Security in the News – Week of March 24

Information Security

BetaNews

Why Use of Personal Data for Authentication Needs to Change

March 26

We run more and more of our lives online today, with multiple accounts for different services; many sites rely on same few personal identifiers.

 

Bloomberg     

SEC Probes Threat From Cyber Attacks Against Wall Street

March 26

SEC is examining exposure of stock exchanges, brokerages and firms to cyber-attacks that have been called a threat to financial stability.

 

Computerworld

ATM Malware, Controlled by Text Message, Spews Cash

March 25

Malware can cause a cash machine to start churning out bills.

 

Gameover Malware Takes Aim at Monster.com, CareerBuilder.com

March 26

In addition, new variants of the Trojan program target Monster.com, F-Secure said.

 

DataLoss DB

Potential 7 Million Credit Card Details Leaked

March 24
Post allegedly by Anonymous Ukraine claimed to publish more than 800 million credit cards by releasing four archives.

 

Fox Business

Media Massively Over Represented in Hack Attacks

March 28

21 of world’s top news organizations have been target of likely state-sponsored hacking attacks, according to Google security engineers.

 

Help Net Security

February Spam Highlights

March 24

Kaspersky found malicious attachments in Feb. spam came in emails allegedly sent by women who wanted to make friends in run-up to V-day.

 

SCADA Risk Awareness, Threats, Breaches

March 26

268 IT professionals answered questions about overall risk awareness, trends in threats and breaches, and effective means to mitigate vulnerabilities with regard to SCADA/ICS.

 

Retailers Urge Adoption of PIN-Based Credit Cards

March 27

NRF says banks’ insistence on cards that use a signature instead of a PIN puts merchants and their customers at risk.

 

Homeland Security News Wire

Making Grid Smarter Makes it More Vulnerable to Hackers

March 25

US electric grid is constantly under attack despite attempts by utilities to boost physical security and cyber-defenses.

 

Krebs on Security

ZIP Codes Show Extent of Sally Beauty Breach

March 25

Sally Beauty acknowledged hacker break-in compromised 25K customer credit; impacted all 2600+ Sally Beauty locations.

 

Network World

IT Leaders Share Tips on Managing Security

March 24

IT security is a tricky issue. Key is to strike right balance. IT executives share advice.

 

Cybercrime Trends Point to Greater Sophistication, Stealthier Malware, More Encryption

March 25

Report on evolution of cybercrime depicts criminal complex growing more sophisticated in software tools, ability to hide from law enforcement.

 

How Do FBI, Secret Service Know Network has Been Breached Before You

March 27

They work hard to find evidence of stolen data, but companies don’t always appreciate the effort.

 

Patch Management Flubs Facilitate Cybercrime

March 27

Report calls botnet activity against organizations the biggest problem.

 

State of Security

Support of Proposed Smartphone Theft Prevention Act

March 26

Bill designed to prohibit use of stolen devices, would be rendered worthless to anyone but owner once reported stolen to carrier.

 

Security and Crisis Management

All Africa

Sudan: Gunmen Attack Darfu

r Civilians

March 24

UNAMID said unidentified gunmen attacked camp for internally displaced persons; number of villages in N Darfur states forcing some 3K civilians to seek protection at bases.

 

BBC

Ukraine Far-Right Leader Dies in Police Raid

March 25

Ukrainian ultra-nationalist leader shot dead in what officials describe as a special forces operation.