Defending Against Targeted Attacks
Jeffrey Roman
http://www.bankinfosecurity.com/defending-against-targeted-attacks-a-5246?rf=2012-10-30-eb&elq=dbc44f1037984bc4a2e6c1f8b462cda4&elqCampaignId=4960

Excerpt:
“Malicious phishing attacks on organizations utilizing trusted URLs or websites continue to pose greater risks for organizations… Miller, director of IBM Managed Security Services, says that these attacks, specifically targeted e-mail schemes, are one of the primary methods being used today.”

 


 

 

Israel police disconnect from Internet after cyber attack
http://www.information-age.com/channels/security-and-continuity/news/2130078/israel-police-disconnect-from-internet-after-cyber-attack.thtml

Excerpt:
“The police service of Israel goes offline after discovering malware infection apparently designed to harvest information. Israeli police disconnected their IT systems from the Internet last week, after an apparent cyber attack designed to steal information…”


 

 

Malware hijacks your email, sends death threats
Charlie Osborne 
http://www.zdnet.com/malware-hijacks-your-email-sends-death-threats-7000006540/?s_cid=e550

Excerpt:
“Three people were recently arrested in Japan in relation to death threats being posted online and sent through email. However, once a particular malware infection was found on each suspect's computer, all three were released without charge. Automatically sending threats from your PC, this particularly bloody-minded piece of malware has been blamed for a number of serious threats…”


 

DHS and Canada Public Safety announce plan to strengthen Cybersecurity Cooperation 
http://www.diplonews.com/feeds/free/29_October_2012_94.php

Excerpt:
“Secretary of Homeland Security Janet Napolitano and Canadian Minister of Public Safety Vic Toews today announced the Cybersecurity Action Plan, which aims to strengthen cybersecurity cooperation through enhanced integration and collaboration of joint cybersecurity activities between the Department of Homeland Security (DHS) and Public Safety Canada.”


 

Hurricane Sandy aka Frankenstorm, are we Cyber-Vulnerable? 
http://toinformistoinfluence.com/2012/10/29/hurricane-sandy-aka-frankenstorm-are-we-cyber-vulnerable/

Excerpt:
“We are looking at Hurricane Sandy, what some are calling a Frankenstorm, because of its combination with a weather system from the north.  The target area for landfall is centered in Southern New Jersey but the effects will reach out to 450 miles away.  Maps showing where Sandy is expected to strike and bring devastation show that Washington DC, Baltimore, Philadelphia and New York City will be hit.  Utility companies, i.e. electrical companies, have already warned that power may be out for up to a week. What a perfect time for a sneak attack via cyberspace.”


 

US and Canada to launch joint cyber security plan
http://www.scmagazineuk.com/us-and-canada-to-launch-joint-cyber-security-plan/article/265786/

Excerpt:
“The US and Canada have announced a plan to increase information sharing on critical infrastructure threats. The 'Cyber Security Action Plan' will see more cooperation on cyber incidents between the two countries, and more outreach to businesses and citizens…”


 

Official Calls for Iran's Smart Confrontation with Enemy's Cyber Threats
http://english.farsnews.com/newstext.php?nn=9107115480

Excerpt:
“The enemy is developing, mastering and using the hi-tech to strike at Iran and Tehran should adopt a smart civil and cyber defense strategy against this approach, Head of Iran's Civil Defense Organization Brigadier General Gholam Reza Jalali said…Noting that the threats in the cyber space are changing qualitatively and quantitatively, he said that the enemy is enhancing its technologies using smart systems to have their control wherever these technologies are used.



Police suspect PC viruses in new bank phishing cases
http://www.yomiuri.co.jp/dy/national/T121027002006.htm

Excerpt:
“Viruses are believed to be behind a spate of phishing cases in which personal computers displayed deceptive messages to users trying to visit the websites of three major banks, according to police sources.”


 

Hackers Will Crack Election Systems
Steve Elwart
http://www.wnd.com/2012/10/experts-hackers-will-crack-election-systems/

Excerpt:
“The result of an election will be changed by hackers, the only question remaining for an online security expert is which election will it be … Hacktivist groups like Anonymous and LulzSec are growing more sophisticated every day with their use of new collaborative hacking techniques, such as “crowdsourcing.” Meanwhile, voter databases are increasingly being put online on state and local computer systems that are often insecure and administered by part-time IT personnel.”


 

Critical flaw found in software used by many industrial control systems
Lucian Constantin
http://www.itworld.com/security/307518/critical-flaw-found-software-used-many-industrial-control-systems

Excerpt:
“CoDeSys, a piece of software running on industrial control systems (ICS) from over 200 vendors contains a vulnerability that allows potential attackers to execute sensitive commands on the vulnerable devices without the need for authentication, according to a report from security consultancy Digital Bond.”


