28 March 2016
2010
Siemens to enhance cyber security team
Â
Excerpt:
'....At present, there are about 50 employees in the R&D department of the company, working intensively on technologies designed for prevention and detection of cyber attacks."The threat of cyber crime is relatively high", Siemens R&D head Reinhold Achatz said in an interview with Financial Times Deutschland.......'
Â
Â
How Cybercriminals Make Their Millions
Thor Olavsrud
http://www.esecurityplanet.com/trends/article.php/3918186/article.htm
Â
Excerpt:
'...."A botnet is a network of computers that have been infected with malware and placed under the control of a single individual," explained Martin Lee, senior software engineer at Symantec Hosted Services. "When you get infected by one of their pieces of malware, your computer is then placed under the control of whoever wrote that malware.".....'
Â
Â
Hackers leak mail details of defence workers
Hannah Devlin and Murad Ahmed
Â
Excerpt:
'....The work e-mail addresses and passwords of senior staff at the Crown Prosecution Service, officials at the Charity Commission and employees of BAE Systems are among those in a file of more than one million user names that is circulating online, putting highly sensitive correspondence at risk.......'
Â
Â
Â
Skype says "supernode" problem took millions offline
Elizabeth Heichler
Â
Excerpt:
'...."Our engineers are creating new 'mega-supernodes' as fast as they can, which should gradually return things to normal," the company blog post said, adding that it may be several hours before the service returns to normal. Services such as group video calling may be offline longer'....'
Â
Â
Information Security - The Next Decade
David Lacey,
http://www.issa-uk.org/whitepapers/ISSA-UK-InformationSecurity-TheNextDecade.pdf
Â
Excerpt:
'.... The meeting, held at the House of Commons and chaired by the Rt. Hon. David Blunkett MP, resulted in a fascinating and engaging exchange of views. The debate was wide-ranging and controversial, as might be expected from a diverse group of stakeholders, policy makers and specialists.This report sets out some of the key issues discussed......'
Â
Â
MOD Scales Up UK Cyber Security
http://www.itproportal.com/2010/12/22/mod-scales-uk-cyber-security/
Â
Excerpt:
'....The plans floated during the consultation period will form the basis of the government's outlook towards technology and industrial policies and will focus on protecting Britain's cyber infrastructure and strengthening its armed forces.......'
Â
Â
Newsweek Interview with  Howard Schmidt
Josephine Wolff
Â
http://www.newsweek.com/2010/12/21/interview-with-cyber-security-czar-howard-schmidt.html
Â
Â
Excerpt:
'....Hackers and spies have launched attacks on vital computer systems in recent months. White House cyber-security coordinator Howard Schmidt on what it all means......'
Â
Â
Hackers steal 5.5 million euros from Dutch bank
Â
Excerpt:
'....Thirteen people have been arrested for the virtual robbery, which took place in March 2010. Sources close to the investigation say that the hackers were able to manipule the bank's account system, but neither police nor ABN Amro are giving any details.......'
Â
Â
Cyber Security Challenge UK's Judy Baker gives an update
Judy Baker
http://www.contingencytoday.com/online_article/Cyber-Security-Challenge-UK/2667
Â
Excerpt:
'....For those of you that don't know what the Challenge is and why it exists, let me explain: 90 per cent of companies have difficulty recruiting people with the cyber security skills they need now. Nearly 60 per cent of these companies plan to create more jobs in cyber security in the next few years (SANS Institute survey).......'
Â
Â
Dutch firm bets on browser to free net of suffixes
Tarmo Virki
http://in.reuters.com/article/idINIndia-53686920101220
Â
Excerpt:
'....internet Corporation for Assigned Names and Numbers (ICANN), which operates the root servers of the Internet guiding all Web traffic, has been working for years on a similar plan as it determines which suffixes, known as top-level domains (TLDs), are recognized by those root servers.A root server is a master list of all top-level domain names, such as .com, .net, .org, and individual country codes, made available to all routers.......'
Â
Â
Secunia Personal Software Inspector (PSI)
http://secunia.com/vulnerability_scanning/personal/
Â
Excerpt:
'....he only solution to block these kind of attacks is to apply security updates, commonly referred to as patches. Patches are offered free-of-charge by most software vendors, however, finding all these patches is a tedious and time consuming task. ......'
