Three of the IP addresses used by the servers that controlled the compromised systems observed by SecureWorks also overlapped with addresses that hosted servers used in attacks last year on RSA. The attackers used their access to RSA’s systems to steal highly sensitive data related to the company’s two-factor SecurID authentication tokens that 40 million employees use to access corporate and government networks. The IP addresses belong to the China Beijing Province Network’s autonomous system 4808, which researchers say has long been a hotbed for espionage-related malware.”

arstechnica‘s Dan Goodin coments on this report from DELL SecureWorks.

See also this, this, and this.

APT.

All complex systems contain parasites. In any system of cooperative behavior, an uncooperative strategy will be effective — and the system will tolerate the uncooperatives — as long as they’re not too numerous or too effective. Thus, as a species evolves cooperative behavior, it also evolves a dishonest minority that takes advantage of the honest majority. If individuals within a species have the ability to switch strategies, the dishonest minority will never be reduced to zero. As a result, the species simultaneously evolves two things: 1) security systems to protect itself from this dishonest minority, and 2) deception systems to successfully be parasitic.”

From Schneier on Security.

The research team was able to obtain the card’s proprietary encryption scheme by physically dissecting its chip and examining it under a microscope. They then photographed various levels of its circuitry and used optical recognition software to produce a 3D representation of the entire chip. By examining the logic gates in great detail, they were able to deduce the proprietary algorithm, which NXP dubs Crypto1.

From theregister.