 

The Internet Is Used for Terrorist Purposes
Eduard Kovacs
http://news.softpedia.com/news/United-Nation-Issues-Warning-The-Internet-Is-Used-for-Terrorist-Purposes-301759.shtml

Excerpt:
“The report covers policy and legislative frameworks, terrorism in the international context, investigations and intelligence gathering, international cooperation, prosecutions, and private sector cooperation. The UN reveals that one of the primary uses of the Internet by terrorists is for the dissemination of propaganda, which most often takes the form of multimedia communications.”


 

Banks told to step up security over DDoS attacks
http://www.finextra.com/News/Fullstory.aspx?newsitemid=24218

Excerpt:
“With more than a dozen major bank Web sites targeted in DDoS attacks over the last month, financial institutions need to take steps to ensure they don't become the latest victims … Bank of America, HSBC and Wells Fargo have been among the organisations to see their online services disrupted in recent weeks, with sites overwhelmed by floods of traffic.”


 

The new Cold War
Asavin Wattanajantra
http://www.scmagazineuk.com/the-new-cold-war/article/264854/

Excerpt:
“In May, the UN's International Telecommunication Union came knocking at the door of Russian security firm Kaspersky Lab, looking to find information on a virus called Wiper – which was believed to be deleting sensitive data in the Middle East, including computers belonging to the Iranian oil industry.”


 

Protecting Canadian Critical Infrastructure Against Cyber Threats
http://www.oag-bvg.gc.ca/internet/English/parl_oag_201210_03_e_37347.html#hd3b

Excerpt:
“Canada’s critical infrastructure consists of physical and information technology assets, such as the electricity distribution networks, telecommunications networks, banking systems, manufacturing and transportation systems, and government information systems. All of these assets and systems support the safety, security, and economic well-being of Canadians.”


 

Android apps 'leak' personal details
http://www.bbc.co.uk/news/technology-20025973

Excerpt:
“Millions of people are using Android apps that can be tricked into revealing personal data, research indicates. Scientists tested 13,500 Android apps and found almost 8% failed to protect bank account and social media logins.”


 

Should Industry Face More Cybersecurity Mandates?
http://www.nytimes.com/roomfordebate/2012/10/17/should-industry-face-more-cybersecurity-mandates

Excerpt:
“… in August, Senate Republicans, siding with the U.S. Chamber of Commerce blocked legislation that would have required new standards at critical private-sector facilities, saying such rules would be too burdensome for businesses.”


 

Large US bank hit by 20 different crimeware families
Dancho Danchev
http://www.zdnet.com/report-large-us-bank-hit-by-20-different-crimeware-families-7000005188/

Excerpt:
“For years, cybercriminals have been systematically undermining the effectiveness of antivirus software, successfully reaching a "malicious economies of scale" stage in their ambitions to steal money from affected parties across the globe.”


 

UW 'white-hat hacker' searches for security holes
Katherine Long
http://seattletimes.com/html/localnews/2019425860_kohno14m.html

Excerpt:
“A computer scientist at the University of Washington, Kohno has proved that you can hack and take over the circuitry of a pacemaker, an implantable defibrillator, a child's toy, a mileage-tracking device for runners, and — perhaps most chilling of all — a car.”


 

Iran Wages Cyber War Against US Banks and Arab Energy Firms
Dillon Zhou
http://www.policymic.com/articles/16555/iran-wages-cyber-war-against-us-banks-and-arab-energy-firms

Excerpt:
“After being the target of cyber attacks from the West and crippling economic sanctions for their controversial nuclear program, Iran has waged a campaign of retaliation with its own cyber attacks against major U.S. banks and energy firms in the Arab World during the past month.”


 

Who controls the internet?
Jemima Kiss
http://www.guardian.co.uk/technology/2012/oct/17/who-rules-internet

Excerpt:
“Have you ever noticed that wherever you are in the world, every telephone keypad looks the same? Or wondered why satellites don't crash into each other? Or why you dial 64 to reach New Zealand, but 65 for Singapore? These are some of the mundane but essential logistical achievements of the International Telecommunication Union, a specialist UN agency that dates back to 1865.”


 

NATO prepares for cyber war against Russia
Sergey Duz
http://english.ruvr.ru/2012_10_18/NATO-prepares-for-cyber-war-against-Russia/

Excerpt:
“NATO plans to hold its Cyber Coalition 2012 war games, the Kommersant business daily wrote Thursday. In line with the exercise’s scenario NATO members come under cyber attacks from an aggressor, which is described as “an African country”. However, some NATO officials admit that the alliance is preparing to resist potential attacks by Russian, Iranian and Chinese hackers.”


 

A Number of HSBC Bank Websites from Around the World Disrupted by Cyberattack
Eduard Kovacs
http://news.softpedia.com/news/A-Number-of-HSBC-Bank-Websites-from-Around-the-World-Disrupted-by-Cyberattack-300563.shtml

Excerpt:
“On Tuesday, Izz ad-Din al-Qassam Cyber Fighters released another statement to reveal to the world that they would continue attacking US banks. Their last victims for this week appear to be a number of websites owned by HSBC Holding, a UK bank with offices all around the world.”


