Security in the News – Week of February 24

Information Security

Computerworld

Apple Encryption Mistake Puts Many Desktop Apps at Risk

February 24

Apple’s Mail, FaceTime, Calendar, Safari browser and Software Update could be vulnerable.

 

US AG Calls for Data Breach Notification Law

February 24

New law would allow the DOJ to better combat cybercrime.

 

Transparency About Data Retention Requires Knowing What You Have

February 25

Many companies don’t know what their apps know about consumers.

 

360 Million Account Credentials Found in Wild

February 26

List is likely to have been compiled from multiple data breaches.

 

HelpNet Security

Android Banking Trojans on Rise

February 24

Mobile malware sector grows technologically, structurally; majority created in 2013 focused on extracting financial profits.

 

What People Think about Passwords, Email Snooping, Personal Data

February 24

Research shows where Millennials, Gen-Xers stand in regards to passwords, online marketing, email snooping, personal data.

 

Beware of Fake PayPal Survey Program Offers

February 24

UK PayPal users targeted with spoofed PayPal email offering reward for participating in a new survey program.

 

Nearly Half of Companies Assume they Have Been Compromised

February 25

Orgs operating under assumption their network has already been compromised, or will be.

 

SpyEye and Tilon Banking Malware Have Same Author(s)

February 27

First discovered in 2012, Tilon banking malware received name because of some similarities with the Silon banking Trojan.

 

Network World

Security Researchers Urge Tech Companies to Explain Cryptographic Choices

February 27

Transparency principles for companies to regain user trust following surveillance revelations.

 

Internet of Things, Infrastructure Attacks are Big Security Headaches

February 27

CIA Director says catalog of front-burner issues CIA faces is staggering.

 

State of Security

RSA Conference: Day One Highlights

Febray 24

Feedback on first day sessions.

 

RSA Conference: Day Two Highlights

February 25

Feedback on second day sessions.

 

RSA Conference: Day Three Highlights

February 26

Feedback on third day sessions.

 

We Live Security

Perils of Passwords, How to Avoid Them

February 24

One of the biggest problems is password reuse.

 

Mac Malware Spread Disguised as Cracked Versions of Angry Birds, Pixelmator, Other Top Apps

February 25

Mac users warned not to download pirated software from file-sharing peer-to-peer networks.

 

US Businesses Boost Cyber Defenses as They Brace for More Target-Style Attacks

February 25

82% of businesses expect a highly targeted attack to increase over the next two years.

 

ZDNet

Report Maps Internet Threats

February 24

Major development in malware in 2013 on rise of ransomware on Windows desktops and Android devices.

 

Security and Crisis Management

BBC

Venezuela Protests to Blame for 50 Deaths

February 26

Venezuela’s President said number of deaths connected to two weeks of anti-government protests risen above 50.

 

News 24

Bo

mb Blasts at Zanzibar Tourist Bar, Cathedral

February 25

Two homemade bombs exploded on tourist island Zanzibar, with no casualties in latest series of attacks.

 

Patients Shot Dead in Hospital Beds

February 26

Warring fighters in S. Sudan looted hospitals, killed patients, cutting life-saving healthcare to hundreds of thousands of people.

Security in the News – Week of February 17

Information Security

Computerworld

Data Exposed Delta, Facebook, Others Latest to Fall into Mobile App Trap

February 18

Match.com, eHarmony also among those saying we didn’t know our mobile apps did that.

 

Fox News
Iranian Hacking of Navy Computers Reportedly More Extensive Than First Thought

February 18

Hack of Navy’s largest unclassified computer network took four months to resolve, raising concern about security gaps exposed.

 

HelpNet Security

US Businesses Suffered 666K Internal Security Breaches

February 19

666K internal security breaches took place in US businesses in 12 months, average of 2560 per day, research revealed.

 

Epidemic of Cyber Attacks Compromising Healthcare Organizations

February 19

Networks, internet-connected devices of orgs in virtually every healthcare category continue to be compromised.

 

Cost of Target Data Breach Exceeds $200 Million

February 19

Financial institutions continue to respond to massive data breach at Target; costs associated with the breach exceed $200 million.

 

Lessons Learned From Blocking 100M Cyber Attacks

February 19

Report contains a quarter-by-quarter guide to the biggest cybercrime trends and incidents in 2013.

