Archive: 2013

Considering a Master’s Degree Program? Look to the SANS Technology Institute for a Fully Accredited Program Focused Solely on Cybersecurity

If you are an IT security professional and you’ve been thinking about going back to school to earn a master’s degree, the SANS Technology Institute (STI) master degree program might now be a more attractive choice for you. The graduate institution is now fully accredited by The Middle States Commission of Higher Education, an...

Read more

Two DDoS Attackers are Given 5 Year Jail Terms for Blackmail, Unauthorized Impairment of Computers

Polish computer programmers Patryk Surmacki and Piotr Smirnow were recently sentenced to 5 years and 4 months in jail for perpetrating a blackmail scheme that also involved the use of a DDoS attack as intimidation. Prior to sentencing, the pair plead guilty to blackmail and they admitted to conspiracy to access, use and impair computers without...

Read more

Take the SANS Institute’s Holiday Hacking Challenge: It’s a Hackerful Life

The long holiday season is here, and if you’re one of the lucky ones, you probably have a few days off from the grind you call work. When you’ve had enough of your kids’ over excitement and your relatives’ overstaying their welcome, why not steal away by yourself for a few hours and work on the SANS Institute’s 10th...

Read more

Guilty Pleas for 13 People Involved in a PayPal DDoS Attack, and a (Strange) Call for Leniency from the Founder of PayPal’s Parent Company

On December 6, thirteen defendants pleaded guilty in U.S. federal court to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group Anonymous. In pleading guilty, the defendants admitted to carrying out a Distributed Denial of Service (DDoS) attack against PayPal in December 2010. Ten of the...

Read more

Tech Titans Want Governments to Reform Their Data Surveillance Practices

The data titans of Silicon Valley have said, “Enough is enough!” A coalition of the world’s leading tech companies is asking for the U.S. and other national governments to put a stop to unfettered data collection and surveillance and other practices that inhibit the free movement of lawful data around the globe. The principal...

Read more

Attack of the Month Video Blog Series: Pre-Attack Recon Scans

I'm pleased to introduce myself to the Security Bistro community and hope that you welcome this video blog with open arms. The Corero Network Security team and I are excited to introduce a reoccurring  monthly video post that aims to dissect and analyze the various cyber attack types that are infiltrating network environments across the...

Read more

Consumer Electronics Manufacturer LG Has a Reprehensible Privacy Policy

I came across a blog post the other day that really angers me. British IT consultant Jason Huntley wrote the detailed article LG Smart TVs logging USB filenames and viewing info to LG servers in mid November. He outlines how he discovered that his LG brand smart TV was collecting private data about his viewing habits and using it to serve...

Read more

Malware as Performance Art? OpenDNS Shows the Dangerous “Dance” of Cryptolocker

By now practically every information security professional and thousands of unfortunate victims are aware of CryptoLocker, the dangerous malware that encrypts all of a victim’s files and holds them for ransom. Security experts say it’s relatively easy to remove the malware itself but the damage is done when entire file systems cannot...

Read more

Finally, a Detailed Set of Cybersecurity Guidelines for SMBs (But Enterprises Can Use Them Too)

Small and medium businesses (SMBs) often don’t pay enough attention to cybersecurity, but they are no less vulnerable than their enterprise counterparts are to data breaches and attacks. In fact, attackers might consider SMBs to be an easier path into larger enterprises that are the real target. In his blog post “Are Small Business...

Read more

The National Computer Forensics Institute Trains U.S. Law Enforcement Professionals on Digital Evidence

In 2011, young mother Casey Anthony went on trial for the murder of her two year old daughter Caylee. You may recall some of the lurid details from the case. In June 2008, the mother reported her child as missing. Caylee’s skeletal remains were found by a utility worker in December 2008. Prosecutors felt they had enough evidence to charge...

Read more

Nobody Reads Terms and Conditions, Do They? Pay Attention To What You Agree To!

Recently I needed to download some software to my PC and, being the security-conscious person that I am, I made an attempt to read the software provider’s terms and conditions (T’s & C’s). I’ll admit that I got just so far in really reading the script. Then I started skimming the words, and then skipping entire...

Read more

A Lesson in Social Engineering: How a “Security-aware” Organization Was Completely Duped

There is a must-read article published IDG News Service and posted to Network World. (See Fake social media ID duped security-aware IT guys.) This is the story of how security experts conducting penetration tests of an unnamed European organization used a very convincing but very fake social media persona to infiltrate the targeted organization....

Read more

Official Memo Says the Lack of End-To-End Testing Poses “A High Risk” for the Federal Healthcare Exchange

In an earlier post, I speculated that the systems behind the healthcare exchange marketplace known as the Federally Facilitated Marketplace (FFM) and hosted on Healthcare.gov were not tested end-to-end and could not be trusted to ensure data security and privacy. My speculation a few days ago is now totally confirmed by the people in...

Read more

What’s the Word From Healthcare.gov? “Trust Us With Your Most Sensitive Data.”

Healthcare.gov, the website for the Affordable Care Act, has been in the news a lot this month. Ever since it was launched to the public on October 1, it has been riddled with performance problems. Administration officials have stated that the issues stem from the sheer complexity of a system that is being asked to do so much. I’m not...

Read more

Gartner VP Confirms DDoS Attacks Were Used as Smoke Screens to Hide Financial Fraud

In an article posted on BankInfoSecurity.com, Gartner Research vice president Avivah Litan confirms that some of the DDoS attacks that have rippled through the banking industry over the past year have been a cover-up for fraud. While bank cyber security personnel were distracted in combating the denial of service attacks, hackers were busy...

Read more

There’s a Bidding War For People With Good Cyber Security Skills

If you are a cyber security expert – or you are on your way to becoming one – you’d better stock up on Ray-Bans. Your future is so bright, you’re going to need them. According to an article published by NBC News, there is a global shortage of skilled cyber security professionals.     The...

Read more

The Global Industrial Cyber Security Professional Certification (GICSP) is Launching in November

There’s an important new cyber security certification coming to market at the end of November. I recently talked to Mike Assante of SANS Institute and Scott Cassity of Global Information Assurance Certification (GIAC) to get the details because I think there will be tremendous interest worldwide in this certification and the associated...

Read more

New Windows 8.1 Security Improvements Help Protect Against Pass the Hash Attacks

This National Cyber Security Awareness month, we’d like to congratulate and thank Microsoft on their efforts to block Pass the Hash cyber-attacks. Known by Microsoft as “one of the most popular types of credential theft and reuse attacks,” Pass the Hash attacks are known for their ability to infiltrate full networks within...

Read more

National Cybersecurity Awareness Month: The Government Agency Behind it Can’t Participate at This Time

Oh, the irony. I don’t know whether to laugh or cry. October is National Cybersecurity Awareness Month. This is the month that the U.S. federal government wants us all to take responsibility for cyber security. Public companies, private companies, individual consumers, government agencies, institutions of every ilk, hardware and software...

Read more

Cyber criminals increasingly use advanced methods to implement attack vectors

European Union Agency for Network and Information Security (ENSIA) recently launched their Mid-Year 2013 Threat Landscape report, a sneak peek into what’s to come in the full ENISA Threat Landscape report to be published before the end of 2013. The brief summary gives readers a bit of insight into the changes in trends since the 2012...

Read more

PCI-DSS 3.0: Will it Successfully Address Compliant Insecurity?

I and many others have been saying for a long time that being compliant with a regulation or industry mandate does not make a computing environment secure. There are numerous reasons this is true, ranging from “the check list approach” to “not understanding the actual intent of specific compliance controls.”  This is...

Read more

Collateral Damage From the NSA Spying Debacle: Trust in U.S. IT Companies is Shattered

There’s an old proverb that goes something like this: Crap rolls downhill. (Well, the proverb uses an even more crude slang word instead of “crap,” but I’m trying to be polite here.) I think this proverb aptly applies to the fallout from Edward Snowden revealing secret details of government mass surveillance programs...

Read more

Lessons Learned From the Banking Industry DDoS Attacks: Good Advice Worth Heeding

Now that the banking industry has gone through four rounds of very public DDoS attacks, experts are looking at what happened to extract some “lessons learned” to turn this negative into a positive. Even if your business isn’t a financial institution, there’s good advice here that’s certainly worth...

Read more

Store Systems Security: Preparing for the Retail System and Security Paradigm Shift

I was in an Office Depot the other day. There was one person in line at the checkout counter and another customer approaching the line. Then a sales clerk intercepted the person heading toward the line and said, “I can help you right here, sir.” The clerk had a mobile device in her hands. She swiped the customer’s credit card,...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 2

In my previous article I outlined the first element of the three-pronged approach to eliminating phishing emails. This involves email service providers screening and rejecting spoofed emails based on explicit policies specified by legitimate email domains. About 85% of all ESPs already observe these policies when they are provided, so now the...

Read more

A Three-pronged Approach to Eliminating Phishing Emails, part 1

According to the Verizon 2012 Data Breach Investigations Report, more than 95% of the breaches Verizon investigated in recent years started with a phishing email. You know how it goes. A worker receives an email that looks perfectly legitimate. Maybe it appears to come from his bank, or from a shipping company he does business with. There’s...

