The Year of Hacking Dangerously

Jordan Robertson, Michael Riley, Chris Strohm and Marcus Chan

http://www.bloomberg.com/slideshow/2014-12-10/the-year-of-hacking-dangerously.html?#slide1

Excerpt:

“If we learned anything about hackers in 2014, it's this: They're getting smarter and more lethal.”

 


When should unauthorized computer access be authorized?

 

Corey Nachreiner

http://www.net-security.org/article.php?id=2180

Excerpt:

“Recently, the decentralized hacktivist collective, Anonymous, launched an attack campaign called Operation KKK (#OpKKK), targeting the racist hate group called the Klu Klux Klan.”

 


Insider threats 101: The threat within

 

Jim Gogolinski

http://www.net-security.org/secworld.php?id=17751

Excerpt:

“Recent events – both in the United States and in Japan – have forced IT administrators everywhere to reevaluate the possibility of insider threats. Because of their very nature, it can be difficult to handle these problems, particularly because the mindset needed to handle them can vary.”

 


Sony Was Also Hacked a Year Ago but Didn’t Say Anything

 

Elizabeth Barber

http://time.com/3631229/sony-hackers-security-scott-rudin/?

Excerpt:

“Sony Pictures Entertainment appears to have known that its servers were vulnerable for at least a year before the recent hacking fiasco, Gawker reports.”

 


BlackEnergy APT Suspected of Exploiting Glitch in SIMATIC WinCC SCADA Software

 

Ionut Ilascu

http://news.softpedia.com/news/BlackEnergy-APT-Suspected-Of-Exploiting-Glitch-in-SIMATIC-WinCC-SCADA-Software-467238.shtml

Excerpt:

“The operators behind the BlackEnergy cyber-espionage campaign are believed to have exploited a vulnerability fixed in the latest version of the SIMATIC WinCC software from Siemens, which is used in industrial control systems (ICS).”

 


Iranian hackers used Visual Basic malware to wipe Vegas casino’s network

 

Sean Gallagher

http://arstechnica.com/security/2014/12/iranian-hackers-used-visual-basic-malware-to-wipe-vegas-casinos-network/

Excerpt:

“Stop us if this sounds familiar: a company executive does something that makes a foreign government’s leadership upset. A few months later, hackers break into the company’s network through a persistent cyber attack and plant malware that erases the contents of hard drives, shuts down e-mail servers and phone systems, and brings operations to a screeching halt.”

 


November 2014 Cyber Attacks Statistics

 

Paolo Passeri

http://hackmageddon.com/2014/12/08/november-2014-cyber-attacks-statistics/

Excerpt:

“It’s time for the statistics derived from the Cyber Attacks Timelines of November (Part I and Part II).”

 


10 Notorious Cyber Criminals Brought To Justice – No. 9

 

David Bisson

http://www.tripwire.com/state-of-security/government/10-notorious-cyber-criminals-brought-to-justice-no-9/

Excerpt:

“This week’s criminal knew Yastremskiy well and worked with him on a number of cyber heists. His name is Aleksandr Suvorov.”

 


10 Notorious Cyber Criminals Brought To Justice – No. 10

 

David Bisson

http://www.tripwire.com/state-of-security/government/10-notorious-cyber-criminals-brought-to-justice-10/

Excerpt:

“We begin this new series at number 10: Maksym Yastremskiy.”

 


Sony Pictures Hack Spreads To Deloitte: Thousands Of Audit Firm’s Salaries Are Leaked

 

Kevin Roose & Alexis C. Madrigal

http://fusion.net/story/31227/sony-pictures-hack-spreads-to-deloitte-thousands-of-audit-firms-salaries-are-leaked/

Excerpt:

“The Sony Pictures hack that has sent the Hollywood mega-studio into chaos is spreading far beyond the film industry, as hackers appear to have released documents containing detailed salary information for more than 30,000 employees of Deloitte, the New York-based auditing and professional services firm.”

