Sophos: Anatomy of the massive cyberattack

Tan Kit Hoong

http://techcentral.my/news/story.aspx?file=/2013/3/28/it_news/20130328151959&sec=it_news

 

Excerpt:

"Security solutions provider Sophos has issued a press statement on a story that has been developing over the last few days. According to the company, about a week ago, a questionable Internet hosting provider in The Netherlands called Cyberbunker "took umbrage" with SpamHaus, a non-profit organisation that was founded to take on spammers and the Internet hosts who profit from such activities."

 


 

Internet slowed by cyberattack on spam blocker

http://techcentral.my/news/story.aspx?file=/2013/3/28/it_news/20130328110647&sec=it_news

 

Excerpt:

"One of the largest ever cyberattacks is slowing global Internet services after an organisation blocking "spam" content became a target, with some experts saying the disruption could get worse."


 

Victims lost RM1.6bil to scam artists in 18,386 cases last year alone

Austin Camoens

http://thestar.com.my/news/story.asp?file=/2013/3/27/nation/12892733&sec=nation

 

Excerpt:

" Elite cops are hot on the trail of criminals involved in cyber crimes including love and parcel scams as well as phishing and hacking. Last year alone, victims nationwide lost a total of RM1.6bil to these scam artists in 18,386 cases, according to statistics from the Federal Commercial Crime Investigation Department (CCID).


 

 

Hackers follow business shift to cloud computing

Jake Sturmer

http://www.abc.net.au/news/2013-03-27/cloud-security/4598036

 

Excerpt:

"Tapping the online cloud is fast becoming the service mode of choice for many big Australian businesses, with nearly half of them using the technology. Instead of cables and computers crowding company offices, reams of information floats online."


 

BYOD Security: Yes, It IS Possible To Have A Secure Bring Your Own Device Program

http://readwrite.com/2013/02/26/security-basics-of-byod#feed=/series/byod-grows-up

 

Excerpt:

"BYOD security is a big deal. In 2012, Intel surveyed 3,000 IT decision makers and 1,300 end users from Australia, Germany, South Korea and the United States to better understand their BYOD challenges. In three of the four countries, IT Managers considered a lack of security features the most important factor inhibiting device adoption."


 

Android Trojan Found in Targeted Attack

https://www.securelist.com/en/blog/208194186/Android_Trojan_Found_in_Targeted_Attack

 

Excerpt:

"Several days ago, the e-mail account of a high-profile Tibetan activist was hacked and used to send targeted attacks to other activists and human rights advocates. Perhaps the most interesting part is that the attack e-mails had an APK attachment - a malicious program for Android."


 

A Basic Guide to Advanced Persistent Threats

http://www.maildistiller.com/virus/guide-advanced-persistent-threats/

 

Excerpt:

"Advanced persistent threats (APT) are cyber-attacks from a group of cybercriminals who can and will use this method to persistently target a specific body or organization through their IT systems."


 

Hackers hit energy companies more than others

http://fuelfix.com/blog/2013/03/25/electronic-attacks-hit-two-thirds-of-energy-companies-in-study/

Zain Shauk

 

Excerpt:

"Energy companies faced more targeted malware attacks in a six-month period last year than businesses in any other field, with hackers sometimes breaking into systems to steal geologic and financial data, according to a Houston network security firm’s research."


 

UK’s Cyber Security Strategy Seriously Under Funded

David Gilbert

http://www.ibtimes.co.uk/articles/449334/20130322/uk-cyber-security-under-funded-kaspersky-expert.htm

 

Excerpt:

"Cyber-attacks are happening with increasing regularity and increasing sophistication. From cyber-criminals trying to steal an individual's bank details to state-sponsored cyber-espionage, the online world is a dangerous place."

 


 

 

South Korean cyberattacks used hijacked patch management accounts

John E Dunn

http://news.techworld.com/security/3436776/south-korean-cyberattacks-used-hijacked-patch-management-accounts/

 

Excerpt:

"The attackers who unleashed devastating hard-drive wiping malware on South Korean TV stations and banks earlier this week executed at least part of the attack by hijacking the firms' patch management admin accounts, the software vendor involved has said."

 


 

 

Information about the South Korean banks and media systems attacks

http://labs.alienvault.com/labs/index.php/2013/information-about-the-south-korean-banks-and-media-systems-attacks/

 

Excerpt:

"As many of you would probably know several South Korean banks and media companies have been affected by an attack that has wiped several systems. It seems the South Korean security company Nshc has published more details on his Facebook Page. Based on the samples we collected, the malware overwrites the MBR (Master Boot Record) of the system. After reboot the system can’t boot anymore.