 

800M Exposed Records Make 2013 Record Year for Data Breaches

February 19

Data breaches show risk is much smaller than the one related to attacks coming from the outside.

 

96 Percent of Apps Have Security Vulnerabilities

February 20

Improvements in patch deployment, secure coding practices made impact on incidence of vulnerabilities.

 

First-Rate Phishing Email Claims Your Paypal Transaction Was Declined

February 20

Well-made fake notification claims transaction declined tricking users sharing personal, financial information.

 

Info Security

Syrian Electronic Army Hacked Forbes and Dumped One Million Credentials

February 17

Forbes’ email addresses exposed, passwords stolen.

 

Network World

Tips to Combat Advanced Persistent Threats

February 18

Time, training and collaboration to thwart APTs needed as these best practices can keep defenses high.

 

Zeus Malware-Botnet Variant Spotted Crawling Salesforce.com

February 19

Security vendor warns it’s seeing the Zeus banking malware turned to use to attack in new ways.

 

Why Companies Need to Check Handling of Internal Threats

February 20

Security pros should re-evaluate use of technology, policies to bolster defenses against threats that orgs often downplay.

 

Security Affairs

Detected New Zeus Variant Makes Use of Steganography

February 18

New Zeus banking trojan variant makes use of steganography to hide configuration file.

 

The Register

New Password System Lets Planet Earth Do Hard Work

February 17

Think of a place, any place.

 

We Live Security

QR Codes Pose Hidden Danger to Smartphone Users

February 19

So many are willing to scan this untrusted QR code.

 

Security and Crisis Management

Al Arabiya

Car Bombs Target Iraqi Capital as Violence Continues

February 18

Ten car bombs in central Iraq killed 19 after another series of blasts earlier.

 

Channel News Asia

Thai PM Faces Charges as Clashes Leave Four Dead

February 18

Thailand’s embattled premier charged with neglect of duty, clashes between police, opposition protesters in Bangkok.

 

Reuters

Two Killed in Guinea Protests over Power Cuts

February 18

Two killed, 30 injured in Guinea’s capital Conakry when protests against frequent power cuts turned violent.

 

UN Chief Wants 3K More Troops for Central African Republic

February 20

3K troops, police to Central African Republic to combat worsening sectarian violence until peacekeeping established.

 

UPI Top News

European Union Agrees to Sanctions Against Ukraine

February 20

EU said it would impose sanctions on Ukraine where anti-government protests turned deadly with security forces.

Security in the News – Week of February 10

Information Security

Computerworld

Another Step Toward Eliminating Data Loss

February 10

Combining existing network data loss prevention (DLP) with endpoint DLP will reveal more hidden network recesses.

 

Attackers Use NTP Reflection in Huge DDoS Attack

February 12

Attack peaked at over 400Gbps, according to CloudFlare, the company whose infrastructure was targeted.

 

HelpNet Security

Three US Medical Device Makers Breached

February 10

Networks of three medical device makers breached by unknown attackers after companies’ IP.

 

Account Details of 27K Barclays Customers Stolen, Sold to Brokers

February 10

UK Barclays hit with stolen personal, financial information of 27K customers; sold to city traders.

 

Governments Unprepared for Impact of Big Five IT Trends

February 10

MeriTalk study examines how implementation of data center consolidation, mobility, security, big data, and cloud computing, will affect state and local government IT.

 

Sophisticated Cyber-Espionage Tool Uncovered

February 11

Kaspersky Lab discovered a Spanish-language speaking threat actor involved in global cyber-espionage operations since 2007.

 

Parents Fear Kids are Exposed to Online Threats

February 12

27% parents believe children are exposed to online risks, such as accessing inappropriate content or cyber bullying.

 

Exposing Profitability of Private Data

February 12

Security breaches, cyber criminals, organized attacks made it nearly impossible to keep personal, financial data private.

 

As Crimeware Evolves, Phishing Attacks Increase

February 12

Number of phishing campaigns increased by 20% percent in 3Q 2013, with crimeware attacks evolving and proliferating.

 

Linksys Home Routers Targeted and Compromised in Active Campaign

February 13

Undetermined vulnerability affecting certain Linksys Wi-Fi routers is active to infect devices with a worm dubbed TheMoon.

 

New Global Partnership to Fight Cybercrime

February 13

MSFT announced global partnerships to increase cooperation between international law enforcement, private sector in combatting cybercrime, helping build safer Internet.

