Google Chrome 16.0.912.77: Google has released an update to patch several highly critical vulnerabilities. Updates are available through the program.
Symantec pcAnywhere 12.x: Symantec has released hotfixes to patch several moderately critical vulnerabilities in pcAnywhere. Information on applying these hotfixes is available from Symantec in notes TECH179526 and TECH 179960. WARNING: Symantec has advised users to disable pcAnywhere because of the theft of the pcAnywhere source code. See our Cyber Security News of the Week for more information.
Adobe Flash 11.1.102.55 [Warning; see below]
Adobe Reader 10.1.2
Apple QuickTime 7.7.1
Apple Safari 5.1.2 [Warning; see below]
Google Chrome 16.0.912.77
Internet Explorer 9.0.8112.16421
Java SE 6 Update 30
Mozilla Firefox 9.0.1 [Warning; see below]
None
Trend Micro DataArmor and DriveArmor: Trend Micro reports a less critical vulnerability in these programs. Patches are available from Trend Micro.
Symantec Altiris IT Management Suite: The same vulnerabilities affecting pcAnywhere also impact Altiris IT Management. Additional information is available from Symantec in notes TECH179526 and TECH 179960.
ACDSee Photo: Several highly critical vulnerabilities have been identified in various ACDSee photo products. Vulnerabilities have been identified in FotoSlate, Photo Editor 2008, and Picture Frame Manager. No patches are available at this time. Readers should refrain from using ACDSee to open untrusted files. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, June 12, 2011. We alerted readers to a second vulnerability in FotoSlate in Weekend Vulnerability and Patch Report, September 18, 2011.
ACD Systems Canvas CorelDRAW: A highly critical vulnerability has been found in ACD Systems Canvas which can be exploited by malicious people to compromise a user’s system. Users should not view untrusted CDR files. Readers should refrain from opening untrusted files in ACD Systems Canvas. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, July 31, 2011.
Adobe Flash: The highly critical vulnerability we reported in Weekend Vulnerability and Patch Report, December 11,2011 remains unpatched. We recommend users disable the Flash player in their browsers.
Android Browser: Secunia reports a vulnerability in the Android browser that can be exploited to trick a user into believing he is connected to a trusted site by including the trusted site in an iframe. The vulnerability is confirmed in Browser version 2.3.3 included in Android version 2.3.3 and Browser version 3.2 included in Android version 3.2. Other versions may also be affected. Users are cautioned to not rely on displayed certificate information. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
Apple Safari: Secunia reports a non-critical unpatched vulnerability in Safari 5.1.2. Other versions may also be affected. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
HTC Mobile Devices: The security vulnerability in the default Twitter application (Peep) in HTC products remain unpatched. Readers should refrain from using the default Twitter application (Peep). We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 11, 2011.
HTC Touch2: The highly critical 0-day vulnerability in the HTC Touch2 VideoPlayer remains unpatched. Users are advised to not open files from untrusted sources. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 18, 2011.
McAfee SaaS: The highly critical vulnerability in McAfee SaaS Endpoint Protection remains unpatched. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, January 22, 2012.
Microsoft Windows: Secunia reports a highly critical unpatched vulnerability in Windows 7 Professional 64-bit. Other versions may also be affected. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
Microsoft Windows XP: A less-critical security vulnerability has been found in Windows XP which can be exploited by malicious, local users to disclose potentially sensitive information or cause a DoS (Denial of Service). No patch is available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, August 7, 2011.
Microsoft Word: A highly critical vulnerability has been found in Microsoft Word XP and 2002. No patch is available at this time. Readers should refrain from opening untrusted files in these earlier versions of Word. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, June 19, 2011.
Microsoft Reader: The highly critical vulnerability in Microsoft Reader, versions 2.x, remains unpatched. Readers should refrain from opening untrusted files in Reader. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, April 15, 2011.
Mozilla Firefox: Secunia reports a less critical vulnerability in Mozilla Firefox. The vulnerability is confirmed in Mozilla 9.0.1. Other versions may also be affected. No patch is available at this time. Users should exercise extra caution on untrusted websites. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, January 15, 2012.
PDF-Pro: Several highly critical vulnerabilities in PDF-Pro, a popular alternative to Adobe Acrobat, remain unpatched. Readers should refrain from opening untrusted files in PDF-Pro. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, March 4, 2011.
Photoshop Elements: Adobe versions 1 – 8 contain a highly critical unpatched vulnerability. The vulnerability is confirmed in version 8.0 20090905.r.605812 and Adobe reports that the vulnerability affects versions 8.0 and earlier. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, October 9, 2011.
