This section is devoted to featuring late-breaking cyber security news stories.
C Y B E R I S E C U R I T Y I N E W S
Late-breaking cyber security news stories:
See also: Articles-White Papers under "Knowledge"
All text displayed in connection with these stories is quoted directly from the source.
Aug. 19, 2010 - Lance Whitney
Intel plans to buy security company McAfee for $7.68 billion--the biggest acquisition in its 42-year history. The chipmaker said Thursday it has entered into a definitive agreement to buy all of McAfee's common stock at $48 per share in cash. McAfee's stock closed Wednesday at $29.93, making Intel's offer a 60 percent premium.
The boards of both companies have approved the deal.
Security has become an essential element of online computing, on par with energy-efficient performance and connectivity, Intel said. But today's security isn't adequately addressing the array of new Net-connected machines on the market, such as mobile devices, TVs, cars, ATMs, and medical gadgets, according to Intel. Offering protection requires a new approach that can tie together software, hardware, and services, the company said.
Sept. 2, 2010 - Elizabeth Montalbano
The Defense Advanced Research Projects Agency (DARPA) has launched a new program aimed at quickly finding and stopping insiders from trying to steal information from Department of Defense (DoD) computer networks for use against the federal government.
To develop its Cyber Insider Threat program, or CINDER, DARPA is "soliciting novel approaches to insider threat detection that greatly increase the accuracy, rate, and speed of detection and that impede the ability of adversaries to operate within government and military interest networks," according to a presolicitation notice posted on FedBizOpps.gov.
(Click here to read news) (Related story)
Sept. 2, 2010 - Jeremy Kirk, IDG News Service
Researchers are hoping to get a better insight on botnets after taking down part of Pushdo, one of the top five networks of hacked computers responsible for most of the world's spam.
Thorsten Holz, an assistant professor of computer science at Ruhr-University in Bochum, Germany, said his group is working on an academic paper focused on methods to figure out what type of malicious spamming software is on a computer that sent a particular spam e-mail.
Sept. 1, 2010 - John E. Dunn
Hundreds of lunchtime customers of a diner in the US city of Memphis are believed to have had funds stolen from their debit and credit cards after PCs at the venue became infected with malware.
Large numbers of customers reported having had funds taken after using Jason’s Deli in recent weeks, which prompted an investigation by the US Secret Service, part of the Department of Homeland Security.
Sept. 1, 2010 - Ryan Naraine
Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.
The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.
Aug. 31, 2010 - Spencer Ackerman
Tomorrow’s WikiLeakers may have to be sneakier than just dumping military docs onto a Lady Gaga disc. The futurists at Darpa are working on a project that would make it harder for troops to funnel classified material to WikiLeaks — or to foreign governments. And that means if you work for the military, get ready to have your web, email and other network usage monitored even more than it is now.
Aug. 30, 2010 - William Jackson
The National Security Agency appears to be suffering a case of mission creep.
For years, NSA, the Defense Department’s lead agency for information gathering and protection, has said that it has its hands full with protecting military networks and has no interest in networks outside the .mil domain. The .gov domain is the responsibility of Homeland Security, NSA said, and the .com and other private-sector domains are the responsibility of the private sector, with DHS help.
Of course, NSA would also be willing to lend a hand if needed, but it has no direct responsibility for non-military networks.
Aug. 30, 2010
An Iranian cyber group announced that it has hacked more than 1,000 important governmental websites of the US, Britain and France in protest at their support and financial aids to anti-Iran terrorist groups.
"To commemorate the Day of Campaign against Terrorism and the martyrdom anniversary of (former Iranian President Mohammad Ali) Rajayee and (his Prime Minister Mohammad Javad) Bahonar (by the terrorist Mojahedin-e Khalq Organization), the group rose to protest at the inhumane measures of the supporters of terrorism, with the US and Britain standing on top of them, through a new method and hacked and changed the pages of more than 1,000 of their websites," Behrouz Kamalian, Head of the Iranian Ashiyaneh (nest) cyber group, told FNA on Monday.
