Saturday, April 3, 2010

Moving Beyond "Compliance Think" in Online Banking



Moving Beyond "Compliance Think" in Online Banking Security

April 2, 2010 - Francois Lasnier




Francois Lasnier
A change is happening in the security of online banking. In October 2005, the FFIEC provided guidance requiring the banking industry to provide stronger security controls to ensure the safety of online transactions. This set in motion a flurry of changes, but the effort has not been able to keep up with the ever-increasing sophistication of online threats. The time has come for stronger security, but the focus needs to be protecting end users -- not simply meeting compliance requirements.

One of the greatest threats to the implementation of strong security controls is "compliance think" -- the phenomenon of working to meet compliance requirements, rather focusing on action that meets the need identified by the guidance. 






Online threats are evolving, and it is imperative that security solutions achieve the transaction safety that customers are demanding - not simply meet regulatoryrequirements. 

Compliance think led the industry to find the lowest common denominator for many security solutions - what would be the fastest most cost effective way to pass a compliance audit? While this approach certainly raised awareness for the security industry as a whole, the solutions deployed largely created the illusion of security, rather than actually making customers' online experiences more secure. Many solutions promised to provide a broad range of protection for online activity, but the financial industry has discovered that these solutions have fallen short of keeping up with the evolving threat landscape.

The health of any economy can be roughly charted as an inverse relation to the number of bank robberies in a given area: bad economy, more robberies. With a global recession, we've seen a rise in the availability of software made to attack financial web sites, as well as highly organized crime groups, and so the number of "virtual" bank robberies continues to rise relatively unabated. It seems the applied security solutions in the United States today have done little to stop online theft and fraud.This demonstrates that "compliance think" has provided a pass mark on the compliance regulation, but not complied with the intention of regulation, which is the protection of online transactions.
Financial institutions of all sizes must now evaluate their current security solutions and gauge their effectiveness against the rapidly changing threat landscape. Phishing and other social engineering attacks will always be a threat and should be addressed with ongoing consumer/employee education. The solutions that will provide real protection and survive a security review are those that can defend against sophisticated, technology-based attacks that occur without the end user involvement.
To defend against Man-In-The-Middle (MITM) and Man-In-The-Browser (MITB) attacks, financial web sites must implement transaction-specific authentication in addition to user authentication. This is a move beyond the passive authentication used for most retail banking applications and many cash management applications, beyond one-time passwords (OTP), even beyond Challenge/Response (C/R) solutions. These solutions have provided security layers, but stop short of protecting online transactions from attack.
Transaction-specific authentication, also called transaction signing, is a method for verifying the integrity of the financial transaction. This ensures that online transactions received by the bank are exactly the transactions the customer intended to perform. In this model, the online customer would be provided with a token (i.e., smart card, USB stick, etc.) that provides the ability to verify the transaction with a PIN or passphrase. With this technology in place, additional capabilities such as secure document signing also can be implemented.
The typical end user does not fully comprehend the sophistication of new attacks. They trust their financial institutions to provide a safe online experience. Online threats are evolving, and it is imperative that security solutions achieve the transaction safety that customers are demanding - not simply meet regulatory requirements.
Source: Antiphishing Working Group (www.antiphishing.org).
Francois Lasnier is the Vice President and General Manager of the Security business in North America for Gemalto, the world leader in digital security. For Gemalto, Lasnier maintains a focus on identity security and data protection for both the government and enterprise sectors. He is equally committed to security education and advocacy through Gemalto's online resource www.JustAskGemalto.com, which provides answers to consumer questions about how to better enjoy the safety and conveniences of the digital world.  Lasnier's history with Gemalto spans several years, beginning in the banking sector within the product development team; he managed the first smart card implementation to use Visa's Java-based Open Platform, now an industry standard.  Previously, Lasnier worked in program management with smart card-based electronic toll collection systems and RFID-based vehicle identification systems in Tokyo.  Lasnier received his master's degree in electrical engineering and computer science.


Reblog this post [with Zemanta]

Moving Beyond "Compliance Think" in Online Banking



Moving Beyond "Compliance Think" in Online Banking Security

April 2, 2010 - Francois Lasnier




Francois Lasnier
A change is happening in the security of online banking. In October 2005, the FFIEC provided guidance requiring the banking industry to provide stronger security controls to ensure the safety of online transactions. This set in motion a flurry of changes, but the effort has not been able to keep up with the ever-increasing sophistication of online threats. The time has come for stronger security, but the focus needs to be protecting end users -- not simply meeting compliance requirements.

One of the greatest threats to the implementation of strong security controls is "compliance think" -- the phenomenon of working to meet compliance requirements, rather focusing on action that meets the need identified by the guidance. 






Online threats are evolving, and it is imperative that security solutions achieve the transaction safety that customers are demanding - not simply meet regulatoryrequirements. 

Compliance think led the industry to find the lowest common denominator for many security solutions - what would be the fastest most cost effective way to pass a compliance audit? While this approach certainly raised awareness for the security industry as a whole, the solutions deployed largely created the illusion of security, rather than actually making customers' online experiences more secure. Many solutions promised to provide a broad range of protection for online activity, but the financial industry has discovered that these solutions have fallen short of keeping up with the evolving threat landscape.

The health of any economy can be roughly charted as an inverse relation to the number of bank robberies in a given area: bad economy, more robberies. With a global recession, we've seen a rise in the availability of software made to attack financial web sites, as well as highly organized crime groups, and so the number of "virtual" bank robberies continues to rise relatively unabated. It seems the applied security solutions in the United States today have done little to stop online theft and fraud.This demonstrates that "compliance think" has provided a pass mark on the compliance regulation, but not complied with the intention of regulation, which is the protection of online transactions.
Financial institutions of all sizes must now evaluate their current security solutions and gauge their effectiveness against the rapidly changing threat landscape. Phishing and other social engineering attacks will always be a threat and should be addressed with ongoing consumer/employee education. The solutions that will provide real protection and survive a security review are those that can defend against sophisticated, technology-based attacks that occur without the end user involvement.
To defend against Man-In-The-Middle (MITM) and Man-In-The-Browser (MITB) attacks, financial web sites must implement transaction-specific authentication in addition to user authentication. This is a move beyond the passive authentication used for most retail banking applications and many cash management applications, beyond one-time passwords (OTP), even beyond Challenge/Response (C/R) solutions. These solutions have provided security layers, but stop short of protecting online transactions from attack.
Transaction-specific authentication, also called transaction signing, is a method for verifying the integrity of the financial transaction. This ensures that online transactions received by the bank are exactly the transactions the customer intended to perform. In this model, the online customer would be provided with a token (i.e., smart card, USB stick, etc.) that provides the ability to verify the transaction with a PIN or passphrase. With this technology in place, additional capabilities such as secure document signing also can be implemented.
The typical end user does not fully comprehend the sophistication of new attacks. They trust their financial institutions to provide a safe online experience. Online threats are evolving, and it is imperative that security solutions achieve the transaction safety that customers are demanding - not simply meet regulatory requirements.
Source: Antiphishing Working Group (www.antiphishing.org).
Francois Lasnier is the Vice President and General Manager of the Security business in North America for Gemalto, the world leader in digital security. For Gemalto, Lasnier maintains a focus on identity security and data protection for both the government and enterprise sectors. He is equally committed to security education and advocacy through Gemalto's online resource www.JustAskGemalto.com, which provides answers to consumer questions about how to better enjoy the safety and conveniences of the digital world.  Lasnier's history with Gemalto spans several years, beginning in the banking sector within the product development team; he managed the first smart card implementation to use Visa's Java-based Open Platform, now an industry standard.  Previously, Lasnier worked in program management with smart card-based electronic toll collection systems and RFID-based vehicle identification systems in Tokyo.  Lasnier received his master's degree in electrical engineering and computer science.


