Top Story
Norman probe finds India as likely source of extensive APT hacks
May 23, 2013 | Comment on this post
SEATTLE – A multi-national cyberspying onslaught, carried out over three years against companies and agencies in a dozen nations, has been uncovered by Norwegian security vendor Norman Shark and San Diego-based antivirus maker ESET.
Here’s the big twist: the perpetrators appear to operate from India. Norman’s principal security researcher, Snorre Fagerland, lays out the case that an elaborate spying botnet, controlled out of India, is the wellspring …more
Why mobile devices are weakest link
May 21, 2013 | Comment on this post
(Editor’s note: Mobile devices have become a primary targets for hackers and cyber criminals. In this guest essay, Rainer Enders, CTO of Americas at NCP engineering, explains why they’ve become the a weak link in network defenses.)
Mobile technology companies focus first and foremost on consumers rather than the corporate market. As such, most mobile operating systems lack many of basic security features. What’s more, with so many models from myriad manufacturers running on different versions of a platform such …more
Five steps to protect your small business
May 20, 2013 | 1 Comment
(Editor’s note: One of many proof points that small businesses are being heavily targeted by cybercriminals comes from Verizon’s 2013 Data Breach Investigations Report, in which three-quarters of the cases investigated occurred at companies with 100 employees or less. In this guest essay, Tim Francis, Enterprise Cyber Lead for Travelers Bond & Financial Products, offers small business owners a few pointers.)
By Tim Francis
There is little doubt that small businesses face a growing cyberthreat – and hackers are not showing …more
3 must-do steps to recover from a phishing scam
May 17, 2013 | 1 Comment
It’s a sinking feeling, when you realized you’ve been had by a phishing scam. In the frenetic digital world we live in, it can happen to anyone.
So you’ve clicked on a link that now seems very suspicious. You’re concerned that the bad guys may be in control of your computing device. Or perhaps you’ve typed some account information into a web form , and you’re having second thoughts about the authenticity of the form.
Recovering will require work. Here are …more
How a best-practices registry could make cloud much safer
May 17, 2013 | Comment on this post
(Editor’s note: Formed in 2008, the Cloud Security Alliance is a not-for-profit coalition of senior executives and cybersecurity experts formed to promote the use of best security practices for cloud computing. CSA members who contributed to this essay include: Dave Cullinane, CISO, eBay; Alan Boehme, Chief of Enterprise Architecture, Coca-Cola; Paul Kurtz, former member of the White House Security Council; Jerry Archer, EVP and CSO for Sallie Mae; Nils Puhlmann, former CSO, Zynga.In this guest essay. CSA executive director, …more
Why the burden remains on consumers to dodge phishing scams
May 17, 2013 | Comment on this post
SEATTLE – Phishing continues to plague Internet users. Walmart on Thursday issued an alert about an e-mail phishing ruse, recognizable by the misspelling in the from field — “Wallmart,” spelled with with two Ls.
Phishers rely on social engineering to trick Internet users into quickly clicking on a tainted attachment or infected web link.
The …more
Feds upgrade alert on destructive Shamoon virus
May 16, 2013 | Comment on this post
It’s been 9 months since the milestone Shamoon virus wreaked havoc at Aramco. Shamoon was not designed to steal data. Nor was it just another garden variety denial of service attack, intended to disrupt and embarrass. Shamoon’s express purpose was the crippling the Saudi Arabian national oil and natural gas company. It accomplished its mission, destroying data on some 30,000 desktops and servers at the oil company.
The …more
Pixeljacking is latest way to defraud advertisers
May 15, 2013 | 1 Comment
(Editor’s note: One lucrative cybercrime involves directing a botnet – a network of infected PCs – to click on ads, and thus generate payments from the advertiser to the controller of the botnet. In this guest essay, Gurbaksh Chahal, founder and CEO of RadiumOne, outlines a variation on this caper, known as pixeljacking.)
By Gurbaksh Chahal
The hallowed halls of social media are no longer safe. Not when the operators of botnets like Chameleon are able to systematically steal $6 million …more