Read more

Sophisticated Attackers Combine E-mails With Phone Calls

Security vendor Symantec has given fresh details of a series of sophisticated cyber attacks targeting mainly French companies in which the criminals combine e-mail with voice calls to steal money. “These tactics, using an email followed up by a phone call using perfect French, are highly unusual and are a sign of aggressive social...

Read more

Here we go again. Another stolen laptop puts patient information at risk

It happened again—another doctor’s office, another stolen laptop laden with patient records. The Houston Chronicle is reporting that a laptop computer containing unencrypted information pertaining to nearly 600 patients has been stolen from the University of Texas Health Science Center at Houston. Sigh. When will they ever...

Read more

A new generation of IT security solutions for an evolving threat landscape

I recently had a chat with Manish Gupta, senior vice president of products at security vendor FireEye. Gupta described how the IT threat landscape has changed dramatically over the last three or four years, and how this has rendered legacy security solutions rather weak. This means that a new generation of IT security solutions has to be developed...

Read more

Chrome Has a Better Bug Catcher Than Mozilla

A study comparing two leading vulnerability rewards programs (VRPs) has found that the one offered by Google Chrome is working better than that run by Mozilla. The study, by Matthew Finifter, Devdatta Akhawe and David Wagner of the University of California, Berkeley, was presented this month at the USENIX Security Symposium in Washington,...

Read more

A must-read report for everyone involved in software development: “The State of Application Security"

If you have any role at all regarding security in the application development process – especially a leadership role that oversees development – you simply must read a new report by the Ponemon Institute and the application security company Security Innovation. You’ll find “The State of Application Security” here....

Read more

“Jekyll App” Beats IOS Security Measures

Researchers at Georgia Institute of Technology say they have developed what they call a “Jekyll app” for iOS devices that bypasses Apple’s security measures and can be used for a range of malicious purposes from sending tweets and dialing numbers to operating the camera. In a paper presented this month at the USENIX...

Read more

Google Encrypts All Data In Cloud Storage

Google Cloud Platform announced this week that it is now automatically encrypting all data before it is written to disk – but many users were skeptical about the security advantages. Dave Barth, Google Cloud product manager, said in a blog post the goal was to make it as painless as possible for users to secure their...

Read more

Dalai Lama’s Website Hacked

The Chinese-language website of Tibet’s exiled leader, the Dalai Lama, has been compromised in a “precisely targeted” watering-hole attack, a Kaspersky Labs researcher reported. Senior security researcher Kurt Baumgartner described the attack in his blog. “A snippet of code on the Central Tibetan Administration...

Read more

Gartner Sees Security Opportunity in Expanding Mobile Market

The proliferation of mobile devices is opening new opportunities for security vendors, but innovative approaches to the market are needed, Gartner Inc says in a new report. Ruggero Contu, research director at Gartner, says one of the challenges facing vendors is that consumer adoption and willingness to pay for antivirus software on mobile...

Read more

Lavabit, Silent Mail Close Down

Two secure e-mail services, Lavabit and Silent Mail, were closed down this week in what many observers called fall-out from the Edward Snowden leaks about NSA spying on communications. “I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard...

Read more

Thinking About How to Secure the Internet of Things (IoT)

Michael Cooney of Network World published a semi-silly article about malware affecting smart toilets that run the Android operating system. (See Just when you thought it was safe to go to the bathroom – toilet malware strikes.) The article reports that TrustWave SpiderLads issued a security bulletin to warn users of the...

Read more

Windows 8.1 Upgrades Security Measures

Software giant Microsoft has unveiled the new security measures in Windows 8.1, including fingerprint biometrics, multifactor authentication for BYODs and enhanced malware resistance. Dustin Ingalls, Group Program Manager for Windows Security & Identity, in a blog this week, listed the major features as trusted hardware, modern access...

Read more

Industrial Plants Can Be Disrupted With a Remote

The wireless control systems used at many major infrastructure facilities have vulnerabilities which could allow a hacker with a radio frequency (RF) transceiver to close down a plant from up to 40 miles away; two security researchers told the Black Hat convention in Las Vegas. Lucas Apa and Carlos Mario Penagos Hollman of IOActive said in a...

Read more

Don’t Believe Everything You Read

Lies, damned lies, and statistics – it’s a phrase that has been attributed to Mark Twain and former British Prime Minister Benjamin Disraeli, among others. Whoever it was that said it first, he could have been talking about vulnerability statistics. This is the view of two researches who presented their case this week at the Black...

Read more

Android Master Key Malware Surfaces in China

The first known malware to exploit the Android master key vulnerability described by BlueBox Security has been found in an application market based in China, a McAfee researcher reported this week. Mobile malware researcher Daisuke Nakajima said the app used the vulnerability to hide the malicious classes.dex from Android’s package...

Read more

Stock Exchanges Fear Cyber Threat is Growing

Researchers working in the securities sector have warned that stock exchanges around the world have become the targets of cyber-criminals and that the potential exists for attacks that would close down financial markets. The warning was made in a report issued this month (July 2013) by the International Organization of Securities Commissions...

Read more

I Spy With My Little Eye…A Scam!

If someone offered you the opportunity to secretly read your friends’ instant messages without being detected, would you want to do that? You could spy on your significant other, or your friends and coworkers—and no one would be the wiser. All you have to do is go to a discreet website and provide your cell phone number so you can...

Read more

What To Do When Ransomware Holds a PC Hostage

In my previous post, I talked about ransomware locking a user out from his PC. This article is geared toward the IT professional who may be called upon to attempt to unlock the PC and clean up the mess the malware leaves behind. For the advice below, I consulted with John Harrison, Group Manager at Symantec Security Response. His team is in the...

Read more

Your Computer Has Been Locked! Pay Money Now if You Ever Want to Use Your PC Again!

Recently I got a phone call from a friend who told me her PC had popped up a big bold warning message that told her that a virus had been detected on her computer. She couldn't get the message to clear off of her PC—the computer seemed to be frozen. The message said that she could pay $39 to load software that would completely remove the...

Read more

FBI Ransomware Could Be Generating Big Income

A new type of ransomeware that tries to fool victims using Macs or Windows into paying fines of $300 could be making its authors hundreds of thousands of dollars a day, according to a senior security researcher at Malwarebytes. Jerome Segura wrote in a blog that the scam displays a message purportedly from the FBI telling the user that his or...

Read more

Privacy Double Standard: You Can Track Online But Not On Foot

There’s an article in the New York Times about how retail stores are increasingly using technology to track customers’ movements and interests when they are physically in the stores. (Check out the article’s video to see some of this technology in action.) Stores use Wi-Fi signals from customers’ mobile phones to track...

Read more

Study Finds “Surprises” in Browser Warning Effectiveness

Computer users generally take note of browser warnings about unsafe websites, but up to 70 percent of Google Chrome’s SSL (secure socket layer) warnings fail to dissuade users from visiting a site, according to a recent study. The research on Chrome and Mozilla Firefox was conducted in May and June this year by Devdatta Akhawe of the...

Read more

Data encryption in the cloud is not enough to keep the feds from eying your data if they want to

The New York Times reported that Microsoft has collaborated with the National Security Agency (NSA)more extensively than it previously acknowledged. According to classified internal NSA newsletters that were disclosed by the former NSA contractor Edward Snowden, Microsoft has helped the NSA find ways to circumvent its encryption on its Outlook.com...

Read more

EDA Overreacts to Malware Scare

The Economic Development Administration (EDA) in Washington, D.C. physically destroyed computers and other IT equipment worth $170,000 in a comedy of errors sparked by a relatively harmless malware incident, according to an audit report. The report by the inspector general’s office in the Department of Commerce, released late last month,...

Read more

Def Con Asks Feds to Stay Away

In further fall-out from the Edward Snowden spying revelations, the organizers of the hacker's convention Def Con this week asked officials of the federal government to stay away from the event. In a post on the Def Con website, the founder of the event Jeff Moss said: “When it comes to sharing and socializing with feds, recent...

Read more

Don’t Write Your BYOD Policy from Scratch – Check Out These Samples to Jumpstart Your Own Policy

Whether or not your organization allows employees to use their personally owned devices to access corporate resources, you need to have a written policy that covers the acceptable use of mobile devices. This policy should clearly communicate to all employees what is, and is not, acceptable use of their smartphones, tablets and other mobile devices...

Read more

McAfee Says South Korea Is Cyber Espionage Target

The cyber attack on South Korean banks and media outlets in March was part of a wider four-year military espionage operation against the Seoul government, McAfee Labs said this week. In an analysis of a series of hacking attacks on South Korea since 2009, the security software company said the attackers used a remote-access Trojan to compromise...

Read more

Are You a Tim McGee Wannabe? Check Out the New Certified Cyber Forensics Professional Certification

If you’ve ever watched the TV show NCIS and thought how cool it would be to have a job like Tim McGee, the cyber forensics scientist, then I have good news for you. The International Information Systems Security Certification Consortium, Inc., (ISC) ², has recently announced the availability of a new certification, the Certified...