Reblog this post [with Zemanta]

Internet (Lack of) Security News through 4/3













Internet Security News
This Free IT-Security news feed is provided by E-Secure-IT; the most comprehensive and complete Business Risk Management Intelligence Service and IT-Security Risk and Threat Early Warning Service available in the market today.   Visit us at www.e-secure-it.com or email more-info@e-secure-it.com for more information on our available services.







































































































































































































































 Judge refuses to drop charge in Palin hacking case 
 (from juneauempire at 3-4-2010) 
 The man accused of hacking Sarah Palin’s e-mail in 2008 can be charged with trying to obstruct the investigation before it even started, a federal magistrate in Knoxville ruled Tuesday. The judge in the case against David C. Kernell, 22, refused to dismiss a charge of anticipatory obstruction of justice, saying the law may be violated “even if no investigation is open at the time of the conduct.” Defense attorney Wade Davies of Knoxville declined comment, saying he had not reviewed the dec... read more» 
   
 





 Chinese journalists under online attack 
 (from 3news at 3-4-2010) 
 An organisation for foreign journalists based in China has become the latest victim of cyberattacks targeting the websites or e-mail accounts of human rights groups and reporters focused on China. Cyberattacks linked to China have gained more attention since Google accused Chinese hackers in January of trying to plunder its software coding and of hijacking the Gmail accounts of human rights activists protesting Beijing's policies. The Foreign Correspondents' Club of China said in an e-mail... read more» 
   
 





 Cyberwar Attack on U.S. Central Command - A foreign government’s computer hackers were found lurking on a classified U.S. military network in 2008 
 (from freehacking at 3-4-2010) 
 More than 20 years ago, the United States realized that having an advantage in “intangible factors” — more information, better communications, greater precision — was as important as having more tanks or airplanes. Some call it a “force multiplier.” Cyber capabilities are a force multiplier. Having an “informational advantage” makes U.S. forces more effective. The people who plan to fight us are looking for ways to undo that advantage. Cyberattack is one. These are not hypothetical capabiliti... read more» 
   
 





 New bill seeks sanctions against global cybercrime 
 (from oregonlive at 3-4-2010) 
 Last Tuesday, according to Katherine Noyes of the E-Commerce Times, the Senate introduced a bipartisan bill called the International Cybercrime Reporting and Cooperation Act: "The new legislation will help the U.S. identify threats from abroad and work with other countries to crack down on their own cybercriminals. It will also recommend cutting off U.S. assistance and resources for countries that refuse to take responsibility for cybersecurity." Sen. Orrin Hatch (R-Utah), co-sponsor of the b... read more» 
   
 





 The Department of Justice's Efforts to Combat Identity Theft 
 (from Bankinfosecurity at 3-4-2010) 
 The Department of Justice issued its report on the audit of its efforts to combat identity theft done by the Office of the Inspector General evaluate how DOJ has communicated and implemented its strategy to combat identity theft.... read more» 
   
 





 The Faces of Fraud 2010 
 (from Bankinfosecurity at 3-4-2010) 
 I overheard someone at the recent RSA Conference saying that there were three main themes to the event: Cloud computing, cloud computing, cloud computing. Well, I'd say there was a competing theme, and it's emerging as the storyline of 2010: Fraud, fraud, fraud. Payment cards, ACH, ATM - these are the forms of fraud that have made the biggest news so far in 2010. But there's another variation preying upon banking institutions, too, and it deserves its own headlines. Let's talk about fi... read more» 
   
 





 More Heartland-Related Fraud Detected 
 (from Bankinfosecurity at 3-4-2010) 
 A Florida credit union must issue 12,000 new debit cards after new fraud attempts traced back to the Heartland Payment Systems data breach. The MidFlorida Federal Credit Union's is taking this action, according to chief operating officer Kathy Britt, because of the continued risk of fraud. Britt says the $1 billion-asset, Lakeland, FL-based credit union already reissued new cards to about 5,000 of its members in 2009, after the breach was made public. Britt says the new replacements follow... read more» 
   
 





 East China city refutes "world malware capital" label 
 (from People at 3-4-2010) 
 It was "technically impossible" for a city in east China's Zhejiang province to be the "world's malware capital," as the only Internet service provider had a Mail Abuse Prevention System installed, according to police and experts Friday. "It is technically impossible for hackers to launch large scale attacks from servers in Shaoxing city," said municipal police and a team of experts in a statement. When an IP address sends a certain amount of spam, it will be automatically disconnected, sa... read more» 
   
 





 Whole Foods Scam Hits Facebook 
 (from SecurityProNews at 3-4-2010) 
 People should stay clear of Facebook Pages that speak of $500 Whole Foods gift card giveaways. Several have been identified and shut down, but scammers keep creating new ones tempting users until Facebook and Whole Foods employees notice them and respond again. As for what, exactly, the problem is, Caroline McCarthy wrote earlier today, "The fan page asks Facebook users to add it as a fan, thus pushing awareness of the page through those users' Facebook networks, and then asks them to fill ou... read more» 
   
 





 Protect the U.S. from cyber attacks (Rep. Yvette D. Clarke) 
 (from TheHill at 3-4-2010) 
 Securing our critical electronic infrastructure from cyber attack has become one of the most significant national security challenges for the United States in the 21st century. Surprisingly, the technological fixes to this challenge may be easier to solve than the underlying policy questions. One of the most fundamental and vexing problems for policymakers is defining the role of the Federal government in defending against nation state-level cyber attacks against critical infrastructure. Th... read more» 
   
 





 Private papers found in trash 
 (from middletownjournal at 3-4-2010) 
 For several weeks, a mound of city documents containing Social Security numbers, phone numbers and carbon copies of checks filled a Dumpster at Smith Park, where they were accessible to anyone. The Journal received a tip that led to the discovery of countless junked records containing personal information for Middletown residents, along with blueprints, contracts and tax papers. Most appear to have originated in the city’s public works and utilities department, with a few from the police a... read more» 
   
 





 Unencrypted personal info of LPL Financial clients on stolen device 
 (from databreaches at 3-4-2010) 
 According to a letter sent by Marc Loewenthal, Senior Vice President and Chief Security/Privacy Officer to the New Hampshire Attorney General’s Office, on February 24, the firm learned that a portable drive containing unencrypted personal data on clients was stolen from the car of financial advisor Christian D’Urso. The information on the undisclosed number of clients included names, addresses, dates of birth, and Social Security numbers.... read more» 
   
 





 Web site of China-based journalist club attacked 
 (from SFGate at 3-4-2010) 
 An organization for foreign journalists based in China has become the latest victim of cyberattacks targeting the Web sites or e-mail accounts of human rights groups and reporters focused on China. Cyberattacks linked to China have gained more attention since Google Inc. accused Chinese hackers in January of trying to plunder its software coding and of hijacking the Gmail accounts of human rights activists protesting Beijing's policies. The Foreign Correspondents' Club of China said in an ... read more» 
   
 





 Hackers hit China foreign correspondents club website 
 (from Yahoo at 3-4-2010) 
 China's foreign journalists association said Friday it had taken its website offline after it was targeted in repeated denial-of-service attacks. The Foreign Correspondents' Club of China (FCCC) said it did not know who was behind the attacks but that they originated from Internet addresses in both China and the United States. However, it noted the "physical location of the servers does not tell us much since hackers can use any machine they have been able to exploit."... read more» 
   
 





 Hacker held for duping job aspirants 
 (from indianexpress at 3-4-2010) 
 The Delhi Police arrested a professional hacker on Friday who led a gang which allegedly duped hundreds of youths by promising them jobs as technicians and airline crew. Police identified the accused as Amritesh and said they are raiding several places in Delhi to nab his associates. Amritesh, the police said, had hacked a popular job website — he would find out probable victims and stay in touch with them until they paid money for the promised job.... read more» 
   
 