Aug. 30, 2010 - Paul Roberts
The former head of the Department of Homeland Security's Cyber Security Division warns that the U.S. military's preoccupation with secrecy could hamper efforts to get the upper hand in cyber security.
An article last week by the U.S Deputy Secretary of Defense put the U.S. military's cybersecurity plans in the spotlight. Writing for the magazine Foreign Affairs, William J. Lynn III confirmed that a 2008 security breach resulted in a malicious code infection that touched both classified and unclassified intelligence networks and prompted a ground-up rethinking of the Pentagon's approach to cyber security.
Aug. 30, 2010 - Howard Schneider
The Obama administration is overhauling the decades-old rules for the export of sensitive military and other technology, jettisoning what industry groups criticize as an antiquated "Cold War" set of regulations for a more streamlined approach.
After a year-long review by officials at the State, Defense and Commerce departments, President Obama is scheduled to announce plans Tuesday to consolidate some enforcement activities in a single agency and develop a clearer list of products whose sale is restricted.
Aug. 30, 2010 - Mathew J.Schwartz
For 12% of CIOs, hearing complaints from employees over IT security measures -- specifically, limits on their access to certain types of websites or networks while using the office network -- is a common occurrence. Meanwhile, 29% of CIOs say such gripes are at least "somewhat common."
The numbers come from a survey of more than CIOs, selected randomly from companies in the United States with 100 or more employees, conducted by staffing firm Robert Half Technology.
Aug. 29, 2010 - Gordon Thomas
The Government Communications Headquarters in Cheltenham is Britain’s last great secret. Now it is in the focus of intense speculation among its stunned staff. Never before has one of their own been murdered. In GCHQ’s cafés, the seating area around the lawn at the core of the doughnut-shaped building and behind anonymous doors simply marked “No admission”, the same question continues to be asked: who murdered Gareth Williams – and why?
Aug. 28, 2010 - Ellen Nakashima
The Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions such as knocking out parts of an adversary's computer network overseas - but it is still wrestling with how to pursue the strategy legally.
The department is developing a range of weapons capabilities, including tools that would allow "attack and exploitation of adversary information systems" and that can "deceive, deny, disrupt, degrade and destroy" information and information systems, according to Defense Department budget documents.
Aug. 26, 2010 - John Walshe
The Central Applications Office (CAO) website yesterday came under attack from cyber hackers for the second time in three days. The latest incident triggered the automatic issuing of 22,000 new passwords to applicants.
It also led the CAO to shut down parts of the website during the day as engineers sought to find out the extent of the damage.
Aug. 26, 2010 - Josh Taylor
When the hacker's system crashes in Windows, as with all typical Windows crashes, Heckman said the user would be prompted to send the error details — including the malicious code — to Microsoft. The funny thing is that many say yes, according to Heckman.
"People have sent us their virus code when they're trying to develop their virus and they keep crashing their systems," Heckman said. "It's amazing how much stuff we get."
Aug. 26, 2010 - David Ignatius
With little fanfare, the Pentagon is putting the finishing touches on a new strategy that will treat cyberspace as a domain of potential warfare -- and apply instant "active defense" to counter attacks that, in theory, could shut down the nation's transportation and commerce.
Even though it deals with a distinctly 21st-century problem, the strategy has echoes of the Cold War: America's closest allies would be drawn into an early-warning network of collective cybersecurity; private industry would be mobilized in a kind of civil defense against attackers; and military commanders would be given authority to respond automatically to electronic invaders.
Aug. 25, 2010 - Michael Hardy
A vulnerability that Microsoft confirmed just yesterday is already being exploited, and the software giant says it can't fix the problem with a simple update. Instead, Microsoft says each affected application, many of them not under Microsoft's control, will have to be patched individually.
If you use Mozilla's Firefox Web browser, Microsoft PowerPoint or a peer-to-peer file-sharing application called uTorrent, you may already be compromised, according to a report in the British news site The Register. Hackers posted code to use the vulnerability to a hacker database, including specific exploits for several individual applications.
