-
See the Archives
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- February 2009
-
Filter by Category
- Business at risk
- Citadel in the news
- Citadel Information Security Guides
- Citadel: Guide to Blog
- Citadel: Thinking about Security
- Cloud Security
- Combatting Cybercrime
- Consumers at risk
- Cost of Cybercrime
- Cost of Piracy
- Credit card fraud
- Culture Change
- cyber security learning community
- Cyber Security Management
- Cyber War
- events
- Financial systems security
- Future of Cyberspace
- Healthcare
- Identity theft
- Information at Risk
- Insurance
- Internet badlands
- ISSA-LA
- Law Firms
- Legal
- Miscellany
- mobile banking
- mobile internet
- Mobile Security
- national security
- Not-for-Profit
- Online Privacy
- OWASP
- Privacy Matters
- Ray of Sunshine
- School security
- Security Alert: Vulnerability Management
- Security management
- Security Research
- Security Surveys
- Social Engineering
- Social networks
- Virtual Currency
- Vulnerability and Patch Report
Cyber Security News of the Week, July 1, 2012
Cyber Crime – Online Bank Fraud
Fraud Ring In Hacking Attack On 60 Banks: Sixty million euro has been stolen from bank accounts in a massive cyber bank raid after fraudsters raided dozens of financial institutions around the world. SkyNews, June 27, 2012
Cyber Crime – Espionage
Espionage virus sent blueprints to China: Computer security experts have uncovered an industrial espionage virus designed to steal blueprints for buildings, machinery and other products, and deliver them to China. The Telegraph, June 21, 2012
Cyber Threat
A spook speaks: LIKE blooms on a peculiar plant, speeches by the head of the British security service are rare; and when they do appear, they draw attention. On June 25th Jonathan Evans, the director-general of MI5, burst into oratorical flower for the first time in 21 months. After commenting on preparations for the Olympic games and on counter-terrorism, Mr Evans turned to cyber-security—where the “front line…is as much in business as it is in government.” States as well as criminals were up to no good, he said: in particular, a “major London listed company with which we have worked” had lost revenue of “some £800m” ($1.2 billion) to state-sponsored cyber-attack. The firm in question had lost intellectual property and had been put at a disadvantage in commercial negotiations. The Economist, June 30, 2012
MI5 fighting ‘astonishing’ level of cyber-attacks: MI5 is battling “astonishing” levels of cyber-attacks on UK industry, the intelligence agency’s chief has said. BBC, June 25, 2012
Cybercrime moves to the cloud: The same flexibility and freedom companies get from having their software and services hosted in the cloud is enabling cybercriminals to conduct highly automated online banking theft — without doing much of the necessary information processing on their victims’ own computers. Cnet, June 30, 2012
Cyber Threat – Online Bank Fraud
The latest in cybercrime? Fully automated bank heists: Cybercriminals are trying something new at the bank: fully automated online heists. The Christian Science Monitor, June 29, 2012
Cyber Threat – Availability in the Cloud
(Real) Storm Crushes Amazon Cloud, Knocks out Netflix, Pinterest, Instagram: Can Amazon handle its fast-growing cloud? Hurricane-like storms knocked an Amazon data enter in Ashburn, Virginia, offline last night, and a chunk of the Internet felt it. The six-hour incident temporarily cut off a number of popular internet services, including Netflix, Pinterest, Heroku, and Instagram. Wired, June 30, 2012
Cyber Security Management
ISACA Issues COBIT 5 for Information Security: In the past year, close to one in four (22%) enterprises has experienced a security breach and 21% have faced mobile device security issues, according to a global survey of more than 3,700 IT professionals who are members of ISACA. In the next 12 months, data leaks and employee-related issues top the list of hot-button IT issues most likely to challenge an organization’s network security. The Wall Street Journal, June 25, 2012
Securing the Village
Cybercrime disclosures rare despite new SEC rule: WASHINGTON — Hackers broke into computers at hotel giant Wyndham Worldwide Corp. three times in two years and stole credit card information belonging to hundreds of thousands of customers. Wyndham didn’t report the break-in in corporate filings even though the Securities and Exchange Commission wants companies to inform investors of cybercrimes. MSNBC, June 29, 2012