 


Employee Healthcare, Salary Info Leaked in Sony Breach

 

Chris Brook

http://threatpost.com/employee-healthcare-salary-info-leaked-in-sony-breach/109691

Excerpt:

“As expected, the Sony Pictures breach has unearthed more than just unreleased, pirated movies. A slew of sensitive employee information is also making the rounds online, and at one point it appears servers belonging to Sony were  helping pass the information around.”

 


Details Emerge on Sony Wiper Malware Destover

 

Michael Mimoso

http://threatpost.com/details-emerge-on-sony-wiper-malware-destover/109727

Excerpt:

“Researchers are starting to stitch together clues about the wiper malware that has landed a body blow to Sony Pictures Entertainment. Not only were thousands of files and documents leaked that included unreleased movies, confidential company presentations and financial records, employee records, passwords and more, but an untold number of machines were left unusable by malicious code identified as Destover.”

 


Sony Hackers Apparently Wanted Money

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17740

Excerpt:

“While we continue to wait for an official statement and/or explanation from Sony Pictures Entertainment, the stolen data leaked by the attackers and the analysis of the used malware allow us to patch together bits and pieces of what happened.”

 


A Look Through The Sony Pictures Data Hack: This Is As Bad As It Gets

 

Tom Gara & Charlie Warzel

http://www.buzzfeed.com/tomgara/sony-hack?

Excerpt:

“From details of named employees’ medical histories to an unreleased pilot script written by the creator of Breaking Bad, the unprecedented leak of Sony Pictures data will reverberate for a long time to come.”

 


Payment Card Data Accessed in Parking Management Provider Breach

 

Michael Mimoso

http://threatpost.com/payment-card-data-accessed-in-parking-management-provider-breach/109656

Excerpt:

“SP+, a parking management services provider, late last week announced that 17 of its facilities in the United States had been breached and hackers may have made off with an unspecified number of payment card numbers.”

 


NSA Spied on Companies and Groups including U.S Allies

 

Arif Majeed

http://www.ehacking.net/2014/12/nsa-spied-on-companies-and-groups.html

Excerpt:

“The National Security Agency has spied on hundreds of companies and groups around the world, including in countries allied with the US government, as part of an effort designed to allow agents to hack into any cellphone network, no matter where it's located, according to a report published Thursday.”

 


Home Wi-Fi security is as bad as PC security in the 90s

 

http://www.net-security.org/secworld.php?id=17736

Excerpt:

“Nearly three out of four internet-connected households in the UK are at risk of getting attacked through their wireless router, according to a recent study by Avast Software.”

 


Protecting your child's digital identity

 

Chase Cunningham

http://www.net-security.org/article.php?id=2177

Excerpt:

“Child identity theft is considered to be one of the fastest-growing crimes. Kids’ identities are stolen over 50 times more than those of adults!”

 


Data loss and downtime costs enterprises $1.7 trillion

 

http://www.net-security.org/secworld.php?id=17707

Excerpt:

“Data loss and downtime cost enterprises $1.7 trillion in the last twelve months, or the equivalent of nearly 50% of Germany's GDP. Data loss is up by 400% since 2012 while, surprisingly, 71% of organizations are still not fully confident in their ability to recover after a disruption, according to EMC Corporation.”

 


Hackers hit execs for insider info to gain stock market advantage

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=17710

Excerpt:

“FireEye's researchers have identified yet another hacking group. Dubbed FIN4, the hacking crew seems to be comprised of native English speakers with "deep familiarity with business deals and corporate communications, and their effects on financial markets."

 


118 arrested in action against online fraudsters in the airline sector

 

http://www.net-security.org/secworld.php?id=17701

Excerpt:

“On 26 and 27 November, law enforcement agencies from all over the world, in cooperation with the airline, travel and credit card industries, joined forces in a major concerted action to combat online fraud.”