-
See the Archives
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- February 2009
-
Filter by Category
- Business at risk
- Citadel in the news
- Citadel Information Security Guides
- Citadel: Guide to Blog
- Citadel: Thinking about Security
- Cloud Security
- Combatting Cybercrime
- Consumers at risk
- Cost of Cybercrime
- Cost of Piracy
- Credit card fraud
- Culture Change
- cyber security learning community
- Cyber Security Management
- Cyber War
- events
- Financial systems security
- Future of Cyberspace
- Healthcare
- Identity theft
- Information at Risk
- Insurance
- Internet badlands
- ISSA-LA
- Law Firms
- Legal
- Miscellany
- mobile banking
- mobile internet
- Mobile Security
- national security
- Not-for-Profit
- Online Privacy
- OWASP
- Privacy Matters
- Ray of Sunshine
- School security
- Security Alert: Vulnerability Management
- Security management
- Security Research
- Security Surveys
- Social Engineering
- Social networks
- Virtual Currency
Cyber Security News of the Week, July 31, 2011
Money & Information at Risk
Hackers post documents from Italian cybercrime unit: Hackers linked to Anonymous claim to have breached security at the government agency responsible for protecting vital computer networks in Italy. he hackers posted a trove of apparently confidential documents online and claimed much more was to come from systems at CNAIPIC – il Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche. The Telegraph, July 25, 2011
Hackers steal data from 35M netizens: The personal information of millions of netizens with accounts on Korea’s major portal site Nate and social networking site Cyworld was accessed by hackers on Tuesday, SK Communications said yesterday. Korea JoongAng Daily, July 29, 2011
Cyber Security Management
Study: Automated Web App Attacks on the Rise: Web applications are attacked by hackers roughly once every two minutes on average, while automated assaults on websites and databases can number 25,000 attacks in an hour, or seven per second, according to new findings released by data security firm Imperva Monday. PC Magazine, July 25, 2011
Companies Encrypting Data, But Not Everywhere, Venafi Survey Finds: An overwhelming majority of organizations, 90%, use encryption for data security and systems authentication, according to a survey of security practices conducted on behalf of enterprise key and certificate management firm Venafi. Moreover, the survey showed strong overall security programs in the majority of organizations. Network Computing, July 28, 2011
Personal Mobile Devices Still Vex IT: Two thirds of large enterprises surveyed by Courion say that employees are causing security breaches by connecting personal mobile devices to the corporate network. Information Week, July 26, 2011
Securing Data in the Cloud? Call in the Magnificent Seven: The million-dollar question in organizations today is no longer “Should we move to the cloud?” but “How much of our infrastructure and data will we move to the cloud?” However, the difficulties organizations have protecting data – even when data is kept onsite in the corporate data center – is causing sleepless nights for IT professionals and business leaders alike, as they weigh the cost and operational benefits of moving to the cloud, against the potential introduction of new data security risks. Forbes, July 26, 2011
Internet Badlands
Spam & Fake AV: Like Ham & Eggs: An explosion of online fraud tools and services online makes it easier than ever for novices to get started in computer crime. At the same time, a growing body of evidence suggests that much of the world’s cybercrime activity may be the work of a core group of miscreants who’ve been at it for many years. KrebsOnSecurity, July 26, 2011
The cyber Mafia has already hacked you: Just how pervasive is cybercrime? “There are probably some corporations and credit cards that haven’t been hacked,” said Kim Peretti, director in PricewaterhouseCoopers’ forensic services practice. “But you have to assume you’ve been compromised.” CNN Money, July27, 2011
Trojan Tricks Victims Into Transferring Funds: It’s horrifying enough when a computer crook breaks into your PC, steals your passwords and empties your bank account. Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money from their accounts to a cyber thief’s account. KrebsOnSecurity, July 28, 2011
Mac OS X Lion Password Vulnerability: Sleep Mode: Updated forensic software can steal Apple OS X login passwords in minutes, even when the devices are locked or asleep. To be successful, however, users of the software, Passware Kit Forensic v11, must have physical access to the target Mac device, as well as a FireWire cable connection. At that point, the software can capture the password data from the Mac’s memory, even on the latest version of Apple’s operating system, Mac OS X Lion. Information Week, July 29, 2011
‘War Texting’ Lets Hackers Unlock Car Doors via SMS: Software that lets drivers unlock car doors and even start their vehicles using a mobile phone could let car thieves do the very same things, according to computer security researchers at iSec Partners. PC World, July 27, 2011
For Suspected Hackers, a Sense of Social Protest: The F.B.I.’s arrests of 14 people last week were the most ambitious crackdown yet on a loose-knit group of hackers called Anonymous that has attacked a string of government agencies and private companies over the last eight months. The New York Times, July 26, 2011
Legal Actions – Online Bank Security
Calif. Co. Sues Bank Over $465k eBanking Heist: A California real estate escrow company that lost more than $465,000 in an online banking heist last year is suing its former financial institution, alleging that the bank was negligent and that it failed to live up to the terms of its own online banking contract. KrebsOnSecurity, July 25th, 2011
Rays of Sunshine
UK police arrest suspected hacker group member: An 18-year-old man has been arrested in Scotland on suspicion of being linked to computer hacking groups Anonymous and LulzSec, police in London said Wednesday. CNN, July 28, 2011
U.S. targets Central European cybergangs: Organized Central European cybercrime gangs are a security threat to the United States and have been targeted in a new U.S. strategy released this week. UPI, July 28, 2011
Securing the Future
DOD Website Sells Public On Cybersecurity Strategy: The Department of Defense (DOD) has launched a new website to accompany a comprehensive cybersecurity strategy launched less than two weeks ago to guide the department’s efforts to fight cyber attacks going forward. The Cyber Strategy website is aimed at helping the public understand the DOD’s consolidated cybersecurity strategy and provide a central site for the department’s accomplishments to date in how it is protecting the federal government and U.S. critical infrastructure from cyber attacks, it said. Information Week, July 25, 2011
Cyber Weapons: The New Arms Race: In the early morning hours of May 24, an armed burglar wearing a ski mask broke into the offices of Nicira Networks, a Silicon Valley startup housed in one of the countless nondescript buildings along Highway 101. He walked past desks littered with laptops and headed straight toward the cubicle of one of the company’s top engineers. The assailant appeared to know exactly what he wanted, which was a bulky computer that stored Nicira’s source code. He grabbed the one machine and fled. The whole operation lasted five minutes, according to video captured on an employee’s webcam. Palo Alto Police Sergeant Dave Flohr describes the burglary as a run-of-the-mill Silicon Valley computer grab. “There are lots of knuckleheads out there that take what they can and leave,” he says. But two people close to the company say that they, as well as national intelligence investigators now looking into the case, suspect something more sinister: a professional heist performed by someone with ties to China or Russia. The burglar didn’t want a computer he could sell on Craigslist. He wanted Nicira’s ideas. Bloomberg Businessweek, July 20, 2011 (Excellent overview; Highly Recommended)
