SecurityWeek RSS Feed

GSA Looks for Feedback on Improving Cybersecurity and Resilience

Mike Lennon — Mon, 20 May 2013 15:50:51 +0000

The U.S. General Services Administration (GSA) has issued a request for information (RFI) that it hopes will help make the federal government's cybersecurity more resilient.

DHS to Share Zero-Day Intelligence

Steve Ragan — Mon, 20 May 2013 14:32:53 +0000

The U.S. Department of Homeland Security (DHS) is developing a system that will enable classified vulnerability data to be shared with the private sector. The information, primarily Zero-Day vulnerability data, will be sold via a select group of service providers.

Sourcefire Enhances Malware Protection Portfolio to Track Malware Movement

Steve Ragan — Mon, 20 May 2013 14:11:54 +0000

On Monday, Sourcefire announced improvements to its Advanced Malware Protection (AMP) portfolio, which aims to offer customers more visibility into attack activity. This additional insight, the company said, will enable clients to detect, remediate, and control malware outbreaks faster.

Cyber Espionage Campaign Hits Organizations Around the Globe

Brian Prince — Mon, 20 May 2013 13:06:40 +0000

Researchers at Trend Micro shined a light on a cyber-espionage campaign that infected nearly 12,000 unique IP addresses spread across more than 100 countries.

Are Certificate Revocation Processes Putting the Internet at Risk?

Fahmida Y. Rashid — Mon, 20 May 2013 10:04:35 +0000

Recent problems with revoking SSL certificates have renewed discussion on whether the certificate system is still sufficient to protect users on the Internet.

Brobot: Information Sharing Lessons Learned

Rod Rasmussen — Mon, 20 May 2013 08:37:33 +0000

With Brobot as a Prime Example, it is Apparent that we Need a Large-scale, Machine-to-Machine Approach to Information Sharing.

Internet in 'Coma' as Iran Election Looms

AFP — Sun, 19 May 2013 19:56:40 +0000

TEHRAN - Iran is tightening control of the Internet ahead of next month's presidential election, mindful of violent street protests that social networkers inspired last time around over claims of fraud, users and experts say.

The authorities deny such claims, but have not explained exactly why service has become slower.

Yahoo Japan Suspects 22 Million IDs Stolen

AFP — Sat, 18 May 2013 04:51:40 +0000

TOKYO - Yahoo Japan Corp. has said it suspects up to 22 million user IDs may have been stolen during an unauthorised attempt to access the administrative system of its Yahoo! Japan portal.

US Authorities Seize Bitcoin Operator Accounts

AFP — Fri, 17 May 2013 14:43:55 +0000

WASHINGTON - US authorities seized the accounts of a Bitcoin digital currency exchange operator, claiming it was functioning as an "unlicensed money service business," court documents showed Friday.

Saudi Reports Attacks on Government Websites

AFP — Fri, 17 May 2013 14:17:50 +0000

RIYADH - Several government Internet sites have come under "coordinated and simultaneous" cyber attack, an information security spokesman in the oil-rich kingdom reported on Friday.

Italian Police Raid Hackers Who Took on Vatican

AFP — Fri, 17 May 2013 14:09:29 +0000

ROME - Italian police on Friday arrested four alleged hackers believed to belong to the activist group Anonymous for attacking websites, including those of the Vatican and the parliament in Rome.

The four have been placed under house arrest and communications police carried out a dozen raids.

Britain's Financial Times 'Hacked by Syrians'

AFP — Fri, 17 May 2013 09:21:18 +0000

LONDON - The website of Britain's Financial Times appeared to have been hacked on Friday by the Syrian Electronic Army, a mysterious group seemingly aligned with the regime of President Bashar al-Assad.

The High Financial Costs of Failed Trust

Jeff Hudson — Fri, 17 May 2013 06:28:20 +0000

Trust comes at a price. However, while IT security professionals understand this, they often treat trust as an afterthought. As a result, companies suffer the consequences in unexpected recovery costs and failed business relationships.

ESET Uncovers Cyber Espionage Campaign Targeting Government Agencies in Pakistan

Steve Ragan — Fri, 17 May 2013 05:46:25 +0000

Researchers at ESET have discovered a targeted cyber espionage campaign in Pakistan, which is attempting to compromise sensitive information from various organizations. While limited, traces of the same attack have also been discovered in other parts of the globe.

Malicious YouTube Pages Targeting Chrome Users

Steve Ragan — Fri, 17 May 2013 05:21:32 +0000

Researchers at Zscaler have discovered a fake YouTube page that is hosting malicious Chrome extensions. Such pages, as seen in the past, prey on the uninformed users with poorly patched systems to spread malware.