 

International Business Times

Japan Faced 12.8 Billion Cyber Attacks in 2013

Febraury 11

Cyber-attacks are believed to have included phishing campaigns, DDoS attacks and hacktivism.

 

Krebs on Security

Email Attack on Vendor Set Up Breach at Target

February 12

Target breach appears to have begun with malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer.

 

Secure Works

Top Banking Botnets of 2013

February 10

Although banks have evolved security measures to protect online transactions, attackers quickly adapt these countermeasures, respond with sophisticated banking botnets.

 

State of Security

Cyber Security Tops Intelligence Community’s 2014 Threat Assessment

February 10

As society becomes dependent on digital technologies, threats to security of govn. functions, industry, commerce, health care, social communication, personal information spikes.

 

We Live Security

Corkow, Lesser-Known Bitcoin-Curious Cousin of Russian Banking Trojan Family

February 11

Little-known banking Trojan has managed to infect thousands of victims’ computers without knowledge of owners.

 

Two-Factor Authentication: What Is It, Why Do I Need It

February 11

Two-factor authentication is an extra security measure which often requires a code from an app, or an SMS message, as well as a password.

 

Half of Children Left Exposed to Online Threats as Parents Fail to Use Built-in Controls

February 11

Only half of patents use parental controls on internet-enabled devices bought for children – leaving millions of youngsters potentially exposed to online threats.

 

Personal Email and Cloud Storage Pose Biggest Threat to Corporate Data

February 12

Employees who use personal email, removable storage devices, cloud storage to move work files pose one of today’s biggest threats to corporate data.

 

White House Unveils Cyber Security Guidelines to Protect Critical Businesses From Attack

February 13

US government released standards built to help companies in industries critical to the nation defend against cyber-attacks.

 

Security and Crisis Management

Al Arabiya

Libya Under Control After Coup Claim

February 14

PM described control in Tripoli after ex-army official announced suspension of government, parliament in foiled coup.

 

BBC

Syrian Troops Bombard Rebel Stronghold of Yabroud

February 13

Syrian government forces resumed bombardment of Yabroud, last rebel stronghold in the Qalamoun mountains.

 

Channel News Asia

Thai Riot Police Retake Government House

February 14

Thousands of riot police deployed in Thai capital to clear areas occupied for weeks by protesters to force PM from office.

 

News 24

Shabaab Claims Heinous Terror Attack

February 14

Car bomb exploded by convoy of UN vehicles near Mogadishu’s airport, killing six. Al-Qaeda-linked militants claimed responsibility.

Security in the News – Week of February 3

Information Security

Beta News

Good News and Bad as Enterprise Threat Landscape Evolves

February 3

HP released their Cyber Risk Report 2013, highlights top enterprise vulnerabilities.

 

Computerworld

Despite Target Data Breach, PCI Security Standard Remains Solid

February 3

Breaches at Target highlight need for multi-layered security effort.

 

How to Use Syrian Electronic Army Attacks to Improve Security Awareness

February 3

To help companies handle attacks from SEA to contain damage, which accounts compromised and clean up.

 

Malware Sophistication Vexes Lawmakers, Retailers and Financial Industry

February 5

Members of Senate Judiciary Committee point to failure of industry to implement stronger measures.

 

UK Spy Agency Attacked Hacktivist Groups

February 5

Leaked documents suggest agency used DoS tactics, assisted law enforcement in identifying Anonymous members.

 

Target Attack Shows Danger of Remotely Accessible HVAC Systems

February 7

Qualys says 55K internet-connected heating systems, including one at Sochi Olympic arena, lack adequate security.

 

CNN

Busting a Credit Card Hacker

Febrauy 5

Ukrainian Yastremsky was most prolific credit card hacker, stealing 40 million cards from US retailers; cost companies $11 million.

 

Identity Fraud Hits New Victim Every Two Seconds

February 6

Number of identity fraud victims jumped to 13.1 million in 2013; increase of 500K from 2012.

 

Detroit Free Press

Did Your Cell Phone Ring Just Once?

February 6

If you missed phone call from unknown number and call back, hold on to wallet before you get taken by a scam.

 

Entrepreneur

Microsoft Takes to Front Lines in War on Cybercrime

February 6

Global cost of cybercrime is upwards of $300 billion; daily one million more individuals become victims of cyber-criminal activity.
Help Net Security

Security Breaches, Data Loss and Outages Cost US Hospitals $1.6B

February 3

Report quantifies organizational cost with security breaches, data loss, unplanned outages for healthcare providers.

