Liberty Reserve Founder Indicted on $6 Billion Money-Laundering Charges

Kim Zetter

http://www.wired.com/threatlevel/2013/05/liberty-reserve-indicted/

Excerpt:

“The founder of digital currency system Liberty Reserve has been indicted in the United States along with six other people in a $6 billion money-laundering scheme, in what authorities are calling the largest international money-laundering case ever prosecuted, according to documents unsealed today.”

 

 


 

 

HACKED!

Andrew Fowler and Peter Cronau

http://www.abc.net.au/4corners/stories/2013/05/27/3766576.htm

Excerpt:

“While debate rages over Australia's border security, there's growing evidence that the greatest threat to Australia's national security potentially comes from foreign computer hackers. Few in government or business will admit the full extent of the break-ins, with one expert calling it a "dirty little secret".”

 

 


 

 

How the U.S. Government Hacks the World

Michael Riley

http://www.businessweek.com/articles/2013-05-23/how-the-u-dot-s-dot-government-hacks-the-world

Excerpt:

“The key role NSA hackers play in intelligence gathering makes it difficult for Washington to pressure other nations—China in particular—to stop hacking U.S. companies to mine their databanks for product details and trade secrets.”

 

 


 

 

Cyber Attacks? Companies Disclose Little Impact

Chris Strohm, Eric Engleman, and Dave Michaels

http://www.businessweek.com/articles/2013-04-11/cyber-attacks-companies-disclose-little-impact#r=lr-fst

Excerpt:

“The news is full of stories about hackers breaking into corporate computer networks, and federal officials say the attackers are stealing billions of dollars in business secrets. Yet investors would have a hard time finding evidence of any damage. Among the 27 largest U.S. companies reporting cyber attacks—including MetLife (MET), Coca-Cola (KO), and Honeywell International (HON)—almost all said there has been no material impact from computer breaches. Citigroup (C), which reported “limited losses,” was an exception. The companies declined to comment. “I would bet some are just not being forthcoming,” says Lance Hoffman, director of George Washington University’s Cyber Security Policy and Research Institute.”

 

 

 


 

 

The Telecom Industry's Pushback Against Cybersecurity

Eric Engleman

http://www.businessweek.com/articles/2013-03-07/the-telecom-industrys-pushback-against-cybersecurity

Excerpt:

“On the same day he delivered his State of the Union address, President Obama ordered the U.S. to shore up its cyberdefenses. “We know foreign countries and companies swipe our corporate secrets,” Obama said in the Feb. 12 speech. “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems.”

 

 


 

 

Putting Cyber Threats on To-Do Lists at Small Firms

Patrick Clark

http://www.businessweek.com/articles/2013-03-21/putting-cyber-threats-on-to-do-lists-at-small-firms

Excerpt:

“How freaked out should small businesses be about cybercrime? Plenty, according to a flurry of recent warnings from government officials, insurers, and investors, as well as your more traditional alarmists like computer security firms. “Technically speaking, all hell has broken loose,” Bessemer Venture Partners’ David Cowan said yesterday, describing the state of computer hacking during an interview with Bloomberg Television.”

 

 


 

 

NATO's New Rules for Cyberwar

Bernhard Warner

http://www.businessweek.com/articles/2013-03-20/natos-new-rules-for-cyberwar

Excerpt:

“The Tallinn Manual, the first attempt to lay down international ground rules for cyberwar, was published this week under the direction of NATO’s think tank, the NATO Cooperative Cyber Defense Center of Excellence. Written by more than 40 academics, lawyers, and experts from NATO countries, the 282-page manual defines under which conditions a country can respond to a hack attack with military force; which targets are off limits (schools, hospitals, and UN staff, for example); and guidance on proportionate response to digital attacks carried out by non-state entities. It also warns that cyberwar combatants can be tried for cyberwar crimes.”

 

 


 

 

Iran hacks energy firms, U.S. says

Siobhan Gorman, Danny Yadron

http://www.iranfocus.com/en/index.php?option=com_content&view=article&id=27691:iran-hacks-energy-firms-us-says

Excerpt:

“Iranian-backed hackers have escalated a campaign of cyberassaults against U.S. corporations by launching infiltration and surveillance missions against the computer networks running energy companies, according to current and former U.S. officials.”