Â
Â
d0z.me: The Evil URL Shortener
http://spareclockcycles.org/2010/12/19/d0z-me-the-evil-url-shortener/
Â
Excerpt:
'....The tool works simply by constantly altering an image file's source location, so that the browser is forced to continuously hammer the targeted server with HTTP requests. Not a sophisticated or technically interesting tool by any means, but conceptually interesting in that it only requires a browser to execute one's portion of a DoS attack......'
Â
Â
How to Help Free Iran's Youngest Imprisoned Blogger
Kate Darlington
http://humanrights.change.org/blog/view/how_to_help_free_irans_youngest_imprisoned_blogger
Â
Excerpt:
'....For the past couple years, Navid Mohebbi wrote down some musings about his country.Every month or so, the Iranian teenager would blog on issues such as gender equality, the shenanigans of his government and the mistreatment of he waits for his sentencing. Neither his family nor his attorney have been permitted to see him, and his family is under pressure from the government not to publicize his case......'
Â
Â
Â
OSSTMM - Open Source Security Testing Methodology Manual
Pete Herzog
Â
Excerpt:
'....The Open Source Security Testing Methodology Manual (OSSTMM) is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels (sections) which collectively test: information and data controls, personnel security awareness levels......'
Â
Â
Is Internet Backbone Vulnerable to Cyber Attack?
http://www.sciencedaily.com/releases/2010/12/101214085539.htm
Â
Excerpt:
'....malware, hacking and distributed denial of service are featured in the headlines most often, researchers in Switzerland suggest that physical attack on internet backbones, servers and internet data hubs could be just as important a problem in sustaining network functions......'
Â
Â
Â
POLICY RECOMMENDATIONS ON BASELINE CAPABILITIES OF NATIONAL & GOVERNMENTAL CERTS
Â
Excerpt:
'.... constitutes a very first attempt to define policy recommendations of capabilities that a Computer Emergency Response Team (CERT) in charge of protecting critical information infrastructure (CIIP) in the Member States should possess to take part and contribute to a sustainable cross-border information sharing and cooperation......'
Â
Â
Security in smartphones: risk, opportunities & recommendations
Dr Giles Hogben, Dr Marnix Dekker
Â
Excerpt:
'....In terms of opportunities, backup is often very well integrated into smartphone platforms, making it easy to recover data if the phone is lost or stolen. Another opportunity lies in the use of app-stores: “Most smartphone users only install 3rd party software through controlled software distribution channels.†says Dr. Marnix Dekker, co-author of the report.......'
Â
Judge to issue guidance on court tweeting
Cathy Gordon
Â
Excerpt:
'....This risk would be at its highest in criminal trials where witnesses outside the courtroom could find out what is being said inside before being called to give evidence, he warned.Lord Judge added that the use of Twitter in courts could also be limited to journalists, rather than any member of the public, to stop large numbers of mobile phones interfering with the court's sound recording equipment and to prevent other distractions.......'
Â
Gawker tech boss admits site security was crap
Dan Goodin
http://www.theregister.co.uk/2010/12/18/gawker_hack_aftermath/
Â
Excerpt:
'....The publisher of Gawker, Gizmodo, and seven other popular websites also plans to, gasp, mandate the use of secure sockets layer encryption for all users with Gawker Media accounts on Google Apps, according to a memo written by Gawker tech boss Tom Plunkett and published Friday by The Next Web. The company-wide message conceded a point first made by the perpetrators of the hack: That Gawker Media's security was utter crap......'
Â
US states sue Bank of America for mortgage fraud
http://www.google.com/hostednews/afp/article/ALeqM5iQjZH9lcrg2wOqroYjXK1IW5nMYQ
Â
Excerpt:
'....The legal action was triggered after hundreds of complaints and a year-long investigation centered on the bank's loan modification and foreclosure practices, said Arizona's attorney general Terry Goddard."Bank of America has been the slowest of all the servicers to ramp up loss mitigation efforts in response to the housing crisis," he said, announcing the lawsuit filed in the Maricopa County Superior Court.......'
Â
Chinese Antivirus Companies Create the Viruses They Kill
http://www.theepochtimes.com/n2/content/view/47371/
Â
Excerpt:
'....“There would be no need for antivirus software if there were no viruses,†an executive of a well-known PC manufacturer was quoted in the press as saying. “Only by having more or deadlier viruses can antivirus software be in greater demand. Hence antivirus companies usually have special research and development......'