Read more

Researcher Says Vulnerability Affects Nearly Every Android Phone

Bluebox Security reported this week it had discovered a vulnerability affecting 99 percent of Android cell phones that allows a hacker to do anything from steal data to create a mobile botnet. “The implications are huge,” Bluebox chief technical officer Jeff Forristal said in a blog post “This vulnerability, around at...

Read more

Video Games Maker Says Website Hacked

Ubisoft, the video game developer and distributor, warned clients this week that its website had been hacked and urged all users to change their passwords. In a post on its website, the company said hackers had recently gained access to some of its online systems and stolen user names, e-mail addresses and encrypted passwords. "No...

Read more

Malware Pair Work in Tandem to Evade Removal

Microsoft has identified two separate forms of malware that work together on an infected computer to make it far more difficult to remove them. In a Malware Protection Center blog, Redmond anti-virus researcher Hyun Choi named the malware as Vobfus and Beebone. What makes them particularly troublesome is that they download updated versions...

Read more

Mobile Malware Follows the Money

Mobile malware mushroomed more than six-fold in the year ending in March, and the people behind it are increasingly behaving like calculating business professionals, a study from Juniper Networks says. “Similar to legitimate developers focused on the rise of mobile, cyber criminals are looking to maximize their return on investment with...

Read more

Step-By-Step Instructions to Implement DMARC in Your Organization, Part 2: Deploying the DMARC Record

In my previous article I covered the preliminary tasks that need to be done when you want to implement the DMARC standard to protect your email domain(s). This article gets into the meat of what to do for actual deployment. I’d like to thank Alec Peterson, CTO of Message Systems, for these step-by-step instructions. Remember that list of...

Read more

Step-By-Step Instructions to Implement DMARC in Your Organization, Part 1: Laying the Groundwork

A few weeks ago I wrote about a way to reduce the likelihood of having your company’s email domain abused by phishers. Alec Peterson of Message Systems and Sam Masiello of Groupon provided good information and advice for deploying the Domain-based Messaging, Authentication, Reporting and Conformance (DMARC) standard for your...

Read more

Next on the IT Security Horizon: Security Analytics

John Pescatore recently joined the SANS Institute as the Director of Emerging Security Trends. His entire 30+ year career has focused on IT security, which gives him a pretty interesting perspective on where we’ve been and where we’re headed. I talked to him recently about what’s on the horizon for IT security. Linda: ...

Read more

So, You Wanna Be a Penetration Tester?

Tips for Entering the Penetration Testing Field It’s an exciting time to be a professional penetration tester.  As malicious computer attackers amp up the number and magnitude of their breaches, the information security industry needs an enormous amount of help in proactively finding and resolving vulnerabilities.  Penetration...

Read more

Phishing Increased Nearly 90% Last Year, Kaspersky Says

The number of internet users worldwide reporting phishing attacks increased an astonishing 87 percent in the year ending April 30,  Kaspersky Lab said in a survey report.  It said 37.3 users reported phishing in the period, compared with 19.9 million in the previous 12 months. “For some time, phishing remained relatively...

Read more

Microsoft Launches Bounty Program To Fix Security Flaws

Microsoft this week announced that it would for the first time pay cash rewards directly to hackers who can demonstrate vulnerabilities in Windows and Internet Explorer – with “truly novel” techniques earning a possible $150,000. Katie Moussouris, a senior security strategist at the software giant, said the bounties were a...

Read more

Many WordPress Plugin Developers Don’t Build Tight Security into Their Code, Leaving Millions of Websites Vulnerable to Hacking

A new paradigm has taken root in the word of application development. These days we have a number of application “platforms” that are supported by marketplaces where hundreds or thousands of developers post their apps or plugins for download. Some of the world’s most popular platforms are Apple’s iOS, Google’s...

Read more

US And Russia Launch Cyber Threat ‘Hotline’

The Cold War 24-hour hotline established to prevent accidental nuclear war between the US and the then Soviet Union has been updated to deal with a modern risk – accidental cyber war. The White House, in a release this week, said the new use for the hot line was among the results of two years of talks between Washington and Moscow on...

Read more

NSA Director Defends Surveillance Of Phones, Internet

The director of the National Security Agency, Gen. Keith Alexander, today (Tuesday June 18) defended US spying on phone calls and internet traffic, saying it had prevented some 50 terror attacks around the world In remarks to the House Intelligence Committee, Alexander said: “In recent years, these programs, together with other...

Read more

Moving from Compliance to Risk-Based Security – Part 2

In my previous post, Moving from Compliance to Risk-Based Security - Part 1, I mentioned that I would share my discussions with two security executives who feel strongly about this topic. Both of them participated in the Wisegate CSO peer discussion documented in the report Moving From Compliance to Risk-Based Security. These experts clearly...

Read more

Wall Street To Stage Cyber War Game

As concern mounts over cyber warfare between nations, major Wall Street firms will take part later this month in a simulated network disruption exercise aimed at testing their ability to respond to a widespread attack. The exercise, Quantum Dawn 2, has been organized by the Securities Industry and Financial Markets Association (Sifma) as a...

Read more

The Dark Side Of Covert Clouds

We know it happens all the time – employees want to get something done quickly, so they bypass the bureaucracy of their company’s IT department and with a couple of clicks go straight to the cloud. But by doing so, they greatly increase the risk of exposing the company’s network to malware. A recent survey of IT professionals...

Read more

Google Reports ‘Political’ Phishing Attacks In Iran

Phishing attacks in Iran have spiked dramatically in recent weeks and appear to be related to presidential elections in the country tomorrow (Friday June 14), Google said this week. Eric Grosse, vice president of security engineering, said in a blog post that over the last three weeks the company had detected and disrupted “multiple email-based...

Read more

PRISM Leaker Stirs US-China Cyber Feud

Edward Snowden, the source of the leaks about the US government’s PRISM cyber spying program,  claimed this week that the US has been hacking computers in China for at least four years. Snowden, who is now in hiding in Hong Kong – a Chinese-controlled territory – made the claims in an interview with the Hong Kong...

Read more

Moving from Compliance to Risk-Based Security, Part 1

After 10 years of managing an IT audit function for an international energy company, I had the opportunity to head up their IT Strategy group that was charged with creating Organizational IT Security and Risk profiles and plans. The charge of this function was to annually evaluate organization-wide internal and external risk as it relates to...

Read more

Global Security Technology Market Seen Booming

Gartner analysts this week forecast that the worldwide security technology and services market would grow 8.7 percent this year to $67.2 billion as cyber threats become increasingly sophisticated and dangerous. The analysts, attending a Gartner summit on security and risk management at National Harbour, MD, said the market could grow to more...

Read more

Storm Over PRISM Leaks Widens

The saga of one of the most significant leaks of government information in recent US history has taken a new twist with the decision by the whistleblower – former CIA technical staffer  Edward Snowden – to go public. In an interview carried out in Hong Kong with the UK newspaper The Guardian, Snowden said that after leaving the...

Read more

US Government Angry Over Internet Spying Leaks

Director of National Intelligence  James Clapper has denounced leaks to The Washington Post and Guardian newspapers this week which revealed that his agency is spying on e-mails and other internet traffic obtained from nine major companies. In a statement on Thursday, Clapper confirmed the surveillance was taking place but accused the...

Read more

Microsoft, FBI Claim Success Against Citadel Botnets

Microsoft and the FBI have carried out a major operation against cybercriminals using Citadel malware, saying they disrupted more than 1,000 botnets responsible for about $500 million in financial fraud globally. In separate releases issued on Wednesday (June 5), the software giant and the FBI said they had worked with leaders of the financial...

Read more

McAfee Report Cites Citadel Threat

Cyberspace grew both more dangerous and irritating in the first quarter of the year, according to McAfee Labs’ threat report for the period. In a report issued this week, the tech security company sounded a special warning about the Citadel Trojan, which has been updated to extract personal information from victims. “In the first...

Read more

Apple Users Warned of Charger Security Threat

If you thought your iPhone or iPad was relatively safe from being hacked, think again – researchers at Georgia Institute of Technology say they have found a way to infect them with malware using a simple-to-make USB charger. The researchers – Billy Lau, Yeongjin Jang and Chengyu Song – are due to discuss their...

Read more

Global Security Software Revenue Up 7.9 Percent in 2012

New cyber threats helped to boost global revenue from security software to $19.13 billion last year, a 7.9 percent increase from 2011 revenue of $17.73 billion, according to the IT research company Gartner, Inc. In a release issued this week, Gartner research director Ruggero Contu said the security market experienced increased demand for...

Read more

How Secure Are We At Home?

More and more Americans are installing home automation systems which, among other things, control physical access and security. If the list of topics at next month’s Black Hat conference is anything to go by, we should be getting nervous. Very nervous. At least three presentations at the security conference in Las Vegas will deal...

Read more

Hagel Accuses China of Cyber Attacks

Defense Secretary Chuck Hagel publicly accused the Chinese government and military at the weekend of carrying out cyber attacks and expressed Washington’s determination to work “vigorously” to keep cyberspace safe. The accusation was made in an address on Saturday to the Shangri-La security conference in Singapore, which...