Quick View Plus CorelDRAW: A highly critical vulnerability has been found in Quick View Plus which can be exploited by malicious people to compromise a user’s system. Users should not view untrusted CDR files in Quick View Plus. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, July 31, 2011.
VLC Media Player: VLC has released an advisory regarding a highly critical unpatched vulnerability in versions 0.9.0 through 1.1.12. VLC has announced that media player 1.1.13 will address the issue. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
If you are responsible for keeping your computer secure, our weekly report is for you. We strongly urge you to take action to keep your workstation secure.
If someone else is responsible for keeping your computer secure, protect it by forwarding our Weekend Vulnerability and Patch Report to them and following up to make sure your computer has been patched.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Symantec’s warning this week to users to disable PCAnywhere following the theft of its source code stands in contrast to the company’s assurances a few weeks ago that the theft of its source code posed little risk to users. [See Cyber Security News of the Week, January 8, 2012.]
At issue is the responsibility information security vendors have to their customers when the vendor’s products may be exposing customers to risk. It’s common for a company to circle the wagons and fall into a protective mode when bad news comes out. The strategy is usually a losing one as the bad news comes out eventually and the company ends up with egg on its face. So, from the company’s own perspective, the right strategy is often to own up to the problem from the start.
In cases of security the situation also carries moral and ethical implications. Twenty years ago when Tylenol was confronted with the death of several people after someone put poison in it products, Tylenol immediately removed the product from stores across the country and launched a public relations campaign to warn users.
The loss of information is not the same as the loss of lives, but don’t those of us in the business of protecting the sensitive information of our clients and customers have the same ethical and moral obligation to warn our users immediately?
Symantec: Anonymous stole source code, users should disable pcAnywhere: Symantec has confirmed that the hacker group Anonymous stole source code from the 2006 versions of several Norton security products and the pcAnywhere remote access tool. ars technica, January 26, 2012
Hackers tap Salem Co. account for $19,000: Computer hackers have broken in and stolen approximately $19,000 by way of an illegal wire transfer from a Salem County bank account that held more than $13 million in funds. nj.com, January 22, 2012
Hackers-for-Hire Are Easy to Find: Sitting in his Los Angeles home, Kuwaiti billionaire Bassam Alghanim received an alarming call from a business associate: Hundreds of his personal emails were posted online for anyone to see. The Wall Street Journal, January 23, 2012
Cameras May Open Up the Board Room to Hackers: One afternoon this month, a hacker took a tour of a dozen conference rooms around the globe via equipment that most every company has in those rooms; videoconferencing equipment. The New York Times, January 23, 2012
Should Every Patient Have a Unique ID Number for All Medical Records?: As the U.S. invests billions of dollars to convert from paper-based medical records to electronic ones, has the time come to offer everyone a unique health-care identification number? The Wall Street Journal, January 23, 2012
Pro-Palestinian hackers bring down Haaretz Hebrew website: Pro-Palestinian hackers brought down Haaretz’s Hebrew website on Wednesday, after several Israeli websites were targeted earlier in the day. January 25, 2012
EU Data-Privacy Overhaul Gives Consumers More Control: The European Commission on Wednesday proposed an overhaul to its data protection laws, which will provide users with more control over their data and make the process of monitoring data security less complex for agencies across the EU. PC Magazine, January 25, 2012
FileSonic disables file sharing in wake of MegaUpload arrests: Following the MegaUpload shutdown and indictments last week, FileSonic, one of the Internet’s most popular file-sharing services, has disabled its sharing functionality. Cnet, January 22, 2012
New Web Piracy Arrest as Site Founder Is Denied Bail: THE HAGUE, Netherlands — An Estonian citizen was arrested by Dutch police at the request of American authorities investigating the file-sharing Web site Megaupload, a prosecutor’s office spokeswoman said Wednesday. January 25, 2012
Adobe Reader and Acrobat 10.1.2: Adobe has released an update to patch several highly critical vulnerabilities. For users who cannot upgrade to version X, Adobe has also released version 9.5. Updates are available through the program.
Apple iTunes 10.5.3: Apple has released an update to patch several minor issues, including security.
Adobe Flash 11.1.102.55 [Warning; see below]
Adobe Reader 10.1.2
Apple QuickTime 7.7.1
Apple Safari 5.1.2 [Warning; see below]
Google Chrome 16.0.912.75
Internet Explorer 9.0.8112.16421
Java SE 6 Update 30
Mozilla Firefox 9.0.1 [Warning; see below]
McAfee SaaS: Secunia reports a highly critical vulnerability in McAfee SaaS Endpoint Protection. No patch is available at this time.
