-
Topics
-
Blogs
-
News
-
Community
-
Industry
The Japanese Defense Ministry is creating a computer virus capable of tracking, identifying and disabling sources of cyberattacks, according to reports. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment. "The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus." more»
Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more»
South Korea's ruling party chairman has offered to resign over a cyberattack reported to have been orchestrated by an aide to one of the conservative party's lawmakers. The move comes after police concluded the distributed denial-of-service (DDoS) attacks on the election watchdog's website on the day of by-elections in October was masterminded solely by a 27-year-old aide to the ruling Grand National Party. The aide has also admitted to orchestrating a similar cyberattack on the website of Park Won-soon, who was elected Seoul mayor in the Oct. 26 elections. more»
The United States White House Office of Science and Technology Policy (OSTP) has released a new report titled, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program, specifying an agenda for "game-changing" cybersecurity R&D according to an official announcement today. The report is described as "a roadmap to ensuring long-term reliability and trustworthiness of the digital communications network that is increasingly at the heart of American economic growth and global competitiveness." more»
The FBI is warning that computer crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists. The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan called 'Gameover.'" more»
Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more»
Fabio Assolini of Kaspersky Lab report: "In the past few days several Brazilian ISPs have fallen victim to a series of DNS cache poisoning attacks. These attacks see users being redirected to install malware before connecting to popular sites. Some incidents have also featured attacks on network devices, where routers or modems are compromised remotely. Brazil has some big ISPs. Official statistics suggest the country has 73 million computers connected to the Internet, and the major ISPs average 3 or 4 million customers each. If a cybercriminal can change the DNS cache in just one server, the number of potential victims is huge." more»
The first joint cyber security exercise between the EU and US is being held today in Brussels, with the support of the EU's cyber security Agency ENISA and the US Department of Homeland Security. The day-long table-top exercise, named "Cyber Atlantic 2011", is using simulated cyber-crisis scenarios to explore how the EU and US would engage each other and cooperate in the event of cyber-attacks on their critical information infrastructures. more»
According to reports today, hackers have attacked Palestinian servers, cutting off phone and Internet service across the West Bank and Gaza. Foreign governments are accused to be behind the attack. "Since this morning all Palestinian IP addresses have come under attack from places across the world," said the Palestinian communications minister today. Reneys reports these outages are the largest observed all year for this country, which normally has a fairly stable Internet. more»
New security report has revealed at least 48 companies involved in research, development, manufacturing of chemicals and advanced materials have been victims of a coordinated cyberattack traced to a source in China. The purpose of the attacks, code named Nitro, appear to be industrial espionage, collecting intellectual property for competitive advantage, according to Symantec. more»
Shawn Henry, FBI's executive assistant director says computer networks that control power plants and financial systems will never be secure enough, so government and corporate leaders should consider developing a new, highly secure alternative Internet, according to an AP report. "We can't tech our way out of the cyberthreat. The challenge with the Internet is you don't know who's launching the attack." A key step, he said, would be to develop networks where anonymity is not an option and only known and trusted employees have access. more»
Virus researchers at Symantec Corp. have revealed a variant of the Stuxnet worm, named Duqu, that is found to be stealing information about industrial control systems. Symantec reports: "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility... Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose." more»
U.S. securities regulators formally asked public companies for the first time to disclose cyber attacks against them, following a rash of high-profile Internet crimes. The Securities and Exchange Commission issued guidelines on Thursday that laid out the kind of information companies should disclose, such as cyber events that could lead to financial losses. more»
SSL replacement proposal made by security expert Moxie Marlinspike, last August at the Black Hat Conference (called 'Convergence'), is gaining some momentum, particularly after the recent hacker attacks on DigiNotar, GlobalSign, Comodo and other SSL certificate authorities that have resulted in fake certificates coming into use on the web, including a fake Google certificate, since revoked. more»
The U.S. departments of Commerce and Homeland Security (DHS) has met with other agencies and private-sector leaders in the information technology industry discussing the need to create a voluntary industry code of conduct to address the detection and mitigation of botnets. The meeting, hosted by the Center for Strategic and International Studies (CSIS), included topics such as the problematic and at time controversial issue of notifying individuals whose computers have been infected with malware and are part of a botnet. more»