 

USA Still Global Spam King

February 4

SophosLabs revealed top spam-relaying nations.

 

Gartner: By 2016, 30% of Organizations Will Use Biometric Authentication on Mobile Devices

February 4

The consumerization of IT and business BYOD programs have resulted in potential security problems for IT leaders.

 

DDoS Attacks Used to Influence Stock Prices

February 5

Analysis of attacks indicate cyber-attacks using DDoS in attempt to influence market values, interfere with exchange platforms.

 

International Business Times

Anonymous Slovenia Claims FBI Hacked

February 3

Hacked FBI, uploading email addresses, personal information relating to current director to online storage site Pastebin.

 

Krebs on Security

Target Hackers Broke in Via HVAC Company

February 5

Target’s vendor in question was a refrigeration, heating, air conditioning subcontractor that worked at Target and top retailers.

 

Modesto Bee

Cards with Microchips Could Become More Common

February 4

Amid relentless revelations of cyber thieves stealing credit card and personal data, renewed push to fortify the credit cards.

 

Network World

11 Sure Signs You’ve Been Hacked

February 3

Signs you’ve been hacked, what to do in the event of compromise.

 

One in Three Victims of Target Card Breach Could Face Fraud

February 5

Survey shows data breach victims are more frequently seeing fraud.

 

State of Security

Syrian Electronic Army Claims eBay and PayPal Servers Hacked

February 3

SEA claims responsibility for defacing eBay, PayPal in France, Israel and UK with its logo, but denies targeting customer data.

 

Major Hotel Franchises Disclose Payment Data Breach

February 3

White Lodging franchise, Hilton, Marriott, Sheraton, Westin, suffered 2013 data breach exposing customer credit, debit information.

 

US Intelligence Agencies Say Healthcare.gov May be Compromised

February 4

Dept of Health Human Services warned Healthcare.gov compromised by Belarus contractors who developed code.

 

A Forensics Tale: Confronting the Insider Threat

February 4

The call can come in middle of night, a holiday or day off. Highly-disruptive, high-paced, and demand high degree of visibility.

 

US-CERT Issues Security Guidance for Sochi 2014 Olympic Games

February 5

Warnings about hacktivist threats, spam, phishing, drive-by-download campaigns, protecting personal information.

 

We Live Security

Weak Passwords and Ancient Software left US Government Data Vulnerable

February 5

DHS report finds weak passwords and rarely updated software are recurring theme behind the 48K cyber incidents reported.

 

Cellphone-Sized $20 Gadget Can Remote-Control Car Electronics

February 6

Gadget can hack into network of cars to receive radio commands from controlling steering, brakes to switching off headlights.

 

Security and Crisis Management

Al Arabiya

Youth Killed in Sectarian Violence in Algeria

February 7

Berber died of wounds  in Algeria’s Ghardaia, bringing to five killed during weeks of violence between two rival communities.

 

Explosion Rocks Area Near Iraq’s Green Zone

February 5

Three explosions in Baghdad, including car bomb by fortified Green Zone, killed 22 people on Wednesday.

 

BBC

Libyan Blast Injures 12 Children at Benghazi School

February 5

Grenade attack on school in Benghazi.

 

Reuters

Six Hurt in Blasts Near Cairo

February 7

Two explosive devices detonated near police checkpoint in outskirts of Cairo.

Security in the News – Week of January 27

Information Security

CNBC

China Originates 35% of Nuclear Bomb Cyber Attacks

January 29

Over a third of cyber-attacks come from China, with nation topping global charts for hacking.

 

Computerworld

Yahoo Resets Passwords After Email Hack

January 30

Yahoo suspects usernames and passwords were stolen from an unidentified third-party database.

 

CSO

CSO’s Guide to Advanced Persistent Threats

January 27

Series of articles examine processes, tools and methods used by criminals during a targeted attack.

 

HelpNet Security

Hasbro’s Website Compromised, Serves Malware

January 27

Toy maker compromised, found serving malware to unsuspecting visitors on number of occasions during last few weeks.

 

Retailer Michaels has Likely Been Breached

January 27

Latest to announce it was targeted by cyber crooks after customers’ payment card data.

 

Which Ecommerce Sites Do More to Protect Your Password?