(Click here to read news) (Related story)
Aug. 25, 2010 - Bill Brenner, Senior Editor
I took my share of name-calling as a kid. I did my share of name-calling, too. We're taught that nothing good comes of such behavior. I've been thinking a lot about that since writing an article two weeks ago called "Security blunders 'dumber than dog snot'" during the 2010 USENIX Security Symposium.
The story is based on a talk of the same title given by Roger G. Johnston, a member of the Vulnerability Assessment Team at Argonne National Laboratory. In the presentation, he gave examples of surprising (or not) examples of what he has seen as a vulnerability assessor: security devices, systems and programs with little or no security -- or security thought -- built in. There are the well-designed security products foolishly configured by those who buy them, thus causing more vulnerability than before the devices were installed.
(Click here to read commentary)
Aug. 25, 2010 - CNN Wire Staff
An infected flash drive put in a U.S. military laptop in 2008 set off the most significant cyberattack ever against the military and brought a turning point in cyberdefense strategy, a top defense official wrote in an article published Wednesday.
Deputy Defense Secretary William J. Lynn III, in an article titled "Defending a New Domain" posted on Foreign Affairs magazine's web site, said the "previously classified incident was the most significant breach of U.S. military computers ever."
Aug. 25, 2010 - Kelly Jackson Higgins
A privacy breach notification bill recently passed by the California legislature would expand the state's existing law for how organizations notify consumers of a data breach.
California's existing data breach law does not specify what the breach notification should include information-wise. "This bill is intended to fill that gap by establishing standard, core content for breach notification letters," reads the California Senate Bill 1166, which was first introduced to the legislature in March.
Aug. 24, 2010 - Elinor Mills
A flaw in the way Windows handles DLL (dynamic-link library) and related files likely affects hundreds of applications and has already been used in malicious attacks in the wild, a security researcher said on Tuesday.
Microsoft acknowledged in an advisory on Monday a type of attack mechanism known as DLL preloading, or binary planting and said that while it is not new it does have a new remote-attack vector. Malicious code can now be planted on a network share instead of just on a local system, making it much easier to attack vulnerable systems by duping people into clicking on malicious Web links or opening malicious documents.
Aug. 23, 2010 - Steve Lohr's Blog
Pricey, if strategic, and mainly about bringing computer security into the future of Internet-connected smartphones, consumer electronics, cars, even household appliances.
That pretty much sums up the consensus judgment on Intel’s purchase of McAfee for $7.68 billion, which was announced on Thursday.
Gene Hodges, the president of McAfee until 2006, has a different perspective — which he explained in an interview Friday evening.
(Click here to read blog) (Related story)
Aug. 23, 2010 - Richard Power
All around the world, governments declare they are gearing up for cyber war. I know, I know, to anyone who has been at this for any significant length of time, many of the news stories we are reading today could have, or should have, been written a decade ago, or more. The term "Cyber war" seems to be on everyone's lips again. (Cue the theme music for "Groundhog Day" - again!) In one way, it is hard to take it seriously anymore; in another way, it is incredible that so many governments sound like they are just getting started, again. Nevertheless, even though the chest-beating seems to be a redux, and much of the blustering rhetoric seems to be recycled, the reality on the virtual ground in cyber space is that the capabilities (the offensive ones, at least) have evolved over the last decade, and so have the opportunities. Furthermore, the appetite to use them seems to have grown apace.
(Click here to read commentary)
Aug. 23, 2010 - Kim Zetter
A security researcher in India has been arrested after he refused to provide authorities with the name of a person who supplied him with an electronic voting machine that was used to discover vulnerabilities in the system. The researcher had used the machine to demonstrate how someone could hack voting systems to easily subvert an election.
At 5:30 Saturday morning, nearly a dozen police converged on the home of Hari Prasad, managing director of Netindia, to question him about the source of the voting machine he received. After refusing to identify his source, he was reportedly arrested under suspicion of theft and receiving stolen property.
Aug. 23, 2010 - Kelly Jackson Higgins
Three years after the United Nations' website was defaced by activist hackers using a SQL injection attack, the site still contains multiple instances of these vulnerabilities.
