Welcome Guest | Sign In
DDoS Attack Causes Waves of Internet Outages
October 22, 2016
Hundreds of websites -- including those of biggies such as Netflix, Twitter and Spotify -- on Friday fell prey to massive DDoS attacks that cut off access to Internet users on the East Coast and elsewhere in the U.S. Three attacks were launched over a period of hours against Internet performance management company Dyn. The first attack started at about 7:10 a.m. EDT.
Assange Lives to Leak Another Day
October 19, 2016
The status of WikiLeaks founder Julian Assange grew a bit murky on Tuesday after the group accused the U.S. State Department of pressuring Ecuadorian officials to block him from posting additional emails linked to presidential candidate Hillary Clinton. The Ecuadorian foreign ministry on Tuesday acknowledged restricting Assange's access, saying it did not wish to interfere in a foreign election.
This Election May Be Scarier Than You Think
October 17, 2016
Not that it isn't scary enough -- but if you look at both candidates, who have had their images destroyed largely by technology, i.e., tapes and emails -- there is a huge warning inherent in the process. Email really wasn't a big thing until the late 1990s and even having your own email server wouldn't have been likely before 2005, let alone thinking through the security aspects.
What Should be on the Next President's Cyberagenda?
October 14, 2016
When the new president takes up residence at 1600 Pennsylvania Ave., cybersecurity will be on the shortlist for action. TechNewsWorld asked more than a dozen experts what should be at the top of the new leader of the free world's cyberagenda. Following are some of their responses. "The president has to set the tone early on cybersecurity within the first 100 days," said Cybereason's Sam Curry.
US Considers 'Proportional Response' to Russia's Election Tampering
October 13, 2016
The Obama administration on Tuesday indicated it was considering a proportional response to retaliate against Russia for its efforts to influence the U.S. election process. The administration has officially linked Russian operatives to a series of cyberattacks against the Democratic National Committee and other organizations, apparently in an effort to influence the November presidential race.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
Insulin Pump Susceptible to Hacking
October 7, 2016
Medical device manufacturer Animas on Tuesday warned that its OneTouch Ping insulin pump system was susceptible to hacking. "We have been notified of a cybersecurity issue with the OneTouch Ping, specifically that a person could potentially gain unauthorized access to the pump through its unencrypted radio frequency communication system," reads the company's letter to users of the device.
Newsweek Joins Growing Club of Possible Russian Cyberattack Targets
October 7, 2016
Newsweek is the latest media institution to get caught up in a series of cyberattacks that have targeted major government, political and media organizations, raising suspicions of links to Russia. The news magazine sustained a massive DDoS attack the day after it published a cover story about Republican presidential candidate Donald Trump's business activities in the late 1990s.
US Launches IT Contract to Spur Cybersecurity Purchases
October 6, 2016
The U.S. government plans to initiate an updated contracting vehicle for the acquisition of cybersecurity information technologies for federal agencies this month. The purpose of the program is to make it easier and more efficient for federal agencies to obtain cyberprotection services. Specifically, GSA will include cybertechnology providers on a major listing of approved federal contractors.
IoT Could Become Playground for Botnets Gone Wild
October 6, 2016
The source code for Mirai, the malware behind the botnet that launched a massive attack on the Krebs on Security website -- the largest DDoS attack on record -- has been released in the wild, according to Brian Krebs. A hacker who goes by the handle "Anna-senpai," apparently because of increased scrutiny from the cybersec industry, last week announced the release on Hackforums, Krebs said.
Report: Apple Shares Unencrypted iMessage Metadata With Cops
October 5, 2016
Apple last week faced renewed scrutiny for its data-sharing practices, following news that it retains iMessage metadata and shares it with law enforcement when presented with a court order. The company has insisted that it would not share data that would jeopardize the privacy and trust of its millions of customers. Metadata includes contacts, IP addresses, and dates and times of conversations.
Garden-Variety Cybercrooks Breached Yahoo, Says Security Firm
September 30, 2016
The hackers who stole the data of hundreds of millions of Yahoo users two years ago were two cybercriminal gangs, InfoArmor reported. That finding contradicts the notion that state-sponsored actors were behind the attack, which Yahoo suggested when it disclosed the breach. Further, the number of users' records stolen is closer to 1 billion than to the 500 million Yahoo acknowledged.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Cisco Battles Shadow Broker Exploits
September 28, 2016
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits possibly stolen from the Equation Group, which is believed to have ties to the U.S. National Security Agency. Cisco earlier this month disclosed the vulnerability, even though patches were not yet ready.
Hackers Get Up Close and Personal With WH Staffer's Email
September 27, 2016
Federal authorities last week launched a probe of a suspected cyberattack that targeted the private Gmail account of a White House staffer. The employee's correspondence turned up on the DCleaks hacktivist site, which earlier this month posted the private emails of former Secretary of State Colin Powell. The latest dump involves the private account of White House staffer Ian Mellul.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Hack of Half a Billion Records Takes Shine Off Yahoo's Data Trove
September 23, 2016
Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts. It appears that state-sponsored hackers carried out the attack, the company said. Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers.
