|
Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.
Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.
Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.
iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.
Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
Cyber czar not needed, Republican Collins says - 11.3.2009
The top Republican on the Senate homeland security committee is opposed to the appointment of a cyber coordinator or "cyber czar" in the White House, saying cybersecurity should be rooted in the Department of Homeland Security.
US-CERT warns of BlackBerry PhoneSnoop spyware application - 10.28.2009
A free BlackBerry smartphone application created by a security researcher installs spyware on the phone for listening to calls, the U.S. Computer Emergency Readiness Team warned Tuesday.
Defense department looking at flash drive, social networking security - 10.27.2009
The Department of Defense may partially lift a ban on USB flash drives, which had been abolished in November 2008 because of worms and viruses spreading across defense networks from infected USB thumb drives.
Microsoft's Ballmer talks Sidekick, data security, SharePoint - 10.20.2009
It's a big month for Microsoft, which is releasing its hugely marketed Windows 7 operating system this week after earlier this month plugging security holes in Windows 7 in the biggest Patch Tuesday ever, while a server crash short-circuited Sidekick user data.
Botnets proliferate, making DDoS attacks cheaper - 10.16.2009
Network security researchers tracking online criminal activity say the underground marketplace for networks of hacked computers - botnets - has become so crowded in recent years that renting a botnet to launch attacks is becoming cheaper.
UFO hacker McKinnon still fighting extradition to U.S. - 10.9.2009
Gary McKinnon, a British man accused of hacking into the computer systems of the U.S. military and NASA, has lost another legal battle fighting his extradition to the U.S. to face criminal charges.
White House declares October national cybersecurity awareness month - 10.5.2009
In light of growing threats to national security from cyber terrorists and criminal organizations, the Obama administration has declared October as National Cybersecurity Awareness Month, drawing attention to internet security threats such as malware.
Proceeds from network security course will go to charity - 9.25.2009
Offensive Security, an IT security firm, will offer a free online information security training course, with the proceeds from its optional pay content going to help children in East Africa.
Two-factor security can't keep all hackers at bay - 9.22.2009
Advanced online security measures adopted by banks, including passwords that change every minute, are just one more hurdle for professional hackers to overcome, warn security experts.
Bahama botnet eating up ad budgets - 9.21.2009
Sophisticated scammers are using a group of malware-infected computers to distort search traffic and influence advertising budgets.
Microsoft ending security support for Windows Server 2000 - 9.17.2009
Microsoft announced that it is ending extended support for Windows 2000 Server on July 13, 2010 and Windows Server 2003 and it is downgrading mainstream support to extended support for Windows Server 2003 R2.
Employees have high fail rate at detecting phishing scams - 9.14.2009
Some companies hire outside IT security firms to conduct social engineering tests on their employees' response to phishing emails and other scams. The results are not very encouraging for corporate network security.
FCC creates cybersecurity working group - 9.9.2009
The Federal Communications Commission (FCC) should play a crucial role in protecting the nation's communications networks from cyberattacks, according to a report released by FCC Chairman Julius Genachowski.
Microsoft 'Patch Tuesday' brings five critical security fixes - 9.8.2009
Microsoft will issue security patches for five critical software flaws affecting Windows for its monthly patch release Tuesday. The company said a vulnerability in Internet Information Services (IIS) is under limited attacks, but it may not have a patch for the web server flaw.
Microsoft security update: 'Limited' IIS server cyberattacks spotted - 9.4.2009
Microsoft has updated a security bulletin about a flaw in older versions of Internet Information Services (IIS) due to "limited" attacks on the vulnerability occurring in the wild.
Researchers crack WPA Wi-Fi encryption in 60 seconds - 8.28.2009
Two Japanese researchers have found a way to break the encryption of data sent over Wi-Fi Protected Access (WPA), a security protocol for transmitting information via 802.11 wireless LAN, in about 60 seconds.
Cisco wireless LAN access points vulnerable to hacker attack - 8.25.2009
Security researchers at AirMagnet have uncovered a security flaw in Cisco's wireless LAN infrastructure that could allow a hacker to hijack a wireless access point to gain access to a customer's network.
Hacker in Heartland data breach a 'fall guy' for Russians? - 8.24.2009
IT security experts are suggesting that 28-year-old Albert Gonzales, who was indicted last week for involvement in the massive data breach of Heartland Payment Systems, may just be a fall guy for more expert hackers who have escaped justice in Russia.
Web filtering censorware takes a hit in China, Tennessee - 8.17.2009
Charges of political censorship appear to have undermined the plan of Chinese authorities to require packaging of web filtering software called Green Dam Youth Escort on all PCs sold in the country.
Russian mobsters tied to DDoS cyberattacks on Georgia - 8.17.2009
Cyberattacks that shut down Georgian government and media websites during a brief war with Russia last August were launched by civilians and criminal gangs, who were tipped off about the impending Russian invasion of the South Ossetia region, according to a technical analysis.
Microsoft patches include fixes for ATL, ActiveX flaws - 8.12.2009
For Microsoft's monthly release of security patches, the company issued nine bulletins Tuesday, six of which are rated critical. The company pointed out patches for critical flaws in the Active Template Library (ATL) and Video ActiveX Control.
Cybersecurity official Kwon resigns from US-CERT - 8.10.2009
Mischel Kwon, director of the U.S. Computer Emergency Response Team (US-CERT), a cybersecurity agency within the Department of Homeland Security, has submitted her resignation.
Georgian blogger 'Cyxymu' target of DDoS attacks - 8.10.2009
The distributed denial-of-service attacks (DDoS) targeting Twitter, Facebook and other websites on Thursday were directed by Russian hackers at a Georgian blogger with the nickname Cyxymu, according to reports.