Security researcher Robert Graham, CEO of Errata Security, did his now-annual checkup on the UN site and found that while the UN had removed the bug that was exploited in the August 2007 attack, the site is still rife with multiple SQL injection vulnerabilities.
Aug. 22, 2010 - Brian Prince
When people think of cyber-crime, the typical image being pushed today is that of highly organized criminal operations. New research, however, suggests the underbelly of cyber-space may be less mafia-like than some think.
In an effort to improve the level of understanding of today's black hats, security researchers Fyodor Yarochkin and "The Grugq" have spent several months looking at Russian hacker forums.
Aug. 20, 2010 - Leslie Meredith, TechNewsDaily
Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware.
An internal report issued by the airline revealed the infected computer failed to detect three technical problems with the aircraft, which if detected, may have prevented the plane from taking off, according to reports in the Spanish newspaper, El Pais.
Flight 5022 crashed just after takeoff from Madrid-Barajas International Airport two years ago today, killing 154 and leaving only 18 survivors.
Aug. 20, 2010 - Dan Goodin
About 200 Windows applications are vulnerable to remote code-execution attacks that exploit a bug in the way the programs load binary files for the Microsoft operating system, a security researcher said Thursday.
The critical vulnerability, which has already been patched in Apple's iTunes media player for Windows and VMware Tools, will be especially challenging to fix, because each application will ultimately need to receive its own patch, Mitja Kolsek, CEO of application security consultancy Acros Security, told The Register. He agreed with fellow researcher H D Moore, who on Wednesday said the critical vulnerability is trivial to exploit.
Aug. 19, 2010 - Matt Liebowitz, TechNews Daily
As our daily lives become increasingly linked to and controllable by the Internet, experts say we may encounter computer viruses attacking us in a host of new ways.
With items not traditionally thought of as vulnerable, such as cars, home appliances, and electric meters going online, consumers are now opening themselves up significantly more channels for infection.
"Connectivity makes us more exposed and vulnerable," said Marianne Swanson, senior advisor for Information System Security with the National Institute of Standards and Technology (NIST).
Aug. 19, 2010 - Elinor Mills
In the future, you may not have to buy antivirus software for your laptops and mobile devices if Intel is able to live up to the promise of integrating technology from acquisition target McAfee, experts said on Thursday.
In announcing its plans to acquire security company McAfee for $7.68 billion, Intel executives said they see security as being as critical to computing as performance and connectivity and that they plan to combine security with its hardware and expand further into the mobile market.
(Click here to read news (Related story)
Aug. 19, 2010 - Jack Schofield's Blog
Homeland security and business leaders from around Washington converged on the Embassy of India recently for a briefing on the terror attacks in Mumbai. At the invitation-only event hosted by Ambassador Arun Singh, we were briefed on the attacks and screened the HBO Documentary Terror in Mumbai.
Without question, the film is a “must see” for any homeland security professional.
(Click here to read post) (Related story)
Aug. 18, 2010 - John Taylor, Washington Correspondent
Homeland security and business leaders from around Washington converged on the Embassy of India recently for a briefing on the terror attacks in Mumbai. At the invitation-only event hosted by Ambassador Arun Singh, we were briefed on the attacks and screened the HBO Documentary Terror in Mumbai.
Without question, the film is a “must see” for any homeland security professional.
Aug. 18, 2010 - Jaikumar Vijayan
Hewlett-Packard's move this week to buy Fortify software focuses attention on the increasingly important, but still mostly underutilized category of application security products, security experts say.
Privately-held Fortify will provide HP with a set of technologies for on-premise testing of applications through all stages of the development process through deployment.
Aug. 17, 2010 - Phil Hazlewood
Mumbai - The "cyberwar" between India and Pakistan has claimed another victim, with the hacking of a high-profile lawmaker's website that experts say highlights the woeful lack of Internet security in South Asia.