 

 


 

 

Millions hit by Yahoo Japan hack attack

http://www.bbc.co.uk/news/technology-22594136

Excerpt:

“Up to 22 million login names may have been stolen during a hack attack on Yahoo Japan. A file of ID details for about one tenth of its 200 million members was stolen during the attack, it said. The file did not include all the information needed by attackers to impersonate users.”

 

 


 

 

Hacker serving 5-year sentence invents ATM add-on to prevent theft

Jon Brodkin

http://arstechnica.com/information-technology/2013/05/hacker-serving-5-year-sentence-invents-atm-add-on-to-prevent-theft/

Excerpt:

“A criminal serving a five-year sentence "for supplying gadgets to an organized crime gang used to conceal ATM skimmers" has invented a device that prevents ATMs from being susceptible to such thefts, Reuters reported today.”

 

 


 

 

Syria government supporters hack Financial Times

Jim Finkle and Jennifer Saba

http://uk.reuters.com/article/2013/05/17/uk-britain-ft-hacked-idUKBRE94G0DC20130517?

Excerpt:

“The Financial Times' website and Twitter feeds were hacked on Friday, renewing questions about whether the popular social media service has done enough to tighten security as cyber-attacks on the news media intensify. The Syrian Electronic Army, an online group that supports Syrian President Bashar al-Assad, was behind the incident which followed a phishing attack on the company's email accounts, FT reported on its website.”

 

 


 

 

Hacker group Anonymous plans attack on oil-and-gas industry

Zack Colman

http://thehill.com/blogs/e2-wire/e2-wire/300239-hacker-group-anonymous-plans-attack-on-oil-and-gas-industry

Excerpt:

“The hacker activist group Anonymous said it plans to target the oil-and-gas sector in a June 20 operation. “It has been a long time coming,” the collective said of the event, Operation Petrol, in a video it released this week on its YouTube page. The group said it would hone in on the United States, Canada, England, Israel, China, Italy, France, Germany, Russia and the governments of Saudi Arabia, Kuwait and Qatar. The oil-and-gas sector is already one of the most heavily targeted industries for cyberattacks. The motivation for Anonymous, however, appears to be political.”

 

 


 

 

Researchers uncover large cyberfraud operation targeting Australian bank customers

Lucian Constantin

https://www.networkworld.com/news/2013/051513-researchers-uncover-large-cyberfraud-operation-269791.html

Excerpt:

“Security researchers from Russian cybercrime investigations firm Group-IB have uncovered a cyberfraud operation that uses specialized financial malware to target the customers of several major Australian banks.”

 

 


 

 

Sentencing begins for four LulzSec members in London

Danielle Walker

http://www.scmagazine.com/sentencing-begins-for-four-lulzsec-members-in-london/article/293525/

Excerpt:

“Sentencing proceedings have begun for four U.K.-based members of the LulzSec hacking group. On Wednesday, the men appeared at Southwark Crown Court in London for their sentencing hearing, which is expected to conclude Thursday. Ryan Ackroyd, Ryan Cleary, Jake Davis and Mustafa Al-Bassam have pleaded guilty to hacking crimes against high-profile companies and government agencies in the United States and U.K, including the CIA and Serious Organised Crime Agency (SOCA) in the U.K. The attacks occurred between February and September 2011.”

 

 


 

 

Privacy Breach on Bloomberg’s Data Terminals

Amy Chozick and Ben Protess

http://www.nytimes.com/2013/05/11/business/media/privacy-breach-on-bloombergs-data-terminals.html?_r=0

Excerpt:

“A shudder went through Wall Street on Friday after the revelation that Bloomberg News reporters had extracted subscribers’ private information through the company’s ubiquitous data terminals to break news.”