McAfee GroupShield: Secunia reports a highly critical vulnerability in McAfee GroupShield. No patch is available at this time. The vulnerability is reported in version 7.0.716.101. Other versions may also be affected.
Oracle: US-CERT reports Oracle has released its Critical Patch Update for January 2012 to address 78 vulnerabilities across multiple products. Several of these are highly critical.
Sonicwall: Secunia reports a less-critical vulnerability in Sonicwall AntiSpam & EMail security. The vulnerability is reported in version 7.3.1 and 7.3.4.5725. Other versions may also be affected. No patch is available at this time.
ACDSee Photo: Several highly critical vulnerabilities have been identified in various ACDSee photo products. Vulnerabilities have been identified in FotoSlate, Photo Editor 2008, and Picture Frame Manager. No patches are available at this time. Readers should refrain from using ACDSee to open untrusted files. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, June 12. We alerted readers to a second vulnerability in FotoSlate in Weekend Vulnerability and Patch Report, September 18.
ACD Systems Canvas CorelDRAW: A highly critical vulnerability has been found in ACD Systems Canvas which can be exploited by malicious people to compromise a user’s system. Users should not view untrusted CDR files. Readers should refrain from opening untrusted files in ACD Systems Canvas. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, July 31.
Adobe Flash: The highly critical vulnerability we reported in Weekend Vulnerability and Patch Report, December 11 remains unpatched. We recommend users disable the Flash player in their browsers.
Android Browser: Secunia reports a vulnerability in the Android browser that can be exploited to trick a user into believing he is connected to a trusted site by including the trusted site in an iframe. The vulnerability is confirmed in Browser version 2.3.3 included in Android version 2.3.3 and Browser version 3.2 included in Android version 3.2. Other versions may also be affected. Users are cautioned to not rely on displayed certificate information. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
Apple Safari: Secunia reports a non-critical unpatched vulnerability in Safari 5.1.2. Other versions may also be affected. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
HTC Mobile Devices: The security vulnerability in the default Twitter application (Peep) in HTC products remain unpatched. Readers should refrain from using the default Twitter application (Peep). We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 11.
HTC Touch2: The highly critical 0-day vulnerability in the HTC Touch2 VideoPlayer remains unpatched. Users are advised to not open files from untrusted sources. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 18, 2011.
Microsoft Windows: Secunia reports a highly critical unpatched vulnerability in Windows 7 Professional 64-bit. Other versions may also be affected. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
Microsoft Windows XP: A less-critical security vulnerability has been found in Windows XP which can be exploited by malicious, local users to disclose potentially sensitive information or cause a DoS (Denial of Service). No patch is available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, August 7.
Microsoft Word: A highly critical vulnerability has been found in Microsoft Word XP and 2002. No patch is available at this time. Readers should refrain from opening untrusted files in these earlier versions of Word. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, June 19.
Microsoft Office for Mac: A highly critical vulnerability has been discovered in Microsoft Office for the Mac which can be exploited by cyber criminals to take control of a user’s computer. Security updates are currently unavailable. Readers should refrain from opening untrusted files in Office. We first alerted readers to this vulnerability in Weekend Vulnerability & Patch Report, May 13, 2011.
Microsoft Reader: The highly critical vulnerability in Microsoft Reader, versions 2.x, remains unpatched. Readers should refrain from opening untrusted files in Reader. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, April 15.
Mozilla Firefox: Secunia reports a less critical vulnerability in Mozilla Firefox. The vulnerability is confirmed in Mozilla 9.0.1. Other versions may also be affected. No patch is available at this time. Users should exercise extra caution on untrusted websites.
PDF-Pro: Several highly critical vulnerabilities in PDF-Pro, a popular alternative to Adobe Acrobat, remain unpatched. Readers should refrain from opening untrusted files in PDF-Pro. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, March 4.
Photoshop Elements: Adobe versions 1 – 8 contain a highly critical unpatched vulnerability. The vulnerability is confirmed in version 8.0 20090905.r.605812 and Adobe reports that the vulnerability affects versions 8.0 and earlier. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, October 9, 2011.
Quick View Plus CorelDRAW: A highly critical vulnerability has been found in Quick View Plus which can be exploited by malicious people to compromise a user’s system. Users should not view untrusted CDR files in Quick View Plus. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, July 31.
VLC Media Player: VLC has released an advisory regarding a highly critical unpatched vulnerability in versions 0.9.0 through 1.1.12. VLC has announced that media player 1.1.13 will address the issue. We first alerted readers to a this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.
If you are responsible for keeping your computer secure, our weekly report is for you. We strongly urge you to take action to keep your workstation secure.