A group calling itself the Pakistan Cyber Army said it hacked into the website of independent Indian MP Vijay Mallya, a flamboyant liquor baron, who is also head of Kingfisher Airlines and the Force One Formula One racing team.
Aug. 14, 2010 - Christine Kim
A second cyber battle may be brewing this weekend between Korean and Japanese Internet users, following on the first round of volleys in March, according to recent posts on popular community boards in both countries.
Netizens on certain Korean Internet clubs and cafes are calling for attacks on one of Japan’s most popular Web forums, 2channel, tomorrow, when Koreans will celebrate the anniversary of their liberation from Japan in 1945. Users on 2channel are also expected to retaliate.
Aug. 13, 2010 - Marc Ambinder
To better secure unclassified information stored in the computer networks of government contractors, the Defense Department is asking whether the National Security Agency should begin to monitor select corporate dot.com domains, several officials and consultants briefed on the matter said.
Under the proposal, which is being informally circulated throughout the department and the Department of Homeland Security, the NSA could set up equipment to look for patterns of suspicious traffic at the internet service providers that the companies' networks run through. The agency would immediately notify the Pentagon and the companies if pernicious behavior were detected. The Agency would not directly monitor the content of the data streams, only its meta-data.
Aug. 13, 2010 - Kevin Poulsen
Should the U.S. government declare a cyberwar against WikiLeaks?
On Thursday, WikiLeaks founder Julian Assange told a gathering in London that the secret-spilling website is moving ahead with plans to publish the remaining 15,000 records from the Afghan war logs, despite a demand from the Pentagon that WikiLeaks “return” its entire cache of published and unpublished classified U.S. documents.
Last month, WikiLeaks released 77,000 documents out of 92,000, temporarily holding back 15,000 records at the urging of newspapers that had been provided an advance copy of the entire database. On Thursday, Assange said his organization has now gone through about half of the remaining records, redacting the names of Afghan informants. That suggests the final release could still be weeks away.
Aug. 12, 2010 - Sami Lais
Last year saw a substantial upswing in malware; it was a factor in 94 percent of all data lost, according to Verizon’s Data Breach Investigations Report for 2010.
And the malware most often used is the SQL injection attack or an injection of malware after the attacker has root access to a system. Both methods can evade antivirus software and other traditional detection methods.
In its recently released “2010 Midyear Security Report,” Cisco Systems Inc. noted “an uptick in generalized SQL injection attacks, culminating with a June 2010 re-emergence of Asprox [a Trojan that wrought havoc on the United Kingdom government and computer systems two years ago].”
Aug. 12, 2010 - Andreas M. Antonopoulos
If your business manages personal information about health or finances, a security breach can cost millions. HITECH and other regulations not only apply fines, but they require disclosure and notification of those affected. In some cases, companies must pay for free credit reports too. These costs can range from $80 to $200 per compromised record. The problem for many companies is the sheer volume of information that can be compromised in a single breach. If you lose 5,000, 50,000 or 500,000 records, the math may mean bankruptcy. Fortunately,
you can now get insurance to cover these risks.
Network security or privacy loss insurance has been around for just over a decade. Initially it was only offered by a handful of specialist insurers, like Lloyds of London. Nowadays, there are more than 15 companies offering coverage for security breaches, as well as brokers who can help you find the right coverage.
Aug. 12, 2010 - Jaikumar Vijayan
A server-based botnet that preys on insecure websites is flooding the net with attacks that attempt to guess the login credentials for secure shells protecting Linux boxes, routers, and other network devices.
According to multiple security blogs, the bot compromises websites running outdated versions of phpMyAdmin. By exploiting a vulnerability patched in April, the bot installs a file called dd_ssh, which trawls the net for devices protected by the SSH protocol.
“This bot then conducts brute force SSH attacks on random IP addresses specified by the bot herder,” a user blogged here.
Aug. 12, 2010 - Dan Goodin
Heartland Payment Systems, which last year suffered the largest ever data breach involving payment card data, is downplaying reports out of Austin, Texas linking the payment processor to a data breach at a local restaurant chain.
