Easily available tools, botnets contribute to DDoS rise. August 03, 2012 Distributed denial-of-service (Doz) attacks against websites or web services continue to grow in volume and complexity, and are also increasingly being used as a distraction from other criminal activities, security firm Arbor Networks warned this week.
Dem senator pushes measure to make concealing data breaches a crime. Sen.
Patrick Leahy (D-Vt.) is pushing for an amendment to a cybersecurity bill that would make it a crime for a company to hide a data breach from its customers. Under the legislation, anyone who purposefully conceals a data breach that causes financial damage could face up to five years in prison. Other amendments offered by Leahy would set a national standard for companies to notify their customers in the event of a data breach and would require businesses that store consumers' sensitive personal information to establish data security programs. Many states already require that firms notify their customers following a data breach, but the standards vary by state, and there is no national requirement. One-quarter of websites examined by testing service were malicious.
The fuel that drives global cybercrime. Karine de Ponteves is a FortiGuard AV analyst with Fortinet.
Hacker-smasher: White hats join forces to build bot-beating weapon. High performance access to file storage Open ... and Shut In Hollywood, the good guys nearly always win.
In information security, the bad guys ("black hats") often win, in large part because the bad guys know how to collaborate much better than the good guys ("white hats"). Until now. From Lulzsec to Chaos Computer Club, hackers increasingly band together to spring sophisticated attacks on websites, mobile applications, and more, while the white hats have mostly failed to coordinate a robust defence. In a sign that the white hats are getting their act together, a variety of initiatives have sprung up to turn information security ("InfoSec") into a group activity, with the latest being Incapsula's BotoPedia online, community-sourced directory of web robots ("bots").
After all, the black hats learned to get along and share years ago. Mariposa Botnet: Iserdo on Trial. Spread the word about Defence Intelligence.
Sharing is caring. Slovenia is more than a beautiful European country. Surrounded by Austria, Hungary, Croatia and Italy, it offers a fascinating history, from their celebrated wines and prehistoric caves to their majestic castles. They have a strong showing at the London Olympic Games too, receiving four Olympic medals to date: one gold, one silver and two bronze. (They have the best per capita medal of the 59 countries that have medals.) Security News and Data Breach Roundup — July Edition. Home « News « IT Security and Data Protection « Security News and Data Breach Roundup — July… July has proven to be an interesting month in the IT / Information Security world.
Over the past 30 days, we have seen large-scale security leaks, the lack of strong passwords used by companies and individuals alike, new conversations brewing for Chief Information Security Officers (CISO’s) as security evolves and hackers become more of a threat, the shortcomings of the newly enacted data breach bill, and how new online tools and software may be sub par for today’s standards. Below are the some interesting articles covering topics related to information technology. Fujitsu starts field trials of technology to nix phone scams – Gizmag. Is iCloud's 'Epic Hack' a game changer? Recent breaches at DropBox, Amazon and iCloud have raised new concerns about the security of personal data stored on cloud services.
But there are two sides to every story. Apple co-founder Steve Wozniak expressed his concerns about the cloud to the Associated Press fearing that consumers have signed away content they would otherwise own after buying and warned of horrible problems the could result after migrating to the cloud: Anonymous Ethical code. Back to the origins. Several months ago I wrote on the future of the famous group of hacktivism , Anonymous explaining that the model the originated the movements was evolving in unpredictable way due the large consensus of the hackers and possible infiltration made by law enforcement and governments.
Business lessons learned in iCloud hack. The recent Apple iCloud hack that caused a veteran tech journalist a lot of misery has several lessons for businesses whose employees are also taking advantage of the convenience of cloud services.
Last Friday, hackers raised Cain after getting into Wired writer Mat Honan's Gmail, iCloud, Amazon.com and Twitter accounts. Access to Honan's iCloud account let the miscreants wipe all data from Honan's iPhone, iPad and MacBook Pro. Hijacking his Twitter account let them broadcast racist and homophobic messages under his handle. Cybercriminals eye gold with Olympic Games scams. The public's appetite for scandal around the world is practically insatiable.
Not surprisingly, cybercriminals try to take advantage of it, especially during an event like the 2012 Olympic Games. But the good news, say experts, is that the bulk of the scams are unsophisticated, looking to take advantage of so-called "low-hanging fruit. " One of the more recent, discovered by security vendor Sophos, is a malware campaign that tries to snare victims with a fake scandal at the Olympics. A post by Graham Cluley on Sophos' Naked Security blog said a spam email comes with a subject line saying: "Huge scandal with the USA Women's Gymnastics Team on the 2012 London Olympics.
" The body of the email then promises salacious details about USA women's gymnastics gold-medal winner Gabrielle Douglas facing a lifetime ban after reportedly testing positive to banned diuretic furosemide. U.S. infrastructure vulnerable to attack. If it is left to the politicians, the door to the nation's utilities might be left open. Almost telling terrorists, like in those motel commercials, "We'll leave the light on for you. " The ironic part is that a terrorist attack on the nation's infrastructure would mean those lights would go out, along with other catastrophic possibilities. A cybersecurity bill has been largely declawed by Congress, leaving a watered-downed version barely alive.
A recent survey showed that security experts have little faith that government regulation will be the answer. Critical infrastructure has been defined as natural gas, electricity, water, roads and highways, air traffic, railroads and the Internet. To continue reading, register here to become an Insider. Top 3 HTML5 Vulnerability Risk Categories. Korea's Hyosung accuses manufacturer of tech theft. Korean industrial group Hyosung has accused the country's largest power-transmission components manufacturer, LSIS, of stealing its technology. According to a report Tuesday by The Korea Times, Hyosung is demanding compensation from LSIS, claiming the latter stole technology related to power transmission and control, costing it "several billions of dollars". The Seoul Metropolitan Police also are questioning four former Hyosung executives who moved to LSIS on suspicions they leaked trade secrets related to high-voltage, direct-current (HVDC) transmission technology to their new employer.
Hyosung executives told the Korean news site a former Hyosung executive, identified as Lee, had downloaded documents on HVDC technology from the company's servers to his extended hard disk drive without permission and was suspected of providing the files to LSIS. Computer glitch halts Tokyo trading. The Tokyo Stock Exchange (TSE) experienced a computer error which halted derivatives trading for 95 minutes on Tuesday, marking its second glitch in seven months.