 


 

 

Israel creates cyberwar unit in Defense Ministry

http://www.worldtribune.com/2013/03/19/israel-creates-cyberwar-unit-in-defense-ministry/

 

Excerpt:

"Israel has overseen efforts to develop advanced cyberwarfare capabilities. The Defense Ministry has established a center to promote solutions to counter cyber threats. The new cyber center was assigned to the ministry’s Defense Development Directorate to coordinate efforts by Israeli companies."

 


 

Hacking highlights dangers to Seoul of North's cyber-warriors

http://techcentral.my/news/story.aspx?file=/2013/3/21/it_news/20130321165202&sec=it_news

 

Excerpt:

"A hacking attack that brought down three South Korean broadcasters and two major banks has been identified by most commentators as North Korea flexing its muscles as military tensions on the divided peninsula skyrocket."


 

From Russia With Bots: Finding The Source Of Cyber Attacks

Brian Proffitt

http://readwrite.com/2013/03/18/from-russia-with-bots-finding-the-source-of-cyber-attacks

 

Excerpt:

"While media and government source continue to allude to China as the biggest source of cyber attacks hitting innocent servers on the Internet, recent evidence instead suggests it's actually the Russian Federation that's king of the cyber attack mountain."


 

Cyberattack on Florida election is first known case in US, experts say

Gil Aegerter

http://openchannel.nbcnews.com/_news/2013/03/18/17314818-cyberattack-on-florida-election-is-first-known-case-in-us-experts-say

 

Excerpt:

"An attempt to illegally obtain absentee ballots in Florida last year is the first known case in the U.S. of a cyberattack against an online election system, according to computer scientists and lawyers working to safeguard voting security."


 

Hacker swarm attacks dummy critical infrastructure honeypot

Nick Heath

http://www.zdnet.com/hacker-swarm-attacks-dummy-critical-infrastructure-honeypot-7000012674/

 

Excerpt:

"Fake industrial control systems set up to test threats against internet-connected critical national infrastructure came under repeated attack from hackers."


 

UK sets up internet crime busting unit

James Titcomb

http://www.cityam.com/article/uk-sets-internet-crime-busting-unit

 

Excerpt:

"THE GOVERNMENT has set up a specialist unit to deal with the growing threat of cyber crime, claiming that more people are affected by internet criminals than by “offline” ones.


 

Cyberwar manual lays down rules for online attacks

Raphael Satter

http://news.yahoo.com/cyberwar-manual-lays-down-rules-online-attacks-161234113--finance.html

 

Excerpt:

"Even cyberwar has rules, and one group of experts is putting out a manual to prove it. Their handbook, due to be published later this week, applies the practice of international law to the world of electronic warfare in an effort to show how hospitals, civilians and neutral nations can be protected in an information-age fight."


 

Russian government wants to strengthen its cyber defense,what’s new?
http://securityaffairs.co/wordpress/11911/cyber-crime/russian-government-wants-to-strengthen-its-cyber-defensewhats-new.html

Excerpt:
"Russian President Vladimir Putin is considered one of the political figures most attentive to the development of a suitable cyber strategy to protect his countries from cyber attacks."


 

Companies look to gov't for help in dealing with cyberattacks
Bob Orr
http://www.cbsnews.com/8301-18563_162-57574738/companies-look-to-govt-for-help-in-dealing-with-cyberattacks/

Excerpt:
"The Obama administration told Congress this week that attacks by computer are a bigger threat to Americans than terrorism. To counter hackers, American firms spent more than $10 billion last year on cybersecurity. But the hits just keep coming."


 

Medical Industry Under Attack By Chinese Hackers
Kelly Jackson Higgins
http://www.darkreading.com/threat-intelligence/167901121/security/attacks-breaches/240150858/medical-industry-under-attack-by-chinese-hackers.html/

Excerpt:
"Most every industry is fair game for cyberespionage these days -- so it's no surprise that the healthcare and medical industry would come up on the list -- but, to date, it has been a field more abused by cybercriminals motivated by medical identity theft and other financial fraud."


 

U.S. Prepares Counterstrike Against Cyber-Attack
Derek Klobucher
http://www.forbes.com/sites/sap/2013/03/15/u-s-prepares-counterstrike-against-cyber-attack/

Excerpt:
"Move over, terrorism and weapons of mass destruction. High-tech asymmetric warfare is the biggest threat to the United States."


 

SCADA and ICS Security: Welcome to the Patching Treadmill
Eric Byres
http://www.infosecisland.com/blogview/23003-SCADA-and-ICS-Security-Welcome-to-the-Patching-Treadmill.html

Excerpt:
"... after Stuxnet, security researchers and hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure. Unfortunately, the Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) applications they are now focusing on are sitting ducks."


