Hackers Break Into Virginia Health Professions Database, Demand Ransom
By Robert A. on IndustryNews
"Hackers last week broke into a Virginia state Web site used by pharmacists to track prescription drug abuse. They deleted records on more than 8 million patients and replaced the site's homepage with a ransom note demanding $10 million for the return of the records, according to a posting on Wikileaks.org,...
McAfee site vulnerable to xss
By Robert A. on XSS
"McAfee, widely recognized as one of the leading providers of online security software for both home and business, appears to be struggling to secure its own Web sites, which at the time of writing this post, allow anyone with enough tech savvy to covertly do whatever they want on, and with,...
FAQ: Demystifying ID fraud
By Elinor Mills
Every time I use my credit card online I suffer a momentary feeling of angst, even though I know that it's still safer than handing my card over to an unscrupulous waiter. The impersonal nature of the Internet and the perception that I lose control of my data after ...
Former Security Chiefs Advise Caution In Reorganizing Cybersecurity Effort
Former government officials say White House should think twice before making wholesale reorganization of federal cybersecurity effort
BT Study: Most Enterprises Expect To Get Hacked This Year
New report coming from BT looks at how organizations use penetration testing (or not)
Does RFID present privacy risks?
Some privacy advocates are concerned that thieves could steal information from RFID-enabled credentials, but others say the fears are overblown.
Military leaders embrace idea of cyber command
The cyber command, expected to be announced in days, would help the Defense Department keep up with the changing technology and tactics of cyber warfare, current and former officials say.
Experts: Workforce needs cybersecurity awareness
Federal employees who work with taxpayers' information must be trained to protect that data, experts say.
McAfee Releases First-Quarter Threats Report
By David Marcus on Web and Internet Safety
Today McAfee Avert Labs released its Threats Report for the first quarter of 2009. In it we reveal that cybercriminals have taken control of almost 12 million new IP addresses since January, a 50 percent increase since 2008. The United States is now home to the largest percentage of botnet-infected computers, currently hosting 18 percent [...]
Baofeng Media Player: May Day Zero-Day Exploit Fixed
By Zhu Cheng on baofeng
On April 30, an exploit targeting a zero-day vulnerability in the Baofeng media player was published on the Internet. The proof-of-concept exploit had more than enough details for others with malicious intent to create more malicious variants. Baofeng is a widely popular media player in China, and it plays many common media file formats. May 1 to 3 was [...]
IA career development: Need for IA professionals will grow
We will see increasing integration of information assurance into the strategic thinking of organizations as managers realize that the economic downturn increases pressures for illegality. Employees and managers who are desperate for continued employment may find their ethical standards weakening; we already have documented cases from past years of employees and managers who have broken into competitors' systems to acquire competitive intelligence or to steal intellectual property that will yield an immediate economic advantage to their current employers. How many more will we see as they contemplate the specter of job loss?
EU mulls new legal fight against spam, invasion of privacy
In a bid to patch holes in Europe's rules governing the Internet, the European Commission is considering a renewed effort to clamp down on spam and online abuse of consumers' privacy.
IT pros justify high-tech investments during downturn
Network World IT Roadmap speakers discuss the merits of high-tech investments from acceleration to management to compliance during a recession.
Parabon launches grid-based DDoS attack tests
Distributed denial of service (DDoS) attacks of the kind that crippled networks in Estonia two years ago are hard to defend against because they typically involve thousands of compromised computers knocking a Web site or server offline by simultaneously sending it torrents of useless traffic.
Leaked copies of Windows 7 RC contain Trojan
Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade.
Global Dispatches
EU Official Sees Need for Cyberchief
Google: 'rough' talks ahead on privacy with Korea
The South Korean government could force Google to block access to its YouTube Web site in an ongoing dispute over user privacy, Google's deputy counsel said Monday.
The legal implications of cloud security
The legal implications of cloud security are wide ranging and potentially daunting - and there are no easy answers.
Password Seeks Partner For Long-Term, Secure Relationship
Passwords have been standing guard over our computer user accounts seemingly forever; for a long while, and for most purposes, they could go it alone.
eBay driving world's tomb raiders out of business, says prof
Online fools' lust for forged tat stymies looters
An American archaeology prof says that a long-feared outbreak of eBay-driven tomb raiding has failed to occur. Rather, it seems that the online dross emporium - by creating a huge and profitable new market for forged antiquities - has drawn criminals and charlatans out of looting and into making crappy imitations for eBay.…
Crimestoppers benefits from recession-hit grasses
Hard times mean no honour among thieves
Snitching hotline Crimestoppers has reported it's on a bit of a roll purging the UK's streets of crims - thanks to boracic citizens increasingly willing to grass for cash.…
SSL encryption and the Ghost of Windows Past
Three papers about security
We thought we could escape from writing the words "Windows 2000" again. But it's a topsy turvy world, and that's a fact - as these three IT security whitepapers, fresh from the Reg Library, show.…
Health database breached, (Tue, May 5th)
The wikileaks.org web site, which is a pretty famous repository of leaked documents that ...(more)...