Heartland CIO Steven Elefant told Computerworld by e-mail late Thursday that the reports out of Austin point to a "localized intrusion initiated within the stores, either in their point-of-sale system or as a result of other fraud."
Aug. 11, 2010 - Thomas Claburn
Facebook's privacy controls offer less privacy than one might expect.
In an e-mail message posted to the Full Disclosure mailing list, Atul Agarwal, a security researcher and CEO of Secfence Technologies, describes how Facebook can be prompted to reveal user names and profile pictures even when user privacy settings have been set to conceal this information.
Agarwal says he discovered the issue when he accidentally entered an incorrect password while trying to log into Facebook.
Aug. 11, 2010 - Jeremy Kirk, IDG News Service
Researchers at Russian security company Kaspersky Lab say they've discovered the first malicious software program to target Google's Android mobile operating system.
The application masquerades as a media player, according to a Kaspersky blog post. But if it is installed, the rogue application begins secretly sending SMSs (Short Message Service) to a premium rate number presumably belonging to the hackers who created it.
There have been isolated cases of spyware programs that run on the Android platform, an open-source mobile operating system created by Google. But the fake media player application, which Kaspersky dubbed "Trojan-SMS.AndroidOS.FakePlayer.a," is the first one believed to specifically target Android, Kaspersky said.
Aug. 10, 2010 - Elinor Mills
Microsoft issued a record number of monthly patches on Tuesday, including fixes for eight critical holes affecting Windows, Internet Explorer, Microsoft Word, and other programs that could be exploited to take control of a computer.
Of the 14 patches addressing a total of 34 vulnerabilities, four of them should be given priority, Microsoft said in a Microsoft Security Response Center blog post.
Aug. 10, 2010 - Kelly Fiveash
The German government has advised ministers not to use BlackBerry and iPhone devices due to “a dramatic increase of attacks against” its networks.
A general ban on the use of smartphones in certain German ministries is also being considered, Federal Interior Minister Thomas de Maizière confirmed to the country’s business daily newspaper Handelsblatt yesterday.
He said that ministers and senior civil servants had been told to instead use Simko2 gadgets offered by T-Systems, following advice from the German federal office for information security (BSI).
Aug. 10, 2010 - Ben Bain
The Federal Communications Commission wants help in developing its plan for dealing with vulnerabilities of core Internet protocols and technologies, as well as online threats to consumers, businesses and government agencies.
The FCC posted a public notice Aug. 9 requesting comments on the role the commission should play in cybersecurity programs. Those comments will be used as the commission develops its cybersecurity plan or “Cybersecurity Roadmap.”
The road map was called for in the FCC’s overall plan to expand broadband access in the United States. That overall strategy, called the National Broadband Plan (NBP), was released by the commission in March.
Aug. 10, 2010 - Kelly Jackson Higgins
Malware hit an all-time high in the first half of this year, at 10 million new samples, according to a new McAfee report, with the top two being AutoRun malware and password-stealing Trojans.
Meanwhile, McAfee also issued a call to arms for the security industry to play more offense than defense against today's attacks to get to the actual criminals behind the malware. Rather than continuing with today's approach of adding layers of security to defend against expected attacks, the industry needs to avoid attacks altogether by going aggressive, with the security community aligning forces and law enforcement operating proactively, according to McAfee executives.
Aug. 10, 2010 - Elinor Mills
Consumers and businesses in Great Britain have lost more than $1 million so far this summer from a Trojan that is infecting their computers, prompting them to log into their bank accounts, and then is surreptitiously transferring money to scammers in other countries, security researchers said on Tuesday.
About 3,000 bank accounts were found to be compromised at one financial institution, which was not identified, according to a white paper released by M86 Security.
Aug. 10, 2010 - Dan Goodin
Microsoft has updated a broad swath of products to fix a potentially serious spoofing vulnerability in the secure sockets layer (SSL) protocol that secures email, web transactions and other sensitive internet traffic.
The software company on Tuesday released MS10-049 to kill the bug in Windows Server 2008, Windows 7 and 12 other versions of Windows that are still under support. The patch updates a part of the operating system known as SChannel, or Secure Channel, which is responsible for implementing SSL, which is also referred to as TLS, or transport layer security.
