-
See the Archives
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- February 2009
-
Filter by Category
- Business at risk
- Citadel in the news
- Citadel Information Security Guides
- Citadel: Guide to Blog
- Citadel: Thinking about Security
- Cloud Security
- Combatting Cybercrime
- Consumers at risk
- Cost of Cybercrime
- Cost of Piracy
- Credit card fraud
- Culture Change
- cyber security learning community
- Cyber Security Management
- Cyber War
- events
- Financial systems security
- Future of Cyberspace
- Healthcare
- Identity theft
- Information at Risk
- Insurance
- Internet badlands
- ISSA-LA
- Law Firms
- Legal
- Miscellany
- mobile banking
- mobile internet
- Mobile Security
- national security
- Not-for-Profit
- Online Privacy
- OWASP
- Privacy Matters
- Ray of Sunshine
- School security
- Security Alert: Vulnerability Management
- Security management
- Security Research
- Security Surveys
- Social Engineering
- Social networks
- Virtual Currency
- Vulnerability and Patch Report
Cyber Security News of the Week, July 29, 2012
Cyber Security Management
Security awareness can be the most cost-effective security measure: ISSA International President Ira Winkler makes the case for the importance of security awareness training in his response to a recent CSO article questioning the value of such programs. CSO Security Leadership, July 25, 2012.
Users Remain Mostly Oblivious to Spear Phishing: A new survey shows that 50 percent of employees think that their company has been the victim of a targeted attack. Security firm Proofpoint found in its survey that these targeted attacks continue to be a nuisance, affecting both small and large organizations. ThreatPost, July 19, 2012
Cyber Security Leadership
How Extremely Successful People Sell Their Ideas Internally: Unless you are CEO, or a member of the C-Suite at the very least, you generally can’t convince your organization to create a new structure, but you can persuade it to perhaps attack a given problem from an unusual angle. (“Hey, boss, can we think about this one differently?”) That you can do, especially if what you follow up with is a way to save the organization money, or operate more efficiently. (More on this in a minute.) Forbes, July 22, 2012
Leadership: A short primer on doing the right thing in business: Summary: Learn to become a mensch and embody the qualities of inspired leadership. ZDNet, July 20, 2012
Cyber Threat — Technology
From Black Hat: Hackers Demonstrate a Rising Vulnerability of Smartphones: Hackers can steal photos, text messages, surf the Web and even make phone calls from your smartphone simply with the wave of a hand, researchers at the annual Black Hat security conference in Las Vegas said Wednesday. New York Times, July 26, 2012
Apple removes Windows malware from iOS App Store: On Tuesday, an iOS app in the App Store was discovered containing malicious Windows executable files. While this meant your iPad, iPhone, iPod touch, and Mac could not be infected, even Windows users were relatively safe since the malware had to be manually extracted from the iOS application package. Either way, Apple quickly removed it. ZDNet, July 25, 2012
Cyber Threat — Social Engineering
Malware Tied to Blackhole Exploit Kit Appears as Facebook Tag Alert: If you find some random person says they’ve tagged a Facebook photo with you, think twice before you investigate further. SophosLabs has discovered malware infecting machines by getting users to open a malicious link in a fake Facebook e-mail notification. ThreatPost, July 17, 2012
Cyber Crime
Eight Million Email Addresses And Passwords Spilled From Gaming Site Gamigo Months After Hacker Breach: Call it a slow leak. Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users’ credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList. The half-gigabyte collection of stolen user data was posted to the password-cracking forum Inside Pro earlier this month, where it remained online until late last week. Forbes, July 23, 2012
Cyber Hacktivists
Hackers steal customer data to prove risk of retention proposal: HACKERS have stolen customer data from the internet company AAPT to highlight the dangers of a proposal to force telcos to store every Australian’s web history for up to two years. ITPro, July 27, 2012
Dahabshiil denies Anonymous behind cyber-attack: Anonymous has reiterated that they were responsible for the cyber attacks on the Dahabshiil bank in the Middle East. The hackers accused the bank of funding terrorism and said it had two months to publicly confess or expect “global internet destruction”. News.com.au, July 25, 2012
Anonymous hackers cripple Aussie government websites: INTERNATIONAL hacking group Anonymous took at least 10 Australian government websites offline in a series of escalating attacks over proposed changes to privacy laws. CourierMail, July 25, 2012
Cyber Espionage
Mahdi Malware Makers Push Anti-American Update: Spy malware, seemingly built by Iranians, gets update that searches for “USA” and “gov” on targeted machines, security researcher says at Black Hat. InformationWeek, July 26, 2012
Olympics Cyber Security
London Olympics officials prepare for cyber attacks: Cyber security experts for the Summer Games expect the number of hacking attempts to easily surpass the 12 million a day during the Beijing Olympics four years ago. [Citadel's Stan Stahl quoted extensively] LA Times, July 25, 2012
National Cyber Security
NSA chief: Internet ‘at great risk,’ needs defense system: General Keith Alexander, head of the National Security Agency, addressed an audience at the Defcon hacking conference in Las Vegas Friday, saying the Internet needed fundamental defenses against foreign incursion. MSNBC, July 28, 2012
Senators Force Weaker Safeguards Against Cyberattacks: WASHINGTON — Despite warnings of a potentially crippling cyberattack, a group of lawmakers led by Senator John McCain has successfully weakened bipartisan legislation that the Obama administration said was crucial to protecting computer systems responsible for operating the nation’s critical infrastructure. New York Times, July 27, 2012
America’s Failing Grade on Cyber Attack Readiness: The man in charge of America’s cyber operations said that on a scale of one to 10, the nation’s preparedness to deal with a major cyber attack on critical infrastructure sits at a dismal three. ABC News, July 27, 2012
Senate advances bill to bolster cybersecurity defenses in 84-11 vote: The Senate agreed on Thursday to move forward with Sen. Joe Lieberman’s (I-Conn.) cybersecurity bill after months of contentious negotiations. The Hill, July 26, 2012
Cyber Sunshine
Russian held over botnet attack on Amazon.com: A Russian man believed to have launched denial-of-service attacks against Amazon.com has been arrested in Cyprus, where he faces extradition to the US. ZDNet, July 20, 2012