Â
EU could turn to 'crowd sourcing' in cyber crime fight
Brian Wheeler
http://www.bbc.co.uk/news/uk-politics-12004134
Â
Excerpt:
'....And criminal gangs were becoming more sophisticated in their use of technology, which was spreading into the world of "offline" crime such as drug and people trafficking and VAT fraud, which netted criminals in the EU 100bn euros (£85bn) last year alone.......'
Â
SLCERT guarantees cyber security
http://www.dailynews.lk/2010/12/15/news24.asp
Â
Excerpt:
'....SLCERT has been established aiming to provide people with services in responsive, awareness and consultancy. Besides SLCERT is the centre for Cyber security in Sri Lanka, mandated to protect local information, infrastructure and to coordinate protective measures against Cyber security threats and vulnerabilities. Therefore, SLCERT advices the people about the latest threats and vulnerabilities affecting computer systems and networks.......'
Â
UK Man cops to £500,000 iTunes royalty scam
Dan Goodin
http://www.theregister.co.uk/2010/12/16/itunes_royalty_scam/
Â
Excerpt:
'....Wolverhampton-based Lamar Johnson, 19, was the youngest member of a group accused of posting the songs and then downloading them using the compromised card data, according to the BBC. The group reportedly downloaded songs 6,000 times between January 2008 and June 2009......'
Â
FBI 'planted backdoor' in OpenBSD
John Leyden
http://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/
Â
Excerpt:
'....Former government contractor Gregory Perry, who helped develop the OpenBSD crypto framework a decade ago, claims that contractors were paid to insert backdoors into OpenBSD's IPSec stack around 10 years ago. Perry recently warned the openBSD's Theo de Raadt of the development, years after the event, via an email that de Raadt has published in the spirit of openness.......'
Â
Romania smashes international cybercrime ring
http://news.yahoo.com/s/afp/20101214/tc_afp/romaniausgbitalysafricacrimeitfraudjustice
Â
Excerpt:
Â
'....Ring members were accused of stealing confidential Voice over IP data by cracking servers on the Internet. They would then use the data to make thousands of calls towards surcharged numbers abroad which allowed them to get bonuses for every call, it added.......'
Â
Dutch release man accused of cyber attacks
http://ca.reuters.com/article/technologyNews/idCATRE6BA25Y20101212
Â
Excerpt:
'....A 19-year-old Dutchman arrested on Saturday over a cyber attack on the website of the public prosecution office was released on Sunday after admitting involvement in the attack......'
Â
Security Incident Response Testing To Meet Audit Requirements
http://resources.infosecinstitute.com/tag/penetration-tests/
Â
Excerpt:
'....Incident response teams in enterprise environments beholden to regulatory requirements can conduct drills that will help satisfy auditors and keep their incident handlers sharp. A quick search through the latest PCI DSS, version 2.0, for the term “incident response†will reveal a number of requirements and testing procedures; following is a summary of those requirements......'
Â
How Anyone Can Fake an ATM and Steal Your Money
http://gizmodo.com/5687689/how-anyone-can-fake-an-atm-and-steal-your-money
Â
Excerpt:
'....There's no dearth of sophisticated gear for the aspirational ATM thief. But skimmers don't exactly have an aisle at Wal-Mart. In this Gizmodo investigation, we take a look at the scary internet black market where fraudsters get their tools......'
Â
UN Needs to Ensure Open and Inclusive Internet Governance
http://isoc.org/wp/newsletter/?p=2710
Â
Excerpt:
'....the Internet Society joined the International Chamber of Commerce – Business Action to Support the Information Society, the Internet Governance Caucus, and many other Internet, business and civil society organizations in sending a letter to the CSTD asking them to retract their previous decision and to establish an appropriately constituted Working Group.......'
Â
Pmacct project
Paolo Lucente
Â
Excerpt:
'....IP accounting is key activity underlying essential network management tasks like billing, graphing network resources usage, live or historical traffic trends analysis, steering BGP peerings, real-time alerting and certain SLA monitoring. Often SNMP counters do not help in these areas because of their coarse granularity; live traffic mirroring, NetFlow and sFlow break this barrier by offering data at a finer granularity......'
