Cyberattack

US Government and Businesses Need Collaborative Procedures Against Major Cyberattacks, Warns Report

A new report warns that unless government and private sector decision makers begin developing specific procedures and trust now against cyber-enabled economic warfare (CEEW), the United States will find itself flat-footed during a major cyber event. more

Defending Against the Hackers of 1995

Two factor authentication that uses an uncopyable physical device (such as a cellphone or a security token) as a second factor mitigates most of these threats very effectively. Weaker two factor authentication using digital certificates is a little easier to misuse (as the user can share the certificate with others, or have it copied without them noticing) but still a lot better than a password. Security problems solved, then? more

New Threats Demand a New Approach to DDoS Protection

In the past 24 months, distributed denial of service (DDoS) attacks have changed profoundly. Gone are the days when attackers worked under the radar, when machines were infected by botnet code unknowingly and attacks were disguised leaving very little to trace the exact origin. ... The other game-changer: It's easier than ever to execute attacks. The tools are so widely available that anyone with basic skills and a high-speed connection can become a "hacktivist." more

Multi-Layer Security Architecture - Importance of DNS Firewalls

In today's world with botnets, viruses and other nefarious applications that use DNS to further their harmful activities, outbound DNS security has been largely overlooked. As a part of multi-layer security architecture, a DNS Firewall should not be ignored. After serving as a consultant for multiple organizations, I have encountered many companies that allow all internal devices to send outbound DNS queries to external DNS servers - a practice that can lead to myriad problems. more

Iran Among Countries Affected by a Cyberattack That Left U.S. Flag on Screens

A hacking incident over the weekend attacked networks in a number of countries including data centers in Iran where they left the image of a U.S. flag on screens along with a warning: "Don't mess with our elections." more

Security Experts Urge Shifting from Defense to Offense in Cybersecurity

A report, released today by McAfee, Inc., titled "Security Takes the Offensive," says that traditionally, security technology companies and computer users have taken a defensive posture, putting the cyber equivalent of body armor on computers, networks and in the cloud. The report's authors say it is now time to avoid enemy strikes altogether by taking a more aggressive stance, aligning forces and involving law enforcement. more

FBI Takes Down China-Backed Botnet, Facilitates Ransomware Negotiations

The FBI and international partners dismantled a China-backed botnet run by the Integrity Technology Group, a company linked to Chinese government espionage. more

Trump Names Former Bush Aide Thomas Bossert Chief Adviser on Cybersecurity, Counterterrorism Role

President-elect Donald J. Trump has named Thomas P. Bossert, a top national security aide under President George W. Bush, to be his homeland security adviser, the Trump transition team announced Tuesday morning," Michael D. Shear reporting in the New York Times. more

Cybercriminals Weaponize Bulk-Registered Domain Names

Domain names that can be rapidly acquired, used in an attack, and abandoned before they can be traced are a critical resource for cybercriminals. Some attacks, including spam and ransomware campaigns and criminal infrastructure operation (e.g., "botnets"), benefit particularly from the ability to rapidly and cheaply acquire very large numbers of domain names – a tactic known as bulk registration. more

Researchers Detail Faster Methods to Defeat Botnets Like Conficker and Kraken

Michael Cooney reporting in NetworkWorld: "Security researchers this week will detail a prototype system they say can better detect so-called Domain Name Generation- (DGA) based botnets such as Conficker and Kraken without the usual labor- and time-intensive reverse-engineering required to find and defeat such malware. The detection system, called Pleiades, monitors traffic below the local DNS server and analyzes streams of unsuccessful DNS resolutions..." more

ICANN Security Team Reports on Conficker Post-Discovery Analysis

A paper released today by ICANN provides a chronology of events related to the containment of the Conficker worm. The report, "Conficker Summary and Review," is authored by ICANN's Dave Piscitello, Senior Security Technologist on behalf of the organization's security team. more

EU Launches First European Public-Private Partnership on Cybersecurity, Plans $2B Investment

The European Commission has launched a new public-private partnership on cybersecurity expected to trigger €1.8 billion ($2B) of investment by 2020. more

SANS Develops Small-Scale City to Train Cyber Warriors

SANS has announced NetWars CyberCity, a small-scale city located close by the New Jersey Turnpike complete with a bank, hospital, water tower, train system, electric power grid, and a coffee shop. NetWars CyberCity was developed to teach cyber warriors from the U.S. Military how online actions can have kinetic effects. more

Chinese Hackers Had Access to Canadian Government Systems for Years, Report Reveals

For five years, Canadian government networks have been vulnerable to Chinese state-sponsored cyber espionage, according to a recent report by Canada's Communications Security Establishment (CSE). more

Kansas System Hacked, Social Security Numbers of Millions Accessed Spanning 10 States

Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. more