 Conficker: 'Headless Botnet' Still Infecting Windows Users 
 (from EWeek at 3-4-2010) 
 Researchers say the notorious Windows worm has created a "headless botnet" - but one that continues to maintain a hold of millions of computers. A year after the infamous April 1 doomsday deadline, the investigation into the masterminds of the worm continues. On April 1, 2009, the Conficker worm played an April Fools’ Day joke of its own on those who predicted an Internet meltdown. But instead of a meltdown, infected computers only got a slight update in functionality, followed by brief at... read more» 
   
 





 Seeking Competitive Advantage, For Malware 
 (from Slashdot at 3-4-2010) 
 Brian Krebs over at the must-read KrebsOnSecurity.com writes about the rivalry between two competing authors of nasty credential-stealing malware. The newer (SpyEye) can remove the older (Zeus) on any system it infects. Meanwhile, Zeus is so successful prices have gone way up for the new version. These 'crimeware kits' are freely available for purchase, and have enabled millions of dollars in thefts. The buyers of the kits prey primarily on small businesses by using wire transfers out of bank ac... read more» 
   
 





 US One Step Closer To Electric Grid Cyberguards 
 (from Slashdot at 3-4-2010) 
 The US Department of Energy this week officially opened up the bidding for a National Electric Sector Cyber Security Organization that would protect the nation's electrical grid from cyber attacks. According to the DOE: the agency has set an aggressive goal to meet the nation's need for a reliable, efficient and resilient electric power grid, as well as improved accessibility to a variety of energy sources for generation. In order to achieve this, an independent organization is needed to prov... read more» 
   
 





 Top executives need to be involved in IT security, says report 
 (from TechWorld at 3-4-2010) 
 Organisations with top executives who aren't involved in cybersecurity decisions face a serious problem - a major hit to their bottom lines, according to a new report. "Many organisations see cybersecurity as solely an IT problem," said Karen Hughes, director of homeland security standards programs at the American National Standards Institute (ANSI), one of the major sponsors of the new report. "We are directing a wake-up call to executives nationwide. The message is, this is a very serious issu... read more» 
   
 





 Forrester offers advice on social media security 
 (from v3 at 3-4-2010) 
 Acceptable usage policies, content security tools, and a strong governing process including user education are all vital if firms are to reap the rewards from allowing social networking use while protecting themselves from the manifold risks, according to Forrester. In a new report, To Facebook Or Not To Facebook, analyst Chenxi Wang argued that social media is becoming entrenched in the enterprise but that information security managers are worried about increased security risks, such as malw... read more» 
   
 





 NIST Special Publication 800-37 Revision 1 - Guide for Applying the Risk Management Framework to Federal Information Systems 
 (from NIST at 3-4-2010) 
 In accordance with the provisions of FISMA, the Secretary of Commerce shall, on the basis of standards and guidelines developed by NIST, prescribe standards and guidelines pertaining to federal information systems. The Secretary shall make standards compulsory and binding to the extent determined necessary by the Secretary to improve the efficiency of operation or security of federal information systems. Standards prescribed shall include information security standards that provide minimum infor... read more» 
   
 





 Mapping and Measuring Cybercrime (Public Forum) - Oxford Internet Institute - Webcasts 
 (from webcast.oii.ox.ac at 3-4-2010) 
 This public panel discussion focuses on the most appropriate ways of measuring and mapping Cybercrime to inform legislative, research and policy debates. This follows an all-day invited forum on the topic, and will highlight the day's findings.... read more» 
   
 





 Africa: Continent at Risk of Being Used as Base for Internet Attacks 
 (from Allafrica at 3-4-2010) 
 Africa, already burdened with the misnomer of being the "dark" or "forgotten" continent is soon set to get a new name; "vulnerable". We, the citizens of this hapless continent, are now being described as the harbingers of doom of a technological kind. Computers owners on the continent are being described as being part of a global assault machine that is being likened to a weapon of mass destruction (WMD).... read more» 
   
 





 Nokia.de(faced) - Nokia.de have been notified of the defacement 
 (from SunbeltBlog at 3-4-2010) 
 I’m almost certain this shouldn’t be on the Nokia.de webspace, lurking under the “online.nokia.de” subdomain: Don’t worry though, Admin – they “just changed your index”. This isn’t the first time Nokia domains have come under attack. The above defacement – by an Albanian hacker called “Spammer” – seems eager to let the webmaster know they can help with the bugs, but I’m pretty sure an email would have been just as useful. Nokia.de have been notified of the defacement, but I’ve had no word ... read more» 
   
 





 30-Year Computer Ban for Sex Offender Overturned 
 (from Wired at 3-4-2010) 
 Just in time for the iPad launch, a federal appeals court Friday overturned a 30-year computer ban imposed on a sex offender caught in an online police sting. Mark Wayne Russell, 50, was arrested in 2006 after traveling from his home in Columbia, Maryland to a location in Washington D.C. where he expected to meet a 13-year-old girl he’d sexually solicited in a chat room. The “girl” was actually an undercover cop, and Russell was ultimately sentenced to 46 months in prison and ordered not to “... read more» 
   
 





 Law Against Police Bumper Stickers Unconstitutional 
 (from Wired at 3-4-2010) 
 A local Ohio ordinance making it a crime for civilians to display bumper stickers of police organizations is unconstitutional, a federal judge says. The First Amendment decision by U.S. District Judge Michael Barrett blocks the suburban Village of Lockland from enforcing the minor-misdemeanor statute, and comes after a nationwide scattering of similar decisions overturning ordinances forbidding citizens from wearing police and military garb.... read more» 
   
 





 Opera alerts EU to hidden Windows browser-ballot 
 (from The Register at 3-4-2010) 
 Just when it seemed like Microsoft's European anti-trust tangle on browser choice in Windows was over, trouble is stirring again. Opera Software has told The Reg that it has informed the European Union of a possible problem with a fix that was designed to make Internet Explorer in Windows comply with EU antitrust law. Opera has also informed Microsoft. Opera said the browser-ballot screen Microsoft introduced to Windows so users could pick a browser rather than take Internet Explorer by defau... read more» 
   
 





 30-Year Computer Ban for Sex Offender Overturned 
 (from hackingexpose at 3-4-2010) 
 Mark Wayne Russell, 50, was arrested in 2006 after traveling from his home in Columbia, Maryland to a location in Washington D.C. where he expected to meet a 13-year-old girl he’d sexually solicited in a chat room. That inflexible ban on computer use is “substantively unreasonable” and “aggressively interferes with the goal of rehabilitation,” ruled the U.S. Court of Appeals for the District of Columbia.... read more» 
   
 





 DHS Cybersecurity Awareness Campaign Challenge 
 (from Schneier at 3-4-2010) 
 DHS Cybersecurity Awareness Campaign Challenge This is a little hokey, but better them than the NSA: The National Cybersecurity Awareness Campaign Challenge Competition is designed to solicit ideas from industry and individuals alike on how best we can clearly and comprehensively discuss cybersecurity with the American public. Key areas that should be factored into the competition are the following: * Teamwork * Ability to quantify the distribution method ... read more» 
   
 





 Perhaps Australia has something to worry about after all 
 (from MSDN at 3-4-2010) 
 A couple of months ago, I posted an article that my own internal statistics did not suggest that Australia was a hotbed of zombie activity. This was a follow up response to a previous post where I highlighted that Australia was kicking infected zombie PCs off their networks (or at least quarantining them). At the time, I said that Australia does have some spam and zombie activity associated with it but it appears to be a small player compared to the others like the US, South Korea, China, Braz... read more» 
   
 





 Your Friday Cyber Break 
 (from nextgov at 3-4-2010) 
 What is Moonlight Maze? No, not the latest installment of the popular Twilight saga. Rather, it's the code name for a 1998 cyber attack on NASA, the Pentagon and the Energy Department. The attack, which originated in Russia, was one of 33 major cyber incidents in the United States from 1997 to 2010, according to Aviation Week.... read more» 
   
 