If someone else is responsible for keeping your computer secure, protect it by forwarding our Weekend Vulnerability and Patch Report to them and following up to make sure your computer has been patched.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Zappo’s reported that it had been hacked, exposing the personal information of 24 million customers. Anonymous brought down the Justice Department’s website and several websites associated with the entertainment industry in response to the Feds bringing down MegaUpload, a large pirate site. America’s critical infrastructure, including water and power, as well as our manufacturing base was put at greater risk with the public release of exploits that target vulnerabilities in industrial control systems. Cyber criminals are targeting our children by installing malicious software (malware) on popular child-focused sites. Israel, Palestine and hacktivists in Saudi Arabia seem locked in cyber war. Adding insult to injury, security vendor McAfee was caught with it’s pants down as a vulnerability in one of its products allowed cyber criminals to send spam from supposedly protected PCs.
The New York Times reports again on how difficult it is even for large companies to protect their sensitive information while PC World once again documents several challenges every organization faces in securing information outside the corporate perimeter, whether in the Cloud, in employee’s homes, on laptops, on iPads and other tablets, etc. Meanwhile bank regulators are pushing financial institutions to do more to protect their customers from online bank fraud.
Want to know how cyber crime might impact your organization? Want to better understand your exposure to cyber crime? We encourage you to contact us.
Email, Personal Information on PlayBook Left Vulnerable to Hackers: Research in Motion may have improved its overall experience on the PlayBook with its recent update, but security researchers recently revealed that the device leaves corporate email and user information open to potential hackers. Researchers Zach Lenier and Ben Nell of Intrepidus Group uncovered a vulnerability in the PlayBook’s Bridge application that leaves the authentication token for the Bridge application somewhere anyone could dig it up. PCWorld, January 17, 2012
Hackers Steal $6.7 Million in Cyber Bank Robbery: The first major cybercrime of 2012 has taken place in South Africa, with hackers made off with about $6.7 million from Postbank, which is state-owned and part of the South African post office. PCWorld, January 18, 2012
Zappos hacked, 24 million accounts accessed: NEW YORK (CNNMoney) — Online shoe store Zappos has been hacked, exposing the names, e-mail addresses, addresses, phone numbers and partial credit card numbers of its 24 million customers, the company said late Sunday night. CNN, January 16, 2012
Megaupload Founder Kim Dotcom, By the Numbers: When news of the international raid on Megaupload broke Thursday in the U.S., Internet aficionados got a glimpse at the man behind of the largest file-sharing websites in the world. And it turns out the site’s founder, Kim Dotcom, was rich, large, and most certainly in charge. He currently sits in a New Zealand prison awaiting trial, while we attempt to dissect the man who (formerly) controlled the online media empire. Time, January 21, 2012
Megaupload Execs Had Thing For Bling, Indictment Shows: The Justice Department Thursday unsealed an indictment in Virginia charging seven executives at file-sharing site Megaupload.com with copyright violations, racketeering, and money laundering. Four of the people charged, including 37-year-old Megaupload CEO and founder Kim Dotcom (aka Kim Tim Jim Vestor, aka Kim Schmitz), were arrested by New Zealand authorities, while the others remain at large. InformationWeek, January 20, 2012
Anonymous tricked people into joining Web site attacks: If you clicked a link distributed by Anonymous yesterday, you may have unwittingly helped the online activists in their attacks against U.S. government and entertainment industry sites that were organized to protest proposed antipiracy legislation. Cnet, January 20, 2012
New Report Shows Malware ‘Sleeps’ on Computer for Average of 8 Months, Collecting Data: In a new investigative report from Daily Safety Check ™, the average time before ‘activation’ of malware before committing cyber crimes – such as bank transfers, fraud and information theft – is 8 months. SFGate, January 18, 2012
Facebook exposes hackers behind Koobface worm: As expected, Facebook today started to release information about the Koobface worm (its name is an anagram of “Facebook”) and those behind it. The update comes almost a year since Facebook’s last post about the infamous piece of malware. After more than three years and numerous hours of working closely with industry leaders, the security community, and law enforcement, Facebook has announced its social network has been free of the virus for over nine months. ZDNet, January 17, 2012
Web Gang Operating in the Open: Five men believed to be responsible for spreading a notorious computer worm on Facebook and other social networks — and pocketing several million dollars from online schemes — are hiding in plain sight in St. Petersburg, Russia, according to investigators at Facebook and several independent computer security researchers. The New York Times, January 16, 2012