Read more

Music, Light Used to Trigger Malware on Mobiles

Researchers at the University of Alabama at Birmingham say they have developed and tested malware that can be triggered on a smartphone using light, sound, magnetic fields or vibration – posing a critical new cyber-security threat. In a paper released this month at a cyber-security symposium in Hangzhou, China, the researchers said...

Read more

IT Security Professionals Speak Frankly about “Bring Your Own” Devices, Applications, Web Services, Cloud Storage and More

Sometimes the best learning opportunities are when IT security professionals sit around and talk to each other about their challenges, what they’ve tried for their own environments, what works and what doesn’t work. People need to talk to peers outside of their own organization to get a feel for what others are doing. This is the...

Read more

Syrian Hackers Attack Media, Israeli Infrastructure

Anonymous backers of Syrian President Bashar al-Assad have reportedly hacked the Twitter account of British broadcaster ITV and made a failed attempt to sabotage the water supply of Haifa in Israel. The attack on ITV last Friday took place just days after Twitter introduced its new “two-factor” authentication system in an attempt to...

Read more

Is your company vulnerable to a DNS amplification attack? Maybe, but it’s in the hands of your Internet connectivity provider

In the past few weeks, we’ve been hearing more about a type of DDoS attack called a DNS amplification attack. In sending out a general alert about this type of attack, the U.S. Computer Emergency Readiness Team (US-CERT) defined the problem as follows:   The basic attack technique consists of an attacker sending a DNS...

Read more

Small Is Beautiful for Cyber Criminals

Hackers are increasingly targeting small companies for cyber-attack and the amount of malware directed at mobile operating systems is rapidly escalating, according to Symantec’s Internet Security Threat Report for 2012. The report, issued last month, said half of all targeted attacks last year were aimed at businesses with fewer than...

Read more

Commission Calls For ‘Aggressive’ Anti-Hack Laws

A high-level commission into the theft of US intellectual property (IP) has made wide-reaching recommendations on tightening cybersecurity, including “aggressive” changes to the law to bring it  up to date with rapidly evolving computer crime. The Commission on the Theft of American Intellectual Property, chaired by former...

Read more

Cyber Attacks on Critical Infrastructure Could Cause Disaster

Critical infrastructure in the US –  including the energy sector with its nuclear power facilities – is increasingly coming under cyber attack from hostile nations and a range of other hackers, with potentially disastrous consequences. The warning was issued earlier this month by Charles Edwards, deputy inspector general of the...

Read more

Stuxnet May Have Been a Flop, Report Says

A new report published by a respected British think tank has challenged the conventional wisdom that the Stuxnet worm was a major setback to Iran’s nuclear ambitions. Ivanka Barzashka, a researcher in the Department of War Studies at King’s College London, said in the  report  – based largely on data from the...

Read more

Possible Stuxnet Defense Developed

Researchers at North Carolina State University (NCSU) have developed an innovative way of protecting networked control systems from cyber attack – raising the possibility of a defense against Stuxnet-type sabotage. A release from NCSU (http://news.ncsu.edu/releases/wms-chow-dncs/) said Dr. Mo-Yuen Chow and PhD student Wente Zeng had...

Read more

Yahoo to Buy Tumblr, Vows Not to Screw It Up

Internet pioneer Yahoo! Inc. announced today (Monday) it was buying Tumblr for $1.1-billion in an acquisition that some analysts were quick to criticize as holding little value for Yahoo shareholders. Tumblr founder David Karp, a 26-year-old high-school dropout, will make about $250-million from the deal, according to the New York Times. A...

Read more

On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 2

In Part 1 of this post about the DMARC (Domain-based Message Authentication, Reporting and Conformance) standards for digital messaging integrity, Alec Peterson of Message Systems and Sam Masiello of Groupon, both representing DMARC.org, gave us great information about the new technical specification designed to reduce the phishing abuse of known...

Read more

Incapsula: Wordpress Default Setting Opens up Sites to DDoS Exploit

Popular content management system Wordpress is harboring a default setting that is making is susceptible to compromise, according to recent research. Gur Shatz, CEO of IT security vendor Incapsula, wrote in a blog post that a recent Distributed Denial of Service (DDoS) attack mitigated by his firm exposed this vulnerability. "These...

Read more

On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 1

What are you doing to make the integrity of your corporate email/messaging an integral part of your information security policy? If you don’t have a definitive answer for this question, then read on. I’ve got some great advice from experts on the topic that you can take action on today to protect your company’s brand. I...

Read more

APWG: Nearly Half of All Phishing Attacks Leveraged Hacked Hosting Providers

Hacked hosting providers are becoming a fertile launch pad for new phishing attacks, accounting for nearly half of all phishing incidents during the second half of 2012, according to new research from the Anti-Phishing Working Group (APWG). The fact that these phishing attacks are increasing is not surprising, since based on earlier reports...

Read more

FSOC: Financial Regulators Warn of Ongoing Cyber Attacks

The federal government issued a strong warning to the financial services sector: Beware of cyber threats, according to the recently released 2012 Financial Stability Oversight Council (FSOC) report. The FSOC report, which fulfills a Congressional mandate to describe "significant financial market and regulatory developments, analyze...

Read more

What’s Needed to Leave Your Leather Wallet at Home and Pay with Your Mobile Wallet Instead—We’re Almost There

At a recent stop at Starbucks, I pulled out my iPhone and held it up for the counter clerk to scan. With a quick beep, I paid for my frothy cold drink and put my phone back in my purse. A few customers in line behind me were intrigued by this and asked me how I used my phone to pay. I showed them the Starbucks mobile app and told them it only...

Read more

Trojans Account for Nearly 80 Percent of All Computer Infections Worldwide: Report

Trojans are still the cyber criminals delivery mechanism of choice accounting for nearly three out of every four new malware samples in circulation, according to a new report. Panda Security’s anti-malware laboratory, PandaLabs, analyzed IT security events and incidents from January through March 2013. Despite their inability to...

Read more

Companies Know the BYOD Risk, Yet Most Still Allow It: Symantec

Despite the security risks involved in bringing personal technology into the workplace (BYOD), many employers believe that the benefits of allowing workers to use their own devices far outweigh the potential pitfalls, according to a recent Symantec survey. The survey, which polled 236 attendees of the recent Symantec Vision conference on how...

Read more

Small, but Mighty: Three-Quarters of DDoS Attacks Less Than 100 Mbps

More than a third of companies endured a disruptive attack last year, according to a new survey [pdf]. Thirty-five percent of those surveyed across industries dealt with at least one Distributed Denial of Service (DDoS) incident, with attacks on the retail sector seeing the largest year-to-year increase (16 percent to 39 percent), making for a...

Read more

Verizon: "No Organization is Immune to a Data Breach in this Day and Age"

Opportunistic attacks, the majority of which were financially motivated, were far and away the biggest threat source of 2012, accounting for 75 percent of all breaches analyzed in the latest Verizon Data Breach Investigations Report (DBIR). State-affiliated cyberespionage campaigns held the number two breach spot, accounting for 20 percent of...

Read more

"Community Defense" For a Safer Internet

Early identification of attacks across a community of Web applications can significantly improve the effectiveness of application security, according to the latest Imperva Hacker Intelligence Initiative report. The report, "Get What You Give: The Value of Shared Threat Intelligence," analyzed real-world attack traffic against 60 web...

Read more

Solutionary: North Korea Cyberattack Activity Boomed in February

February saw a significant jump in cyber attack activity emanating from North Korea, according to recent analysis. IT security vendor Solutionary found that “touches”-- a known reconnaissance, an overt external attack or the attempted exfiltration of data -- from North Korean IP addresses spiked during the month of February....

Read more

Not Just for PCs Anymore, Malware is Showing up on Offshore Drilling Rigs

I live in Houston, Texas, the undisputed Energy Capital of the World. Houston has an entire area of town nicknamed the Energy Corridor where numerous oil and gas companies have their headquarters, or at the very least, a major presence. Within those gleaming towers, geologists, chemists, engineers and a host of other highly educated professionals...

Read more

There’s BadNews, and There’s Really Bad News

By now you’ve probably heard about BadNews, a malware family that is targeting Android phones. In a blog post of April 19, the security firm Lookout reported that it had discovered BadNews in 32 apps across 4 different developer accounts in Google Play. Lookout reported its findings to Google, and the apps (and developers) have subsequently...

Read more

Survey: Consumers Not Pleased with Current Online Authentication Process

When it comes to online business, the traditional username/password authentication process generates plenty of consumer frustration, according to a new survey by the Ponemon Institute. Roughly 50 percent of respondents in the Ponemon survey, "Moving Beyond Passwords: Consumer Attitudes on Online Authentication," were either...

Read more

Insider Threats Are Top of Mind With Security Pros, Not With the Enterprise

It's the Devil you know. Insider threats are a major security concern for security professionals, yet management is not always taking the proper steps to mitigate -- or even acknowledge -- risk, according to the findings of two recent surveys. IT security vendor AlgoSec polled 179 information security and network operations professionals...