January 27

Keys that protect consumer personal data are passwords used, and weak passwords could prove disastrous for personal data security.

 

Microsoft Reveals Law Enforcement Documents Were Stolen in Hack

January 27

Unknown hackers accessed, exfiltrated law enforcement information requests from compromised employee email accounts.

 

DDoS Attacks Become Smarter, Faster and More Severe

January 28

Attacks will continue to be serious issue in 2014 as attackers become more agile and their tools become more sophisticated.

 

Who Should be Responsible for Protecting Your Online Privacy?

January 28

Microsoft released results of survey that shows privacy attitudes of technology savvy individuals in US and European countries.

 

Empowering Users to Make Informed Decisions on Value of Sensitive Data

January 28

Data Privacy encourages everyone to make protecting privacy and data a greater priority.

 

Krebs on Security

New Clues in the Target Breach

January 29

Malware used suggests attackers may have had help from poorly secured feature built into a widely-used IT management software product running on retailer’s internal network.

 

MS-ISAC

2014 Cyber Security Outlook

January 29

A look at cyber threats this year, and key challenges from advancements in technology that are becoming part of daily lives.

 

Reuters

SEC Examiners to Review How Asset Managers Fend Off Cyber Attacks

January 30

Regulators plan to scrutinize asset managers to have policies to prevent, detect cyber-attacks, properly safeguarding against risks that arise from vendors having access to systems.

 

State of Security

Data Privacy, Information Security and Cyber Insurance 2014 Trends Report

January 28

Data Privacy, IS industry experts for businesses and organizations.

 

Wall Street Journal

Alcatel-Lucent Reports Surge in Mobile Network Infections Affects 11.6 Million Devices

January 29

Home network infections rates for year remain flat as “traditional” PC malware makes jump to mobile devices

 

We Live Security

Blackberry Rolls out Picture Passwords for Handsets, Bolsters Enterprise Security System

January 29

Blackberry 10 operating system was updated to include photo password mechanism, stronger message filtering capabilities.

 

Security and Crisis Management

Al Arabiya

Egypt Militants Blow Up Sinai Gas

January 28

Pipeline in Egypt’s Sinai that transports gas to Jordan blown up by suspected militants.

 

BBC

Philippines Military Offensive Kills 37 Rebels

January 29

At least 37 Philippine rebels were killed in a two-day offensive in south.

 

News 24

Death Toll Hits 52 in Nigeria Market Attack

January 29

Number of people killed in deadly market attack blamed on Boko Haram militants in Nigeria has risen to 52.

 

Reuters

Suicide Bombers Storm Iraq Ministry

January 30

Suicide bombers burst into Iraqi ministry building, took hostages, killed 18 including themselves before security forces regained control.

Security in the News – Week of January 20

Information Security

CNN

Did You Get an Email from Target? What You Need to Know

January 20

Target sent blast to customers for one year of free credit monitoring, problem is scammers are on prowl sending similar emails.

 

Computer Weekly

South Korean Data Breach Linked to Insider

January 21

Employee at credit rating firm in S. Korea alleged to have sold personal details of 20 million to marketing firms in insider threat.

 

Computerworld

Coding Target-Related Malware Side Job for Man Living in Russia

January 21

Program he helped develop has a defensive purpose as well.

 

Syrian Electronic Army Hacks Microsoft’s Office Blogs Site

January 21

Syrian Electronic Army claim they got access to the blogs.office.com admin panel.

 

Take Security Program to Next Level

January 21

Key elements for CSO 2.0s for success in 2014, beyond.

 

As Target Breach Unfolds, Information Vanishes from Web

January 22

Did security companies publish too much, too soon on the Target breach?

 

Digital Strategy Consulting

Massive German Hack Sees One Fifth of Population’s Passwords Stolen

January 23

Passwords of 16 million email users in Germany were stolen, equivalent of a fifth of German population. More than half of hacked accounts ended in .de, country code for Germany.

 

Help Net Security

Cyber Security Predictions for 2014

January 21

Chief Security Strategist at Bitdefender draws on expertise to predict key security threats.

 

Companies Must Improve Incident Response Plans

January 21

Ponemon Institute report on cyber security incident response.

 

Apple Users Hit with Update Using New SSL Servers Phish Email

January 21

Accounts targeted with legitimate-looking phishing emails that are after account credentials, personal, financial information.