 Risky business: FISMA reform hinges on managing the risks 
 (from Government Computer News at 3-4-2010) 
 Given the persistent concerns about protecting the government’s computer systems, the most recent of many congressional hearings on how to fix the Federal Information Security Management Act was perhaps as maddening for its old refrains as it was encouraging for the renewed desire to deal with them. It certainly was no surprise that witnesses testifying late last month before the House Oversight and Government Reform Committee's Government Management, Organization and Procurement Subcommittee... read more» 
   
 





 Senators ramp up cyberwar rhetoric 
 (from NetworkWorld at 3-4-2010) 
 The authors of a recently introduced U.S. Senate bill today urged the country to prepare for a cyberwar in an editorial that is likely to further dismay those who favor toning down the rhetoric stemming from the recent attacks against Google . U.S. Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine), who earlier this month proposed the Cybersecurity Act, today warned in the The Wall Street Journal that the country is at risk of cyberwar.... read more» 
   
 





 DOE pitches $10M for energy cybersecurity 
 (from FCW at 3-4-2010) 
 The Energy Department has finally announced details of the grant it will award for setting up a National Electric Sector Cyber Security Organization, which will be the major authority charged with protecting the electricity grid. The good news is that it’s worth around $10 million. The bad news is that potential applicants have less than a month -- until April 30 -- to pull their applications together. The National Energy Technology Laboratory is managing the process for DOE. The depar... read more» 
   
 





 Majority Of New Malware: Banker Trojans 
 (from SecurityProNews at 3-4-2010) 
 Unfortunately for the rest of the world, PandaLabs has determined that malware makers are still hard at work. And unfortunately for everybody's finances, malware makers aren't content to churn out little "gotcha" tricks, instead focusing more than anything on banker Trojans. Here are all of the unpleasant details in one bite: PandaLabs declared in a statement, "[T]he amount of new malware in circulation has continued to increase at a record pace. In this first quarter, the most prevalent cat... read more» 
   
 





 Is Vietnam conducting surveillance via malware? 
 (from hostexploit at 2-4-2010) 
 I’ve been following reporting on the discovery of a new botnet in Vietnam with interest. McAfee and Google both posted information on the botnet on Tuesday the 30th, and the Wall Street Journal, Washington Post and New York Times all ran pieces on the phenomenon yesterday. Collectively, they offer an insight in just how difficult it is to report about internet abuse, hacking and “Cyberwar”....read more» 
   
 





 Botnets drive the rise of ransomware 
 (from Net-Security at 2-4-2010) 
 Ransomware is the dominating threat with nine of the detections in the malware top ten list resulting in either scareware or ransomware infesting the victim's PC. Fortinet observed the primary drivers behind these threats to be two of the most notorious botnet "loaders" - Bredolab and Pushdo. Another important finding is the aggressive entrance of a new zero-day threat in FortiGuard's top ten attack list, MS.IE.Userdata.Behavior.Code.Execution, which accounted for 25 percent of the detected acti... read more» 
   
 





 Beware fake eBay security alert 
 (from Net-Security at 2-4-2010) 
 Red Condor issued a warning of a new blended email threat that appears to be a security alert from eBay. The email message with the subject line "eBay Procedural Warning - Security Alert," is addressed to "Dear eBay Member," and warns recipients that the sender has "detected security issues on behalf of your account." The email warns that to correct the issue, users "have to download and install the eBay Security Shield." The embedded link in the email actually takes user to a likely compromi... read more» 
   
 





 eDiscovery Summit Debuts October 18-20, 2010 - Cobb Galleria and Performing Arts Center in Atlanta, Georgia 
 (from prlog at 2-4-2010) 
 Atlanta, GA (April 2, 2010) - A new educational conference and trade show, the eDiscovery SummitTM, premieres in Atlanta, October 18-20, with unique, interactive learning opportunities for anyone involved in the procurement, production, and dissection of electronically stored information (ESI), along with high-tech vendors who will demonstrate the latest in eDiscovery technology and services. At the convocation, industry-recognized experts in the legal, technology, security and information go... read more» 
   
 





 Mozilla beats Apple, Microsoft to Pwn2Own patch punch 
 (from ComputerWorld at 2-4-2010) 
 Mozilla late yesterday patched a critical Firefox vulnerability used by a German researcher to win $10,000 for hacking the open-source browser at last week's Pwn2Own contest. In a repeat of 2009, Mozilla was the first browser maker to patch a bug exploited at Pwn2Own. In fact, the company improved on its performance by fixing the newest flaw only eight days after Nils, a researcher who works for U.K.-based MWR InfoSecurity, hacked Firefox. Last year, Mozilla took 10 days to come up with its P... read more» 
   
 





 Clouded views on privacy 
 (from NetworkWorld at 2-4-2010) 
 Privacy and cloud computing have recently been in the news, with stories coming out of academia (Yale University) and government oversight agencies (Canadian Privacy Commissioner). Both, in my view, got it wrong. First up, and easiest to deal with, is Yale. George Bush's alma mater recently decided to adopt Google Applications for Education, which would include changing from Horde e-mail to Gmail. (See the Yale Daily News story here.). This IT decision has been roundly denounced by some facul... read more» 
   
 





 How to detect a phishing site, the Google way 
 (from Net-Security at 2-4-2010) 
 Google analyzes millions of pages per day when searching for phishing behavior. This kind of activity is, of course, not done by people but by computers. The computers are programmed to look for certain things that will identify the page as a phishing site. Those things are actually the same things that users should check when evaluating if a page is legitimate or not. According to a post on Google's official online security blog, the first step is looking at the URL- Does it contain words... read more» 
   
 





 Department Of Justice supports the associated press's proposed digital news registry 
 (from justice at 2-4-2010) 
 The Department of Justice announced today that it supports a proposal by The Associated Press (AP) to develop and operate a voluntary news registry to facilitate the licensing and Internet distribution of news content created by the AP, its members, and other news originators. The department said that the development and operation of the registry is not likely to reduce competition among news content owners and could provide procompetitive benefits to both participating content owners and conten... read more» 
   
 





 Organised cyber crime on the rise 
 (from 3news at 2-4-2010) 
 Organised cyber crime rings all over the world are stalking children online and stealing money and identities. One company trying to combat this is Symantec, the makers of the Norton anti virus. In the first of his series on the growth of the internet David farrier got a tour around the company's headquarters in Los Angeles: With the growth of the internet, many commentators say cyber-crime may have outgrown the drugs trade.... read more» 
   
 





 Melissa Hathaway on Quantifying the Value of Cybersecurity 
 (from executivebiz at 2-4-2010) 
 Melissa Hathaway, author of the 60-day White House cybersecurity review and former acting senior director for cyberspace at the National Security Council, is promoting the American National Standards Institute and the Internet Security Alliance’s 76-page report “The Financial Management of Cyber Risk.” She writes, “This excellent guide for the C-suite puts forth the right questions to help organizations be proactive in managing their risk and exposure that is derived from their digital depend... read more» 
   
 





 Collecting Computers into Evidence 
 (from dfinews at 2-4-2010) 
 After obtaining a search warrant from a magistrate, detectives went to the subject’s place of business and served him with the warrant. The warrant alleged the subject was using stolen and/or forged customer information and credit card data to commit online fraud and identity theft. Listed in the search warrant was the property to be seized, namely any computers and software that could be used to capture or create credit card numbers. Upon entering the premises, detectives discovered a deskt... read more» 
   
 





 Police put spotlight on IPv6 
 (from thinq at 2-4-2010) 
 Police have drafted a plan to watch over the 340 trillion trillion trillion Internet addresses being issued under IPv6, the root and branch reform of addressing being done to stop the internet running out of space. The proposal was presented to a closed international meeting of police officers and four of the world's five Regional Internet Registries (RIRs) in London on March 17th. It is among a clutch of policies police have suggested the Internet industry should adopt to help them catch cyb... read more» 
   
 