Â
Cyber Attacks: A Wake-Up Call
Dave Clemente,
http://www.chathamhouse.org.uk/media/comment/dclemente1210/-/1192/
Â
Excerpt:
'....But while these recent attacks had the same effect of forcing costly disruptions, the attackers had a vastly different motivation; freedom fighting for increased internet transparency. As online activism continues to grow, it will force corporations to adopt new methods of defence and prevention in response to 'non-traditional' threats......'
Â
Security in smartphones: risk, opportunities & recommendations
Dr Giles Hogben, Dr Marnix Dekker
Â
Excerpt:
'....If you are one of the hundreds of millions of smartphone users worldwide, you probably spend more time with your phone than your spouse: with its array of applications and sensors, it may even know more about you. These new life-partners are now an essential tool across all sections of society,......'
Â
DID CYBER HACKERS WANT GARY?
James Murray
http://www.express.co.uk/posts/view/216988/Did-cyber-hackers-want-Gary
Â
Excerpt:
'....He also claims Mr McKinnon first came to the attention of the authorities during a monitoring exercise carried out by police into the activities of a “hacking gang whose members were spread Europe-wide and included hackers based in Spain, Bristol and Scotland.â€.....'
Â
Ex-Goldman Programmer Found Guilty of Code Theft
PETER LATTMAN
http://dealbook.nytimes.com/2010/12/10/ex-goldman-programmer-is-convicted/
Â
Excerpt:
'....had been little known outside Wall Street — high-frequency trading, which uses complex computer algorithms to make lightning-fast trades to exploit tiny discrepancies in price. Such trading has become an increasingly important source of revenue for Wall Street firms and hedge funds, and those companies fiercely protect the code underpinning their trading strategies.......'
Â
Leaked Estonian cyberwar cable could cause IT policy rethink
Iain Thomson
http://www.v3.co.uk/v3/news/2273883/estonia-cyberwar-cable
Â
Excerpt:
'....The cable detailed the Estonian attacks based on interviews with key sources and showed a number of strengths and weaknesses in traditional disaster recovery planning and IT security management. One of the chief failings found was that the established chain of command failed completely and decisions were largely taken by staff on the ground in an ad hoc fashion, rather than basing actions on the traditional chain of command......'
Â
Underground toolkits will make cyber espionage easy
http://www.net-security.org/secworld.php?id=10296
Â
Excerpt:
'....Their tactic will be to put a new spin on social engineering by way of "malware campaigns," by bombarding recipients with email that drop downloaders containing malware. All this will largely be made possible because of the Internet. Already, Trend Micro threat researchers have found that more than 80 percent of the top malware use the web to arrive on users' systems.......'
Â
AVG anti-virus update could freeze Windows PCs
Â
Excerpt:
'....The problem is caused by one particular virus database update, which automatically forces the computer to reboot in order for the update to take affect. Upon restarting, the PC will register a "c0000135 error", and will not complete the boot cycle......'
Â
Did anti-virus company hire convicted Chinese malware author?
Graham Cluley
http://www.reuters.com/article/idUSTRE6B91XT20101210
Â
Excerpt:
'...."The computer virus has been a nightmare for me. Now I'm happy to contribute to a clean on-line environment," Li said after donating the money to a special fund for a 5-month old cub named Yun, or Cloud.......'
Â
Al Qaeda Looks to Make New 'Friends' -- on Facebook
Jana Winter
http://www.foxnews.com/scitech/2010/12/09/facebook-friends-terror/
Â
Excerpt:
'....The DHS report, "Terrorist Use of Social Networking Sites: Facebook Case Study," notes while terrorists have been using social networking sites for quite some time, their strategies for exploiting Facebook have evolved and that they have learned "the inherent value in exploiting a non-ideological medium."......'
Â
Having a look at the DDOS tool used in the attacks today
Mark Hofman
http://isc.sans.edu/diary.html?n&storyid=10051
Â
Excerpt:
'....The tool that is being distributed if you wish to partake in the attack (and no that is not an invitation or endorsement) is an application called javaLOIC a Java port of Low Orbit Ion Cannon. A tool that can be used to test a site's resilience to DOS attacks. Â But obviously if you point it at someone else's the effect can be quite damaging.To be honest there isn't really much to the application. A pretty screen with some buttons to press and a flood module that crafts some packets to send to the target to deal with.......'