Aug. 10, 2010 - Lance Whitney
The BlackBerry is still open for business in Saudi Arabia.
The Saudi communications regulator said Tuesday that it has decided to call off the ban on BlackBerry messenger services following efforts by Research In Motion to satisify some of the country's regulatory requirements.
The decision came because of "positive developments in the completion of part of the regulatory requirements on the part of service providers," the country's Communication and Information Technology Commission, or CITC, said in a statement e-mailed to The Wall Street Journal (subscription required) and other news sources.
(Click here to read news) (Related story)
Aug. 10, 2010 - Dan Goodin
Researchers have devised a novel way to recover confidential messages processed in doctors' offices and elsewhere by analyzing the sounds made when documents are reproduced on dot-matrix printers.
This so-called side-channel attack works by recording the “acoustic emanations” of a confidential document being printed, and then processing it with software that translates the sounds into words. The method recovers as much as 95 per cent of the printed words when an attacker has contextual knowledge about the text being printed, such as the words included in a medical prescription or a living-will declaration. Up to 72 per cent of the text can be recovered when no context is known.
Aug. 9, 2010 - Ericka Chickowski
Healthcare data breaches have swollen in 2010: Identity Theft Resource Center reports show that compromised data stores from healthcare organizations far outstrip other verticals this year. According to figures updated last week, healthcare organizations have disclosed 119 breaches so far this year, more than three times the 39 breaches suffered by the financial services industry.
Aug. 9, 2010 - Kim Zetter
One of the alleged ringleaders behind the 2008 hack of RBS WorldPay has been extradited to the U.S., where he was arraigned Friday in the Northern District of Georgia on charges that he helped coordinate the global $9.5 million bank card heist.
Sergei Tsurikov, 26, of Tallinn, Estonia, has been charged in Atlanta with wire fraud, computer fraud, aggravated identity theft and two conspiracy charges involving wire and computer fraud.
Aug. 9, 2010 - Jaikumar Vijayan
Last month's disclosure of a sophisticated malware program targeting control system software from Siemens AG has renewed long-standing concerns about whether the U.S. power grid can withstand targeted cyberattacks.
The malware, called Stuxnet, exploits a Windows flaw to find and steal industrial data from supervisory control and data acquisition (SCADA) systems running Siemens' Simatic WinCC or PCS 7 software.
SCADA systems are used to control critical equipment at power companies, manufacturing facilities, water treatment plants and nuclear power operations.
Aug. 9, 2010 - John Leyden
Anti-virus technologies may be even more ineffective than feared, if a controversial new study is to be believed.
A study by web intelligence firm Cyveillance found that, on average, vendors detect less than 19 per cent of malware attacks on the first day malware appears in the wild. Even after 30 days, detection rates improved to just 61.7 per cent, on average.
Anti-virus vendors have criticised the methodology of the study as hopelessly flawed not least because it only looked at signature-based detection of malware.
Aug. 7, 2010 - Adam Ely
For years, we groused about bug-ridden browsers while initiatives to harden them largely fell flat. Then one day, IT woke up to find that the browser is the new OS. Web 2.0 applications use browsers and the public Internet to create interactive interfaces and enable asynchronous collaboration, inside and outside the firewall. Google Chrome is promising to push Web-based operating systems forward, which could let businesses cut costs and infrastructure.
All types of companies are moving toward software as a service at a steady clip--55% of the strategic IT managers responding to our June InformationWeek Analytics Cloud Computing & IT Staffing Survey of 828 IT professionals are using SaaS or plan to. What all that means is, the browser is now your employees' gateway out--and an attacker's gateway in. IT must focus on protecting the browser from compromise without hindering functionality and derailing business initiatives in the process.
Aug. 7, 2010 - Robert McMillan, IDG News Service
A city of San Francisco network administrator who refused to hand over administrative passwords to the city's network was sentenced to four years in state prison Friday.