Read more

Flooded: DDoS Bandwidth Increased 700 Percent During Q1 2013

The DDoS tidal wave continues to grow. The average Distributed Denial of Service (DDoS) attack bandwidth totaled 48.25 Gbps in the first quarter of 2013, a 718% increase over last quarter, and the average packet-per-second rate reached 32.4 million, according to a new report by DDoS defense provider Prolexic. Prolexic culled data from their...

Read more

NQ Mobile: 95 Percent Of All Mobile Malware Afflicts Android OS

Mobile malware threats increased 163% to more than 65,000 in 2012, according to a new report by NQ Mobile. This huge year-to-year spike in threats are mostly impacting a single operating system, with nearly 95 percent of all mobile malware discovered in 2012 targeting the Android OS, according to NQ Mobile, its 2012 Security Report is based on...

Read more

Game "Hacks" Could Leave You Vulnerable to an Even Bigger Hack

If you're looking to "hack" your way towards a better video game score OR tempted to download a copy of the latest title through your friendly neighborhood file-sharing service, don't bother. It's almost certainly loaded with malware, according to new research. Anti-virus provider AVG analyzed scores of such hacks and...

Read more

Cybersecurity Bill Passes House, Faces Uncertain Future in Senate

Despite White House protestations and a threatened veto [PDF], the House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA) Thursday by a comfortable 288 - 127 margin (17 members did not issue a vote). The primary aim of CISPA is to encourage corporate and public sector information sharing that could help defeat...

Read more

Reddit: "It was a Legit, Malicious DDoS Aimed at Taking us Down"

The popular link sharing site Reddit has been enduring a large Distributed Denial-of-Service (DDoS) attack since earlier this morning, according to a statement made via Twitter. As the day moves on, the site appears to have survived the attack, but according to Reddit's Twitter status alert, while they have "mitigated a decent portion...

Read more

Anonymous' DDoS Attack Against Israel Leverages Botnet Network

Botnets were responsible for the recent cyber attack aimed at Israel, according to a review of the incident from Trend Micro. On April 7, the hacktivist group Anonymous reportedly began a targeted Distributed Denial of Service (DDoS) campaign against various Israeli websites i/blog/wp-admin/post.php?post=6834&action=editn retaliation for...

Read more

Cybercrimes of Opportunity in Wake of Busy News Week

Tragedy tends to bring out the best in the human spirit, but to those without a moral compass, it can mean opportunity. The recent Boston Marathon bombing has apparently brought out cyber criminals looking to take advantage of a wounded public’s need to know, generating a massive spam and malware campaign. Michael Molsner, a regional...

Read more

From US-CERT: Tips To Avoid Becoming A Victim Of Spear Phishing

We’ve often reported that spear phishing is a favorite technique that attackers use to plant malware or otherwise gain unauthorized access to networks. Now the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which is part of the Department of Homeland Security, reports on a spear phishing campaign in which the attackers...

Read more

UK-Based IT Managers Increasingly Concerned About DDoS: Survey

Of all of the threats in the cyber criminals toolkit, the Distributed Denial of Service (DDoS) attack continues to weigh heavily on the mind of UK-based IT managers, according to a recent report. Nearly half (41 percent) of all IT managers surveyed claimed they were ‘highly or extremely’ concerned about their organization being the...

Read more

Report: SMBs Being Battered By Targeted Threats

Symantec's newly released Internet Security Threat Report found that there was a 42 percent rise during 2012 in targeted attacks in comparison to the previous year. SMBs -- companies with fewer than 250 employees -- were particularly impacted by this spike in cybercrime, finding themselves on the receiving end of 31 percent of all targeted...

Read more

Tech Pros Leaving Thousands At The Negotiating Table

Just happy to be employed and not so sure you should tempt fate by quibbling over a few bucks? By not negotiating, many IT professionals are leaving thousands on the bargaining table, according to a new survey. Dice.com, a career site for technology and engineering professionals, surveyed 838 hiring managers and recruiters. The majority said...

Read more

New SEC Filings Show Impact Of DDoS Campaign On Banks

Normally tight-lipped about alleged cyber threats, new SEC filings by some of the nation’s largest banks show how recent Distributed Denial of Service (DDoS) attacks have made an impact. JP Morgan Chase, Citigroup, US Bancorp, Capital One and Goldman Sachs, revealed that they were, in fact, subject to repeated DDoS attacks during the...

Read more

ZeroAccess Botnet Tops Security Vendor's Q1 Threat List

The top threat impacting cybersecurity worldwide this quarter remains ZeroAccess, the Bitcoin mining botnet, according to network security vendor Fortinet. Based on reporting from FortiGate devices worldwide, ZeroAccess is the number one botnet threat the team is seeing. ZeroAccess is used primarily for click fraud and Bitcoin...

Read more

FireEye Reports That It Detected 89 Million Malware Events That Slipped Right Past Firewalls, IPSs And Other Layers Of Security

FireEye Inc. has just come out with its Advanced Threat Report for the second half of 2012. The content is based on research and intelligence conducted by the FireEye Malware Intelligence Lab and data collected from several thousand security appliances installed at the company’s customer sites around the world. FireEye threat protection...

Read more

More Than 60 Percent Of Enteprises Allow BYOD: Report

More than 6 out of 10 companies (64 percent) allow employees to bring their own devices (BYOD) into the workplace, with the majority of these citing improved productivity as the main driver, according to a new survey. For 58 percent of these companies, they allow a mix of corporate-liable and individual-liable devices. A full third of companies...

Read more

Privacy Advocates Vs. Legislators: House To Revisit CISPA This Week

Call it 'cybersecurity' week in our nation's capital, as Internet privacy advocates clash with legislators on the best way enact quality cybersecurity legislation. The House Intelligence Committee plans to revisit the polarizing Cyber Intelligence Sharing and Protection Act (CISPA) this week, scheduling a "mark up" session...

Read more

New Survey Predicts The Rise Of The "Everyday Hacker"

It's so easy, almost anyone can do it. Hack, that is. Easily accessible information will allow for those with only rudimentary technical skill to exploit such things as an SQL injection vulnerability, according to a new report from Veracode. Veracode's research found that although SQL injection flaws are easy to identify and fix, 32...

Read more

Report Roundup: Where Big Data Was And Where It's Going

Big Data is being put to big use, as a little more than half of companies globally have adopted some sort of Big Data initiative in the past year, according to a new global trends report. Tata Consultancy Services (TCS) just wrapped up a massive global big data study, surveying 1,217 companies in nine countries spanning four regions of the...

Read more

McAfee: "Can You Trust Retailer’s Security And How They Protect Your Information?"

McAfee reports on the growing risks the industry is facing with both legacy and newer point of sale systems (POS), finding that retailers need to be more than simply PCI DSS compliant to protect consumer data. “The industry is very fragmented with a large base of smaller merchants utilizing secondary market or used point of sale...

Read more

Access Governance: Perceptions And Misconceptions

We touched on Access Governance (AG) last year, but have found that misconceptions about the space still fuel some of the discussion. Access Governance is basically the overarching system that governs who has access to what in a given organization, or as we wrote last year, it approaches identity management from a “business...

Read more

Recent Bank DDoS Attacks Reach New Downtime Levels

The Distributed Denial of Service (DDoS) attacks that have been hammering the commercial banking sector since last Fall have reached a new level of efficiency nearly doubling the amount of collective downtime, according to a new report issued by NBC News. The largest 15 banks were knocked offline for a total of 249 hours during a recent...

Read more

ICS-CERT Reports On Phishing Campaign Against 11 Energy Sector Companies

A spear phishing campaign, seeking to leverage public information to ensnare its victims, was reportedly leveled against 11 different energy sector firms, according to a recent report. The latest edition of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Monitor, a quarterly publication, said that information —...

Read more

Evolving Threats To Drive Cloud-Based Security Market

Sales of cloud-based security services will grow 69% over the next 5 years, according to new research. This forecast comes on the heels of a big year in the market for global cloud and customer premises equipment (CPE)-based security services, which grew another 12% in 2012 to $13 billion, according to Infonetics' just released Cloud and...

Read more

Mt. Gox: Bitcoin Exchange Under DDoS Attack

Mt. Gox, the largest Bitcoin exchange in the world, is fending off a massive Distributed Denial of Service (DDoS) attack, according to a Facebook post. The digital currency exchange, which is based in Tokyo, said that the ongoing DDoS attack has caused trading lags, generated error messages for users and even shut down the site for a period of...

Read more

Technology Companies Attacked Once Every Minute, According To New Report

No sense in wasting any time. Malware certainly doesn't. The average enterprise is under a constant state of duress, experiencing a malware event roughly once every three minutes. The rate of malware activity, of course, varies across type of industry. For technology companies, the most highly targeted vertical, that figure drops down to...

Read more

SDN: Really Important To The Network, Yet Confusion Reigns

Software Defined Networking (SDN) is one of the latest network operation buzzwords, promising to revolutionize cloud and enterprise networks alike. The concept is so vital, that most organizations consider it the single most important network technology initiative, according to a new survey. Despite its importance, many companies are still...

Read more

Password Problems: Majority Of Security Pros Violate A Big Mobile Best Practice

Even security pros practice poor security "hygiene," with some 83 percent saying they use the same password across multiple mobile applications, according to a new survey. This figure, and others, comes by way of Ping Identity’s ‘Impact of Mobile’ Survey, which surveyed 198 attendees at this year's RSA...