Â
Social networking makes Internet hacking easier and quicker
Jack Gillum
http://www.usatoday.com/tech/news/2010-12-09-wikileaks-hacking-protest-social-networking_N.htm
Â
Excerpt:
The Internet has always had a place for the malicious and mischievous. But the expansion of social networking, experts say, gives amateurs the power to engage in politically motivated cyberwarfare, with possibly disastrous long-term consequences.......'
Â
Group used 30,000-node botnet in MasterCard, PayPal attacks
Robert McMillan
Â
Excerpt:
'....The activists have recruited volunteers, who have banded their computers into a distributed denial of service (DDoS) botnet, but they are also using hacked machines to carry out these attacks, said Sean-Paul Correll of threat researcher Panda Security. "Today we observed over 3,000 computers in the voluntary botnet, but we also have knowledge of a 30k node botnet," he said.......'
Â
What Is LOIC?
Joel Johnson
http://gizmodo.com/5709630/what-is-loic
Â
Excerpt:
'....LOIC ("Low Orbit Ion Cannon") is an application developed by 4Chan-affiliated hackers designed to—when used en masse by thousands of anonymous users—launch Distributed Denial of Service (DDoS) attacks on websites. Like Visa.com and Mastercard.com.......'
Â
FBI Cybercrime Alert For Barbie Video Girl Doll
http://www.npr.org/2010/12/07/131884352/fbi-cybercrime-alert-for-barbie-video-girl-doll
Â
Excerpt:
'....the FBI's Sacramento office issued a report last month with the warning on Mattel's Barbie Video Girl. The doll has a video camera lens built into its necklace that can record up to 30 minutes of footage to be downloaded on a computer.......'
Â
Schmidt outlines goals for cyber policymaking
Molly Bernhart Walker
http://www.fiercegovernmentit.com/story/schmidt-outlines-goals-cyber-policymaking/2010-12-07
Â
Excerpt:
'....While cyber deterrence is often thought of in a cold war-sense of "mutually assured disruption," Schmidt said he thinks of it as simply holding people accountable--catching and prosecuting cybercriminals, and handing down severe sentences.......'
Â
Mastercard site downed in Wiki revenge attack
Paul Hales
http://www.thinq.co.uk/2010/12/8/mastercard-site-downed-wiki-revenge-attack/
Â
Excerpt:
'....The hacking outift has had a busy week, first bringing down PayPal's blog after that merchant spurned WikiLeaks' business. It also attacked Swiss bank PostFinance, after it froze WikiLeaks' jailed spokesman Julian Assange’s assets.......'
Â
Chinese security firms linked to state-sponsored cyber attacks
Phil Muncaster
http://www.v3.co.uk/v3/news/2273746/wikileaks-chinese-hack-topsec
Â
Excerpt:
'...."From June 2002 to March 2003, Topsec employed a known Chinese hacker, Lin Yong (aka Lion and owner of the Honker Union of China) as senior security service engineer to manage security service and training," the cable notes........'
Â
How Secure Is Julian Assange's "Thermonuclear" Insurance File?
Dan Nosowitz
Â
Excerpt:
'....The file is titled "insurance.aes256," implying that it's protected with an AES 256-bit key, one of the strongest in the world. The thing is, there's no actual way to figure out the type of encryption used. Though there's no particular reason for Assange to lie about the security he used, it's something to keep in mind. Let's assume for the moment that it is indeed an AES-256 encryption, which begs the question: What is AES?.....'
Â
Incident Response Career Trends
Tom Field
http://www.govinfosecurity.com/articles.php?art_id=3139
Â
Excerpt:
'....Killcrece is currently a Member of the Technical Staff in the Enterprise Threat and Vulnerability Management Team within the CERT Program at the Software Engineering Institute (SEI)......'
Â
Hackers take down website of bank that froze WikiLeaks funds
Daniel Tencer
http://www.rawstory.com/rs/2010/12/hackers-website-bank-froze-wikileaks-funds/
Â
Excerpt:
'....Earlier in the day, Swiss bank PostFinance issued a statement announcing that it had frozen 31,000 euro ($41,000 US) in an account set up as a legal defense fund for WikiLeaks founder Julian Assange.......'
Â
Skimming: A 2010 Timeline
Linda McGlasson
http://www.govinfosecurity.com/articles.php?art_id=2862&opg=1
Â
Excerpt:
'....The reports of skimming and payment card fraud in this list are taken from the Identity Theft Research Center's data breach list and ISMG's BankInfoSecurity.com coverage......'
