high alert, following peaks of malware deployment at many of them in the last days. Expectation is for simultaneous muscle-flexing cyber attacks on US companies.
https://twitter.com/i/web/status/1492236481448005636
Two independent sources claim US utilities companies are placed on high alert, following peaks of malware deployment at many of them in the last days. Expectation is for simultaneous muscle-flexing cyber attacks on US companies.
https://twitter.com/i/web/status/1492236481448005636
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Ukrainat tabanud küberrünnakute(DDoS rünnak), oli riigi ajaloo suurim.
Ukraine suffered the largest denial of service cyber attack in its history this week, the country's deputy prime minister has said.
https://twitter.com/haynesdeborah/statu ... 5522953217
The DDoS attack on Ukraine is performed by a Mirai botnet with its Command and Control server located in the Netherlands.
https://twitter.com/UID_/status/1493929288441208836
Vene häkkerid saanud mitu aastat USA kaitsetööstuse firmade alltöövõtjate IT süsteemidest, USA relvastuse arengusuundadest ja jaotusest.
Russian government-backed hackers have managed to acquire sensitive information on the development and deployment of US weapons by breaching American defense contractors over the last two years- US security agencies
https://twitter.com/OlgaNYC1211/status/ ... 0481605634
Ukraine suffered the largest denial of service cyber attack in its history this week, the country's deputy prime minister has said.
https://twitter.com/haynesdeborah/statu ... 5522953217
The DDoS attack on Ukraine is performed by a Mirai botnet with its Command and Control server located in the Netherlands.
https://twitter.com/UID_/status/1493929288441208836
Vene häkkerid saanud mitu aastat USA kaitsetööstuse firmade alltöövõtjate IT süsteemidest, USA relvastuse arengusuundadest ja jaotusest.
Russian government-backed hackers have managed to acquire sensitive information on the development and deployment of US weapons by breaching American defense contractors over the last two years- US security agencies
https://twitter.com/OlgaNYC1211/status/ ... 0481605634
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Ukraina IT süsteemidest leiti uut malwaret, mis on süsteemides sees olnud ca 2 kuud.
ESETResearch discovered a new data wiper malware used in Ukraine today. ESET telemetry shows that it was installed on hundreds of machines in the country. This follows the DDoS attacks against several Ukrainian websites earlier today. We observed the first sample today around 14h52 UTC / 16h52 local time. The PE compilation timestamp of one of the sample is 2021-12-28, suggesting that the attack might have been in preparation for almost two months. The Wiper binary is signed using a code signing certificate issued to Hermetica Digital Ltd. The wiper abuses legitimate drivers from the EaseUS Partition Master software in order to corrupt data. As a final step the wiper reboot computer. In one of the targeted organizations, the wiper was dropped via the default (domain policy) GPO meaning that attackers had likely taken control of the Active Directory server. This is a developing story and we will be making updates as we discover new data points.
IoC:
912342F1C840A42F6B74132F8A7C4FFE7D40FB77
61B25D11392172E587D8DA3045812A66C3385451
Win32/KillDisk.NCV trojan
https://twitter.com/ESETresearch/status ... 6367151115
ESETResearch discovered a new data wiper malware used in Ukraine today. ESET telemetry shows that it was installed on hundreds of machines in the country. This follows the DDoS attacks against several Ukrainian websites earlier today. We observed the first sample today around 14h52 UTC / 16h52 local time. The PE compilation timestamp of one of the sample is 2021-12-28, suggesting that the attack might have been in preparation for almost two months. The Wiper binary is signed using a code signing certificate issued to Hermetica Digital Ltd. The wiper abuses legitimate drivers from the EaseUS Partition Master software in order to corrupt data. As a final step the wiper reboot computer. In one of the targeted organizations, the wiper was dropped via the default (domain policy) GPO meaning that attackers had likely taken control of the Active Directory server. This is a developing story and we will be making updates as we discover new data points.
IoC:
912342F1C840A42F6B74132F8A7C4FFE7D40FB77
61B25D11392172E587D8DA3045812A66C3385451
Win32/KillDisk.NCV trojan
https://twitter.com/ESETresearch/status ... 6367151115
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Ukrainas avastatud malware on levimas nii Lätis, kui Leedus. Rünnaku suund on valitsuse heaks töötavad firmad ja finantsasutused. Sellest kirjutavad nii ESET, kui Symantec.
A new form of disk-wiping malware (Trojan.Killdisk) was used to attack organizations in Ukraine shortly before the launch of a Russian invasion this morning (February 24). Symantec, a division of Broadcom Software, has also found evidence of wiper attacks against machines in Lithuania. Sectors targeted included organizations in the financial, defense, aviation, and IT services sectors.
Trojan.Killdisk comes in the form of an executable file, which is signed by a certificate issued to Hermetica Digital Ltd. It contains 32-bit and 64-bit driver files which are compressed by the Lempel-Ziv algorithm stored in their resource section. The driver files are signed by a certificate issued to EaseUS Partition Master. The malware will drop the corresponding file according to the operating system (OS) version of the infected system. Driver file names are generated using the Process ID of the wiper
Once run, the wiper will damage the Master Boot Record (MBR) of the infected computer, rendering it inoperable. The wiper does not appear to have any additional functionality beyond its destructive capabilities.
https://symantec-enterprise-blogs.secur ... are-russia
A new form of disk-wiping malware (Trojan.Killdisk) was used to attack organizations in Ukraine shortly before the launch of a Russian invasion this morning (February 24). Symantec, a division of Broadcom Software, has also found evidence of wiper attacks against machines in Lithuania. Sectors targeted included organizations in the financial, defense, aviation, and IT services sectors.
