Uncategorized
Cybercriminals having easy time breaching corporate networks
July 28, 2010
LAS VEGAS — Verizon today issued its annual Data Breach Investigation Report, timed for the opening day of the giant Black Hat cybersecurity convention here in the Nevada dessert.
It’s not widely known that the telecom giant is home to a crack cybersecurity forensics team. Over the past half dozen or so years, Verizon’s cybersleuths have been retained by large organizations to probe more than 900 separate cases of …More
FBI investigates iPad-AT&T breach as blame game plays out
June 11, 2010
Security experts have begun parsing the blame for the iPad-AT&T security breach that exposed the email address of some high-profile users.
Meanwhile, the FBI has launched an official investigation of a caper in which the perpetrators — greyhat researchers calling themselves Goatse Security – freely claim responsibility for the attack.
“We believe what we did was ethical,” Goatse member Escher Auernheimer told PC World’s Greg Keizer in …More
Why it is all too easy to become a cybercriminal
February 19, 2010
The disclosure of Operation Aurora last month and the outing of the Kneber botnet gang’s stolen booty this week have much in common.
Both involved nothing-out-of-the-ordinary cyberattacks that quixotically rose above the din to grab international headlines.
The mainstream attention is welcomed. It helps to underscore how the Internet underground has advanced to the point where a plethora of powerful hacking tools and services is readily available to …More
American Bankers Association’s warning to small firms comes as a surprise
January 6, 2010
My editors were not the only ones surprised that the very conservative American Bankers Association has come out with a warning for small and mid-sized businesses cautioning them to only use a dedicated PC for online banking.
Jennifer Bayuk was also shocked. Bayuk is the former chief information security officer at Bear Stearns. She is well-known and well-respected as a security consultant, speaker and author on tech security …More
Apple iPhone worm turns phones into bots
November 23, 2009
A malicious Apple iPhone worm — designed to turn jail-broken iPhones into bots — proves, yet again, that cybercriminal are as predictable as Seattle rain.
This iPhone worm appeared over the weekend, arriving less than two weeks after a 21-year-old Australian researcher, Ashley Towns, released the Ikee worm — the prototype for this new type of attack.
You may recall Towns cleverly changed the wall paper of iPhones he …More
Finally — a solid measurement of the scale and scope of cyber attacks
September 16, 2009
Metrics precisely quantifying the scale and scope of cybercrime activity have historically been hard to pin down. But now comes a milestone survey, buttressed by another report, that defines the degree to which the Web is infested with malicious code.
The SANS Institute’s report on Top Cyber Risks is by far the most comprehensive accounting of ongoing cyber attacks ever made public. SANS is the well-respected Washington D.C.-based tech security …More
SMB2 zero-day flaw could expose Vista PCs to Conficker-like worm attack
September 9, 2009
Microsoft has just disclosed that the SMB2 zero day vulnerability — for which no patch exists — is remotely exploitable.
The software giant is raising a bright red flag because this affects all Windows Vista and certain Windows Server 2008 PCs.
I’ve begun polling some top security researchers and analysts about the go-forward implications of advisory no. 975497 just issued by Microsoft.
The backdrop: Independent researcher Laurent Gaffie earlier this week took credit for discovering — and publicly disclosing — the …More