Â
Chinese hackers 'slurped 50 MB of US gov email'
Dan Goodin
http://www.theregister.co.uk/2010/12/06/wikileaks_chinese_hacking/
Â
Excerpt:
'....The June 29, 2009 diplomatic cable claims that a Chinese security firm with close ties to the People's Republic of China, got access to the Windows source under a 2003 agreement designed to help companies improve the security of the Microsoft operating system. Topsec allegedly worked with a government organization known as CNITSEC, short for the China Information Technology Security Center, which actively worked with “private sector†hackers to develop exploits.......'
Â
Cloud Computing Use By Criminals Increasing
http://www.darknet.org.uk/2010/12/cloud-computing-use-by-criminals-increasing/
Â
Excerpt:
'....The whole Cloud model is a boon for cyber-criminals as they can effectively rent as much computing power and storage space as they need with stolen credit card details. They can keep it private if they want, and it’s distributed virtually ‘bullet-proof’ hosting......'
Â
Feds Tracking Americans' Credit Cards in Real-Time Without a Warrant
Ms. Smith
http://www.networkworld.com/community/blog/feds-tracking-americans-credit-cards-real-tim
Â
Excerpt:
'....It should surprise very few to learn that federal law enforcement agencies track Americans without getting court orders, but this time the feds have been tracking U.S. residents using real-time surveillance of credit card transactions and travel reservations......'
Â
US works to secure networks as hackers advance
http://www.ecnmag.com/News/2010/12/US-works-to-secure-networks-as-hackers-advance/
Â
Excerpt:
'....The department that's responsible for securing government systems other than military sites is slowly moving all the government's Internet and e-mail traffic into secure networks that eventually will be guarded by intrusion detection and prevention programs. The networks are known as Einstein 2 and Einstein 3.......'
Â
China's Huawei sets up cyber security center in Britain
http://www.reuters.com/article/idUSTOE6B501X20101206
Â
Excerpt:
'....Huawei, which has seen its plans for global expansion crimped by national security concerns among foreign governments, hopes that its Cyber Security Evaluation Centre, opened last month in Britain's Banbury, will allay those fears.......'
Â
Bankers to see mobile calls taped
http://www.bbc.co.uk/news/business-11739768
Â
Excerpt:
'....Removing the exemption will provide an extra source of voice and electronic communication evidence, which can be used to help us counter the key priority of market abuse and increase the probability of successful enforcement......'
Â
iPhone Forensics White Paper
Andrew Hoog and Katie Strzempka
http://viaforensics.com/education/white-papers/iphone-forensics/
Â
Excerpt:
'....This white paper is intended for forensic analysts, corporations and consumers who want to understand what personal information is stored on the iPhone and how to recover it. The research reveals the vast amount of personal information stored on Apple’s iPhone and reviews techniques and software for retrieving this information......'
Â
One Hundred Naked Citizens: One Hundred Leaked Body Scans
Joel Johnson
http://gizmodo.com/5690749/these-are-the-first-100-leaked-body-scans
Â
Excerpt:
'....At the heart of the controversy over "body scanners" is a promise: The images of our naked bodies will never be public. U.S. Marshals in a Florida Federal courthouse saved 35,000 images on their scanner. These are those images........'
Â
Report Looks at How China Meddled With the Internet
JOHN MARKOFF
http://www.nytimes.com/2010/11/18/world/asia/18intel.html?_r=1
Â
Excerpt:
'....noted that the service provider, IDC China Telecommunication, broadcast inaccurate Web traffic routes for about 18 minutes on April 8. That information was then retransmitted by China’s state-owned China Telecommunications, effectively forcing data from the United States and other countries to pass through Chinese computer servers. A similar episode in March drew less attention.......'
Â
Cybercrime Untouchables?
Brian Krebs
http://krebsonsecurity.com/2010/11/cybercrime-untouchables/
Â
Excerpt:
'....The ads promote a pair of his services: One sells “dumps†— account data stolen (by malware or skimmers) from the magnetic stripes on the back of all credit and debit cards that can be used to create counterfeit cards; the other peddles stolen credit card data and sensitive personal information that can be used to hijack identities and change the mailing address records on bank accounts.......'