Read more

IBM: Web Application Vulnerabilities Threaten The Enterprise

Web application vulnerabilities remained one of enterprises most pressing issues, rising 14% in 2012  over 2011 end of year numbers, according to a recent report. These vulnerabilities were exploited by attackers who, more often then not, injected malicious scripts and executables onto legitimate websites, targeting client side...

Read more

Stating the Obvious: CIOs Work Hard

Always tethered to the clock, an organization's chief information officer (CIO) is more likely to be working nights, than enjoying some quiet time at home, according to a new survey. The majority of CIOs surveyed -- 73 percent -- said they they check in with work "often" or "somewhat often" on evenings and weekends. Only...

Read more

Malware Threats And Inconsistent BYOD Policy Driving Mobile Security Market Growth

The mobile security services market has no where to go but up, according to a new industry forecast. The confluence of a 261% uptick in the number of mobile threats, coupled with increasingly complex malware designed to exploit a wider range of mobile devices and inconsistent BYOD policies, is signaling significant growth in the mobile...

Read more

DHS Warns Of Telephony Denial Of Service (TDoS) Attacks

The FBI issued a warning back in January, and now the Department of Homeland Security (DHS) has followed suit. A not-so new denial of service attack is once again attracting the attention of authorities. This latest incarnation utilizes the telephone system to inundate public sector entities, tying up the phone lines and preventing legitimate...

Read more

Enterprise Cloud Security Solutions Still Have a Ways To Go; Report

Enterprise cloud security practices are improving (slightly), but there remains a long way to go, according to a new report. Only around 50 percent of IT leaders surveyed in a new report said they are confident they are aware of all of the cloud services in use within their organization, a roughly 5 percent improvement since 2010. For Mike...

Read more

US-Cert Issues DNS Amplification DDoS Alert

Distributed Denial of Service (DDoS) attacks have become a routine part of the security threat landscape, striking banks, online retails sites and other interconnected targets. In addition to the well-publicized ongoing hacktivist DDoS campaign against global financial institutions (which hit, among others, American Express last week), attacks...

Read more

IT Pros: Not As Stressed As They Used To Be

The number of IT professionals considering leaving their job due to workplace stress has declined from 67% last year to 57% in 2013, according to a recent survey. That doesn't mean that life is simple for IT professionals -- far from it. Nearly two-thirds (65 percent) of all IT administrators surveyed still consider their job stressful...

Read more

80 Percent Of Companies Suffered Web-Borne Attack In 2012; According To Webroot

If you're not on the receiving end of a web-based attack, you're in a distinct minority. Eight out of ten companies endured at least one such attack last year, according to a new survey by security vendor Webroot. Organizations that allow employees to freely access the Web are experiencing high rates of malware threats, including...

Read more

IDC: Worldwide DDoS Prevention Market To Reach $870 million

The 300 Gb/s of traffic hurled at Spamhaus earlier this week during an epic Distributed Denial of Service (DDoS) attack may just be start of an even larger trend: The expanded growth of the DDoS prevention industry. The worldwide market for DDoS prevention solutions -- including products and services -- is expected to grow by a compound annual...

Read more

The State of Server Security: Malware Up, Confidence Down

The conundrum is obvious. While incidents of advanced attacks targeting servers has risen, confidence in being able to identify and stop these attacks has dropped, according to a recent report. 25 percent of respondents in Bit9's annual Server Security Survey said their servers were attacked in 2012, up 8 percent over the previous year....

Read more

Got Work? Revisiting The Market For Security Professionals

As security professionals from across the globe gathered last month at RSA, some of the conversations inevitably turned towards jobs; and many organization's inability to find quality candidates. This has been an issue in the information security field for years, but has recently been vaulted back into the spotlight as President Obama very...

Read more

Report: All Is Relatively Secure In The Cloud

One of the biggest silver linings surrounding cloud computing of late has been its exponential growth. Spending on cloud services is forecast to grow 18.5 percent to $131 billion worldwide this year, according to Gartner. But with this expansion comes the obvious question: Is it secure? Alert Logic, a cloud security vendor, released its new...

Read more

Report: Nearly 94% Of Endpoints Running Java Are Vulnerable To Exploit

The announcement of a new Java vulnerability seems about as common as sunshine in San Diego. The past few weeks have witnessed a number of Java zero-day vulnerabilities. And according to managed security provider Websense, some 94 percent of browsers may be vulnerable to at least one Java exploit. Charles Renert, Vice President at Websense...

Read more

EMEA Security Appliance Market Remains Strong

International Data Corporation (IDC) reported today that quarterly security appliance sales in EMEA grew by 5.2% in Q42012 over the same quarter last year. According to IDC’s Quarterly Security Appliance Tracker, factory revenue for the market hit $696.8 million in Q4. For all of 2012, it said factory revenue was about $2.5 billion, a 2%...

Read more

Report: Traditional Antivirus Struggles To Detect Malware Delivered Via FTP

If you’re looking to deliver malware that effectively evades detection, your best bet is to deploy it using run-of-the-mill File Transfer Protocol (FTP). Malware let loose in this fashion evaded detection by traditional antivirus measures 95 percent of the time for more than 30 days, according to a new report [PDF]. The inaugural Modern...

Read more

Is Spam Increasing? A Look At Some New March Campaigns

Seeing more spam? You're not alone. Global spam increased 64 percent last month, according to Cisco's IronPort Threat Operations Center. And the election of a new Pope hasn't quelled the unholy barrage of junk and malicious email. Barracuda Networks caught more than 400,000 emails purporting to be CNN news updates with salacious...

Read more

How Do You Like This? Facebook Likes Reveal Your Private Traits And Attributes

Like us on Facebook! How many times a day do you hear or see those words? More importantly, how often do you follow the plea and click the Like button for something that interests you? Did you know that each time you Like something, you are giving up just a little bit more of your privacy? In fact, depending on your Likes, someone may be...

Read more

South Korea Cyberattacks: Bravado, Cyberwarfare Or Smokescreen?

The wave of cyberattacks that rattled South Korea this week, targeting television broadcasters YTN, MBC and KBS as well as two major commercial banks, Shinhan Bank and NongHyup Bank, were caused by a piece of wiper malware known as Trojan Horse/Trojan.Jokra and WS.Reputation.1, according to initial research by Symantec. The incident left...

Read more

Buzzz: Researcher Creates Honeypots To Lure In ICS Attackers

High profile malware attacks -- like Stuxnet, Duqu, and Flame -- have made the security surrounding Industrial Control Systems (ICS) and specifically Supervisory Control and Data Acquisition (SCADA) a very big topic. These attacks piqued the interest of Kyle Wilhoit, a Threat Researcher at Trend Micro, who wanted to find out what was really...

Read more

GAO: IRS Needs To Resolve Information Security Issues

The taxman isn't immune to information security woes. The Government Accountability Office (GAO) has just issued a new report highlighting continued information security woes at the IRS. The report titled, "Information Security: IRS Has Improved Controls but Needs to Resolve Weaknesses," says that longstanding policies and endemic...

Read more

How Secure Is That Security Appliance?

The trusted firewall that is guarding your network may not be as secure as advertised. In a recently released white paper (PDF) titled "Hacking Appliances: Ironic exploits in security products," Ben Williams, a penetration tester for the NCC Group, discovered that roughly 80% of the security products he tested had vulnerabilities...

Read more

Report: 86% Of All Vulnerabilities Found In Third-Party Programs; SCADA At Particular Risk

Go ahead, patch those Microsoft products all you want. It won't necessarily make you impervious to attack, according to a new report. A vulnerability review, issued last week by the vulnerability management company Secunia, found that 86 percent of vulnerabilities discovered in the most popular 50 programs in 2012 were in non-Microsoft (or...

Read more

Breach Bracket: The "March Madness" Tournament Every School Is Trying To Avoid

Call it "March Madness" of a more sinister sort. The security researchers over at AppSecInc's TeamSHATTER -- a company that provides database security, risk and compliance solutions -- have released their annual data breach madness “bracket," highlighting which educational institutions have endured data breaches over...

Read more

New Training From SANS Institute: How To Discover If Malware Is Running In RAM Only On Your Systems

Brian and I recently had an opportunity to talk with Jesse Kornblum, an instructor for the SANS Institute. Jesse has developed and just started teaching an advanced course called Windows Memory Forensics In-depth. This course would be valuable for any IT security professional working in an industry or for an organization that has a constant target...

Read more

U.S. National Vulnerability Database Is, Apparently, Very Vulnerable

No one noticed until yesterday, but administrators of the U.S. National Vulnerability Database (NVD) -- an online/searchable repository of known security flaws and vulnerabilities -- took the site down after they noticed some suspicious activity. That was on March 8th. As of this morning, here is what you see when you log on: Kim...

Read more

Cyber-Threat Report: Americans Attacking Americans? Maybe

The big eye-popper from the latest Solutionary Global Threat Intelligence Report (GTIR), which provides insight and analysis including the cost of cyber threats that enterprises, governments and mid-market organizations faced throughout 2012 and how to defend against them, are the numbers. In data gleaned from real-world interactions with...

