Cyberattack

Cyberattack / News Briefs

ICANN Website Breached, Passwords Obtained by an Unauthorized Person

Usernames/email addresses and encrypted passwords for profile accounts created on the ICANN.org public website have been obtained by an unauthorized person, the Internet Corporation for Assigned Names and Numbers announced Wednesday night. more»

US Army Site Hacked as Obama Vows 'Aggressive' Response to Cyberattacks

The US Army was forced to close down its official website yesterday after it was defaced by the Syrian Electronic Army hacker group. The news came as US President Barack Obama promised Washington will become more 'aggressive' in defending itself against cyber-attacks. more»

Record Number of Malware Variants Detected in Q4 of 2014, Retail/Service Most Targeted

During the 4th quarter of 2014, a record number of malware variants were detected -- an average of 255,000 new threats each day, according a recent report by Anti-Phishing Working Group (APWG). The group further reports that the number of unique phishing reports submitted to APWG during Q4 was 197,252 -- an increase of 18 percent from the 163,333 received in Q3 of 2014. more»

UK Power Grid Under Minute-by-Minute Cyberattack

A senior government figure says that the UK's power grid is under "minute-by-minute" attacks from computer hackers but information security experts aren't so sure. Conservative MP James Arbuthnot chaired the Defence Select Committee up until last year and said that the National Grid is facing cyberattacks every minute. He plans to visit the National grid next month to discuss the issue. more»

South Korea Receives Nuclear Plan Cyberattack Threats, Takes Emergency Measures

South Korea's nuclear operator and the energy ministry is keeping emergency teams on stand-by to the end of this year in case of any cyberattacks on nuclear plants as threatened by a hacker... The company and the ministry set up emergency teams on Wednesday after a hacker demanded the shutdown of three reactors by Thursday, threatening, in Twitter messages, "destruction" if not. more»

ICANN Targeted in Spear Phishing Attack

In an announcement on Tuesday, ICANN reports that it is investigating a recent intrusion into its systems. The agency believes a "spear phishing" attack was initiated in late November 2014. It involved email messages that were crafted to appear to come from its own domain being sent to members of its staff. more»

DNS Based DDoS Attacks Using White House Press Releases

Akamai has issued a security bulletin about a new form of Domain Name Service-based distributed denial of service (DDoS) attacks that emerged in October, attacks that can significantly boost the volume of data flung at a targeted server. The method builds upon the well-worn DNS reflection attack method used frequently in past DDoS attacks, exploiting part of the DNS record returned by domain queries to increase the amount of data sent to the target -- by stuffing it full of information from President Barack Obama's press office. more»

Former DHS Chief Teaming Up With Insurance Giant Lloyd's of London to Sell Cyber Insurance

Cyberattacks like the ones that hit JPMorgan Chase, Home Depot and Target only seem to be getting worse, and former Homeland Security Secretary Tom Ridge has one way for companies to protect themselves. more»

TCP Stealth Aims to Keep Servers Safe from Mass Port-Scanning Tools

TCP Stealth, an IETF draft authored by Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn, describes an easily-deployed and stealthy port knocking variant. "TCP Stealth embeds the authorization token in the TCP ISN, and enables applications to add payload protections. As a result, TCP Stealth is hard to detect on the network as the traffic is indistinguishable from an ordinary 3-way TCP handshake, and man-in-the-middle attacks as well as replay attacks are mitigated by the payload protections. TCP Stealth works with IPv4 and IPv6."
 more»

DDoS Attacks Shutdown Several World Cup Websites

Various websites associated to the World Cup have been struck by a distributed denial of service (DDoS) attack ahead of the tournament's opening match on Thursday. The official government World Cup website has been down for more than a day, as well as the websites of some host states. more»

Popular RSS Reader Feedly Suffers Back to Back DDoS Attacks, Held for Ransom

Popular RSS reader Feedly has been hit by major distributed denial of service (DDoS) attacks beginning 2:04am PST on Wednesday causing the service to be completely down for several hours two days in a row. (Second attack still undergoing as of the time of this post.) more»

Paul Vixie on How the Openness of the Internet Is Poisoning Us

In a video interview conducted during the NSCS ONE conference, Paul Vixie CEO of Farsight Security further discusses the topic of his presentation titled: "Defective by Design -- How the Internet's Openness is Slowly Poisoning Us". more»

European Standardization Organizations Discuss Role of Standards for EU Cybersecurity Strategy

Delegation from the European Standardization Organizations (ESOs) - CEN, CENELEC and ETSI - met with Neelie Kroes, the Vice-President of the European Commission responsible for the Digital Agenda, in Brussels yesterday (2 April 2014) discussing how to maximize the positive contribution that standards can make to enhancing internet security and protecting personal data, in order to support the successful implementation of the EU Cybersecurity Strategy. more»

Widespread Compromised Routers Discovered With Altered DNS Configurations

A widespread compromise of consumer-grade small office/home office (SOHO) routers has been discovered by threat intelligence group Team Cymru. According to the report, "attackers are altering the DNS configuration on these devices in order to redirect victims DNS requests and subsequently replace the intended answers with IP addresses and domains controlled by the attackers, effectively conducting a Man-in-the-Middle attack." more»

Significant Uptick Reported in Targeted Internet Traffic Misdirection

Jim Cowie of Renesys reports: Traffic interception has certainly been a hot topic in 2013. The world has been focused on interception carried out the old fashioned way, by getting into the right buildings and listening to the right cables. But there's actually been a significant uptick this year in a completely different kind of attack. more»