Â
WikiLeaks hopscotching avoids hackers
Joseph Menn
http://www.ft.com/cms/s/2/fba399d2-ff13-11df-956b-00144feab49a.html#axzz17IlNzd6A
Â
Excerpt:
'....While the shuffling occasionally meant that the cables were unavailable, they demonstrated both the group’s resilience and the extreme difficulty of keeping anything off the internet, particularly something not universally condemned by technology companies and experts......'
Â
Perception can be more dangerous than reality
David Lacey
http://www.computerweekly.com/blogs/david_lacey/2010/12/perception_can_be_more_dangero.html
Â
Excerpt:
'....The damage from speculation is often greater than from the truth. Most of us are still searching for the massive fall-out we were warned to expect from the latest Wikileaks revelations. Whether this is down to raised expectations or good crisis handling remains to be seen. But it's certainly possible to counter bad publicity with smart crisis management.......'
Â
Armitage: a graphical cyber attack management tool
Raphael Mudge
http://www.fastandeasyhacking.com/manual
Â
Excerpt:
'....Armitage organizes Metasploit's capabilities around the hacking process. There are features for discovery, access, post-exploitation, and manuver. This section describes these features at a high-level, the rest of this manual covers these capabilities in detail.......'
Â
I Spy, You Spy: InfraGard Allows Citizens to Become Volunteer G-Men
Â
Excerpt:
'....In additional to working with the private sector, InfraGard caters toward its government partner. It provides the public sector with trusted critical infrastructures and resources information from the FBI and other InfraGard members, as well as gives the government an opportunity to interact and share information with the law enforcement community, academia, private industry and other federal agencies........'
Â
Julian Assange and the Computer Conspiracy; “To destroy this invisible governmentâ€
Â
Excerpt:
'....Authoritarian regimes give rise to forces which oppose them by pushing against the individual and collective will to freedom, truth and self realization. Plans which assist authoritarian rule, once discovered, induce resistance. Hence these plans are concealed by successful authoritarian powers. This is enough to define their behavior as conspiratorial......'
Â
'Pakistan' hackers target India's top police agency
Penny MacRae
Â
Excerpt:
'....he message posted on the CBI site said the attack was "in response to the Pakistani websites hacked by 'Indian Cyber Army'," the Press Trust of India (PTI) reported."Hacked hahaa funny," the message said. "Let us see what you investigating agency so called CBI can do".....'
Â
Cybergang infects all ATMs in Russian city
http://www.net-security.org/malware_news.php?id=1555
Â
Excerpt:
'....Three of the men formed the actual criminal group, and the fourth - a Moscow-based malware developer - was "subcontracted" by them and received 100,000 rubles (some $3200) to develop a a custom ATM virus with which they would infect the devices. ......'
Â
Milwaukee FBI Takes Down 'King Of Spam'
http://www.wisn.com/r/25994891/detail.html
Â
Excerpt:
'....An FBI agent in Milwaukee is credited with bringing down the 'king of spam,' a 23-year-old Moscow man accused of controlling a network of infected computers generating an estimated 10 billion unwanted e-mails a day.......'
Â
Nigeria hosts cybercrime conference
http://www.cio.de/news/cio_worldnews/2010/2257270/index2.html
Â
Excerpt:
'....While the Nigerian government has enacted legislation against cybercrime, criminals have found allies in other neighboring countries, and the perception that the scams can provide quick returns has motivated more people to venture in. This has been one of the challenges facing Nigerian authorities......'
Â
McKinnon, the hacker obsessed with aliens was not alone
http://www.futureintelligence.co.uk/2010/12/mckinnon-the-hacker-obsessed-with-aliens-was-not-alone/
Â
Excerpt:
'....McKinnon first came to the attention of the authorities during a monitoring exercise carried out by Surrey Police into the activities of a hacking gang whose members were spread Europe-wide and included hackers based in Spain, Bristol and Scotland......'
Â
Cyber-crime is not just a law enforcement issue anymore
Ryan Naraine
http://www.zdnet.com/blog/security/cyber-crime-is-not-just-a-law-enforcement-issue-anymore/7771
Â
Excerpt:
'....Google disclosed that they had reached out to the National Security Agency for help in defending themselves against the Aurora cyber intrusions emanating from China, because of the sophisticated attacks......'
