High Technology Threat Brief (HTTB)

Debate: The evasiveness of Flame may have been what prevented August 01, 2012 Mikko Hyppönen, chief research officer F-Secure When Flame malware became front-page news, we went digging through our collections for related samples. We were surprised to find out that we had samples of Flame already from 2010, sent to us via automated systems. They had been classified as clean. So, we missed Flame for two years. Cyber romance scams cost US victims $50 million in 2011 A recent report about internet crime finds that lonely, middle-aged or elderly people, mostly in the US, are suckers for a good romance scam. We - and when I say "we", I mean "people who aren't me", because I lost nothing to online dating in 2011 but did gain a really nice red umbrella on a first date - thought that we were dating decent, nice people, and we accepted the flowers, the poetry, and the declarations of undying love.. ..and it all wound up costing us a total of $50.4 million. That's the total reported losses from a collection of 5,663 romance-specific complaints.

The evolving threat landscape - from mischievous attacks to cyber war and espionage July 30, 2012 The evolving threat landscape - from mischievous attacks to cyber war and espionage Cyber attacks are becoming increasingly visible to the public, with high-profile breaches and ongoing commentary from large organisations such as Google and the UN frequently making headlines. When it comes to cyber crime, we are currently seeing a shift from unwitting individuals being targeted for relatively low financial gain (i.e. through credit card fraud) to large corporations or indeed governments being hit due to the high pay-off intellectual property (IP) and sensitive information that they hold. Jail for man who tricked women into taking hacked webcams into shower Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Hi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. Already using Google+?

Group builds Twitter path to senators in Cybersecurity Act fight Powered by an interactive tool deployed by the Electronic Frontier Foundation, opponents of the Cybersecurity Act of 2012 are filling the Twitter streams of U.S senators in a crowd-sourcing move reminiscent of the outcry against anti-piracy legislation earlier this year. The tool, available on a site called Stop Cyber Spying, has users enter their zip code and click a button that says “Find my Reps.” Users are presented with a field to enter a Tweet or use pre-crafted Tweets addressed to their senator’s Twitter handle. “We are hearing from contacts in DC that they are getting Tweets much faster than phone calls,” said Rainey Reitman, activism director at the EFF. "They are saying we are having an impact." Reitman did not have numbers on how many Tweets have been sent since the tool went live over the weekend.

ICS-CERT report, a worrying increase of cyber attacks It’s been long debated the need to protect critical infrastructures from cyber attacks, cyber threats could hit foreign countries causing loss of human lives identically to a conventional attack. Don’t forget that similar attacks con be organized by state-sponsored hackers or cyber criminals with the different purposes, target destroying or cyber espionage. Emergency Response Teams of every country are approaching the problem, they are working to complete a census of the structures examining their safety level, these groups of works are also working on awareness programs and information sharing, key activities to mitigate the risks. Recently the U.S.

Mahdi Malware: Another Middle East Cyber-Weapon Threat? Another piece of Trojan malware has infected computers across the Middle East, especially in Iran and Israel. Called Mahdi, it is replete with Islamic theological references along with uses of the Farsi langauge, which is spoken in Iran. More substantively, the Mahdi malware also records keystrokes and steals files and images. Database security: At rest, but not at risk Database security is starting to show up on the radar of C-level execs, and no wonder. According to Verizon's "2012 Data Breach Investigations Report," 174 million corporate records were compromised in 2011 (the highest since 2004, according to the company), and in a survey by the Independent Oracle Users Group, 31 percent of respondents anticipated a major data breach this year. At the same time, most companies are still fairly low on the database security maturity curve, and so are just beginning to shift their attention from protecting the corporate borders to guarding the corporate jewels.