Trojan.Killdisk comes in the form of an executable file, which is signed by a certificate issued to Hermetica Digital Ltd. It contains 32-bit and 64-bit driver files which are compressed by the Lempel-Ziv algorithm stored in their resource section. The driver files are signed by a certificate issued to EaseUS Partition Master. The malware will drop the corresponding file according to the operating system (OS) version of the infected system. Driver file names are generated using the Process ID of the wiper
Once run, the wiper will damage the Master Boot Record (MBR) of the infected computer, rendering it inoperable. The wiper does not appear to have any additional functionality beyond its destructive capabilities.
https://symantec-enterprise-blogs.secur ... are-russia
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Vene-Ukraina sõda
PaganHorde kirjutas:Peaks ka hakkama venemaa väikse tähega kirjutama.
Mina juba kirjutangi. Selle nädala algusest. Ja ta ei saa suurt algustähte tagasi enne, kui on normaalne riik.
Re: Vene-Ukraina sõda
Sekeldaja kirjutas:PaganHorde kirjutas:Peaks ka hakkama venemaa väikse tähega kirjutama.
Mina juba kirjutangi. Selle nädala algusest. Ja ta ei saa suurt algustähte tagasi enne, kui on normaalne riik.
Või siis Mordor
Re: Kübersõda ja häkkimine
Valgevene raudtee sisevõrk on kummuli-kõik IT süsteemid on maas.
The internal network of the Belarusian Railways has been attacked, all services are out of order.
https://twitter.com/MotolkoHelp/status/ ... 5663320069
Belarusian railway switched to manual mode of operation.
Neman control point is disabled. The software does not work.
There is information that the Minsk and Orsha knots are paralyzed.
As a result of the special operation as part of the Peramoha plan, signaling, centralization and blocking devices, Belarusian Railways contact network were physically damaged.
Some of the equipment is beyond repair. Traffic was paralyzed on several sections of the railway.
“The actions were carried out in solidarity with the Ukrainian people and to provide them with effective assistance in the war against the Russian aggressor,” BYPOL said.
https://twitter.com/MotolkoHelp/status/ ... 1647081475
The internal network of the Belarusian Railways has been attacked, all services are out of order.
https://twitter.com/MotolkoHelp/status/ ... 5663320069
Belarusian railway switched to manual mode of operation.
Neman control point is disabled. The software does not work.
There is information that the Minsk and Orsha knots are paralyzed.
As a result of the special operation as part of the Peramoha plan, signaling, centralization and blocking devices, Belarusian Railways contact network were physically damaged.
Some of the equipment is beyond repair. Traffic was paralyzed on several sections of the railway.
“The actions were carried out in solidarity with the Ukrainian people and to provide them with effective assistance in the war against the Russian aggressor,” BYPOL said.
https://twitter.com/MotolkoHelp/status/ ... 1647081475
Viimati muutis ruger, 27 Veebr, 2022 19:54, muudetud 1 kord kokku.
Ainus, mida me ajaloost õpime, on see, et keegi ei õpi ajaloost midagi.
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Live for nothing or die for something.
Kui esimene kuul kõrvust mõõda lendab, tuleb vastu lasta.
EA, EU, EH
Re: Kübersõda ja häkkimine
Vene saitide DDOS-misel tasuks enne ikka üle kontrollida, et tegu on vene saitidega. Näiteks veel mõni aeg tagasi mõnede poolt siia foorumile ohtralt tassitud topwar.ru lehele tehes
$ traceroute topwar.ru saan ma enda kodust sellise info:
Õpetussõnad on siinkohal tavalised - kui ei ole spetsialist ja ei tea, mida sa teed, kuula alati pädevate inimeste soovitusi kontrollitud infokanalitest.
$ traceroute topwar.ru saan ma enda kodust sellise info:
Ma ei ole küll kindel, et sellistele saitidele DDOS tegemine hea mõte on.[...]
5 s-bb3-link.ip.twelve99.net (62.115.119.158) 22.075 ms tln-b4-link.ip.twelve99.net (80.91.248.149) 8.674 ms s-bb3-link.ip.twelve99.net (62.115.119.158) 22.261 ms
6 tln-b4-link.ip.twelve99.net (62.115.138.221) 15.872 ms 15.475 ms 15.723 ms
7 riga-b2-link.ip.twelve99.net (62.115.115.42) 20.796 ms cloudflare-ic333274-riga-b2.ip.twelve99-cust.net (195.12.254.187) 13.276 ms riga-b2-link.ip.twelve99.net (62.115.115.42) 20.690 ms
8 104.26.1.153 (104.26.1.153) 12.994 ms cloudflare-ic333274-riga-b2.ip.twelve99-cust.net (195.12.254.187) 21.575 ms 21.618 ms
Õpetussõnad on siinkohal tavalised - kui ei ole spetsialist ja ei tea, mida sa teed, kuula alati pädevate inimeste soovitusi kontrollitud infokanalitest.
Re: Kübersõda ja häkkimine
Akf PaganHorde soovil, kes esimesena postitas, on küberpartisanide tööriist eemaldatud.
Miks Venemaa Ukrainas sõdib?
Kas Ukraina kaotab?
2015 jaanuari pealetung
Karmi käega valitsus Ukrainale?
Islamiterroristide hord tuleb?
Moskva jaoks ei võimutse separatistid mitte Donetskis ega Luganskis, vaid Kiievis.
Kas Ukraina kaotab?
2015 jaanuari pealetung
Karmi käega valitsus Ukrainale?
Islamiterroristide hord tuleb?
Moskva jaoks ei võimutse separatistid mitte Donetskis ega Luganskis, vaid Kiievis.
Kes on foorumil
Kasutajad foorumit lugemas: Registreeritud kasutajaid pole ja 0 külalist