Stuxnet admission likely to have foreign policy consequences
Cyrus Farivar

"Given the unofficial confirmation Friday that the United States was behind Stuxnet—the malware designed to sabotage the Iranian nuclear program—political and technical experts suggest that this may effectively put the United States in a more dangerous foreign policy position."




Why Antivirus Companies Like Mine Failed to Catch Flame and Stuxnet
Mikko Hypponen

"A couple of days ago, I received an e-mail from Iran. It was sent by an analyst from the Iranian Computer Emergency Response Team, and it was informing me about a piece of malware their team had found infecting a variety of Iranian computers. This turned out to be Flame: the malware that has now been front-page news worldwide."




The road to cyberwar? F-Secure's Mikko Hypponen on the growth of government-sponsored malware
Martin Bryant

"The most complex piece of malware ever discovered, it appears to have been designed as an espionage tool deployed against Iran and other countries in the Middle East.Most alarmingly, Flame appears to have been loose in the wild, undetected, for over two years."




UN agency plans major warning on Flame virus risk
Jim Finkle

"A United Nations agency charged with helping member nations secure their national infrastructures plans to issue a sharp warning about the risk of the Flame computer virus that was recently discovered in Iran and other parts of the Middle East."


Flame Malware and SCADA Security: What are the Impacts?
Eric Byres

"Over the weekend a new super worm exploded onto the cyber security landscape. Known as Flame or sKyWIper, it appears to be targeting sites in the Middle East, just like the Stuxnet and Duqu worms did. But what does it have to do with SCADA or ICS security?"


"Catch Me If You Can" Trojan Banker Zeus Strikes Again

"In this blog we will discuss the Smoke Loader bot controller that was used to control the infected machines. We will examine its capabilities and show the importance of the bot controller as part of the entire cybercrime attack."


Flame virus had massive impact on Iran, says Israeli security firm
Oded Yaron

"The Flame computer virus not only stole large quantities of information from various Iranian government agencies, but apparently even disrupted its oil exports by shutting down oil terminals, information security firm Symantec Israel said yesterday."


The Unseen Security Dangers in Financial Web Sites
Alan Wlasuk

"Millions of identities, credit card numbers and user login credentials are still being compromised every year by hackers getting into web sites we believe are secure. This valuable information will, undoubtedly, end up in the wrong hands."


FBI Warns of Hacktivist DDoS Attacks in "Operation New Son"
Steve Ragan

"On Thursday, the FBI issued an alert to InfraGard members, warning them about an alleged plot to launch a series of DDoS attacks against high profile corporations. The campaign, titled OpNewSon (Operation NewSon), was initially proposed in April by a group of Anonymous supporters using the name TheWikiBoat.


Banks put lid on online scams
P. Aruna 

"Banks will introduce a new layer of security as they work closely with cyber security authorities and the police to combat the proliferation of online fraud."


Hectic lives can lead to carelessness, says cyber cop

"It is not always greed or ignorance that leads people to become victims of online scams. Sometimes, a hectic schedule could be the cause."


Embedded system security much more dangerous, costly than traditional software vulnerabilities 
George V. Hulme

"One of the biggest challenges in security today is how the software in our operating systems and applications are so full of holes. And while traditional software makers have made (some) headway in developing more resilient applications, experts say embedded device and systems makers -- from those who create implanted medical devices to industrial control systems -- are eons behind in secure system design and development maturity."


U.S. seeking to build international unity around cyberdefense for industrial control systems
Ellen Messmer

"In the interests of thwarting cyberattacks on critical infrastructure such as energy, water and manufacturing, the Department of Homeland Security (DHS) is quietly reaching out to other governments around the world to find what problems may exist elsewhere and what research can be shared to improve industrial control systems (ICS)."


Does 'stand your cyberground' stand a chance?
Taylor Armerding

"Despite a public relations problem with the concept as it applies to people, a few voices in Internet security circles believe "stand your cybergound" laws have merit when it comes to fighting against cyberattacks."


DDOS attacks on financial services firms explode
Jeremy Kirk

"The financial services industry saw nearly triple the number of distributed denial-of-service (DDOS) attacks during the first three months of this year compared to the same period last year, according to a report released Wednesday."


Hack Attacks Against Financial Firms Multiply In First Quarter Of 2012
Melanie Rodier

"Denial of Service attacks against financial companies increased threefold in the first quarter of 2012 compared to the fourth quarter of last year, according to Prolexic Technologies, a provider of Distributed Denial of Service (DDoS) protection services."

Data Security: Who's Winning the Cyber War?
Ivy Schmerken

"Data security has long been a priority for financial services firms. But a wave of very public cyber attacks by international hacker groups such as Anonymous, combined with an already distrustful public following the financial crisis, has forced financial services firms to step up their network security to prevent data breaches and regain clients' trust."


Humans, Not Systems, New Targets of Hack Attacks Requiring New Security Methods 
Melanie Rodier

"Firms are struggling and failing to stay ahead of rapidly increasing cyber attacks, different types of attacks and new technologies to prevent them. A new report by Ernst & Young found that new Advanced Persistent Threats (APTs) are particularly resistant to firms' traditional security methods."


The future of SCADA-control security
Gregory Machler

"If you're a CXO overseeing a critical infrastructure that contains SCADA (supervisory control and data acquisition) controls, a chief concern is how to protect the infrastructure against terrorist attacks. Changes in control software will continue to accelerate until the most critical infrastructure weaknesses (oil refineries, electrical power plants, water treatment facilities) are addressed worldwide. But it may take years to replace all of the controls."


Computer Security: IBM Finds Too Many Companies Not Prepared
David Zielenziger

"Despite publicity about hackers, intrusions into company databases and even the insertion of computer viruses into Iran's nuclear program, most companies simply aren't prepared to handle them, a new study from International Business Machines Corp. (NYSE: IBM) determined.