Welcome Guest | Sign In
LinuxInsider.com
Shadow IT Feeds 'Man in the Cloud' Attacks
August 27, 2015
Shadow IT -- the use of unauthorized online services by company employees -- is a concern of cyberwarriors charged with defending business systems against network attacks. There's new evidence that those concerns are justified. A new attack vector on business systems leverages the synchronization features of services like Dropbox and Google Drive to perform malicious mischief.
Cyber-Posse Aims to Round Up Ashley Madison Hackers
August 25, 2015
The Toronto Police Service on Monday reported on the progress of Project Unicorn, the official investigation into the hack attack on Ashley Madison, an adultery-promoting website. The Toronto police are working closely with the U.S. Department of Homeland Security, the RCMP, the FBI, and the Ministry of the Attorney General's criminal law office in carrying out the investigation.
Ashley Madison Hackers: Catch Them if You Can
August 20, 2015
The Ashley Madison hacker gang will be tough to apprehend. The hackers this week dumped nearly 10 gigabytes of stolen personal data onto the Web -- details gleaned from accounts established on the site, which is dedicated to matching up people who want to engage in extramarital affairs. It's "nearly impossible" to track down attackers, noted Bit9 + Carbon Black's Ben Johnson.
Study: Chinese Hackers Are Savvy, Surgical
August 13, 2015
A clandestine group of sophisticated Chinese hackers have infected scores of sites on the Web and stolen documents from industrial and government organizations with surgical precision, according to a Dell SecureWorks study released last week. Dubbed "Threat Group 3390," the cybergang has used infected websites of some 100 organizations across the globe.
Chinese Hackers May Have Burrowed Into Airlines
August 11, 2015
The China-based hacking team that has been infiltrating U.S. government and business computer systems appears to be behind two newly discovered attacks -- this time on travel reservation processor Sabre and American Airlines. Sabre confirmed that its systems -- which contain sensitive records on as many as a billion travelers -- recently were breached. American Airlines is investigating.
Cyberwarrior Demand Outpaces Supply
August 6, 2015
Demand for cybersecurity professionals continues to far outpace supply, according to a Burning Glass Technologies report released last week. Cybersecurity hiring remains concentrated in government agencies and among defense contractors, the third annual cybersecurity job market report notes, but hiring has started to boom in industries handling consumer data.
Commerce Dept. Caves on Security Export Rules
July 30, 2015
Some proposed federal rules on the export of security tools created a tumult in cybersecurity circles -- a tumult that's pushed the rules into limbo. The comment period for the rules, which the U.S. Department of Commerce first aired in May, ended July 20 -- and although the regulations have noble intentions, they also could have dire consequences.
Super-Scary Android Flaw Found
July 28, 2015
Zimperium on Monday revealed a stunning discovery by researcher Joshua Drake -- a flaw in Android's Stagefright media playback engine that could expose millions of mobile device users to attack without their having done anything. Stagefright, which processes several popular media formats, is implemented in native code -- C++ -- which is more prone to memory corruption than some other languages.
Hackers Take Hijacked Jeep Cherokee for Joyride
July 23, 2015
White-hat hackers Charlie Miller and Chris Valasek remotely took over a Jeep Cherokee, ran its controls, then cut the transmission as it sped at 70 mph along Interstate 64 in an experiment conducted with Wired. They turned on the air conditioning, switched radio channels, turned on the windshield wipers, activated the windshield washer fluid pump, and transmitted a photo of themselves.
OPM Director's Resignation Draws Mixed Reactions
July 23, 2015
The resignation of U.S. Office of Personnel Management Director Katherine Archuleta is drawing mixed reactions from the cybersecurity community. Archuleta's departure on July 10, in the wake of a massive data breach resulting in the theft of the personal information of more than 22 million people, is being characterized by security pros as everything from "necessary" to "unfair."
Leverage Big Data to Get Rid of Network Attackers
July 21, 2015
Up to 30 percent of their firms' security incidents this year should have been detected by perimeter security measures -- but weren't -- said 55 percent of respondents to a SANS Institute survey. The truth is that today's attackers have become skilled at bypassing conventional defenses, which no longer can be counted on to protect enterprise networks on their own.
