cyberthreats

SANS: The Top Cyber Security Risks

"Waves of targeted email attacks, often called spear phishing, are exploiting client-side vulnerabilities in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. This is currently the primary initial infection vector used to compromise computers that have Internet access. Those same client-side vulnerabilities are exploited by attackers when users visit infected web sites. (See Priority Two below for how they compromise the web sites). Because the visitors feel safe downloading documents from the trusted sites, they are easily fooled into opening documents and music and video that exploit client-side vulnerabilities. Some exploits do not even require the user to open documents. Simply accessing an infected website is all that is needed to compromise the client software. The victims' infected computers are then used to propagate the infec ›
CyberATTACK

Intelligence Analyst Charged With Hacking Top Secret, Anti-Terror Program

"An analyst at a Defense Department spy satellite agency faces federal hacking charges after allegedly poking around in a top-secret system used in a classified terrorism investigation involving the FBI and the U.S. Army. Brian Keith Montgomery worked on a covert program for the National Geospatial-Intelligence A ›
CyberSECURITY

Massive Study of Net Vulnerabilities: They're Not Where You Think They Are

"There are lots of opinions of where the greatest vulnerabilities in computers and networks lie—just read the comments to any security-related post on this blog for an earful. Hard data, however, has generally been lacking. A new study assembled by the SANS Institute, and based on reports from 15,000 organizatio ›
CyberSECURITY

Report: Cyber-Attack Strategy Part of Russian Offensive on Georgian Pipelines

"John Bumgarner, a former cyber-security expert for the CIA and other U.S. intelligence agencies, is attracting much attention for his report concluding that Russia’s military offensive in Georgia last year was coordinated with a pre-arranged civilian cyber-attack on the country. What appears to have gone unrepo ›
CyberCRIME

Brief Insight Into the Life of a Convicted Hacker

"In it, a convicted young hacker who got into hacking at an early age, got caught by the authorities, was given a suspended prison sentence and got slapped by huge fines, answers questions about himself. Provided it’s genuine (and it seems that way from the answers), it’s a fascinating opportunity: I bet many of you wanted to know the motivations, habits ›
CyberATTACK

Hacker Hits RBS WorldPay Systems Database

A Romanian hacker well-known for discovering SQL injection vulnerabilities in high-profile Websites has struck again -- this time on RBS WorldPay's site, where he says he hit the jackpot, the company's database. The hacker, who goes by "Unu," says he accessed RBS WorldPay's database via a SQL injection flaw in one of its Web applications. RBS WorldPay maint ›
CyberCRIME

Sweetbay hacker takes deal

A computer hacker who was once a federal informant and was a driving force behind one of the largest cases of identity theft in U.S. history pleaded guilty Friday in a deal with prosecutors that will send him to prison for up to 25 years. Albert Gonzalez, 28, of Miami admitted pulling off some of the decade's most prominent hacking jobs - invading the computer systems of ›
CyberSECURITY

Government works toward a more proactive cybersecurity approach

Initiatives to detect and respond to cyberattacks are a preliminary step in protecting federal computer networks against hackers and will be followed by efforts to preempt attacks, the Homeland Security Department's cybersecurity chief said on Thursday. The remarks by Gregory Schaffer, appointed assistant secretary of DHS' Office of Cybersecurity and Commun ›
CyberSECURITY

Your Movements Speak for Themselves: Space-Time Travel Data is Analytic Super-Food!

Mobile devices in America are generating something like 600 billion geo-spatially tagged transactions per day. Every call, text message, email and data transfer handled by your mobile device creates a transaction with your space-time coordinate (to roughly 60 meters accuracy if there are three cell towers in rang ›
CyberATTACK

Hacker pleads guilty in identity theft scam defrauding Wal-Mart

A Sacramento, California, hacker pleaded guilty to charges of fraud and identity theft for his involvement in an international cyberscam that used personal information stolen with phishing sites to open fraudulent Wal-Mart credit accounts. Tien "Tim" Truong Nguyen pleaded guilty on Tuesday, the day before his case was set to go to trial, according to IDG Ne ›
CyberTHREATS

Security experts warn of possible worm hitting Vista

A group of top security analysts and researchers say the latest Windows security hole, for which there is no patch, leaves hundreds of millions of Windows Vista PCs wide open for infection by a Conficker-like Internet worm. Security experts didn't express much concern about Conficker when it first began to spread sporadically last fall, taking advantage of ›
CyberSECURITY

Snooping risk as hackers target mobile code

A wave of mobile phone snooping is set to be unleashed within the next six months as a group of hackers mounts a concerted effort to crack the security code for the GSM mobile phone system, used by about 3bn people around the world. The Chaos Computer Club, an influential, Germany-based hacking community with more than 4,000 members, is co-ordinating worldw ›
CyberSECURITY

Unknowable Emergencies Drive Cybersecurity Planners to Wargame Responses

As lawmakers consider giving the president emergency powers in case of an online attack, many in the field are offering scenarios for how to define a cybersecurity emergency and how far the government should reach to contain an attack. (FoxNews) ›