Cybersecurity |
Sponsored by |
|
While Russia and Ukraine are generally regarded as today's main cybercrime hubs, "a lot of their infrastructure is housed in the west, in the United States to be precise," writes Vincent Hanna of Spamhaus Project. "Without exception, all of the major security organizations on the Internet we know of agree that the 'Home' of cybercrime in the western world is a place known as Atrivo/Intercage. We ourselves have not come to this conclusion lightly but from many years of dealing with criminal operations hosted by Atrivo/Intercage, gangs of cybercriminals -- mostly Russian and East European but with several US online crime gangs as well -- whose activities always lead back to servers run by Atrivo/Intercage..." more
Multiple US federal agencies are grappling with a global cyberattack exploiting a flaw in the widely-used MOVEit software. The US Cybersecurity and Infrastructure Security Agency (CISA) is working closely with the affected agencies to understand the impact and expedite remediation efforts. more
State and county election officials across the country employ thousands of computers in election administration, most of them are connected (from time to time) to the internet (or exchange data cartridges with machines that are connected). In my previous post I explained how we must audit elections independently of the computers, so we can trust the results even if the computers are hacked. more
A report released over the weekend by Information Warfare Monitor along with an exclusive story by the New York Times, revealed a 10-month investigation of a suspected cyber espionage network (dubbed GhostNet) of over 1,295 infected computers in 103 countries. 30% of the infected computers are labeled as high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. Greg Walton, editor of Information Warfare Monitor and a member of the Toronto academic research team that is reporting on the spying operation, writes... more
Recent research conducted by the Independent Advisor reveals that a significant number of accounts, exceeding 340 million, have been compromised due to business data breaches within the first four months of 2023. Notably, Twitter experienced the largest breach this year, impacting approximately 235 million user accounts. more
"Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet," wrote renowned security expert, Bruce Schneier, in a piece published in Lawfare. more
A group of security researchers have succeeeded in cracking over 320 million passwords which were made public in an encrypted blacklist. more
The first joint cyber security exercise between the EU and US is being held today in Brussels, with the support of the EU's cyber security Agency ENISA and the US Department of Homeland Security. The day-long table-top exercise, named "Cyber Atlantic 2011", is using simulated cyber-crisis scenarios to explore how the EU and US would engage each other and cooperate in the event of cyber-attacks on their critical information infrastructures. more
The Anti-Phishing Working Group (APWG) recently reported that the number of sites infecting PCs with password-stealing crimeware reached an all time high of 31,173 in December 2008 - an 827 percent increase from January. And according to a report just released by Trend Micro's Focus Report, 93 percent of data-stealing malware have been identified as Trojans in the first quarter of 2009. more
The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments and other espionage targets has caused deep concern inside American intelligence agencies, raising the question of whether America's own elite operatives have been hacked and their methods revealed. more
How bad is the human security weakness problem? Verizon's 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement. This involvement can mean misconfigurations, poor security policy implementation, negligence, and falling prey to social engineering schemes. Essentially, a vast majority of data breaches have penetrated cyber defenses because of human carelessness, inconsistencies, and gullibility. more
The internet activity of everyone in UK will have to be stored for one year by Internet service providers, under the new surveillance law plans. "This duty would include forcing firms to hold a schedule of which websites someone visits and the apps they connect to through computers, smartphones, tablets and other devices. Police and other agencies would be then able to access these records in pursuit of criminals -- but also seek to retrieve data in a wider range of inquiries, such as missing people." more
In a perfect world, consumers recognize authentic emails from fake, update their operating system, browser and anti-virus software, and have a healthy skepticism about the safety of the Internet. The bad guys hate perfect, so we should be working with consumers to stop them. ... Organizations like mine are joining forces to recruit consumers -- who are also your customers and employees -- in the fight against cybercrime. more
New York state is proposing new rules requiring banks and insurance companies to establish cybersecurity programs and designate an internal cybersecurity officer. more
The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week. more
A World-Renowned Source for Internet Developments. Serving Since 2002.