 Crimes 'involving Facebook up 346 pc', police force claims 
 (from Telegraph at 2-4-2010) 
 Incidents of abuse or other crimes allegedly involving the social networking site reported to Nottinghamshire Police rose sharply between April 2009 and February this year. The force recorded 13 such reports between April 2008 and March 2009, it said. In the following 11-month period, this number leapt to 58. This led to six people being charged with offences, compared with three the previous year.... read more» 
   
 





 UKNOF 14 videos 
 (from portfast at 2-4-2010) 
 To see the video, please visit this URL: http://media.portfast.net/uknof/uknof14/04-neil_long-team_cymru_update.html... read more» 
   
 





 A Virtual Vietnam War 
 (from govinfosecurity at 2-4-2010) 
 It's not quite a declaration of war, but Rep. Loretta Sanchez is set to do battle with Vietnam over using malware to illicitly monitor the Internet activity of human rights and democracy activists. Sanchez, the California Democrat who chairs the House Armed Services subcommittee with cybersecurity jurisdiction and co-chairs of the Congressional Caucus on Vietnam, said in a statement Thursday that she's outraged that Vietnam's government has been using the Net as a weapon against its own peopl... read more» 
   
 





 Threat Bulletin: Trojan.Dosvine DDoS Against Vietnamese Web Sites 
 (from ArNnet at 2-4-2010) 
 Symantec Security Response has discovered that a piece of malware detected as Trojan.Dosvine was used on Monday in a distributed denial of service (DDoS) attack against the Vietnamese online community. This is the latest instance in what appears to be a growing trend of malware being used for political purposes. Initial reports on this attack have compared it to the Trojan.Hydraq/Aurora incident from earlier this year. However, this comparison is not entirely accurate since the motive behind ... read more» 
   
 





 Blackhats cynically exploit tragic and salacious breaking news stories to subvert legitimate websites 
 (from itsecurityportal at 2-4-2010) 
 It has become routine for attackers to compromise web content in order to distribute malware with sites often being abused in a variety of different ways once compromised. Every day, new malicious campaigns are discovered taking advantage of the hottest news stories on the internet to spread malware; many of them profiting from high profile deaths and disasters. With this significant problem in mind, Sophos has published a probing white paper analysing how attackers have created automated ... read more» 
   
 





 Shortened URL Security Threat on Twitter Overblown? 
 (from NetworkWorld at 2-4-2010) 
 Concern over the danger of shortened URLs may be overblown, according to a report released Wednesday by a researcher with security firm Zscaler. Zscaler made the announcement in the wake of news from Twitter, which recently said it has implemented a new security system to scan all URLs posted in tweets to protect users from malicious sites. Popular URL-shortening site bit.ly made a similar move in November. But the security may not be as necessary as previously thought. While Twitter and the ... read more» 
   
 





 Should we be afraid of Chinese hackers? ...Or lost cyber war (Part III) 
 (from securecyber at 2-4-2010) 
 In addition to the full access to Windows OS that proved to be vulnerable to endless exploits, China chooses FreeBSD as basis for secure OS. The Washington Times recently reported that "China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies." What a bold move! No wonder that many security specialists are serio... read more» 
   
 





 DHS studying global response to Conficker botnet 
 (from Computer World at 2-4-2010) 
 One year after the Conficker botnet was front-page news around the world, the U.S. Department of Homeland Security is preparing a report looking at the worldwide effort to keep it in check. The report, to be published within the month, shows how an ad hoc group of security researchers and Internet infrastructure providers banded together into an organization they called the Conficker Working Group. Its goal was to address what was at the time the world's most serious cyberthreat.... read more» 
   
 





 Mobile Virus 'MMS Bomber' Rampant, Millions of Mobile Phones in China Impacted 
 (from PR Newswire at 2-4-2010) 
 Recently a new mobile virus named "MMS Bomber" has run rampant in China, and millions of Chinese mobile phones were impacted, reported Beijing Business News. The National Computer Network Emergency Response Technical Team/Coordination Center of China has alerted mobile users that the targets of the virus are mobile devices with S60 3rd OS, mostly Nokia and Samsung smart-phones. The virus is disguised as an application; once installed, the virus will automatically connect to the internet and s... read more» 
   
 





 Should the Government Stop Outsourcing Code Development? 
 (from Schneier at 2-4-2010) 
 Information technology is increasingly everywhere, and it's the same technologies everywhere. The same operating systems are used in corporate and government computers. The same software controls critical infrastructure and home shopping. The same networking technologies are used in every country. With all of this sameness, you'd think these technologies would be designed to the highest security standard, but they're not. They're designed to the lowest or, at best, somewhere in the middle.... read more» 
   
 





 HNNCast for the fourth week of March 2010 
 (from Security Tube at 2-4-2010) 
 Lead Stories * PWN20WN Roundup, TJX Case Progresses, FBI/FSB Partnership, China Google Book Closed? News * DOD v. CIA over Honeypot, BitDefender.shoot(foot), Gimme that Skipfish, Hacker Challenge Overly Challenging, French Hacker Croll Fried, Mariposa Vodiphone Update Quickies * Sophos is a SPAM Sphincter, Baidu sues Register.COM, Sweeden gets Turkey on deFace, Anonymous Back at It, Watch-ova-ya ATM cards, Medical Breach, PNC an Inside Job, Ausie Autistic Outage, Pizza with Anchovies an... read more» 
   
 





 HNNCast for the third week of March 2010 
 (from Security Tube at 2-4-2010) 
 Lead Stories * Iranian Revolutionary Guard Goes Hax0r, PKKompromise, Facebook Wack-A-Mole, More on Waldec body-b49, Troyak Hanging On News * Kaspersky Kops, TJX Takedowns Progress, Skimming the Seamstresses, Gala Sentencing Highlights Lax UK Punishments Quickies * Online Casinos Catch Crooks Attention, Zeus to Adopt True MFA Before Banks – LOL, RFID That Can’t Be Cloned, KHG CO Defacements, Lady Ada Day, Weekly Con Call, Phrack 67 CFP... read more» 
   
 





 Cybersecurity bill first step in fixing controversial FISMA 
 (from compliancehome at 2-4-2010) 
 Lawmakers and the White House on Wednesday called for changes to long-standing federal information security policies that would require vendors to incorporate safeguards into systems when they are being built rather than later in the development process -- an approach that could significantly affect federal contractors' products and services. Rep. Diane Watson, D-Calif., introduced on Monday the 2010 Federal Information Security Amendments Act (H.R. 4900), which would update the 2002 Federal ... read more» 
   
 





 Norton Appoints Adam Palmer as Lead Cybersecurity Advisor 
 (from Zibb at 2-4-2010) 
 Norton from Symantec announced that it has appointed Adam Palmer as Norton Lead Cybersecurity Advisor. Palmer joins Symantec from the .ORG Top Level Domain Registry, where the cybersecurity program he introduced was named one of the major online security successes of 2009 by the Anti Phishing Working Group (APWG).... read more» 
   
 





 Top 10 positions in a hacker organization 
 (from India Times at 2-4-2010) 
 1. Coders/programmers: They write malware code used by the criminal enterprise. 2. Distributors: They trade and sell stolen data and act as vouchers for the goods provided by other specialists. 3. Tech experts: They maintain the hack organisation's IT infrastructure, including servers, encryption technologies, databases, and the like. 4. Hackers: They search for and exploit applications, systems and network vulnerabilities. 5. Fraudsters: They create and deploy various social engineering sch... read more» 
   
 





 Concern over surge in banking Trojans 
 (from Network World at 2-4-2010) 
 Trojans made up nearly two thirds (61 percent) of all new malware identified during the first quarter of 2010, says PandaLabs. According to the security firm's Q1 2010 report, the majority of these were banking trojans. The security firm named Spain as the most infected country, with 35 percent of all its PCs infected with malware. The USA was second as 17 percent of its PCs have malware installed on them, while Mexico was in third place with five percent of its PCs infected.... read more» 
   
 