Four Lulzsec Hackers Sentenced to Jail in Britain

AFP — Fri, 17 May 2013 02:27:17 +0000

LONDON - Four members of the LulzSec international hacking group were sentenced to prison terms in Britain on Thursday for masterminding cyber attacks on major global institutions, including Sony Pictures and the CIA.

Online Crime Leaves $525 Million Price Tag for Consumers

Brian Prince — Thu, 16 May 2013 17:45:48 +0000

Crime may not pay, but it definitely costs consumers money – particularly in the world of cybercrime.

Malicious Mac OS X Backdoor Signed With Valid Developer ID Found on Activist's Computer

Fahmida Y. Rashid — Thu, 16 May 2013 13:21:04 +0000

Mac OS X Spyware Found On Users’ System Who Attended Oslo Freedom Forum

Researchers found malware which acts as a backdoor for OS X on a computer belonging to an activist attending the Oslo Freedom Forum this week.

Internet Explorer 10 Scores High Among Web Browsers for Malware Blocking

Brian Prince — Thu, 16 May 2013 13:05:44 +0000

A new analysis by NSS Labs puts Microsoft Internet Explorer 10 ahead of the pack when it comes to browser protections against malware downloads.

Preparing for an Attack: 5 Tips for Organizations

Marc Solomon — Thu, 16 May 2013 11:08:12 +0000

While it’s Important to Continue to Bolster Defenses, we Need to Increase our Resiliency in the Face of Relentless Attacks.

Palo Alto Networks Hardware Gets EAL4+ Certification Stamp

Mike Lennon — Thu, 16 May 2013 10:51:09 +0000

Network security vendor Palo Alto Networks, today announced that its next generation firewalls have achieved Common Criteria certification at Evaluation Assurance Level 4+ (EAL4+), making Palo Alto Networks firewalls validated for deployment in critical infrastructures, ranging from national governments to enterprise and financial institution networks.

Fixmo Launches Mobile DLP Solution for SharePoint

Mike Lennon — Thu, 16 May 2013 10:22:59 +0000

Fixmo, a provider of mobile security and risk management solutions, today launched Fixmo SharePlace, a data leakage prevention (DLP) solution designed to provide secure and compliant remote access to Microsoft SharePoint from iOS and Android devices.

Managing Security with the Business in Mind

Nimmy Reichenberg — Thu, 16 May 2013 09:38:58 +0000

Today’s businesses must be able to rapidly adapt to changing market conditions – to support a new venture, merger/acquisition, etc. As business needs change, so too must the underlying security policies.

Universities Offer Practical Advice for Securing DNS

Steve Ragan — Thu, 16 May 2013 09:14:49 +0000

The Research and Education Networking Information Sharing and Analysis Center, or REN-ISAC, recently issued an alert to administrators and IT staffers at some of the world’s most notable institutions of higher learning that urges them to take the matter of securing DNS seriously.

New Yorker Launches Online Anonymous Tip System

AFP — Thu, 16 May 2013 08:56:59 +0000

NEW YORK - The New Yorker magazine on Wednesday unveiled a new online system for anonymous whistleblower tips, based on technology developed by the late Internet activist Aaron Swartz and a former hacker.

AirWatch Takes $25 Million Investment from Accel Partners

Mike Lennon — Thu, 16 May 2013 08:48:20 +0000

AirWatch, a provider of mobile security and mobile device management (MDM) solutions, on Tuesday announced that it has taken a $25 million investment from VC firm Accel Partners.

Podcast: Stephen Ridley Talks Entrepreneurship, Security Research Highlights

Ryan Naraine — Thu, 16 May 2013 04:29:57 +0000

PARIS - In this episode of Security Conversations, Ryan Naraine talks to security researcher Stephen Ridley

PushDo Malware is Back Again: Resurfaces With Advanced Capabilities

Fahmida Y. Rashid — Wed, 15 May 2013 19:13:49 +0000

Despite four takedowns in five years, PushDo is back, complete with new features designed to make the botnet more resilient and elusive, researchers said.

Barracuda Networks Boosts DDoS Protection in Web Application Firewall

Steve Ragan — Wed, 15 May 2013 15:22:51 +0000

On Wednesday, Barracuda Networks released version 7.8 of their Web Application Firewall (WAF), which was developed with the aim of lowering the impact Distributed Denial of Service (DDoS) attacks have on an organization.

McAfee Launches Biometric Protection Suite

Steve Ragan — Wed, 15 May 2013 14:19:33 +0000

McAfee pulled the curtain back on a new biometric protection suite on Tuesday, promising uniform data protection across multiple platforms, including Mac OS X, iOS, Windows, and Android.