National Cyber Security
A Weapon We Can’t Control: THE decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush’s presidency marked a significant and dangerous turning point in the gradual militarization of the Internet. Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory. The New York Times, June 25, 2012
Cyber Lawsuit
Bank Settles With Calif. Cyberheist Victim: A California escrow firm that sued its bank last year after losing nearly $400,000 in a 2010 cyberheist has secured a settlement that covers the loss and the company’s attorneys fees. The settlement is notable because such cases typically favor the banks, and litigating them is often prohibitively expensive for small- to mid-sized businesses victimized by these crimes. KrebsOnSecurity, June 27, 2012
LinkedIn Security Breach Triggers $5 Million Lawsuit: LinkedIn is facing a $5 million class-action lawsuit over its information security practices, in response to an attacker who apparently obtained millions of the social network users’ passwords. InformationWeek, June 20, 2012
FTC Sues Wyndham Hotels Over Data Security Failures: The Federal Trade Commission Tuesday announced that it had filed a suit against global hospitality company Wyndham Worldwide Corporation, as well as three of its subsidiaries. The FTC has accused Wyndham of failing to institute a robust information security program, even in the wake of a major exploit. Ultimately, attackers breached its networks three times in just two years, resulting in the exposure of over 600,000 credit card accounts and $10.6 million in fraudulent credit card charges, the FTC alleged. Information Week, June 27, 2012
Cyber Research
Scientists crack RSA SecurID 800 tokens, steal cryptographic keys: Scientists have devised an attack that takes only minutes to steal the sensitive cryptographic keys stored on a raft of hardened security devices that corporations and government organizations use to access networks, encrypt hard drives, and digitally sign e-mails. ars technica, June 25, 2012
Cyber Education
Brigham Young University earns elite distinction for teaching cybersecurity: When the nation’s ultimate collector and protector of classified information is impressed by a university’s cybersecurity curriculum, it’s no secret. The National Security Agency and the Department of Homeland Security have designated Brigham Young University as a National Center for Academic Excellence in Information Assurance Education, a distinction reserved for schools that excel in teaching how to protect networks and computer systems. The Salt Lake Tribune, June 29, 2012
Cyber Career
How to Break Into Security, Ptacek Edition: At least once a month, sometimes more, readers write in to ask how they can break into the field of computer security. Some of the emails are from people in jobs that have nothing to do with security, but who are fascinated enough by the field to contemplate a career change. Others are already in an information technology position but are itching to segue into security. I always respond with my own set of stock answers, but each time I do this, I can’t help but feel my advice is incomplete, or at least not terribly well-rounded. KrebsOnSecurity, June 25, 2012
Cyber Sunshine
F.B.I. Says 24 Are Arrested in Credit Card Theft Plan: For hackers in search of information like credit card numbers and software to spy on computers, the site called Carder Profit appeared to be a veritable eBay for thieves. The New York Times June 27, 2012
Lulzsec hackers plead guilty at London court: LONDON – Two British members of the notorious Lulz Security hacking collective pleaded guilty to a slew of computer crimes Monday, the latest blow against online troublemakers whose exploits have grabbed headlines and embarrassed governments around the world. Fox News, June 25, 2012
Cyber Chutzpah
Facebook’s Lame Attempt To Force Its Email Service On You: You may or may not realize that you have a Facebook email address. It’s an @facebook.com address you can use to correspond with people on external email accounts from your Facebook inbox. Though it was called a “Gmail killer” when it first came out in 2010, it seems instead to have been D.O.A. As far as I can tell, no one really uses it. No one seems to want the Facebook inbox to be their main email account (with good reason). Facebook is trying to change that with a new little nudge. On your profile page, Facebook has taken the liberty of making your Facebook email your default contact address. Forbes, June 25, 2012