 

Card Data Stolen in Target Breach Starts Getting Misused

Janaury 21

Information swiped in massive breach has been spotted being misused in Texas, and two Mexican citizens are facing federal charges.

 

Motivation, Techniques of World’s Most Sophisticated Cyber Attackers

Janaury 22

CrowdStrike Global Threats Report: 2013 Year in Review – product of year-long study of more than 50 groups of cyber threat actors.

 

New Snapchat CAPTCHA System Hacked in Record Time

January 23

Revelation that usernames and phone numbers of 4.6 million Snapchat users were compromised marked bad start of the year for company.

 

Penetration Testing: Accurate or Abused?

January 23

Ponemon study says since 2010 cybercrime costs climbed 78%, time required to recover from breach increased 130%.

 

Top 10 DDoS Attack Trends

January 23

Prolexic Technologies, provider of DDoS protection services, published top 10 attack trends for 2013.

 

Best Practices to Help Prevent Online Data Breaches

January 23

Online Trust Alliance recommended a series of best practices to help prevent online data breaches and other exploits.

 

Krebs on Security

DHS Alerts Contractors to Bank Data Theft

January 21

Breach at DHS web portal exposed private documents, financial details belonging 114 organizations that bid on contracts.

 

Gang Rigged Pumps With Bluetooth Skimmers

January 22

Indictment of 13 accused of running a multi-million dollar fraud ring that allegedly installed Bluetooth-enabled wireless gas pump skimmers at filling stations throughout S. US.

 

Bug Exposes IP Cameras, Baby Monitors

January 23

Bug in software that powers Webcams, IP surveillance cameras, baby monitors made allows access to device’s internet address to view live, recorded video footage.

 

South Florida Business Journal

Russian Teenager Could be Culprit in Target’s Cyber Attack

Janaury 21

Breach, possibly compromising 40 million users, linked to Russian teen.

 

We Live Security

How to Cleanse Your PC of Unwanted Adware and Badware

January 21

100K new variants of malware detected daily, globally.

 

‘Password’ No Longer Weakest Choice as ‘123456’ Surges to First Place

January 21

Password security co. released annual list of world’s worst passwords – ‘password’ has been unseated by ‘123456’.

 

Security and Crisis Management

BBC

Ukraine Protests: Two Protesters Killed in Kiev Clashes

January 22

Protesters killed in clashes with police in Ukrainian capital Kiev.

 

Egypt Police Killed at Checkpoint

January 23

Five policemen killed in Egypt in armed attack on checkpoint in S. Cairo.

 

Reuters

Seven Dead in Killings in Central African Republic

January 22

Several die in inter-religious attacks, reprisal killings in Central African Republic’s capital Bangui, underlining challenge new interim president faces in restoring peace.

 

Working Knowledge of Data Science

Judge what questions to ask
Understand what data tells you
Know how to link cause and effect

Adjust Processes
Share Information
Use data in new ways
Start bite-sized
Then scale

Empower Yourself
Obtain working knowledge of data science
Start to question
Hire data scientists

Security in the News – Week of January 13

Information Security

Business Day Live

South Africa Neglects Alarming Effect of Cybercrime

January 14

Cyber-attacks are growing risk to business in South Africa, but neither government nor business are doing enough to combat it.

 

CNN

Starbucks App Leaves Passwords Vulnerable

January 15

App allows customers to purchase from smartphones, saves usernames, passwords, other personal information in plain text.

 

Computerworld

Target’s Point-of-Sale Terminals Were Infected with Malware

January 13

Attackers used malware to steal credit and debit card data from PoS systems.

 

Target Hackers Have More Data to Sell as Demand Wanes

January 14

Those who stole data appear to be keeping low profile on underground forums.

 

Target to Invest $5M in Cyber Security Ed Program

January 14

Launch of plan to educate public on dangers of scams follows major theft of Target customer data.

 

Kaspersky Lab: Beware of Neverquest Trojan Banker
January 14

Recorded attempts to infect computers used for online banking with malicious program creators claim can attack any bank, any country.

 

Hackers Exploit SCADA Holes to Take Full Control of Critical Infrastructure

January 15

Review of reports on hacking critical infrastructure, from dish satellite systems to taking full control of industrial control systems.

 

Spammers Target Snapchat, Bitly, Kik Messenger

January 16

Companies working with Symantec to clean up malicious links, result of API keys left visible on web.