Terry Childs was convicted in April of violating California's hacking laws after he refused to hand over administrative control to the city's FiberWAN network in July 2008.
He was sentenced by Judge Teri Jackson, according to Erica Derryck, a spokeswoman for the San Francisco district attorney's office.
(Click here to read news) (Related story)
Aug. 6, 2010 - Roger Dube
We've all read the news items: Someone's identity is stolen, bank accounts emptied and credit cards used to make thousands of dollars' worth of phony purchases. Individuals no longer are the prime targets of such attacks, however. The Wall Street Journal has reported that a growing number of small businesses are losing large sums of money through attacks on their online banking accounts. A recent IT security report indicated that losses of small businesses to such attacks this year will exceed $3.8 billion.
Gaining access to accounts and information requires the attacker to somehow get past the defenses erected around the target-a computer or network of computers. In the final analysis, encryption algorithms protect these systems. These encryption algorithms must be unlocked by the use of proper credentials. Different systems require different credentials, but the simplest ones (and likely the majority of them) use passwords.
Aug. 5, 2010 - Elinor Mills
The new browser security flaw in iPhones, iPods, and iPads could be more dangerous than initially suspected.
The vulnerability comes from the way the jailbreak software, released on Sunday, uses the mobile Safari browser instead of requiring that the device be connected to a computer. Jailbreaking the phone allows it to run apps not approved by Apple. But this flaw could be used to launch an exploit if the user were to surf to a Web site hosting a malicious PDF, giving unrestricted access to the device.
"The same PDF exploit used to jailbreak the device could also be used to install something malicious," security expert Mike Kershaw told CNET on Thursday.
Aug. 4, 2010 - Jaikumar Vijayan
The Department of Homeland Security (DHS) is quietly creating specialized teams of experts to test industrial control systems at U.S power plants for cybersecurity weaknesses.
According to an Associate Press report today, DHS has so far created four teams to conduct such assessments, according to Sean McGurk, director of control system security. McGurk told the news service that 10 teams are expected to be in the field next year as the program's annual budget grows from $10 million to $15 million.
Aug. 4, 2010 - Elizabeth Montalbano
The Department of Commerce is looking for advice from businesses, academics and even the general public about how to maintain cybersecurity while fostering innovation in the commercial Internet space.
In a Notice of inquiry (PDF), the department asks for comment about, among other things, the economic impact of cybersecurity preparedness; authentication and identity-management technologies; how to raise awareness about threats; how to engage globally on cybersecurity; and where to invest in research and development.
Aug. 3, 2010 - Dan Goodin
Researchers say they have devised a foolproof way to encrypt messages that can be unlocked only by a recipient physically located in a specific place, solving a problem that has vexed cryptographers for years.
The technique for position-based quantum cryptography is scheduled to be presented at the 2010 IEEE Symposium on Foundations of Computer Science in October. It makes it theoretically possible for people to securely encrypt and decrypt messages without the use of pre-shared keys. Instead, the messages would be encrypted using keys based on a recipient's physical presence at a secure facility.
Aug. 1, 2010
An elite US cyber team that has stealthily tracked Internet villains for more that a decade pulled back its cloak of secrecy to recruit hackers at a notorious DefCon gathering here Sunday.
Vigilant was described by its chief Chet Uber as a sort of cyber "A-Team" taking on terrorists, drug cartels, mobsters and other enemies on the Internet.
"We do things the government can't," Uber said. "This was never supposed to have been a public thing."
Aug. 1, 2010 - Dean Takahashi
Garry Pejski did some penance yesterday. In a room full of his peers, he admitted something that he was ashamed of. He told the crowd of hackers and security researchers at the Defcon security conference in Las Vegas that he once wrote spyware, or software that spies on people and tricks them into doing things.
Living in Toronto, the 31-year-old has since reformed and now writes custom software and tests security for power plants. But his time spent as a spyware developer in 2004 has haunted him for years. His tale is a cautionary one for young hackers, and it offers a rare glimpse inside the shadowy world of spyware, a massive underground industry which dances on the edge of legality.
