Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
"Nobody knows anything," screenwriter William Goldman (think "Butch Cassidy and the Sundance Kid" and "The Princess Bride") said famously of Hollywood. The same may be said of enterprise security. Word now comes that the Sony hack for which the FBI has fingered North Korea may, in fact, be the work of some laid-off and disgruntled Sony staff. But that's not clear, either. more
Pawn Storm, also known as Sednit, Fancy Bear, APT28, Sofacy, and STRONTIUM, is a cyber espionage organization operating for over a decade which has been particularly aggressive in the past few years. more
Former Yahoo CEO Marissa Mayer apologized today at the Senate Commerce, Science and Transportation hearing regarding massive data breaches at the internet company, blaming Russian agents. more
A new study has been released by Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th President that looks into cybersecurity manpower challenges in the United States. The report titled, "A Human Capital Crisis in Cybersecurity," is produced by CSIS - a bipartisan public and foreign policy think tank in Washington. more
U.S. intelligence officials are increasingly worried that hackers could wreak havoc on the financial system. Read the story here in National Journal. Not that we need it, but here's yet another reason to worry about havoc in financial markets: U.S. intelligence officials increasingly fear that computer hackers could wreck banks and large financial institutions, or send stock markets into one more panicked frenzy, by covertly manipulating data and spreading false information. more
A number of outlets have reported that the U.S. Post Service was hacked, apparently by the Chinese government. The big question, of course, is why. It probably isn't for ordinary criminal reasons: The intrusion was carried out by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud," USPS spokesman David Partenheimer said. ... But no customer credit card information from post offices or online purchases at usps.com was breached, they said. more
Modern networks can be attacked in a variety of ways, meaning that companies need different types of protection. This article explains some of the risks involved, and provides some easy ways to deal with them. more
The Cyberspace Solarium Report released today is another, in an endless string of reports, that disgorge from Washington committees dealing with the eternal mantra of "defending American interests and values in cyberspace." The challenges (and many reports) here trace back 170 years when transnational telecommunication internets emerged. The dialogue and reports scaled in the 1920s with the emergence of radio internets and cyber threats, then again in the early 1980s... more
Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." more
Garth Bruen writes: A report in LegitScript takes a look at Russian rogue Internet pharmacy hacking US government website. "As rogue Internet pharmacy networks become more sophisticated, even US government websites are at risk. Today, we're taking a look at how a rogue Internet pharmacy linked to a criminal network operating out of Russia and Eastern Europe has hacked into a US government website. The Millennium Challenge Corporation, a US foreign aid agency, utilizes a ".gov" top-level domain, which is assigned to the control of the US government. Domain names ending in .gov are typically administered by the General Services Administration." more
The 2010 Domain Pulse, hosted by SWITCH (the .CH registry) was held in the snowy Swiss city of Luzern. Domain Name Security (DNS) was of particular importance in this year's meeting with DNSSEC being implemented in the root zone in 2010 by ICANN, and by many registries in the next few years. ICANN plan to have all root servers signed with DNSSEC by mid-2010 Kim Davies, Manager, Root Zone Services at ICANN told the meeting, starting with the L root server, then A root server with the last being the J root server as all are gradually signed. more
The Biden administration has issued a stark warning to the nation's governors about the increasing threat of cyberattacks on the United States' water and wastewater systems. more
The United Kingdom's National Crime Agency (NCA) has been running a series of campaigns focused on reducing the use of DDoS-for-hire websites. These websites offer people the opportunity to purchase powerful tools to launch cyber-attacks, which can be used to knock websites or users offline. more
A new survey of security and IT leaders by csoonline.com sheds light on how organizations across industries are dealing with the COVID-19 crisis, how prepared they were when the pandemic first hit, how vulnerable they are, and what the long-term impact on companies may be. Unsurprisingly, the survey found there has been an increased number of employees working from home. more
In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more
A World-Renowned Source for Internet Developments. Serving Since 2002.