New version (v 1.4.2) of BASE available, (Tue, May 5th)
While there isn't a writeup in the site's news section, I've confirmed with fellow InGua ...(more)...
Every dot matters, (Tue, May 5th)
Couple of days ago, one of our readers, Lee Dickey, reported a strange behavior of a link on Microso ...(more)...
Cyber Intruders Claim to Hold Personal Health Data Hostage (May 4, 2009)
A posting on Wikileaks.......
Air Force Secure Windows Configuration Saved US $100 Million; Cuts Patching Time By 95% (April 30, 2009)
Former US Air Force CIO John Gilligan details the evolution of the agency's secure Windows configuration.......
DDoS Attacks Targeting Internet Infrastructure (May 1, 2009)
Groups monitoring the frequency and magnitude of distributed denial of service (DDoS) attacks have noted a sharp increase in particularly virulent attacks in the last several months.......
Former IT Admin Admits to Deleting Organ Donation Data (May 1, 2009)
A former IT administrator at an organ and tissue donor bank has admitted to breaking into the organization's computer network and deleting data.......
Tenenbaum Agrees to US Extradition (May 1 & 3, 2009)
Ehud Tenenbaum has agreed to be extradited to the United States to face charges in connection with an international payment card fraud scheme.......
Canada Placed on Priority Watch List Due to Intellectual Property Protection Concerns (April 30 & May 4, 2009)
The Special 301 Report from the Office of the United States Trade Representative "is an annual review of the global state of intellectual property rights protection and enforcement.......
Adobe Will Patch Zero-Day Flaw Next Week (May 4, 2009)
Adobe plans to push out a patch next week to address a zero-day flaw in Acrobat and Reader that could be exploited to create denial of service conditions or execute arbitrary code.......
Lexis Nexis and Investigative Professionals Breach Affects 40,000 People (May 1, 2009)
The United States Postal Inspection Service is investigating a data breach that affected customers of Lexis Nexis and Investigative Professionals.......
Pirated Versions of Windows 7 Release Candidate Contain Trojan (May 4, 2009)
Reports are circulating that pirated versions of Windows 7 Release Candidate available on filesharing sites contain malware.......
EU Information Society Commissioner Recommends Breaking US Government Hold on ICANN (May 4, 2009)
European Union (EU) Information Society Commissioner Viviane Reding has called for increased privatization of the Internet Corporation for Assigned Names and Numbers (ICANN).......
Researchers Observe Botnet Stealing 70 GB Of Data (May 4, 2009)
Researchers at the University of California at Santa Barbara were able to monitor a botnet's activity for 10 days before the command-and-control instructions were changed.......
Lime Group Chairman Explains Security Changes in Lime Wire 5 to Congress (May 1, 2009)
Lime Group chairman Mark Gorton told US legislators in a letter dated May 1, 2009 that Lime Wire 5, the most recent version of the company's file sharing software, is "the most secure file-sharing software available.......
Data Ransom Scheme a Surprising Play for Hackers
When it comes to cyber-crime, holding data for ransom is not a common form of attack on enterprises. The recent hack of a Virginian state Website is a reminder that ransomware and other schemes can still be viable ways for cyber-crooks to try to make a dollar.
- The PC Cyborg Trojan appeared on the scene back in 1989, encrypting files on the C drives of infected users. It then prompted them to contact the PC Cyborg Corporation and pay a fee to have their files decrypted, marking what is considered to be the first piece of ransomware in the wild. Roughl...
IT Security Job Tips for Surviving a Tough Economy
Between layoffs in the IT industry and belt tightening by enterprises, security groups need to know what perspective employers are looking for. Don't underestimate the importance of knowing how to explain how investing in a security solution is going to save a buck.
- Security may be among the last items in an IT budget to get slashed, but it is still not totally recession-proof. Sometimes staffers are shown the door, leaving laid-off security professionals with the need to stand out in a crowded field with potentially fewer opportunities. New research from ...
Brief: Reports: Thief holds Virginia medical data ransom
Reports: Thief holds Virginia medical data ransom
Use the Internet, Lose your Privacy (PC World)
In technology
PC World - Bruce Schneier, author and computer security expert, wrote a good reality-check essay on the subject of online privacy, or the lack thereof.
Botnets Took Control of 12 Million New IPs this Year
By Kim Zetter
Botnet criminals have taken control of almost 12 million new IP addresses since January, according to a report from anti-virus firm, McAfee. That represents a 50 percent increase over the same period in 2008.
French Hacker Cracks Into Twitter
Twitter should harden its security, IT security and control firm Sophos says.
No comments:
Post a Comment