 

Obama: Cybersecurity 'key' in talks with China
Charlie Osborne
http://www.zdnet.com/obama-cybersecurity-key-in-talks-with-china-7000012665/

Excerpt:
"Bloomberg reports that during a phone call with Chinese President Xi Jinping, U.S. President Obama said that as cybercrime continues to gain traction, the issue would be a "key part" of talks between the two nations."


 

State of the Union: Cyberthreat
David Gewirtz
http://www.zdnet.com/state-of-the-union-cyberthreat-7000011248/


Excerpt:
"America is being attacked. Constantly. Unrelentingly. We are being attacked by enemy nation states (like North Korea), frenemy nation states (like China and Russia), friendly nation states (like France and Israel), hacker groups (like Anonymous), just plain ol’ organized crime organizations out to make a buck, and individual hackers out to make a name for themselves."


 

Formula One team under cyberattack in Cyber Security Challenge UK
Allison Barrie
http://www.foxnews.com/tech/2013/03/14/formula-one-team-under-cyberattack-in-cyber-security-challenge-uk/

Excerpt:
"In a face-to-face final cyberbattle, one unlikely Brit proved the ultimate weapon against an attack on a Formula One Team. The Cyber Security Challenge UK -- essentially the Olympics of cybergames -- aims to locate the next generation of tech whiz kids. The year-long tournament identifies hidden cyber talent from all walks of life to defend the country from hackers, cyberattacks and computer viruses."


 

America's 3 Biggest Cybersecurity Vunerabilities
Matt Vasilogambros
http://www.nationaljournal.com/whitehouse/america-s-3-biggest-cybersecurity-vunerabilities-20130313

Excerpt:
"The lengthy discussion of cybersecurity marked a change from testimony Clapper gave in 2012 and 2011. In his annual assessments of worldwide risks in the two previous years, digital threats were mentioned only briefly and were further down on the list of dangers."


 

Pentagon creating teams to launch cyberattacks as threat grows

Ellen Nakashima

http://www.washingtonpost.com/world/national-security/pentagon-creating-teams-to-launch-cyberattacks-as-threat-grows/2013/03/12/35aa94da-8b3c-11e2-9838-d62f083ba93f_story.html

 

Excerpt:

"The new teams are part of a broader government effort to shield the nation from destructive attacks over the Internet that could harm Wall Street or knock out electric power, for instance."


 

The Companies and Countries Losing Their Data

Sarah Green

http://blogs.hbr.org/hbr/hbreditors/2013/03/the_companies_and_countries_lo.html

 

Excerpt:

"With China hacking the US, the US hacking China, and LinkedIn and Facebook and credit card companies and Google and who knows who else all vomiting our data all over the web, I was intrigued when a new report on data loss ran across my desk from auditing firm KPMG. I spoke with Greg Bell, the firm's information protection lead, to parse the data on who loses their information, and how."


 

Cyberattacks, N. Korea, jihadist groups top U.S. threats

Chelsea J. Carter, Pam Benson and Mariano Castillo

http://edition.cnn.com/2013/03/12/us/threat-assessment/index.html

 

Excerpt:

"Cyberattacks pose more of a threat to the United States than a land-based attack by a terrorist group, while North Korea's development of a nuclear weapons program poses a "serious threat,"..."


 

Cyberattacks: The complexities of attacking back

http://www.politico.com/story/2013/03/cyberattacks-the-complexities-of-attacking-back-88702.html

 

Excerpt:

"As digital malefactors continue raiding U.S. businesses for their most valuable corporate secrets, some in Washington are wondering whether companies should test the limits and cyberattack their cyberattackers."


 

Computers at Central Bank of Australia Hacked by Chinese Malware

http://hackread.com/computers-at-central-bank-of-australian-hacked-by-china-malware/

 

Excerpt:

"The bank has blamed China for this attack and claims that The Australian Financial Review conducted an investigation which shows multiple computers been hacked and affected by a malicious malware looking for bank’s sensitive information."


 

10 security best practice guidelines for consumers

http://www.zdnet.com/10-security-best-practice-guidelines-for-consumers-7000012171/

 

Excerpt:

"Educate yourself on these 10 security best practice guidelines for consumers (you) so that you can keep your data private and your job secure. These 10 guidelines are in no particular order."


 

12 Things You (Probably) Didn't Know About Online Security

Fredric Paul

http://readwrite.com/2013/03/08/12-things-you-probably-didnt-know-about-online-security

 

Excerpt:

"At the RSA Conference in San Francisco last week, I got the chance to sit down with Stephen Cobb, a distinguished security researcher for the IT security company ESET. We talked about a lot of things, including Android security issues and how walled gardens have their uses."