DoJ: Firms Should Hire Cyber-Savvy Lawyers
July 20, 2015
Hardly a day goes by without a headline about a cyberintrusion. No entity is immune -- international retailers, airlines, hotels, mom and pop stores, cloud providers -- even the U.S. government. However, it seems that few businesses contemplate how important it is for their attorney to know and understand cybersecurity, as well as know what to do when a cyberintrusion occurs.
The Emperor Is Naked and We're All Idiots
July 20, 2015
An old fable keeps running through my mind about the scam artist who convinced an emperor that he had created clothing only smart people could see. Everyone says they see the clothing because they don't want to look stupid. Walking around in clothing stupid people can't see doesn't sound enticing anyway, but lately it has seemed clear to me that the folks reporting the news think we are idiots.
Swipes, Taps and Cursor Movements Can Foil Cyberthieves
July 16, 2015
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters. Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines, including typing speed and the use of keyboard shortcuts, can authenticate our identities, too.
Feds Deliver Darkode's Doomsday
July 16, 2015
United States law enforcement agencies and their counterparts in 19 countries on Wednesday announced they had dismantled the Darkode hackers' forum. Charges, arrests and searches were launched against 70 Darkode members and associates around the world, and 12 people associated with the forum were indicted in the U.S. The agencies also served several search warrants in the U.S.
NYSE, United Shutdowns Spark Cyberattack Rumors
July 9, 2015
The New York Stock Exchange on Tuesday halted all transactions for three hours, due to what it maintained was a technical glitch. Trading continued on the other exchanges belonging to its owner, holding company Intercontinental Exchange. "The markets did not plummet with the shutdown," said Jim Wright, chief investment officer at Harvest Financial Partners.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Is Isolating the Internet Key to Bulletproof Security?
July 7, 2015
With so many cybersecurity pros drowning in an ever-rising tide of hack attacks on their computer systems, an emerging approach to defending those systems may be the life preserver they've been looking for. The approach doesn't involve beefing up perimeter defenses, carefully scrutinizing network traffic, or applying analytics to employee behavior.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
FBI Hunts SF Bay Area Fiber-Optic Cable Cutters
July 2, 2015
The FBI for the past year has been on the hunt for people slashing fiber-optic cables throughout the San Francisco Bay Area. The FBI called for the public's assistance in June, after 10 attacks had taken place. The 11th occurred on Tuesday, when someone severed cables used by Wave Broadband. "We have been in consultation with the FBI," said Wave Broadband spokesperson Mark Petersen.
The Encryption Software Scuffle
June 29, 2015
In the face of encryption that could block brute force attempts for years, law enforcement agencies at every level have been calling for keys that allow investigators to crack open smartphones and court cases alike. Some of the world's leading tech companies and privacy advocates have called for the White House to stand against any proposal to weaken the security software on consumer products.
Samsung Jams Up Windows Security Updates
June 25, 2015
Samsung has been disabling Windows updates by means of an executable file, Disable_Winduwsupdate.exe, that is part of its SW Update software. The issue came to light on Tuesday, when Microsoft MVP Patrick Barker published a blog post about his discovery when helping a user who was having problems. It seemed that Windows Update kept getting disabled.
Will LastPass Breach Poison Trust in Password Managers?
June 25, 2015
A data breach is no picnic for any organization, but for a company that makes its potato salad by protecting other people's passwords, it's the mother of all nightmares. Yet, that has happened to LastPass twice. In 2011, the service found anomalies in its network traffic that forced it to reset all its users' master passwords. Recently, it came under attack again.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.

See More Articles in Cybersecurity Section >>
Facebook Twitter LinkedIn Google+ RSS
Targeted advertising...
Gives me the creeps -- I hate it.
Is really helpful -- I like the personalization.
Is effective -- it makes business sense.
Is irrelevant to me -- I use an ad blocker.