The Department of Transportation’s Inspector General said while the FAA has taken steps to install more sophisticated systems to detect cyber intrusions in some air traffic control facilities, most sites have not been upgraded. And there is no timetable yet to complete the project, the IG said.

FAA spokeswoman Laura Brown said the agency is working on a timetable and will notify the IG with that information soon. The FAA also said that upgrades to critical air traffic control systems have taken precedence over the intrusion detection improvements at a number of facilities.”

(The Associated Press: FAA computers still vulnerable to cyberattack)

The subject on everyone’s minds was cyber attacks – computer hacking into systems for fun and profit and international intrigue. The Black Hat convention, which costs up to $5,000 to attend, and the much cheaper Defcon convention, (a bargain at only $140 – cash only) dealt directly with such security issues. The phrase I kept hearing over and over while visiting the conferences for a series of NewsHour stories was that attendees wanted to learn from the bad guys, in order to better defend against online attacks. “

(Black Hat and Defcon Founder Jeff Moss: What Is the ‘Hacker Mindset?’ | The Rundown News Blog | PBS NewsHour | PBS)

However, cyber attacks and malicious code are now being designed that look to actually take over systems that perform functions in major companies including critical systems in the financial and power industries. Many of these attacks are executed taking advantage of security holes in the Windows operating system.”

(Source: DailyTech – Hackers Target Power Plants and Physical Systems)

The new version of the app, released July 19, does not stow users’ banking info and deletes previously stored baking info.

Citi does not believe that criminals exploited the security flaw, which was revealed in a routine security review, and that clients should be unaffected, “

(Source: Citi Alerts Customers to Security Flaw with iPhone Banking App | App Security Problems | TechNewsDaily)

In 2009, the Obama administration provided nearly $4 billion to upgrade and digitize the nation’s electric grid and other utilities using Smart Grid technology. Since then, utility companies have been scrambling to roll out programs to install the new technology before federal funding dries up, often without regard for security, said Jonathan Pollet, the founder of the security consulting firm Red Tiger Securities.

‘The utilities were in a mad grab for money, and almost every major utility was able to submit applications for almost free money,’ he said.”

(Source: Power grid upgrades could pose security risks, experts says – KansasCity.com)

The password protects the database used in Siemens’ Simatic WinCC SCADA system, which runs on Windows operating systems. SCADA, short for ‘supervisory control and data acquisition,’ systems are programs installed in utilities and manufacturing facilities to manage the operations. SCADA has been the focus of much controversy lately for being potentially vulnerable to remote attack by malicious outsiders who might want to seize control of utilities for purposes of sabotage, espionage or extortion.”

(SCADA System’s Hard-Coded Password Circulated Online for Years | Threat Level | Wired.com)

During the hearing, the committee looked into future research and development necessities and began to decide who will be responsible for overseeing the plan.

‘We are well aware of the critical role that IT networks play in managing much of our day-to-day activity—from online banking to systems that make sure there is food on grocery store shelves,’ said Subcommittee Chairman David Wu. ‘Our growing reliance on networks has made us more vulnerable to cyber attacks and has increased the potential for such attacks to have far-reaching and crippling effects. Now more than ever, we need to focus on the development of tools and technologies to prevent, detect, and respond to cyber attacks.’

Attribution technologies are important in determining the source of Internet and network threats. This is vital to ensure privacy and penalize attackers.”

(Source: Cyber Attack Attribution Important to Cybersecurity, Says Committee | Executive Gov)

The hacker, who is described as a 26 year old male from Tunisia, launched the attacks after a Brisbane hosting provider — which Computerworld Australia will not name — left a permission level too low on an Apache server.

A manager at the provider said the exploit was present in an obscure program on the provider’s servers, which the hacker used in the mass defacements that included the hosting provider’s websites.

The hacker provided links to his Facebook, Myspace and Blogger accounts, along with a phone number based in Romania.”

(Source: Hacker wrecks 175 websites, leaves Facebook fan link – network access control (NAC), exploits and vulnerabilities, defacements – Computerworld)

Surveillance cameras caught up to seven people loading the computers into two trucks for nine hours.

U.S. Special Operations Command coordinates the activities of elite units from the Army, Navy, Air Force and Marines. A spokeswoman said Tuesday that none of the stolen laptops contained military information or software.”

(Source: Thousands of laptops stolen during nine-hour heist – Yahoo! News)

More than 460 computers infected with malicious computer codes assaulted 25 websites, including that of South Korea’s presidential Blue House, on Wednesday as they are programmed to attack every July 7, said Jeong Seok-hwa, a police officer handling investigations on the cyberattacks.

‘But the attacks were so weak that there were no problems in accessing the sites,’ he said.

An analysis of an infected computer in Seoul showed that it was programmed to attack every July 7 and the malicious computer codes used were identical to those mobilized last year, said Hyun Jae-sub, another police official.

Hyun said the attacks are traced to computers which were not vaccinated after the last year’s attacks. He said about 270,000 infected computers were involved in last year’s assaults.”

(Source: The Associated Press: Repeat of SKorea, US cyberattacks does no damage)