Clamor for Cloud Apps Increases Corporate Data Breach Risk: Employees bringing in their own devices and choosing their own application services is significantly increasing the risk to enterprise data. PC World, January 17, 2012
Regulators push banks to improve online security: According to a report in the New York Times , the Federal Deposit Insurance Corporation wants financial institutions to add a new security layer that detects unusual patterns of online activity — such as a volley of transfers to an account in Russia — in real time, starting this month. However, the Financial Times reported that a poll by a bank technology firm in November suggested that 40 percent of banks weren’t even aware that regulators want them to adopt new measures. Atm Marketplace, January 17, 2012
Even Big Companies Cannot Protect Their Data: Barbara Scott just hit the trifecta of computer security breaches. Since the New Year, Ms. Scott has been a victim of three separate cyberattacks. Two weeks ago, the online auction site eBay said in an e-mail to her that there had been suspicious activity on her account. On Monday, she received an e-mail from Zappos and another from 6PM, two online shoe retailers owned by Amazon. Both messages alerted her that — once again — her information had been compromised. The New York Times, January 17, 2012
Hackers Target Children as Adults Wise Up to Spam: Hackers are targeting websites aimed at children, by embedding malicious software in free gaming sites, praying on the young as adults grow wise to their strategies. Forbes, January 19, 2012
Hackers spread malware via children’s gaming websites: Hackers are increasingly targeting child-focused gaming websites, according to a leading anti-virus firm. BBC, January 16, 2012
‘Anonymous’ hackers attack Brazilian websites: RIO DE JANEIRO — The computer hacker group Anonymous attacked websites of Brazil’s federal district Saturday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com. AFP, January 21, 2012
Hackers disrupt websites of Israel’s stock exchange, national air carrier: JERUSALEM — A hacker network that claims to be based in Saudi Arabia paralyzed the websites of Israel’s stock exchange and national airline on Monday, escalating an international cyber war that has jolted this security-obsessed country. The Washington Post, January 16, 2012
Hoping to Teach a Lesson, Researchers Release Exploits for Critical Infrastructure Software: MIAMI, Florida — A group of researchers has discovered serious security holes in six top industrial control systems used in critical infrastructure and manufacturing facilities and, thanks to exploit modules they released on Thursday, have also made it easy for hackers to attack the systems before they’re patched or taken offline. Wired, January 19, 2012
Israel in the frame after rapid rise in cybercrime: There has been a huge and sudden rise in online attacks in the region that seem to originate in Israel, a major anti-virus company warns. The National, January 22, 2012
Israeli and Palestinian hackers trade DDoS attacks in rising cyber-gang war: Pro-Palestinian and pro-Israeli hackers are waging a cyber street-fight in a tit-for-tat exchange of posturing, threats of mass credit card exposures, and denial-of-service attacks. As Hamas has egged on hackers in recent weeks, promoting more “hacktivist” attacks against Israeli targets, pro-Israel hackers have responded in kind, today taking down the websites of stock exchanges in Saudi Arabia and the United Arab Emirates. Both sites appear to be back online. ars technica, January 17, 2012
PSA: McAfee computer security patches flaw: are you fixed?: Earlier this week, the McAfee group began sending out a fix to stopper up a flaw which turned their protection service into a hijacked spam festival. The flaw, they say, was allowing hackers to attach themselves to your computer specifically and shoot spam throughout your machine – hijacking that which was supposed to be protected using a flaw in the system that was supposed to be doing the protecting. The exploit was reported earlier this week by two customers who were taken aback by the flaw earlier this week, McAfee responding with a fix now here at the end of it. SlashGear, January 20, 2012
Alleged Muscovite cybercrime daddy hauled in to face US court: A suspected Russian cyber-crook has arrived in the US to face charges of security fraud, computer hacking and ID theft following his deportation from Switzerland. The Register, January 18, 2012
Three stories from today’s cyber security news.
“U.S. shuts Megaupload.com, hackers retaliate.”
“Anonymous Claims DOJ, RIAA, MPAA Sites Hit for Megaupload Bust.”
The “distributed denial of service” (ddos) attacks by hacktivists on FBI, Justice Department and entertainment industry websites suggests that the battle to protect intellectual property on the Internet has taken a new and ugly turn. Cybergeddon?
Left unnoticed may be the most ominous of headlines as it makes the tools of cyber terrorism available to anyone with a grudge against America: “Hoping to Teach a Lesson, Researchers Release Exploits for Critical Infrastructure Software.” Cybergeddon?
The world changed today and with it the need to prepare for a new and more dangerous round of cyber attacks. It’s more important than ever to follow the advice I learned years ago as a Boy Scout: “Be Prepared.”