Read more

Survey: The Trouble With SIEM

Security Information and Event Management (SIEM) was supposed to make life easier for IT professionals, analyzing the torrent of incoming security data from the network perimeter to provide real-time analysis on security threats. Instead, it seems to have become a bit of an albatross for security pros who have to wrestle with increased...

Read more

GitHub hit with back-to-back DDoS attacks

It happened...again. In February 2012, GitHub -- the popular code sharing site -- experienced what they called a prolonged and "intense" week long Distributed Denial of Service (DDoS) attack. In a statement at the time, Github said that the "attack is global, and has been very intense at times. Yesterday morning, for example,...

Read more

Study: Majority of Small Businesses Suffer Data Breaches; Disclosure Is Another Matter

Small businesses have big data breach problems, and they're having a hard time admitting it. A new Ponemon survey, commissioned by the The Hartford Steam Boiler Inspection and Insurance Company -- a part of reinsurance behemoth Munich Re -- found that while more than half the U.S. small businesses surveyed experienced at least one data...

Read more

Report: Two-Day Long DDoS Attack Breaches U.S. Utility

While phase three of Operation Ababil is now in full swing, banks are not the only enterprises that remain at heightened cyber threat alert. A new case study issued by anti-DDoS vendor Prolexic recounts a recent Layer 4 Distributed-Denial-of-Service (DDoS) attack leveled against U.S. electric utility. Also referred to as a "syn...

Read more

Phishing, SMiShing And Wishing It Would Stop!

Lately it seems like I’ve been getting more than the usual number of emails that give me pause. Could this one be a phish, I wonder? What about that one? Even my husband and fellow blogger Brian showed me a curious email the other day. It certainly looked legitimate, appearing to come from a bank we do business with, but we concluded that...

Read more

UK Survey: Consumers Have Trust Issues with Banks

Ronald Reagan liked to say "trust, but verify." The people of the UK have spoken, and they feel the same. They're having a difficult time trusting that the financial services industry -- and other organizations that use call centers -- are adequately protecting their personal information. Banks top the list of organizations...

Read more

Survey of RSA Attendees Shows General Security Readiness Lacking

Trapping thousands of security professionals in a room is a great way to gauge which way the industry winds are blowing. At RSA, F5 Networks chose to harness this massive amount of infosec brain power to conduct a security trends survey. They posed two qualifying questions to booth visitors to ascertain whether these practitioners had any...

Read more

Hacktivists: Phase 3 of Their Campaign Against U.S. Financial Institutions Underway

They're back. In a February 26th Pastebin post, the Izz ad-Din al-Qassam Cyber Fighters promised to resurrect their cyber campaign against U.S. financial institutions if offending YouTube videos were not removed from the Internet. The videos were not removed and earlier this week, in another Pastebin missive, the Islamic group...

Read more

Kaspersky: New Botnet Discovered; Potential Threat to Chilean Banks

If you have money in any Latin American banks, it might be a good idea to begin storing some of that cash under the mattress. According to a recent blog post from a Kaspersky Labs expert in Argentina, a new weapon in the emerging Latin American cybercrime space is now targeting two large Chilean banks. AlbaBotnet is designed to unleash phishing...

Read more

Gartner: Application Layer DDoS Attacks to Increase in 2013

In 2013, less will be more. Volumetric, blunt-force attacks will remain the primary type of Distributed Denial Of Service Attack (DDoS) in the coming year, but there will be noticeable growth in the incidence of low-and-slow application layer DDoS attacks, according to new research by Gartner. In a report titled, "Arming Financial and...

Read more

Evernote Potential Target of Attack; Issues Security Notice

Did you have trouble logging into Evernote this morning? You’re not alone. The popular note taking software service said it appeared to have been the victim of a coordinated attempt to access secure areas of their service. In a Security Notice issued on its blog, Evernote, which according to the company services 50 million users, tried to...

Read more

RSA Coverage: Japan Offers Best Privacy and Security Policies for Cloud

If you want a secure and private cloud-computing environment, there is no safer place than Japan. On Thursday, The Business Software Alliance (BSA), the software industry’s international watchdog, previewed findings from the forthcoming 2012 Global Cloud Computing Scorecard. The pre-release only shows the scores in the privacy and...

Read more

RSA Coverage: Bad Intentions Will Cost You

All breaches are not created equal. Those with malicious intent cost organizations on average nearly twice ($840,000) as much as those with non-malicious designs ($470,000), according to a new study commissioned by Solera Networks and undertaken by the Ponemon Institute. The report, “The Post Breach Boom,” surveyed security...

Read more

RSA Coverage: Stuxnet Much Older than Thought

Stuxnet, the sophisticated piece of malware that made headlines back in 2010 as the first computer cyber weapon is an evolved version of an earlier incarnation of the infamous worm, according to a Symantec white paper issued at the RSA conference today. The newly discovered Stuxnet variant, according to analysis of the version number embedded in...

Read more

Playing in RSA’s Innovation Sandbox

Zuly Gonzalez inadvertently “RickRolled” herself. Or perhaps it was by design. The co-founder of Light Point Security took to the stage at Monday’s RSA Innovation Sandbox to the opening strains of Rick Astley’s hackneyed Internet meme. The message was a simple one: don’t let the web “RickRoll” you....

Read more

RSA 2013 – an Insider's Take

Bleary eyed and staggering off of an eight-hour flight, it is impossible to miss the signs. They’re all around. A large banner hangs over the escalator that heads down towards baggage claim. It is anti-virus maker Trend Micro issuing the first of many “warm welcomes.” A little self-promotion combined with a healthy dose of big...

Read more

Hacking Twitter Isn’t Even a Challenge. Burger King and Jeep Learned This Lesson the Hard Way.

First Burger King and now Jeep. Both prominent companies have suffered embarrassment since having their Twitter accounts hijacked this week, reportedly by Anonymous. It’s unfortunate, but these two companies join a long list of other businesses, news media outlets, politicians (including Barack Obama), celebrities and even average citizens...

Read more

The Facebook Hack Attack: Finding “No Evidence” Doesn’t Mean Data Wasn’t Compromised

On February 15, Facebook Security posted a public notice that the company “discovered that our systems had been targeted in a sophisticated attack.” Facebook Security was unusually frank about the details of the attack, including the revelation of how the compromise happened. (Facebook employees’ computers were infected with...

Read more

ISACA Advanced Persistent Threat Survey Shows Some Eye-opening Findings

Advanced persistent threats (APTs) have been in the headlines over the past couple of years for affecting some high profile enterprise networks. Many thought these attacks were limited to government networks. However, in January 2010, the source code and intellectual property of Google and at least 20 other companies in the high-tech industry and...

Read more

FTC Tells the Mobile App Ecosystem: Don’t Play Fast and Loose with Consumers’ Privacy Rights

If you read either of my previous posts about (the lack of) mobile application security and privacy, you might think we are living in the Wild West as far as the onus being on the user to look out for his or her own best interests.   Well, we are.  It’s like there’s no sheriff protecting the community. As the owner of...

Read more

Where Are You Most Likely to Pick Up Drive-by Malware? A Porn Website, a Gambling Website, or a Business News Website? The Answer Might Surprise You.

All of you porn surfers out there can just relax. Despite what your momma told you, browsing a porn website isn’t the most sure-fire way to get malware put on your PC. According to the 2013 Cisco Annual Security Report, many people (including security professionals) have preconceived notions about where they are most likely to encounter...

Read more

That Really Cool App You Put on Your Smart Phone is Probably Collecting All Sorts of Information - and You Don’t Even Know It

A few weeks ago I warned that mobile applications may not behave the way that users expect them to. As a follow-up to that post, I talked more in-depth with Domingo Guerra, president and co-founder of Appthority. Guerra’s company has analyzed hundreds of thousands of mobile apps to discover what they do, not just on the surface but...

Read more

Making the Case for National Cyber Labs

Recently I received a most interesting link from a friend, about a tiny city that was actually a perfect working model of a real-life city built by the SANS Institute. It had real banking networks, power grid networks, public transit systems, a hospital, a military complex, you name it. It’s a fully decked out city in miniature. And the...

Read more

Kaspersky and Hypponen on the Evolution of Hacking and Cyberwar

Kaspersky Lab's fonder and CEO Eugene Kaspersky and Mikko Hypponen, Chief Research Officer at F-Secure, recently examined how hacking has evolved from mere script kiddies meddling for kicks or to build street cred with their peers into an environment where cyber criminals, hacktivists and even governments are engaged in serious offensive...

Read more

Amended COPAA Rules Expand Data Privacy Protections

Effective July 1, 2013, the amended Children’s Online Privacy Protection Act (COPPA) will take effect. In today’s world, as those of us in security and compliance know all too well, the same information that enables our business and moves our world quickly to the latest and greatest innovation, puts our private information and that of...

Read more

Ponemon Study Provides Insight on Financial Sector DDoS Attacks

Distributed Denial of Service (DDoS) attacks against the financial sector continue to dominate headlines weekly, as hacktivists and criminal syndicates repeatedly target the websites of major organizations. A new study sponsored by Corero and conducted by the Ponemon Institute provides insight into how prepared financial institutions are for the...