 Experts call for cybercrime legislation adoption 
 (from securityvibes at 2-4-2010) 
 Cybersecurity experts from most of the leading European countries have called for the global adoption of the Budapest Convention on Cybercrime, which has been signed by most Eu nations but is yet to be adopted by many of the most powerful countries around the world. At a Council of Europe cybersecurity conference in Strasbourg last week, experts said a global convention was needed to tackle the global nature of internet-borne security threats and called for greater backing of the Budapest con... read more» 
   
 





 USB Trojan tops BitDefender’s March e-threat report 
 (from sourcewire at 2-4-2010) 
 The independent resource for hi-tech and business journalists USB Trojan tops BitDefender’s March e-threat report. Trojans continue to dominate the latest threat report issued by leading antivirus software vendor BitDefender. Topping the list with 13% of total global malware is Trojan.AutorunInf.Gen, a generic mechanism designed to spread through removable devices that often appears in such reports. The infamous Kido or Conficker, Win32.Worm.Downadup.Gen, ranks second with a score of 6.... read more» 
   
 





 New Law Lets Banks Recover Data Breach Costs 
 (from esecurityplanet at 2-4-2010) 
 Washington last week became the third state to pass legislation that will allow banks to recover certain costs and damages from retailers and credit card processors that suffer data breaches after failing to comply with current Payment Card Industry (PCI) standards. The law, which goes into effect on July 1 in Washington, follows similar laws passed in the states of Minnesota and Nevada and marks a fundamental change in the way government and private sector industries assign responsibility an... read more» 
   
 





 Israel Is Serious About Cyberwarfare 
 (from Military at 2-4-2010) 
 For Israel's chief of military intelligence, "cyberspace has become the fifth dimension of warfare, following land, sea, air and space." The nation has long had its hand in this secretive mission area, but Maj. Gen. Amos Yadlin's comments are the first public acknowledgment of just how serious the Israeli military views the domain. The use of cyberspace "is as important to warfare today as the advent of air support was to warfare in the 20th century. It combines all the elements of a military... read more» 
   
 





 White House wants online authentication standards 
 (from pindebit at 2-4-2010) 
 President Obama has created a group called the National Strategy for Secure Online Transactions. The charge of the organization is to produce a framework that may eventually lead to U.S. citizens using strong authentication when conducting business on the Internet. The vision of the group is: “To improve the trustworthiness and security of online transactions by facilitating the establishment of interoperable trust frameworks and implementation of improved authentication technology and proces... read more» 
   
 





 Google fails to renew licence in China 
 (from Guardian at 2-4-2010) 
 Google has not renewed its licence to be an "internet content provider" in China, signalling the end of its ambition to provide search and other internet services inside the country's "Great Firewall" which filters out content deemed sensitive by its government. The annual licence, which is issued by the Chinese government, expired at the end of March. Holding an ICP licence is a prerequisite for providing web and internet searches originating inside the Chinese mainland – although it can sti... read more» 
   
 





 The criminal NSA eavesdropping program 
 (from Salon at 2-4-2010) 
 While torture and aggressive war may have been the most serious crimes which the Bush administration committed, its warrantless eavesdropping on American citizens was its clearest and most undeniable lawbreaking. Federal District Judge Vaughn Walker yesterday became the third federal judge - out of three who have considered the question - to find that Bush's warrantless eavesdropping program was illegal (the other two are District Judge Anna Diggs Taylor and 6th Circuit Appellate Judge Rona... read more» 
   
 





 Select Security Software with Care and Caution 
 (from enterprise-security-today at 2-4-2010) 
 Choosing a computer security Relevant Products/Services program these days can be a daunting task. More than 20 companies offer security software, and each has multiple versions of its software. Depending on features, the programs can range in price from free to $70 or more. Meanwhile, you may have heard that Microsoft Relevant Products/Services has been battening down Windows Relevant Products/Services, making its operating system Relevant Products/Services and related programs more secure. ... read more» 
   
 





 The real economics of security 
 (from Computer Weekly at 2-4-2010) 
 The Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) have just published a guide "The Financial Management of Cyber Risk: An Implementation Framework for CFOs". It's the latest in a series of attempts to advise enterprises on how to justify expenditure on information security. It contains good advice, such as the need to focus more on the human factor. It also contains misguided advice, such as suggesting that a security budget can be based on annual loss ... read more» 
   
 





 CyberCrime Unit arrests in Manatee 
 (from Bradenton at 2-4-2010) 
 Bradenton police and members of the CyberCrime unit arrested 20-year-old Jonathon Crotty on Feb. 18 on charges of 15 counts of possession of child pxxxography. During a search of a residence in the 10200 block of 28th Avenue East in Palmetto, detectives found video files in Crotty’s possession showing children less than 18 years old forced into sex acts. Bradenton Police Department Detective Kevin Bunch said in his report at the time that estimates are the children in the videos were younger ... read more» 
   
 





 Officials: 29 arrested in cybercrime operation 
 (from Tampa Bay Online at 2-4-2010) 
 The 29 Central Florida men arrested in a seven-week cybercrime investigation include a military police officer, a hospital administrator and a Tampa man authorities say was abusing the two young daughters of a woman he molested when she was a child. "There's no typical predator," said Stephanie Bergen, section chief of the state's Child Predator Cybercrime Unit. "They're successful; they're students; they're unemployed." Two of the men arrested are registered sex offenders, officials said. O... read more» 
   
 





 Trends in Cybercrime: Report 
 (from esecurityplanet at 2-4-2010) 
 Sophisticated campaign tracking and dramatically increased use of social networking technologies, such as Facebook and Twitter, were two of the top trends in cybercrime in 2009, according to a new report released Tuesday. Criminal attacks using social networking sites increased by 500 percent between 2008 and 2009, according to the Blue Coat Web Security Report for 2009, by application delivery network provider Blue Coat Systems. That makes those sites the top focus for cybercriminals’ activi... read more» 
   
 





 Botnet research suggests progress in cybercrime war 
 (from TechTarget at 2-4-2010) 
 The recent arrests of those suspected of being connected to the Mariposa botnet and the legal action by Microsoft to take down the command and control of the Waledac botnet may be a sign that those defending the Internet are gaining ground against botnets and the cybercriminals behind them. But a complex web of legal and jurisdictional issues remain, said botnet expert Joe Stewart, director of malware research at SecureWorks Inc. In a wide ranging interview at the 2010 RSA Conference, Stewar... read more» 
   
 





 The Upcoming Black Hat Europe 2010 presentation 
 (from FORTINET at 2-4-2010) 
 In the middle of April in Barcelona, my co-worker Guillaume Lovet and I will give a presentation at Black Hat Europe 2010, which is named “Adobe Reader’s Custom Memory Management: A Heap of Trouble“. This talk focuses on the custom heap management, which is being used on Adobe Reader. In fact, when Adobe Reader is processing a PDF file, in most allocation cases, it does not directly use the system’s heap, but maintains its own heap management system on top of the system-level heap management ... read more» 
   
 





 Demand keeps growing for cyber-security workers 
 (from San Francisco Chronicle at 2-4-2010) 
 It may be hard to imagine a job posting for a program analyst that lists preserving the nation's freedoms and securing the homeland as the position's chief responsibilities. But as cyber-security has climbed up the list of national priorities, the federal government is poised to change that.... read more» 
   
 





 Analysis: a week in IT security 
 (from pcadvisor at 2-4-2010) 
 When it comes to security in IT, not a week goes by without a major discovery. We look at several stories that have cropped up recently to reveal the ongoing challenges invlved in protecting systems and data. When it comes to security in IT, not a week goes by without a major discovery. Whether it's the first sightings of a serious iPhone exploit or a new Captcha-conquering bot. To illustrate this, I've decide to take a look at several of stories that have cropped up.... read more» 
   
 





 Court rules US warrantless wiretapping was illegal 
 (from v3 at 2-4-2010) 
 A US government warrantless wiretapping system set up in the wake of the September 11th attacks has been ruled illegal by a federal judge. In a 45 page ruling [PDF] District Court Judge Vaughn Walker ruled that the National Security Agency's (NSA) wiretapping of the now defunct Al-Haramain Islamic Foundation, a Saudi Arabian-backed charity, was in violation of the Foreign Intelligence Surveillance Act (FISA).... read more» 
   