 

Hackers attack also mobile operators' websites

http://aktualne.centrum.cz/czechnews/clanek.phtml?id=773217

 

Excerpt:

"Earlier today, unknown hackers attacked the website of the Prague Public Transit Company (DPP) alongside with the websites of T-Mobile and O2, two Czech mobile phone operators. It is the latest attack in what appears to be an organized and massive DDoS campaign against major Czech Internet websites over the past four days, between Monday 4 and Thursday 7 March, 2013."


 

Anonymous becomes peacemaker as hacktivists battle

Phil Muncaster

http://www.theregister.co.uk/2013/03/05/filipino_malaysian_cyber_war_anonymous/

 

Excerpt:

“Anonymous has assumed the unlikely role of peacemaker in a growing dispute between Malaysian and Filipino hacktivists that has seen scores of web sites on both sides defaced over a territorial tussle.”


 

Jailed British hacker hacks own prison's mainframe

Zeljka Zorz

http://www.net-security.org/secworld.php?id=14538

 

Excerpt:

“A UK cyber criminal jailed in a maximum security prison has managed to hack into the institution's mainframe after having been allowed to participate in IT lessons…”


 

Tech groups question new do-not-track bill

Grant Gross

http://www.computerworld.com/s/article/9237266/Tech_groups_question_new_do_not_track_bill

 

Excerpt:

“New legislation in the U.S. Senate that would allow Internet users to tell companies to stop tracking them is unnecessary and could slow e-commerce growth…”


 

Evernote hit in hacking attack, users must reset their passwords

Juan Carlos Perez

http://www.computerworld.com/s/article/9237288/Evernote_hit_in_hacking_attack_users_must_reset_their_passwords

 

Excerpt:

“Evernote, which makes business and consumer productivity software for things like taking notes and doing research, is forcing all of its 50 million users to change their passwords after detecting a hacker intrusion on its sytem”


 

Tips to minimize the risk and impact of identity fraud

http://www.net-security.org/secworld.php?id=14525

 

Excerpt:

“…recommend that consumers work in partnership with institutions to minimize their risk and impact of identity fraud by following a three-step approach..”


 

Open-ended intergovernmental expert group to conduct a comprehensive study of the problem of cybercrime

https://www.unodc.org/unodc/en/organized-crime/expert-group-to-conduct-study-cybercrime-feb-2013.html

 

Excerpt:

"The outcome of the deliberations on the issue of cybercrime held during the Twelfth United Nations Congress on Criminal Prevention and Criminal Justice in 2010 was included in the Salvador Declaration on Comprehensive Strategies for Global Challenges: Crime Prevention and Criminal Justice Systems and Their Development in a Changing World."


 

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage

Mark Clayton

http://www.csmonitor.com/Environment/2013/0227/Exclusive-Cyberattack-leaves-natural-gas-pipelines-vulnerable-to-sabotage

 

Excerpt:

"Cyberspies linked to China’s military targeted nearly two dozen US natural gas pipeline operators over a recent six-month period, stealing information that could be used to sabotage US gas pipelines, according to a restricted US government report and a source familiar with the government investigation."


 

Could data science turn the tide in the fight against cybercrime?

John Burn-Murdoch

http://www.guardian.co.uk/news/datablog/2013/feb/27/big-data-science-combat-cybercrime

 

Excerpt:

"Hacking, fraud and other clandestine online activities have been making headlines in recent weeks, giving rise to concerns that law enforcement agencies are losing the war against cybercriminals. But just how serious a threat to the public is cyber crime, and could data science hold the key to reversing the trend?"


 

Applying big data approaches to information security a challenge

Jaikumar Vijayan

http://www.computerworld.com/s/article/9237212/Applying_big_data_approaches_to_information_security_a_challenge_

 

Excerpt:

" Applying big data approaches to information security can help enterprises build better situational awareness capabilities, but implementation could prove to be a major challenge, security experts said at the RSA Conference 2013 being held here this week."


 

Cyberespionage malware targets U.S., other countries

Antone Gonsalves

http://www.csoonline.com/article/729550/cyberespionage-malware-targets-u.s.-other-countries

 

Excerpt:

" A cyberespionage operation that uses well-crafted PDF documents to trick recipients into opening the malicious files has targeted government entities and institutions in 23 countries, including the U.S., security vendors reported Wednesday."


 

Security Experts Warn State Governments Face Losing Battle With Hackers

Elise Ackerman

http://www.forbes.com/sites/eliseackerman/2013/03/01/security-experts-warn-state-governments-face-losing-battle-with-hackers/

 

Excerpt:

" The email sent to several thousand of state employees in early February looked official... The email invited employees to click on a link to solve the problem. If an employee clicked, a screen popped up asking for more data, including the employee’s name, login and password."