 

Help Net Security

Top Security Concerns for 2014

January 14

AhnLab, immersed in the cyber trenches and the cloud, announced top security concerns for 2014.

 

Understanding Mobile Security Pressure Points and Vulnerabilities

January 14

41 percent of government employees who used assessment tool are putting themselves, agencies at risk with existing mobile habits.

 

Amazon and GoDaddy are Biggest Malware Hosters

January 15

US leading malware hosting nation, 44 percent of malware hosted domestically.

 

Security Concerns Still holding Back Cloud Adoption

January 15

With significant differences in public cloud infrastructure concerns between cloud-wise, cloud-wary, organizations not using cloud services have no near-term plans.

 

Krebs on Security

First Look at Target Intrusion, Malware

January 15

Target disclosed malicious software infected point-of-sale systems at checkout counters.

 

Closer Look at Target Malware, Part II

January 16

Previous story prompted flood of analysis and reporting from antivirus and security vendors about related malware.

 

PC Magazine

Syrian Hackers Hijack Saudi Sites, Target Microsoft Again

January 15

SEA seized control of Saudi Arabian govn. websites, tweeting names, links of 16 Saudi domains as they infiltrated each one.

 

The Register

Banking Apps – Insecure and Badly Written

January 13

Security researchers IO Active are warning that many smartphone banking apps are leaky and need to be fixed.

 

We Live Security

Less Than Half of Consumers Take Steps to Stay Safe Online

January 13

Survey conducted by British gov. found less than half took basic steps online, part of new cyber campaign.

 

Luxury Store Neiman Marcus Admits to Cyber-Intrusion, Theft from Customer Cards

January 13

Thieves accessed systems, made unauthorized charges on customers’ credit cards over holiday period.

 

Major Cyber-Attacks Can be Predicted Using Computer Model

January 14

Major international cyber-attacks follow pattern can be predicted by mathematical model, researchers claim.

 

Tips for Defending Accounts Against Card Fraud

January 14

If you used credit, debit card in store last three months, check accounts for fraudulent charges.

 

Borrowing Tricks from Cybercriminals Scare Web Users Into Safe Browsing

January 15

Direct threats against users are more effective, such as vague warnings about systems or impact on others.

 

Security and Crisis Management

CBS News

Deaths in Shootout During Pre-Olympics Security Sweep in Russia

January 15

Russian security forces and gunmen were killed in shootout during a sweep for militants before the Sochi Winter Olympics.

 

Channel News Asia

24 Wounded in Philippine School Blast

January 13

Suspected improvised bomb attack at university campus in Philippines left 24 student and teachers people wounded.

 

News 24

31 Killed in Tribal Clashes in Southern Libya

January 13

Days of fighting between tribes in S. Libya kill 31, gunmen assassinated country’s deputy minister of electricity in separate attack.

Security in the News – Week of January 6

Information Security

BetaNews

Malware Introduced by Employees Major Concern for Business

January 9

Study finds malware security concern for businesses, finds employees were main reason when it comes to introducing malware to enterprise systems.

 

Computerworld

Target Breach Unleashes Fresh Scams

January 6

Scammers are nothing if not innovative, goes to show best defense is an educated workforce.

 

Help Net Security

Growing Hacking Threat to Ecommerce Websites

January 6

How websites get hacked, how to prevent it and what to do in a website compromise.

 

Unauthorized Activity on Your Amazon Account Phishing Email Doing Rounds

January 6

Spam campaign that aims for login credentials claims unauthorized activity on recipient’s Amazon account.

 

Deadly New Ransomware To Be Released?

January 7

As disruptive as Cryptolocker is, there’s a possibility that a deadlier type of ransomware will soon target unsuspecting users.

 

Senior Managers Worst Information Security Offenders

January 8

As companies look for solutions to protect integrity of networks, data centers and computer systems, unexpected threat is lurking under surface, senior management.

 

Top Priorities for Organizations to Counter Digital Criminality

January 8

Highlights biggest issue to hit organizations in 2014 will be rise of digital criminality as fraud becomes increasingly cyber enabled.

 

What Healthcare Security and Privacy Pros Wish For

January 9

2013 proved to be a dizzying year for healthcare compliance, privacy, and information security.

 

Krebs on Security

Target: Names, Emails, Phone Numbers on Up To 70 Million Customers Stolen

January 10

Target’s ongoing forensic investigation also determined guest information, separate from payment card data, was taken during breach.