Acting U.S. cybersecurity czar Hathaway resigns - 8.4.2009
Melissa Hathaway, the top White House cybersecurity official and a holdover from the Bush administration, announced yesterday that she was resigning for personal reasons.
UK hacker McKinnon loses extradition appeal - 7.31.2009
British national Gary McKinnon, accused of hacking the computer networks of the U.S. military and NASA in 2001 and 2002, lost an appeal fighting his extradition to the United States.
SMBs often forego basic web security measures - 7.29.2009
IT security at small and medium-sized businesses (SMBs) is woefully inadequate, with many SMBs reporting they have no spam filtering or firewall protections in place, according a new study.
Microsoft unveils anti-malware tools at Black Hat - 7.28.2009
Microsoft made a splash Monday at the Black Hat USA 2009 conference, introducing new web security tools and guidance designed to help security professionals better manage online threats from malware.
U.S. cybersecurity effort understaffed, is cyber czar appointment imminent? - 7.23.2009
Federal cybersecurity initiatives are hampered by a shortage of skilled IT personnel, as well as a lack of leadership, planning and coordination among agencies, according to a new report. Meanwhile, several reports indicate President Obama may be ready to name a "cyber czar" in the near-term.
Black Hat cybersecurity convo to reveal plenty of hacks - 7.22.2009
This year's highly-anticipated gathering of web security researchers and ethical hackers, Black Hat USA 2009, kicks off this weekend in Las Vegas. Researchers will present evidence of newly discovered web vulnerabilities and discuss the implications of the underground cybercrime economy and globalized threats for cybersecurity.
DDoS attacks require global response, Gillibrand says - 7.16.2009
Citing the recent wave of distributed denial-of-service (DDoS) attacks on U.S. and South Korean government sites, Senator Kirsten Gillibrand of New York has proposed legislation to bolster U.S. efforts to work with foreign governments on cybersecurity.
Korean hackers, MyDoom worm suspected in DDoS attacks - 7.8.2009
Government websites in the U.S. and South Korea were hit by a major cyberattack beginning on July 4, which intelligence officials believe were launched by hackers sympathetic to the authoritarian regime in North Korea.
Goldman Sachs employee arrested for code theft - 7.7.2009
FBI agents on Friday arrested Sergey Aleynikov, a former employee of Goldman Sachs who allegedly stole 32 megabytes of code for a sophisticated automated trading platform and transferred it to a website hosted in Germany.
Hacker planned to use hospital PCs for 'massive' July 4 DDOS - 7.6.2009
Federal authorities last week arrested Jesse William McGraw - a/k/a "GhostExodus" - whom they said posted YouTube videos of himself compromising PCs at a Dallas hospital and urging hackers to join him in a massive DDOS attack on July 4.
CISOs see insiders as greatest 'human threat' to data security - 6.24.2009
The vast majority of chief information security officers surveyed at a CISO summit this month said that insiders are the greatest human threat to data security, while only 18 said they are concerned about threats from external sources such as cybercriminals and corporate spies.
Lawyer for UK national: Extradition for hacking could cause suicide - 6.10.2009
An attorney for a British man indicted for hacking into the U.S. military's computer networks in 2002 told the UK High Court that extradition to the U.S. could result in psychosis and suicide because of his mental illness.
T-Mobile confirms hackers breached servers - 6.9.2009
Unknown hackers claiming to have breached the servers of wireless company T-Mobile are seeking a ransom for the stolen data. T-Mobile confirmed in a statement on Monday that a data breach had occurred.
DHS taps hacker Jeff Moss for cybersecurity advisory role - 6.8.2009
Jeff Moss, founder of the Black Hat and DefCon computer hacker conferences, was among those named to the Department of Homeland Security Advisory Council Friday by secretary Janet Napolitano.
DHS names Philip Reitinger cybersecurity center director - 6.3.2009
U.S. Department of Homeland Security (DHS) secretary Janet Napolitano announced on Monday that Philip Reitinger will take over as the new director of the National Cybersecurity Center (NCSC). The NCSC's last director resigned abruptly earlier this year due to concerns about military control of cybersecurity.
Defense companies ramp up IT security recruiting - 6.1.2009
Defense companies have been accelerating recruitment of IT security experts in order to gain lucrative Pentagon contracts as the federal government attempts to tighten the security of strategic networks.
Turkish 'm0sted' hackers infiltrated U.S. Army servers - 5.29.2009
Turkish hackers calling themselves m0sted were able to break into a U.S. Army server in January and previously hacked a server for the Army Corps of Engineers, according to InformationWeek.
Obama lays out cybersecurity proposals - 5.29.2009
President Obama today proposed expanding coordination of cybersecurity efforts between government and the private sector in developing a strategic response to threats to the nation's computer networks that control critical infrastructure, financial markets and military systems.
Survey: One-fifth of IT managers cheat on security audits - 5.28.2009
A new survey of IT managers and staff has found that 20 percent of IT security pros admit to fudging firewall audits in order to pass.
Cyber Secure Institute calls for health IT security certification - 5.27.2009
A web security advocacy group has issued a call for better tools against the hacking of private health records, in response to high profile health data breaches at the University of California Berkeley and the Virginia Prescription Monitoring Program.
SaaS vendor using swine flu to scare up sales? - 5.26.2009
In an effort to prove the relevancy of its cloud-based services amid concerns over data security of web-based IT, one company's blog has cited the scare over the H1N1 virus, or swine flu, as a reason to buy its products.
Report: Obama to name cyber czar this week - 5.26.2009
President Obama will name a cyber czar this week, according to an anonymously sourced report in today's Washington Post.
|
