m7c1

In this tutorial, we'll cover how to create an encrypted container on Linux.  We'll also cover how to integrate its use into your environment.  You can think of this space as a safe, which you can open, store things in or read things from, and then close again.  Additionally, some of the techniques used to do this are generally quite valuable.  Among them are the ability to create files of arbitrary sizes, and create links that allow arbitrary scripts to be run as you would any other installed program.

Last time we visited this topic, we made use of a large buffer to place our shellcode in the process' memory.  This time, we don't have such a large buffer, and so won't be able to simply inject the code we want to execute via the program's input.  Instead, we'll place our shellcode in an environment variable.

On the night of April 27th 2007, a statue was removed from a busy intersection in the middle of the Estonian capital of Tallinn, and relocated to a military cemetery a short distance away.  Beneath the statue were the graves of a number of Red Army soldiers who perished in World War II.  The incident touched off several days of riots in Tallinn, and sparked what later became known as 'Cyber War I’.^[1]  Though for all intents and purposes the relocation of the statue was a classically political move, several factors specific to Estonia and the era made it unique.  We’ll first consider the classical elements, and then unique features, and finally interpret it in terms of securitization.

Apache makes it easy to quickly setup username and password authentication using htaccess.  In this tutorial, we'll cover the basics of enabling authentication for any directory that Apache is serving.  In this example, we'll create and lock a new folder.

On December 23rd, 2015, nearly a quarter-million Ukrainians unexpectedly lost power.²²⁶  In the aftermath of what is thought to be the first wide-spread attack on power infrastructure, US investigators determined that the same BlackEnergy malware that was involved in the Ukrainian disruption was present in “numerous industrial control systems (ICSs) environments”in the US.²²⁷  It appeared to US cyber officials that the“sophisticated malware campaign” responsible for the software’s presence had been running since 2011.²²⁸  David J. Weinstein, who worked at the US Cyber Command from 2010 to 2013 and was quoted in a recent NY Times article on developments in offensive US cyber activities, likened the 2015 Ukrainian event to crossing the Rubicon.^{229, 230}  In invoking the solidification of Caesar’s power and accompanying death of the republic, Weinstein manages to at once suggest the seminal nature of an attack on power-infrastructure, and the difficulty inherent in identifying any single event as a beginning. The prosecution of a large-scale cyber campaign with potentially lethal capability, fatalistically supports the former suggestion.