 

US prepares first-strike cyber-forces
http://www.bbc.co.uk/news/technology-19922421

Excerpt:
“Leon Panetta said the country was preparing to take pre-emptive action if a serious cyber-attack was imminent. He said US intelligence showed "foreign actors" were targeting control systems for utilities, industry and transport. The US defence department had developed tools to trace attackers, he added, and a cyber-strike force that could conduct operations via computer networks.”


 

Philippine cybercrime law takes effect amid protests
http://www.bbc.com/news/technology-19810474

Excerpt:
“The new law, called the Cybercrime Prevention Act of 2012, was signed by the president on 12 September. It is intended to prevent cybersex, online child pornography, identity theft and spamming. Under the new act, a person found guilty of libellous comments online, including comments made on social networks such as Facebook and Twitter or blogs, could be fined or jailed. Government officials will also have new powers to search and seize data from people's online accounts. The act took effect despite the protests by those who oppose the law.”


 

Huawei declared no threat to UK security after being banned in US
http://www.itproportal.com/2012/10/12/huawei-declared-no-threat-to-uk-security-after-being-banned-in-us/

Excerpt:
“Huawei has been given the green light to continue operating in the UK, even though the US government announced earlier this week that it would cut all ties with the Chinese telecoms firm.”


 

China Strikes Back: Defending Huawei and ZTE From Its Congressional Critics
http://www.theatlantic.com/international/archive/2012/10/china-strikes-back-defending-huawei-and-zte-from-its-congressional-critics/263464/

Excerpt:
“After two of China's telecom behemoths endured a very public smack down at the hands of the U.S. House Permanent Select Committee on Intelligence, Chinese web users are standing up -- or at least tweeting -- in defense.”


 

Cyber crooks and state hackers work together on threats
http://www.theinquirer.net/inquirer/news/2216038/rsa-europe-2012-cyber-crooks-and-state-hackers-work-together-on-threats

Excerpt:
“"Criminals are starting to cooperate with nation states," said Coviello. "We're seeing criminals adopting the [Advanced Persistant Threat (APT)] techniques of the nation state."…The collaboration stems from the emergence of common goals between criminals and state hacker teams. This is reportedly due to the vast amounts of data being stolen by criminals during cyber raids that cannot be sold using their traditional moneymaking practices.”


 

Data-stealing hackers use DDoS to distract from attacks
http://www.theinquirer.net/inquirer/news/2216038/rsa-europe-2012-cyber-crooks-and-state-hackers-work-together-on-threats

Excerpt:
“Symantec says it has detected a new type of disguised attack that uses a distributed denial-of-service (DDoS) to draw a business's attention away from a more important security breach. The multi-vector attack includes the DDoS as a bluff so it can quietly target another vulnerability…”



Israeli cyber attacks targeted offshore oil, gas platforms – Iran IT head

https://rt.com/news/iran-offshore-drilling-cyberattack-904/

Excerpt:
“Iran’s offshore oil and gas platforms were the targets of the cyber attacks aimed at crippling the country. All threats were repelled and Israel was behind them, according to head of IT at the Iranian Offshore Oil Company, Mohammad Reza Golshani.  Golshani told Reuters that the attack happened over the past couple of weeks, was routed through China, and affected only the communications systems of the network.”


 

Swedish central bank website shut down in cyber attack
http://uk.reuters.com/article/2012/10/03/uk-sweden-websites-idUKBRE8921HF20121003

Excerpt:
“Several websites in Sweden have come under attack this week and crashed. The main method used was a distributed denial of service attack, where a website's host computers are bombarded with requests for information, making them crash.”


 

DDoS attacks on major US banks are no Stuxnet—here's why
http://arstechnica.com/security/2012/10/ddos-attacks-against-major-us-banks-no-stuxnet/

Excerpt:
“The attacks that recently disrupted website operations at Bank of America and at least five other major US banks used compromised Web servers to flood their targets with above-average amounts of Internet traffic … The distributed denial-of-service (DDoS) attacks ... were waged by hundreds of compromised servers.”


 

China, International Law, and Cyberspace
Adam Segal 
http://blogs.cfr.org/asia/2012/10/02/china-international-law-and-cyberspace/

Excerpt:
“Self-defense, proportionality, neutrality, and distinction should all apply in cyberspace, though there remain questions and ambiguities about defining the use of force, distinguishing between military and civilian-use networks, and the continuing problem of attribution.”


 

Cyber cops are busy on the beat
Trevor Clarke
http://www.smh.com.au/it-pro/business-it/cyber-cops-are-busy-on-the-beat-20121001-26vck.html

Excerpt:
“THE defence agency responsible for dealing with ''cyber events'' threatening the Australian government and systems of national importance is experiencing its busiest year … While several high-profile security incidents have been covered in the media recently - such as those by the group calling itself Anonymous, and the worms and malware incidents Stuxnet, Duqu and Flame - the agency was ''keeping pace with the threat''”