 





 The Day the Web Turned Day-Glo 
 (from BBC at 2-4-2010) 
 Bill Thompson is pleased to see the punk ethic alive and well online. Anyone with a few minutes to spare online might enjoy visiting Chatroulette - the finest expression of punk mentality from the emerging internet generation that I've yet come across. It's not hard to play, as there are only three rules. You have to be aged 16 or over. You're asked to "please stay clothed". And you can alert the management by clicking F2 "if you don't like what you see".... read more» 
   
 





 Security Firm's April Fool's Advice: Deter Hackers With Romance 
 (from PCWorld at 2-4-2010) 
 Who says security vendors don't have a sense of humor? Sophos Inc. today urged companies to consider hiding sensitive data in snippets of romantic literature or other diversionary text to protect the data from hackers. In an April Fool's Day press release, the company said its research shows that hackers can be sidetracked from their mission to steal corporate data when enterprise networks are flooded with romantic fiction. (See also "Top 10 April Fools' Day Fake News Items for 2010.")... read more» 
   
 





 Insider Threat: Your Greatest Risks 
 (from healthcareinfosecurity at 2-4-2010) 
 Insider crimes are among the biggest threats to public and private sector organizations. And yet too many groups continue to struggle to prevent or even detect these crimes. In an exclusive interview, Dawn Cappelli of Carnegie Mellon University's Software Engineering Institute, discusses: * Insider threat trends; * Biggest challenges for organizations looking to prevent crimes; * Steps organizations can take to reduce risk. Cappelli is Technical Manager for the Threat and Inci... read more» 
   
 





 Report: Ransomware, Botnets On The Rise 
 (from CRN at 2-4-2010) 
 Ransomware experienced an upsurge in March, propelled by an explosion in botnet activity, while a malicious Internet Explorer attack is spreading rapidly across the globe, according to a Fortinet Threatscape Report released Thursday. One of the biggest threats this month was the emergence of an SMS-based ransomware attack, according to the Fortinet Threatscape report. The attack, dubbed DigiPog, is an SMS blocker that locks out a system and kills off popular applications such as IE and FireFo... read more» 
   
 





 Cancer Records Used for Credit Fraud 
 (from healthcareinfosecurity at 2-4-2010) 
 Four Florida women have been indicted for their alleged participation in a scheme to steal personal information about cancer patients and use it to obtain fraudulent credit accounts. In a somewhat similar recent case in Chicago, an identity theft ring relied on a janitor to steal personal information from patient files at a Chicago hospital, authorities say. The indictment filed in U.S. District Court of the Southern District of Florida alleges that Sharita Hubbard of Pompano Beach, Fla., sto... read more» 
   
 





 Now Is the Time to Prepare for Cyberwar 
 (from Wall Street Journal at 2-4-2010) 
 'If the nation went to war today in a cyberwar, we would lose. We're the most vulnerable. We're the most connected. We have the most to lose." Former Director of National Intelligence Mike McConnell delivered that bracing statement at a recent Senate hearing on cybersecurity. The information networks that nearly every American relies on are under constant attack by sophisticated cyber adversaries. These adversaries target our identities, our money, our businesses, our intellectual property, a... read more» 
   
 





 DHS studying global response to Conficker botnet 
 (from Computer World at 2-4-2010) 
 One year after the Conficker botnet was front-page news around the world, the U.S. Department of Homeland Security is preparing a report looking at the worldwide effort to keep it in check. The report, to be published within the month, shows how an ad hoc group of security researchers and Internet infrastructure providers banded together into an organization they called the Conficker Working Group. Its goal was to address what was at the time the world's most serious cyberthreat.... read more» 
   
 





 Conficker zombies celebrate 'activation' anniversary 
 (from The Register at 2-4-2010) 
 Thursday marks the first anniversary of the much hyped Conficker trigger date. Little of note happened on 1 April 2009 and machines infected by Conficker (aka Downadup) remain largely dormant, but an estimated 6.5 million Windows PCs remain infected with the threat. These machines are "wide open to further attacks", net security firm Symantec warns. The rascals behind the worm remain unknown and the purpose of the malware unclear. Some in the anti-virus industry, such as Raimund Genes, CTO o... read more» 
   
 





 Guide released to mitigate damage of cyberattacks 
 (from scmagazineus at 2-4-2010) 
 Two industry groups on Wednesday released a free guide that the authors hope will encourage financial executives within an organization to take the lead role in mitigating cyber-risks. The framework, developed by the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI), comes in response to the White House's release last May of the 60-day Cyberspace Policy Review. That report stated that between 2008 and 2009, American business losses due to cyberattacks grew ... read more» 
   
 





 BT mops up after flood and fire 
 (from The Register at 2-4-2010) 
 BT is restoring power to a central London network node that disastrously flooded and caught fire yesterday, but remains unable to say when services will return. The incident at Burne House in north Paddington crippled landlines, broadband and mobile services across the west of the capital. More than 430 local exchanges are connected to the site, so connectivity was also affected across swathes of the south east and further afield. "The flood water has been removed from the exchange building o... read more» 
   
 





 Trojans are biggest security threat 
 (from BCS at 2-4-2010) 
 A new report looking at security threats over the first quarter of 2010 has found that Trojans account for the majority of new malware. The study by Panda Security found that Trojans made up 61 per cent of all new infections while traditional viruses, previously a declining category, had made a resurgence. The report found that Spain was the worst affected country with more than a third of its computers tainted with malware. It also found that the tactic of tricking social network site ... read more» 
   
 





 The seven deadly sins of cloud security 
 (from TechWorld at 2-4-2010) 
 A security expert warns organisations making a foray into cloud computing that knowing familiar terms like multi-tenancy and virtualisation doesn't mean they understand everything about putting applications in the cloud. In the world of cloud computing, those technologies are thrown together to create a new class of applications with their own unique set of governance rules, said Jim Reavis, executive director with the Cloud Security Alliance (CSA). "This is a new epoch in computing," said Re... read more» 
   
 





 Police back down over MyPolice.org domain name 
 (from BBC at 2-4-2010) 
 The Government's police inspectorate has backed down after protests from social media activists over its choice of name for a new website. Her Majesty's Inspectorate of Constabulary (HMIC) had unveiled plans for a project called MyPolice.org.uk. But the name was already being used by a project started in 2009, intended to allow crime victims and others to report feedback to police forces. HMIC said it had chosen to stop using the name to avoid confusion.... read more» 
   
 





 The Sleuth Kit and Open Source Digital Forensics Conference will be held on June 9, 2010 at the Westfield Marriott in Chantilly, VA 
 (from basistech at 2-4-2010) 
 Join your fellow digital forensics and media exploitation colleagues at the first conference dedicated to using The Sleuth Kit and open source digital forensics tools. Whether you currently use open source digital forensics tools or just want to learn more about them, this event is a unique opportunity to network with colleagues and hear from leading open source developers. Scheduled to speak are Brian Carrier (author of “The Sleuth Kit”), Harlan Carvey, Simson Garfinkel, Dario Forte, Rob Joyce,... read more» 
   
 





 Ordnance Survey Makes Mapping Data Freely Available 
 (from hostexploit at 1-4-2010) 
 Mapping agency Ordnance Survey is making all of its data freely available to the public online, as part of a government drive to give people greater access to public information. Ordnance Survey’s geographical data has previously only been available free of charge to small-scale developers, and Ordnance Survey’s “fair use” policy required people to apply for commercial licenses at £5,000 a go once their website reached a certain limit.... read more» 
   
 





