Cyberattack

Cyberattack / Most Viewed

New York’s Department of Financial Services Issues Cybersecurity Proposal

New York state is proposing new rules requiring banks and insurance companies to establish cybersecurity programs and designate an internal cybersecurity officer. more

Google Chrome Found Vulnerable to Carpet-Bombing

Just hours after the launch of Google's new web browser, reports have surfaced about its security vulnerability to carpet-bombing that can expose Windows users to hacker attacks. If exploited, hackers could potentially run unauthorized software on a victim's computer and then used to execute web-based computer attacks. Researcher Aviv Raff has discovered that it is possible to combine this vulnerability (also at one point affecting Apple Safari which uses the same WebKit technology used by Google's Chrome browser) and a Java bug discussed at this year's Black Hat conference, to trick users into launching executables direct from the new browser. more

Malware Authors, Distributors Increasingly Using Social Networks

Security experts warn the "clickjacking" attack on Twitter service last week is part of growing trend of social engineering attacks via social networks. VP of security firm RSA, Sam Curry, calls the social networking attacks "orthogonal attacks." As users have become aware of phishing attacks and other efforts to get at their personal data, hackers have turned to social networks and "brand attacks," like the recent CNN.com-spoofing Cease-Fire Trojan to spread malware that goes after the same information once installed on the victim's computer. more

Escalating US, Chinese Silent War on the Internet

Jason Mick reporting in DailyTech: "In the definitive cyberpunk novel Neuromancer, published in 1984, author William Gibson prophetically envisioned that wars of the future would be fought over the internet -- a new construct at the time. Today that prediction appears on the verge of coming true as we stand on the threshold of a vast digital battle. Agents in China, believed to be working for, or endorsed by the Chinese federal government are carrying out a secret cyberwar against the U.S. government and U.S. businesses. And that war appears to be escalating." more

Policy Review: Botnets are eWMD, electronic Weapons of Mass Destruction

The latest issue of Policy Review from the Hoover Institution, a public policy research center -- focused on advanced study of politics, economics, and political economy -- has an essay titled eWMDs – electronic weapons of mass destruction. The Policiy Review readers are warned that botnets should be considered a serious security problem and that "cyber attacks present a grave new security vulnerability for all nations and must be urgently addressed." more

Cyberattacks Listed as High-Impact Threat to North American Electric Grid

In a report released today by The North American Electric Reliability Corporation (NERC) and the U.S. Department of Energy (DOE), cyber attacks are among the top high-impact risks -- "with potential to significantly affect the reliability of the North American bulk power system." Certain protections and mitigations are already in place to address these risks, and this study has been released to help public utility commissions, and the federal government to further prepare for these potential risks. more

At Least One U.S. Voting Software Supplier Cyberattacked by Russians, According to Leaked Document

Russia's military intelligence agency launched a cyberattack just days before Election Day 2016 on a U.S. software supplier that provides voting services and systems, according to a top secret report posted Monday by The Intercept. more

ITU Criticized For Its Role in Cybersecurity Standardization

At EuroDIG, the first European Dialogue on Internet Governance, the scientists and experts of the Council of Europe have sharply criticised the International Telecommunication Union (ITU) for acting behind closed doors in its initiatives towards cybersecurity standardization. Bertrand de la Chapelle, godfather of the first EuroDIG on behalf of the French government, said EuroDIG should tell the ITU to allow all interest groups to participate in discussing new technology standards. The recent meeting in Strasbourg emphasized the idea of cooperation between governments, the industry and users as one of the central points to be presented at the UN Internet Governance Forum in Hyderabad. more

Criminals Regain Control of Srizbi Botnet, Spam Volume Rising

Experts are that the spam volumes may spike significantly over the next few days now that one of the world's largest networks of compromised computers used for blasting out junk email has been brought back to life, reports Brian Krebs of the Washington Post. "The Srizbi botnet, a collection of more than half a million hacked PCs that were responsible for relaying approximately 40 percent of all spam sent worldwide, was knocked offline two weeks ago due to pressure from the computer security community." more

China a Decade Into Sweeping Cyber Warfare and Espionage Capabilities

According to a report released today by the U.S.-China Economic and Security Review Commission, China is well into a "military modernization program that has fundamentally transformed its ability to fight high tech wars." The report further indicates that if Chinese operators are in anyway responsible for even some of the current exploitation efforts targeting US Government and commercial networks, "then they may have already demonstrated that they possess a mature and operationally proficient CNO [computer network operations] capability." more

Tactics for Responding to Cyber Attacks - Squeezing Your Cyber Response-Curve: Part 2

In part one of this post we introduced the cyber response curve. In this post, we have outlined some observations which illustrate how different level of maturity and approaches can affect your cyber response curve. more

Report Shows Substantial Rise in Phishing Attacks in 2008

According to a recent security report, the number of phishing attacks on financial services customers has increased dramatically this year, with fraudsters focusing on three banks whose customers they have judged to be particularly vulnerable. Just as phishing seemed to have slipped off the consumer radar, online fraudsters have leapt on the chance to capitalize on this false sense of security and have increased their phishing activity... more

Cybersecurity Lacking Coordinated Strategy for Sharing Intelligence

During yesterday's cyber security hearing held by the U.S. House Permanent Select Committee on Intelligence, experts expressed concern over lack of coordinated strategy or mechanism for sharing intelligence about intrusions with companies as well as the need for a systematic way for companies to share information with the government. "U.S. intelligence agencies are unable to share information about foreign cyber attacks against companies for fear of jeopardizing intelligence-gathering sources and methods," reports Ellen Nakashima of the Washington Post. Telecom companies may monitor and collect data to protect their own networks, but they cannot share that information freely with the federal government absent a court order, said James A. Lewis, the Canadian Security Intelligence Service (CSIS) commission program manager. more

US Law-Enforcement Agencies Reported to be at Risk in Foreign-Owned Buildings

US law-enforcement agencies are at risk of being spied on and hacked because some of their field offices are located in foreign-owned buildings without even knowing it. more

Energy Industry Number One Target by Cyber Criminals, According to New Study

Web security company, ScanSafe reports that, in the past quarter, companies in the Energy industry faced the greatest risk of Web-based malware exposure, at a 196% heightened risk compared to other verticals. The Pharmaceutical and Chemicals industry faced the second highest risk of exposure at 192% followed by the Construction & Engineering industry at 150%. The Media and Publishing industry were also among those at highest risk, with a 129% heightened risk compared to other verticals. more