-
See the Archives
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- February 2009
-
Filter by Category
- Business at risk
- Citadel in the news
- Citadel Information Security Guides
- Citadel: Guide to Blog
- Citadel: Thinking about Security
- Cloud Security
- Combatting Cybercrime
- Consumers at risk
- Cost of Cybercrime
- Cost of Piracy
- Credit card fraud
- Culture Change
- cyber security learning community
- Cyber Security Management
- Cyber War
- events
- Financial systems security
- Future of Cyberspace
- Healthcare
- Identity theft
- Information at Risk
- Insurance
- Internet badlands
- ISSA-LA
- Law Firms
- Legal
- Miscellany
- mobile banking
- mobile internet
- Mobile Security
- national security
- Not-for-Profit
- Online Privacy
- OWASP
- Privacy Matters
- Ray of Sunshine
- School security
- Security Alert: Vulnerability Management
- Security management
- Security Research
- Security Surveys
- Social Engineering
- Social networks
- Virtual Currency
- Vulnerability and Patch Report
Cyber Security News of the Week, July 15, 2012
Cyber Crime
Hackers Publish Over 450,000 Emails and Passwords Stolen From Yahoo: A Yahoo representative has confirmed that the data published Thursday was indeed some 450,000 names and passwords for Yahoo and other companies. PCWorld, July 13, 2012
Nvidia confirms hackers swiped up to 400,000 user accounts: Earlier today, Nvidia announced its developer forums were hacked this week and that the following user information was compromised by unauthorized third parties: usernames, e-mail addresses, hashed passwords with random salt value, and public-facing “About Me” profile information. The semiconductor maker has now confirmed that up to 400,000 of its user accounts were swiped by the hackers. ZDNet, July 14, 2012
Cyber Threat
Plesk 0Day For Sale As Thousands of Sites Hacked: Hackers in the criminal underground are selling an exploit that extracts the master password needed to control Parallels’ Plesk Panel, a software suite used to remotely administer hosted servers at a large number of Internet hosting firms. The attack comes amid reports from multiple sources indicating a spike in Web site compromises that appear to trace back to Plesk installations. KrebsOnSecurity, July 12, 2012
Homeland Security warns of hackers targeting popular Niagara software: The Department of Homeland Security on Friday warned that a popular system used by organizations around the world to manage millions of machines and devices over the Internet is vulnerable to attack from hackers. The Washington Post, July 13, 2012
Cyber Threat – Online Bank Fraud
EU to Banks: Assume All PCs Are Infected: An agency of the European Union created to improve network and data security is offering some blunt, timely and refreshing advice for financial institutions as they try to secure the online banking channel: “Assume all PCs are infected.” KrebsOnSecurity, July 12, 2012
Cyber Vulnerability
How Hackers Can Steal A BMW In Under 3 Minutes: As technology is increasingly being used to protect cars, the bad guys are using it to relieve us of our fine four fendered friends. Forbes, July 9, 2012
Cyber Security Management
Microsoft Patches Zero-Day Bug & 15 Other Flaws: Microsoft today issued a security patch to fix a zero-day vulnerability in Windows that hackers have been exploiting to break into vulnerable systems. The company also addressed at least 15 other flaws in its software, and urged customers to quit using the desktop Sidebar and Gadget capabilities offered in Windows 7 and Windows Vista. KrebsOnSecurity, July 10, 2012
Microsoft Security Advisory — Disable Sidebar & Gadgets: Microsoft is warning users that a vulnerability in Sidebar can be exploited to give a cyber attacker full control of a user’s computer. Sidebar and Gadgets may be disabled during normal Patch Tuesday update. Users can ensure they are disabled by clicking on the Fix it button from Microsoft’s Support 2719662.
Cyber Security Management — Online Bank Security
FFIEC Issues Guidelines for Outsourced Cloud Computing: The Federal Financial Institution Examination Council Agencies consider cloud computing to be another form of outsourcing with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing. This paper addresses the key risks of outsourced cloud computing identified in existing guidance. The Federal Financial Institution Examination Council
National Cyber Security
Future Homeland Security Threats Comprise Smaller Groups, Cybersecurity Vulnerabilities, Experts Say: Future security threats to the United States will come from small but agile groups that may look increasingly to cyberattacks as a means of harming larger targets, a panel of counterterrorism experts told a Senate hearing Wednesday. HSToday, July 12, 2012
Cyber Law – Online Bank Fraud
Bank Sues Customer Over ACH/Wire Fraud: In another legal wrangling over liability linked to ACH and wire fraud, a bank is taking action against a former commercial customer, claiming the customer, not the bank, is liable for losses and damages, as well as legal costs. BankInfoSecurity, July 12, 2012
Inside the PATCO Fraud Ruling: One cannot overstate the significance of a federal appeals court’s recent decision favoring PATCO Construction Inc. over the former Ocean Bank in a dispute resulting from ACH/wire fraud. BankInfoSecurity, July 9, 2012
Cyber Error
Symantec anti-virus update makes some PCs inoperable: BOSTON (Reuters) – A bug in an update of Symantec Corp’s anti-virus software caused some Windows PCs to crash late this week, making machines inoperable until they were serviced in an embarrassing episode that angered some customers. Chicago Tribune, July 13, 2012
Cyber Career
How to Break Into Security, Grossman Edition: I recently began publishing a series of advice columns for people who are interested in learning more about security as a craft or profession. For the third installment in this series, I interviewed Jeremiah Grossman, chief technology officer of WhiteHat Security, a Web application security firm. KrebsOnSecurity, July 9, 2012