 

 

 


 

 

Cyber-attacks behind possibly record-breaking bank heist

http://www.cbsnews.com/8301-505266_162-57583629/cyber-attacks-behind-possibly-record-breaking-bank-heist/

Excerpt:

“It may be the largest bank robbery in history: A crime ring is accused of stealing $45 million from financial institutions from around the world. But these criminals weren't wearing masks or waving guns. They were armed with computers. The case by the U.S. Secret Service is being prosecuted by the U.S. attorney for the Eastern District of New York in Brooklyn, Loretta Lynch. Seven alleged members of the New York cell of this global cyber-crime operation have been arrested, CBS News senior correspondent John Miller reported on "CBS This Morning." Miller, a former FBI assistant director, reported, "We've learned how they carried out this cyber-attack, and it's unlike anything ever seen before."

 

 


 

 

Blocklists of Suspected Malicious IPs and URLs

http://zeltser.com/combating-malicious-software/malicious-ip-blocklists.html

Excerpt:

“Several organizations maintain and publish blocklists (a.k.a blacklists) of IP addresses and URLs of systems and networks suspected in malicious activities on-line. “

 

 


 

 

Inadvertent disclosure: Knowing the risk

Christopher Burgess

http://www.csoonline.com/article/print/732963

Excerpt:

“Data which was expected to be protected is discovered to not have been afforded that appropriate protection. Or an employee is actively breaking internal processes and procedures and placing the enterprise at risk. In either case, the subsequent damage assessment will either evolve into a productive introspective review or the age-old cover-your-backside exercise.”


 

Honeywords: Making Password-Cracking Detectable

http://people.csail.mit.edu/rivest/pubs/JR13.pdf

Excerpt:

"We suggest a simple method for improving the security of hashed passwords: the maintenance of additional "honeywords" (false passwords) associated with each user's account. An adversary who steals a le of hashed passwords and inverts the hash function cannot tell if he has found the password or a honeyword."


 

Thailand to enhance cybersecurity training, capability

Ryan Huang

http://www.zdnet.com/th/thailand-to-enhance-cybersecurity-training-capability-7000014924/

 

Excerpt:

"Thailand is training 40 officers to become instructors specializing in ethical hacking and computer forensic skills, in partnership with the International Council of Electronic Commerce Consultants (EC-Council), as part of efforts to tackle rising cases of cyberattacks."


 

The Dark Side of Technology

http://www.digitaltonto.com/2013/the-dark-side-of-technology/

 

Excerpt:

"I can’t shake the feeling that today, as we unlock even more powerful technologies, we have lost some of that reverence. For even as technology opens up new worlds, it closes doors to old ones. We should choose thoughtfully and carefully."


 

Online guerillas: The world of Nigeria’s hackers

Arukaino Umukoro

http://www.punchng.com/feature/online-guerillas-the-world-of-nigerias-hackers/

 

Excerpt:

After an exclusive interview with Nigeria’s foremost hackers and discovering some hacking institutes in Lagos, ARUKAINO UMUKORO, writes a two-part series on the world of hackers."


 

Defense White Paper Outlines French Cyberwarfare Priorities

http://defense-update.com/20130504_france_livre_blanc_cybersecurity.html

 

Excerpt:

"This article covers the main areas addressed by Livre Blanc’s Cybersecurity and Cyber Warfare sections, highlighting specific emphasis and opportunities. Future posts will also cover other aspects of Frances’ national security."


 

The worst possible cybersecurity breaches could be far worse than you imagined

Josh Meyer

http://qz.com/81268/the-worst-possible-cybersecurity-breaches-could-be-far-worse-than-you-imagined/

 

Excerpt:

"Neither seemed particularly sophisticated, or malicious. But they do beg the obvious question: How much damage could a group of well-trained hackers do, economic and otherwise, if they really wanted to?"


 

Cyberdefence to become cyber-attack as France gets ready to go on the offensive

Valéry Marchive

http://www.zdnet.com/cyberdefence-to-become-cyber-attack-as-france-gets-ready-to-go-on-the-offensive-7000014878/

 

Excerpt:

"French president François Hollande this week officially received the whitepaper that will set the country's strategy for defence and national security for 2014-2019, and serve as a framework for the upcoming military planning law to be put before parliament next summer."