Â
Summit on Cybercrime Opens in Abuja
http://www.itnewsafrica.com/?p=9751
Â
Excerpt:
'....Discussions will centre on the best ways to generate trust in the economy of West Africa & foster economic development, what local, national & regional anti-cybercrime strategies & policies must be considered &Â adopted as well as building & maintaining international cooperation.......'
Â
EU to establish cyber crime centre by 2013
Scott Grech
http://www.independent.com.mt/news.asp?newsitemid=116231
Â
Excerpt:
'....Wary that criminals are increasingly using the internet for both petty crimes and large scale attacks in an ever increasing technological world, the EU is looking to tone down cyber crime threats by establishing one common European cyber crime centre by 2013 which, it says “will bring together expertise in investigation and prevention of cyber crimeâ€. ......'
Â
RBS worker says she was sacked for Facebook post
Leo King
Â
Excerpt:
'....Having heard about the redundancies, Furlong went on Facebook and posted: “WoOOOOooooOooooHOoooOooOoo’ it was pretty damn obvious something like this was coming. I’m neither stupid nor naive...quote honestly it is the best news ever as far as I am concerned!â€......'
Â
Saudi cops cuff four for mad bank card scam
John Leyden
http://www.theregister.co.uk/2010/11/25/saudi_atm_scam/
Â
Excerpt:
'....Funds came straight out of the bank's reserves and not from those of the previous customer. Bank officials reportedly noticed the discrepancies and called in the police, who tracked down one of the miscreants using video records and photos taken by ATM cameras......'
Â
US embassy cables leak sparks global diplomacy crisis
David Leigh
http://mashable.com/2010/11/28/wikileaks-ddos-attack/
Â
Excerpt:
'....The attack comes just hours before the site is set to release thousands of new secret U.S. documents. Those classified documents reportedly contain secret and embarrassing cables sent by the State Department. U.S. diplomats have been briefing foreign leaders about what could be in those documents in an attempt to minimize the potential damage......'
Â
UK police want domain seizing powers: Right or wrong?
Zack Whittaker
http://www.zdnet.com/blog/igeneration/uk-police-want-domain-seizing-powers-right-or-wrong/6938
Â
Excerpt:
'....The concern is that this will result in domain names being seized and rendered inaccessble without judicial oversight and without court order, a dangerous precedent in any legal system.......'
Â
Homeland Security Seizes 70+ Websites for Copyright and Trademark Violations
Jolie O'Dell
http://mashable.com/2010/11/27/homeland-security-website-seized/
Â
Excerpt:
'....we knew that several other websites had also been seized; however, today, we are hearing reports that as many as 77 different websites have been seized and shut down, all without any notification or warning to the owners.......'
Â
U.S. nervously awaits nextÂ
http://www.cbc.ca/canada/story/2010/11/25/wikileaks-us025.html
Â
Excerpt:
'....the documents may contain accounts of compromising conversations with political dissidents and friendly politicians. They also could damage U.S. relations with allies around the world and result in the expulsion of U.S. diplomats from foreign postings.......'
Â
Olympic cyber security plan to be developed for London 2012
http://www.info4security.com/story.asp?sectioncode=12&storycode=4126238
Â
Excerpt:
'....The Baroness also unveiled plans for a new Olympic counter-terrorism exercise programme to test security plans and ensure that the police and emergency services are fully prepared for any threat posed to the Games........'
Â
Admin passwords: Achilles heel of security
Tony Bradley
http://www.csoonline.com/article/637715/admin-passwords-achilles-heel-of-security
Â
Excerpt:
'....Everyone knows that passwords need to be hard to guess or crack, and should never be shared with others. Granted, not many people follow that guidance--which explains the results from a recent Webroot survey that found four in ten respondents have shared a password with another person in the past year, almost half don't use special characters to create more complex passwords, and 20 percent use easily guessed information like birth dates or a pet's name.......'
Â
Facebook and Google track user activity on NHS website
Jennifer Scott
http://www.itpro.co.uk/628879/facebook-and-google-track-user-activity-on-nhs-website
Â
Excerpt:
Â
'....The user does not have to be logged in to Facebook or their Google account at the time but merely has to have logged in at some point and navigated away from the page without logging out. Facebook and Google can then keep this information for up to 90 days. Whilst Google claims to just use it for analytics, Facebook can see much more......'