Hidden Dragon: The Chinese cyber menace

"Profit-motivated crooks are trading compromised access to foreign governments' computers, which they are unable to monitise, for exploits with state-sponsored hackers. This trade is facilitated by information broker middlemen"


'Anonymous' hackers target US security think tank

"Anonymous boasted of stealing Stratfor's confidential client list, which includes entities ranging from Apple Inc. to the US Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses."


Rising Cybercrime Pushes African Govts into Action 

"In reaction to rising cybercrime incidents in both public and private sectors, some African governments have set up incident reporting and early warning bodies with the support of AfriNIC (Africa Network Information Center)."


Guidance on the rules on use of cookies and similar technologies

"The Privacy and Electronic Communications (EC Directive) Regulations 2003 (the Regulations) cover the use of cookies and similar technologies for storing information, and accessing information stored, on a user's equipment such as their computer or mobile."


Iran moves websites to guard against cyber attacks

"Iran has moved most of its government websites from foreign-based hosting companies to new computer facilities inside the country, to protect them against cyber attacks…"


International collaboration key for infosecurity in 2012
Vladimir Jirasek

"Outgoing year 2011 has been turbulent and eventful for information security, with a number of high-profile security incidents and an increase in cyber fraud (or e-crime), and there is no indication that 2012 is going to be any different…"


DDoS Basics

"This paper will explain, in extremely basic terms, the various types of DDoS attacks. We will explain the motivations of the miscreants behind these attacks and outline the differing functionality of each attack type, providing examples and suggesting measures that could be employed to mitigate future incidents."


Using Pastebin for Malicious Sample Collection
Jason Jones

"Pastebin is a great service that allows for easy sharing and collaboriation of data. Recently it has been used by various groups for posting personal information, breach data, or statements. I've also found it to be a great source for collecting malicious samples and discovering new attack techniques."



Kazakhstan Disables the Internet

"Kazakhstan's president on Saturday imposed a three-week state of emergency in an oil town where 10 people were killed in a clash between police and demonstrators. The city of Zhanaozen has had their internet and local cellphone towers disabled. They claim that they have gained control of the people by imposing a curfew."


Iran embarks on $1b. cyber-warfare program
Yaakov Katz

"Tehran has embarked on an ambitious plan to boost its offensive and defensive cyber-warfare capabilities and is investing $1 billion in developing new technology and hiring new computer experts."


Should We Fire the First Shot in a Cyberwar?
David Talbot

"Cyberattacks could damage or disable military networks or civilian infrastructure like power grids, or they could involve the theft of military and corporate secrets. Experts warn that such attacks could occur at light speed and be difficult to trace, especially if data is routed through computers in many different countries."


Industrial espionage gang sends malicious emails in security vendor's name
Lucian Constantin

"A cybercrime gang that primarily targets companies from the chemical industry has launched a new series of attacks that involve malware-laden emails purporting to be from Symantec, the security vendor responsible for exposing its operation earlier this year."


Your 2012 Security Action Plan
Kenneth van Wyk

"Rather than a comprehensive list of everything an IT security organization should plan on doing in the new year, these are some of the things that many probably haven't even considered."


Cyber-intruder sparks massive federal response — and debate over dealing with threats
Ellen Nakashima

"The first sign of trouble was a mysterious signal emanating from deep within the U.S. military's classified computer network. Like a human spy, a piece of covert software in the supposedly secure system was "beaconing" — trying to send coded messages back to its creator."


Cyber attacks on government websites: India goes on offensive against cyber rogues
Joji Thomas Philip & Harsimran Julka

"A barrage of cyber attacks on government websites is compelling the government to develop a counter strategy to deal with countries that are behind these assaults. Government officials suspect Pakistani and Chinese hackers for being responsible for most of these attacks, and have asked security agencies to jointly map out the cyber infrastructure of neighbouring countries as part of a 'cyber preparedness' strategy."


Was Russia Behind Stuxnet?
Panayotis A. Yannakogeorgos

"The Stuxnet computer worm is widely considered to be a U.S.-Israeli cyber weapon crafted to wreak havoc in Iran's nuclear enrichment plants. But with the identity of the perpetrators still unclear, it might be time to start seeking some alternative explanations."


Shell warns hacks on oil and gas could kill
Stewart Mitchell

"An oil industry expert has warned colleagues they risk life-threatening damage from hackers interested in disrupting their systems."