 

Naked Security

Follow Up Phish Targets Possible Victims of JP Morgan Chase Card Breach

January 8

How cybercriminals use real security disasters to cause follow-up disasters of their own.

 

Network World

Talk of Cyberwarfare Meaningless to Many Companies

January 7

While government leaders often use attention-grabbing buzzwords, such expressions do not have much impact on security budgets within private industries.

 

Worst Data Breach Incidents of 2013

January 8

Businesses and government agencies lost most personal, financial records due to hackers or security mishaps.

 

Seven Best Habits of Effective Security Pros

January 8

IS professionals need to learn more swiftly, communicate more effectively, know more about business, and match capabilities of an ever-improving set of adversaries.

 

State of Security

Security and Risk Management in Healthcare

January 6

Study reveals industries lag behind other sectors in implementation of critical security controls.

 

Skipfish Scanner Used in Financial Sector Attacks

January 8

Cloud platform provider reports discovery of ongoing attacks targeting  financial sector in which systems are being scanned for vulnerabilities with security reconnaissance tool.

 

Remote Network Satellite Links Vulnerable to Attacks

January 8

Researchers have warned that terminals that allow Internet access for remote networks by sending data to satellites may be a “soft target” for attackers.

 

ThreatPost

PrisonLocker Ransomware Emerges From Criminal Forums

January 6

Researchers uncovered new ransomware, malware author, legitimate security researcher or posing as one via a personal blog and Twitter handle.

 

We Live Security

2013: A View to a Scam

January 6

Plenty of scams effective to rate a warning or three, in the hope of alerting potential victims to the kind of gambit they use.

 

Security and Crisis Management

BBC News Africa

DR Congo’s Lubumbashi Hit by Fighting

January 7

26 killed in 8 hour battle between government, rebel forces in DRC city Lubumbashi.

 

Nigeria Gunmen Kill 30 in Plateau State Raid

January 7

Gunmen stormed village in Nigeria’s central Plateau state, leaving 30 people dead.

 

BBC News Europe

Russia Security Swoop after Bodies Found in Stavropol

January 9

Russian security forces deployed in anti-terror operation 186 miles east of Sochi, venue for Winter Olympics.

 

News 24

Mozambique Clash Leaves at Least 2 Dead

January 8

At least two gunmen linked to main opposition party killed in exchange of fire with government forces in town of Pembe.

Security in the News – Week of December 23

Information Security

Computerworld

Target Hackers Try New Ways to Use Stolen Card Data

December 23

For the first time, hackers market stolen data with info on location of store where card was used; experts say new strategy will slow detection.

 

Help Net Security

Breaking Backlog of Digital Forensic Evidence

December 23

Time for change in the way law enforcement works with digital forensic evidence.

 

How Consumer Attitudes Changed Towards Data Security

December 24

With moves in digital world, a traceable footprint is created, which organizations can use to analyze, predict and act upon.

 

State of Security

Target: The Desolation of Fraud

December 24

Security teams are feeling more overwhelmed by challenges of modern, organized cyber-crime.

 

Security and Crisis Management

BBC News Africa

Kenya and Ethiopia Leaders in Juba for Talks

December 26

Leaders of two of South Sudan’s neighbors, Kenya and Ethiopia, have held constructive talks in a bid to halt fighting.

 

BBC News Asia

Bangladesh Deploys Army Ahead of January Elections

December 25

Tens of thousands of troops are being deployed across Bangladesh to try to prevent potential political violence ahead of next month’s elections.

 

Thailand Protests: Yingluck Government Rejects Election Delay

December 26

Thailand’s government rejected calls to delay February’s election, amid increasingly violent protests in which a policeman was shot dead.

 

BBC News Europe

Defiant Turkish PM in Major Reshuffle

December 25

Turkish PM announced major cabinet reshuffle after three ministerial resignations over a corruption inquiry.

Channel News Asia

Thai Army Chief Refuses to Rule Out Coup

December 27

With tensions running high in Bangkok after violent clashes between police, opposition protesters, army chief refused to rule out a coup, saying anything can happen.

 

The Cambodian Daily

Factories Advised to Close as Wage Strikes Swell

December 27

Cambodia’s garment manufacturers were advised to temporarily shut operations as tens of thousands of workers at hundreds of factories joined nationwide strikes over wages.