 Before Fire, Ukrainian Hosting Company Was Improving 
 (from hostexploit at 1-4-2010) 
 A Ukrainian hosting provider struck by fire last weekend had been taking steps in recent months to cleanse its network of servers used by cybercriminals, according to a security expert. Hosting.ua, based in Odessa, Ukraine, reportedly experienced a fire on March 27 that destroyed part of its infrastructure. The main Web page for the provider was still offline as of Wednesday, and efforts to reach officials there by e-mail and phone were unsuccessful.... read more» 
   
 





 Cyberwar Update: Progress Made, More Needed 
 (from hostexploit at 1-4-2010) 
 Cyberwar has been a popular topic on Internet Evolution lately, with two writers -- Kenneth Geers, US representative to the cyber center in Tallinn, Estonia (whose systems were attacked three years ago over a dispute with Russia); and Ira Winkler, a former NSA analyst -- weighing in on the threat. Meanwhile, in Washington last week, an FBI official -- Steven Chabinsky, deputy assistant director of the FBI's cyber division -- warned of cyberterrorists who "exploit our weaknesses" and "challeng... read more» 
   
 





 OSCE holds expert panel at French Gendarmerie meeting on tackling cyber threats 
 (from hostexploit at 1-4-2010) 
 An expert panel organized by the OSCE's Action against Terrorism Unit today at the Fourth International Forum on Cybercriminality, in Lille, France, discussed responses, countermeasures and the way forward in securing cyberspace. Some 1,500 participants from the public and private sector took part in the two-day Forum, organized by the French Gendarmerie. Building on previous efforts by the OSCE, the panel focused on a comprehensive approach to cyber security - an approach that strengthens... read more» 
   
 





 Relax, 99.94 percent of Short URLs Are Safe 
 (from hostexploit at 1-4-2010) 
 People worry about the safety of links spit out by URL shorteners because they disguise the destination site's domain name. They shouldn't, says a rep from security firm Zscaler: The majority of shortened links people post all the time on sites like Twitter are actually not malicious. Zscaler looked at 1.3 million URLs before Twitter put any protections in place. Surprisingly, only 773 links led to malicious content, a whopping .06 percent.... read more» 
   
 





 Cyber predator targeting Arab girls 
 (from hostexploit at 1-4-2010) 
 If you'll have the option to secretly access your friend's webcam, will you apply for this service? A website which offers "a unique spying" service had many girls fall prey to the nightmares of hacking. What started as a service offer ended into a spiral of threats and demands from an online predator.... read more» 
   
 





 US one step closer to cyber guards for nation's electric grid 
 (from NetworkWorld at 1-4-2010) 
 The US Department of Energy this week officially opened up the bidding for a National Electric Sector Cyber Security Organization that would protect the nation's electrical grid from cyber attacks. According to the DOE: the agency has set an aggressive goal to meet the Nation's need for a reliable, efficient and resilient electric power grid, as well as improved accessibility to a variety of energy sources for generation. In order to achieve this, an independent organization is needed t... read more» 
   
 





 Games on social networks increase spam and phishing by 50% 
 (from Net-Security at 1-4-2010) 
 In order to reach high scores, social entertainment applications require users to gather a considerable number of friends and supporters to play the same game, leading to player-development of social gaming channels, groups and fan pages to facilitate player interaction. Spammers and phishers exploit the increasing trend of social gaming with fake profiles and bots that send spam messages to groups, as a BitDefender case study shows. Unlike the regular social networking spam, when the user... read more» 
   
 





 Suggested Changes to FISMA Applauded by Breach Security 
 (from compliancehome at 1-4-2010) 
 The proposed changes to the Federal Information Security Management Act (FISMA) that were presented at a House subcommittee meeting are applauded by the pioneer in web application integrity, security and PCI compliance, Breach Security, Inc. Most important in the bill is the shift away from an input-centric focus to a more outcome-based one where evaluation of the effectiveness of security controls is key. Security experts at the highly respected SANS institute recommend a new outcome-based a... read more» 
   
 





 Report: Execs Need to Be Involved in Cyber Security Decisions 
 (from ITBusinessEdge at 1-4-2010) 
 According to a new report, executives who aren't involved in cyber security decisions pose a major threat to bottom lines. Lat year, security firm Finjan warned that the cost of cyber crime is running into trillions of dollars. Part of the goal of the report, called "The Financial Management of Cyber Risk," is to get executives like chief financial officers intimately involved in cyber security efforts, reports Computerworld. Larry Clinton, president of the Internet Security Alliance, notes ... read more» 
   
 





 Africa Could Become The Cybercrime Capital Of The World 
 (from PSFK at 1-4-2010) 
 According to a report presented on Cybersecurity at Cote D’Ivoire in 2008, cyber crime in Africa is growing faster than on any other continent. While estimates say that about 80 percent of PCs in the African continent are already infected with viruses and other malicious software, the more worrying news for cybersecurity experts is that broadband services are opening in the continent, which means more users would be able to access the web, translating into more viruses and spam from online fraud... read more» 
   
 





 Stalker jailed for planting child pxxx on a computer 
 (from Net-Security at 1-4-2010) 
 An elaborate scheme to get the husband of a co-worker he was obsessed with locked up in jail, backfired on Ilkka Karttunen, a 48-year from Essex. His plan was to get the husband arrested so that he could have a go at a relationship with the woman, and to do this he broke into the couple's home while they were sleeping, used their family computer to download child pornography and then removed the hard drive and mailed it anonymously to the police, along with a note that identified the owner.... read more» 
   
 





 “It doesn’t matter how you define cyberwar,” says Amit Yoran 
 (from thenewnewinternet at 1-4-2010) 
 A central debate in recent months has been over the issue of cyber warfare and whether or not one is occurring presently. Mike McConnell, currently of Booz Allen and former DNI, wrote an article in the Washington Post in which he said that the U.S. was currently engaged in a cyber war and was losing. In an interview with The New New Internet, author Jeff Carr discussed some of the difficulties in defining cyber warfare. During his speech at the recent RSA conference, White House Cybersecurit... read more» 
   
 





 ClearView keeps applications running even when hackers attack 
 (from TechWorld at 1-4-2010) 
 Researchers led by the Massachusetts Institute of Technology and funded by the Defense Advanced Research Projects Agency have developed software that keeps applications running during attacks, then finds and installs permanent patches to protect them. The ClearView system detects attacks by noting when applications perform outside their normal range of behavior, indicating an attack of some sort. To fend off attacks, it tries out a variety of patches on the fly, choosing the one that best return... read more» 
   
 





 MyPilotStore.com hack results in false charges on customers’ cards 
 (from databreaches at 1-4-2010) 
 On February 18, MyPlane, dba MyPilotStore.com, discovered that their database containing their customers’ names, addresses, telephone numbers, e-mail addresses, and credit card information had been hacked. According to the firm, some customers received a “nominal fake charge to their credit card by a company not associated with us.” By letter dated March 19, MyPilotStore notified the New Hampshire Attorney General’s Office of the steps they had taken upon discovery of the breach, including im... read more» 
   
 





 Realestate.com.au hit by cyber attack – what you can learn 
 (from smartcompany at 1-4-2010) 
 Businesses should learn from the recent incident at Realestate.com.au in which a private database was stolen in a cyber attack, and work with their web developers to ensure their website is as strong as possible. The incident, which is reportedly now being investigated by Victoria Police, occurred earlier this week. The site's subscriber database was accessed illegally, and had been used by a third party to send out emails requesting money for property inspections. The site has confirmed a... read more» 
   
 





 Hackers' 'Sick' Search Engine Attacks Revealed 
 (from infoZine at 1-4-2010) 
 The business of using blackhat Search Engine Optimisation (SEO) techniques to impregnate legitimate sites has become a huge money-spinner for cybercriminals. Every day scores of new malicious campaigns are discovered taking advantage of the hottest news stories on the internet to spread malware; many of them profiting from high profile deaths and disasters. With this significant problem in mind, leading IT security and data protection firm Sophos, has published a probing white paper analysing... read more» 
   
 


 


Reblog this post [with Zemanta]

Disqus for ePayment News