Read more

Who to Contract Before a Data Breach Occurs

Data breaches continue to headline the news, and it’s likely to get worse before it gets better. The invasion of consumer technologies in the workplace promises to put more data at risk than ever before. There’s a growing tendency for Boards of Directors to become involved when a breach occurs. An event puts the organization at risk;...

Read more

Two-Thirds of Banks Hit by DDoS Attacks in Past Twelve Months

By now most everyone is aware of the Distributed Denial of Service (DDoS) attack campaign targeting nearly a dozen major U.S. banking websites since last fall, but many will be surprised to learn how big a problem DDoS attacks really are for the financial sector. A new study conducted by the Ponemon Institute on behalf of network security provider...

Read more

Small Businesses and the Changing Threat Landscape

There has been a great deal of discussion regarding how enterprise security will be impacted by increasingly popular mobility solutions, Bring Your Own Device (BYOD) options, and migrating business processes to the cloud. While large corporations typically have the resources available to address the increased risks, most small to medium sized...

Read more

Bring Your Own Device - Or Was it Demise?

Much has been said recently about bring-your-own-device (BYOD).  Some managers see BYOD as a cost saving measure that also makes employees happy.  On the face of it BYOD sounds like a win-win.   The organization doesn't need to spend as much on equipment.  Employees get to use their shiny new devices that are a...

Read more

DoD Proposes Cyber Targeted-Attack Analyzer (CAT) Program

The Pentagon has announced the initiation of a program to develop an integrated threat analysis system that will significantly improve the Defense Department's ability to identify network security vulnerabilities by leveraging the power of Big Data analytics. The Defense Advanced Research Projects Agency (DARPA) Information Innovation Office...

Read more

Big Data will Fuel Shift to Intelligence-Driven Security Models

Big Data, Big Data, Big Data... So what's the Big Deal? Well, according to a Security Brief issued by RSA, Big Data will be the driving force behind major changes across nearly every discipline in the security industry as intelligence-driven security models begin to dominate all major categories of vendor solution offerings. The brief asserts...

Read more

Trojans for the Bundestag: German Police Acquired Finfisher

In December of last year, the German public prosecutors’ office had declared that there was no legal basis for the use of the so-called “Bundestrojaner” spyware, which was used to spy on German citizens. On top of it being illegally used, it was also found to be of very poor quality after extensive research performed by the Chaos...

Read more

Attackers Sharpen Their Spear for Phishing Operations

Typically, cyber criminals engaged in phishing operations have cast wide nets designed to ensnare as many victims as possible, then proceeded to sort out the high value targets from the rest. But these sorts of large-scale attempts leave the attackers more prone to discovery, and thus their operations may in turn be less successful. The longer...

Read more

Do Mobile Devices Really Increase Productivity?

While there is little doubt that mobility options provide a great deal of flexibility when it comes to where and when work related tasks can be accomplished, and provide for more efficient means of employee collaboration and access, does it really have an impact on productivity? According to a newly published study, federal government employees...

Read more

DDoS Attacks on Banks Could Continue in Perpetuity

Another week, and yet another proclamation from the extremist group Izz ad-Din al-Qassam Cyber Fighters, who vow to continue their Distributed Denial of Service (DDoS) attacks on the websites of several financial organizations in protest of a controversial film. "We have repeatedly stated that removal of the offensive video, INNOCENCE OF...

Read more

Spam Levels are Down, But Targeted Attacks via Email are Up

Less spam in your inbox: Good news. More spam geared towards targeted attacks: Not so good... In the wake of multiple large-scale botnet take-downs in 2011 and 2012, the over all volume of general spam traffic decreased significantly (53%), but targeted attacks via email are on the uptick according to researchers from German e-mail security...

Read more

Red October: Advanced Cyber Espionage Campaign

Cyber espionage is alive and well, as illustrated by the discovery of a long-term campaign dubbed "Red October" that is suspected to have been targeting mostly embassies, but has also been found to have infiltrated systems belonging to other government agencies, military, energy and research organizations in nearly 70 nations across...

Read more

App Happy Downloaders May Get More than They Expect

On January 7, Apple announced that customers have downloaded over 40 billion apps, with nearly 20 billion in 2012 alone. The App Store has over 500 million active accounts and had a record-breaking December with over two billion downloads during the month. Apple’s developer community has created over 775,000 apps for iPhone, iPad and iPod...

Read more

Business Leaders Seek More Intelligent, More Effective Cybersecurity Protection

With the specter of both over-reaching cybersecurity legislation and a Presidential executive order that would expand the authority of federal agencies looming, business leaders have proposed a strategy that would vastly increase the level of threat information sharing between the public and private sectors with the hope that the conciliatory...

Read more

Individual Assessments Required with Criminal Background Checks Part 2

Last time, we chatted about the EEOC and their newer guidelines when it comes to screening potential new employees through the criminal background check process. This time, we will discuss what a company can do to help themselves be compliant with the EEOC guidelines. There are 3 things that a company can do to ensure that it follows the EEOC...

Read more

Web Application Vulnerability Statistics Report Released

The exploitation of web application vulnerabilities continues to be one of the leading causes of enterprise data loss, and even in the wake of numerous high profile and well publicized breaches, many organizations have failed to address the most common application flaws, leaving them prime candidates for the next data loss event. iViZ Security, a...

Read more

Why all the Hassle? Two Simple Steps to Secure Your Wi-Fi Network

Setting up a new wireless router, or seeking to better secure your existing Wi-Fi? Perusing the Internet will provide you with all sorts of information on the "necessary" steps required for protecting wireless networks, but some of the advice you will find may result in a complications and instill a false sense of security, according to...

Read more

Botnet-for-Hire Likely Used in DDoS Attacks Against U.S. Banks

Authorities may be one step closer to uncovering the mechanisms behind the spate of Distributed Denial of Service (DDoS) attacks plaguing the websites of major U.S. financial institutions which began in mid-September of last year. Researchers from Incapsula, a cloud-based website enhancement service, discovered that a recently contracted...

Read more

ENISA Deems Drive-By Exploits as Biggest Emerging Threat in 2012

So what's on your security radar as we move into the New Year? The European Network and Information Security Agency (ENISA) has taken data from more than 100 different security reports produced in 2011 and 2012 to produce a Threat Landscape report that attempts to identify the top ten information security demons. The report sourced analysis...

Read more

Hacktivists Estimate DDoS Attacks on Banks to Last Another Year

Have we decided what 2013 will be the year of yet? According to a new threat issued by the extremist group Izz ad-Din al-Qassam Cyber Fighters, the group claiming responsibility for the continued campaign against U.S. financial institutions, it may well be remembered as being the year of the Distributed Denial of Service (DDoS) attack. According...

Read more

Weaponizing Mobile Devices for Use in DDoS Attacks

The lack of adequate security on the majority of mobile devices makes them prime targets for malware that can turn smartphones and tablets into platforms for launching distributed denial of service (DDoS) attacks targeting corporate websites, similar to those that have recently plagued a number of large U.S. banks, according to analysts from a...

Read more

Individual Assessments Required with Criminal Background Checks Part 1

Human resource departments and hiring managers are being met with a new challenge when it comes to criminal background checks: individual assessments for the disqualification of a candidate based on their criminal background. Though the U.S. Equal Employment Opportunity Commission (EEOC) has not changed its position these background checks, the...

Read more

Cloud Computing Tops Most Disruptive Technologies List

So what will be keeping your organization's CISO from getting a good night's sleep in 2013? While the answer to that question might vary from business to business, the unifying factors underlying the cause for your enterprise security chief's insomnia will most likely be tied to the rapid adoption of new technologies that are outpacing...

Read more

Security: Let's Start with Education in 2013

Welcome to the new year. Welcome to 2013! What comes with the new year? Why New Year's resolutions, of course. You might be looking to eat better, exercise more, or smoke less. Many CIOs will be making New Year's resolutions to improve system security. And while more complex passwords, intrusion detection systems, new firewalls, operating...

Read more

Anatomy of the Council on Foreign Relations Watering Hole Attack

Microsoft was quick to respond to reports of a zero-day vulnerability in Internet Explorer which was actively being exploited in a watering hole attack targeting users of a website belonging to the Council on Foreign Relations (CFR), a U.S. based think-tank. Microsoft has issued temporary workarounds for the vulnerability, and is expected to...

Read more

Is Your Antivirus Software Really Worth the Investment?

Is your organization's sizable investment in deploying and upgrading network antivirus solutions really worth the cost? According to a study released in December, commercial antivirus products may not be any more effective at defending against malware than many of the freeware solutions available today, and in some cases were actually...

Read more

Number of Banks Targeted by DDoS Attacks May Increase

The holidays have passed and it's time to balance the ol' checkbook. But wait... Having trouble accessing your bank's customer portal yet again? It may be a circumstance that we all need to become accustomed to as the extremist group Izz ad-Din al-Qassam Cyber Fighters are threatening to expand the number of financial institutions...

Read more