Cyber Risk Report


"The Cyber Risk Report is a strategic intelligence product that highlights current security activity and mid- to long-range perspectives. The report addresses seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical."

Freakonomics vs Cybersecurity
Robert David Graham

"The first misconception of economics cybersecurity people have is calculating where the money goes, or how much things cost. That's "business", not "economics". If you are thinking in terms of "Return on Investment" (ROI), then it's not "Economics"."


The Art Of Profiling Cybercriminals
Kelly Jackson Higgins

"With cybercrime becoming the weapon of choice for more criminals, psychologists such as Shaw and Stock, as well as sociologists and criminologists, are increasingly being tapped to help construct profiles of hackers and malicious insiders so organizations can better defend against outside threats and to better spot trouble internally."


Basic Internet Security

"Publications about the digital world become outdated fast and a viable solution today could be serious threat tomorrow. Therefore we created this book as open source, so it can be easily updated and will be free for others to update, extend and redistribute. The focus in this book is also on free and open source tools."


Cybercrime drains one trillion dollars from global economy every year

"Cybercrime drains one trillion US dollars from global economy annually, NATO Deputy Assistant Secretary General for Emerging Security Challenges Jamie Shea declared…"


Fraud trends

"As previously reported by CIFAS, more than half of all frauds relate to the theft or misuse of personal or account information. But there are also increases in the fraudulent use of legitimately obtained accounts; and also in successful application frauds (where fraudsters use false information, documents etc) to obtain products and services."


Proactive detection of cyber security incidents

"The 16 shortcomings in detection of incidents are examined in depth. Top technical gaps include insufficient data quality (false positives in provided data, poor timeliness of delivery), lack of standard formats, tools, resources and skills."


Best Ways To Detect Advanced Threats Once They Invade
Robert Lemos

"Significant attacks against major technology companies have underscored that, while good defenses can make it hard for an attacker to penetrate a network, a persistent attacker will find a way in."


Botnets: Hi-tech crime in the UK
Mark Ward

"A large-scale global study suggests 5-10% of all domestic computers are regularly linked to criminal networks called botnets. The figures suggest that about 6% of the UK's 19 million net-using households are enrolled in botnets. Hijacked PCs could be sending spam, attacking websites or surrendering bank details to criminals."


U.S. power grid needs cybersecurity protection

"The threat of cyberattacks on the U.S. power grid should be dealt with by a single federal agency, not the welter of groups now charged with the electric system's security, researchers at the Massachusetts Institute of Technology reported on Monday."


Microsoft: Hackers launch millions of Java exploits
Gregg Keizer

"Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers…"



Hackers accessed city infrastructure via SCADA – FBI
Hal Hodson

"Hackers recently accessed the critical infrastructure of three unnamed cities by compromising their SCADA (supervisory control and data acquisition) systems, the deputy assistant director of the FBI's Cyber Division said today."


Digital crime accounts for one in four business frauds
Nick Heath

"E-crime was the third most common type of economic crime reported by businesses and public sector bodies in response to the PricewaterhouseCoopers Global Economic Crime Survey. The survey defined e-crime as a crime where a computer and the internet play a central role."


United Nations server is still hacked
Dave Neal

"HACKER GROUP Team Poison has reacted to claims from the United Nations that its apparent hacking on UN servers was slight, and already has been dealt with. "United Nations Lies Revealed," is the title of a short release from the hackers that appeared on pastebin with the trademark Team Poison headers and quotes a report about the leak at the BBC."


Insight: Did Conficker help sabotage Iran program
Jim Finkle

"A cyber warfare expert claims he has linked the Stuxnet computer virus that attacked Iran's nuclear program in 2010 to Conficker, a mysterious "worm" that surfaced in late 2008 and infected millions of PCs. Conficker was used to open back doors into computers in Iran, then infect them with Stuxnet..."


Anonymous Takes From The Rich, Gives To... The Cyber Security Industry?

"A hacker splinter group called TeaMp0isoN says it has partnered with supporters of the extremely loose-knit network of hacktivists and pranksters, to steal credit cards from several banks including Chase, Bank of America and CitiBank and give the money to charities and "the 99%." The project, announced yesterday, is called Operation Robin Hood and in response to the Occupy Movement."


Keeping Pace With Cybercrime
George I. Seffers

"Evolving technologies such as mobile devices, cloud computing and steganography present challenges for those tasked with finding digital evidence of a crime. But the cyber forensics field also is evolving, and experts in industry and government are finding innovative tools for overcoming the obstacles."