Congress to Bureaucrats: Trust No One
September 20, 2016
Congress earlier this month lowered the hammer on the U.S. Office of Personnel Management in a report on the massive data breach that resulted in the theft of 4.2 million former and current government employees' personnel files, as well as 21.5 million individuals' security clearance information, including fingerprints associated with 5.6 million of them.
Cyberattacks on Athletes May Be Russian Distraction Tactic
September 16, 2016
Confidential information about international athletes surfaced on the Internet Wednesday -- the second such exposure this week. Russian hackers allegedly stole the information from the World Anti-Doping Agency. It includes confidential data on medical drug exemptions given to 25 athletes from eight countries. Information about four athletes appeared online earlier in the week.
Nation States May Be Plotting Internet Takedown, Warns Cybersec Pro
September 14, 2016
Unknown attackers have been testing the defenses of companies that run critical parts of the Internet, possibly to figure out how to take them down, cybersecurity expert Bruce Schneier warned. Large nation states -- perhaps China or Russia -- are the likely culprits, he suggested. "Nation state actors are going to probe to find weaknesses in all of our technologies," said Tripwire's Travis Smith.
Alphabet Think Tank Spearheads Online Counterterrorism Campaign
September 14, 2016
Alphabet think tank Jigsaw and startup Moonshot CVE last week demonstrated a new counterterrorism technology tool. The groups have been collaborating to steer social media users away from terrorist propaganda. They have developed sophisticated algorithms to target potential ISIS sympathizers with counter narratives when they search for certain terms online or through social media.
Attack-for-Hire Teens Collared in Israel
September 14, 2016
At the FBI's request, Israeli authorities last week arrested two teens for operating vDOS, a DDoS-for-hire service that raked in more than half a million dollars in two years. DDoS attacks flood websites with garbage data in order to disrupt their operation and deny users access. The pair were questioned and released after posting bond of about $10,000 each.
Obama Warns Against Cyber Cold War
September 6, 2016
President Obama on Monday urged de-escalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. The president urged adoption of new cybersecurity norms.
Feds Warn States to Batten Down Hatches Following Election System Attacks
September 2, 2016
The FBI has launched investigations into malicious cyberattacks on the electronic election infrastructures in Illinois and Arizona, and federal officials last month warned states to take steps to protect their systems as the presidential campaign heats up, according to reports. The attacks, dating back to June, led to the illegal download of information on more than 200,000 Illinois voters.
Massive Data Breach Puts French Sub Maker in Crosshairs
September 1, 2016
Officials in France and India are investigating a massive data breach involving thousands of documents belonging to defense industry contractor DCNS, which was scheduled to deliver six Scorpene-class submarines to the Indian navy later this year. Hackers stole more than 22,000 pages of documents that included detailed technical information on the vessels, some of which was published online.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Apple Speeds iOS Patch to Bring Down Pegasus
August 26, 2016
Apple on Thursday issued a patch that addresses three recently discovered critical iOS zero-day vulnerabilities, and advised users to update their systems immediately. State-sponsored actors exploited the flaws to target United Arab Emirates human rights defender Ahmed Mansoor, and a Mexican journalist who reported on government corruption. Researchers have dubbed the flaws "Trident."
Twitter Steps Up Counterterrorism Efforts
August 24, 2016
Twitter last week announced it had suspended 235,000 accounts since February for promoting terrorism, bringing to 360,000 the total number of suspensions since mid-2015. Daily suspensions have increased more than 80 percent since last year, spiking immediately after terrorist attacks. Twitter's response time for suspending reported accounts has decreased dramatically.
From the Olympic Non-Robbery to Ford Getting Out of Cars, to Evil NSA: A Strange Week
August 22, 2016
There were three stories that caught my eye last week that I think deserve some additional discussion. One is the alleged robbery of U.S. Olympians followed by questions of whether it really happened because their phones weren't stolen. There may be a legitimate reason for that, and it's one that suggests a lot of folks will be getting huge cellphone bills next month.
To Protect Enterprise Data, Secure the Code
August 20, 2016
Responsibility for securing enterprise applications has been moving down the development lifecycle, and for good reason. It not only makes the enterprise more secure, but also saves companies time and money. For example, the average time to fix a vulnerability in IBM's application security solution has dropped from 20 hours to 30 minutes, according to Forrester Consulting.
See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your alarm level over cyberattacks on the Internet's infrastructure?
Red: A deadly cyberwar will occur -- It's when, not if.
Orange: A big one could be costly and threaten public safety.
Yellow: We need to improve cybersecurity at a faster pace.
Blue: Regional outages will become more frequent and more annoying.
Green: There's no way anyone could take out the entire Internet.