Articles tagged with: other security
Russia cybercrime market doubles in 2011, says report
Russian-speaking criminals grabbed more than a third of the entire global cybercrime market in 2011 as a growth in online fraud activity turned the country into a major digital crime superpower, a new report has suggested.
The State and Trends of the Russian Digital Crime market 2011 from Russian security research company Group-IB estimates (using public and partner data) that the global cybercrime market reached around …
US cyberthreat bill, CISPA, passes key stage despite privacy concerns
The US House of Representatives has passed a cyberthreat information-sharing bill that critics say will give government agencies access to the private communications of millions of Internet users.
The House late Thursday voted 248-168 to pass an amended version of the Cyber Intelligence Sharing and Protection Act, or CISPA, even though the White House Office of Management and Budget has recommended that President Barack Obama veto …
FBI and SOCA take down websites selling stolen bank account details
Thirty-six websites used to sell stolen bank account details have been taken down following an investigation by the Serious Organised Crime Agency (SOCA).
In addition, two British men suspected of making large-scale purchases of stolen data from such sites were arrested yesterday, and the UK’s Dedicated Cheque and Plastic Crime Unit (DCPCU) seized a number of computers suspected of being used to facilitate offences under the …
Facebook teams up with Microsoft, McAfee, Symantec to sell antivirus
Facebook has teamed up with five security vendors to offer a range of free and subscription-based antivirus packages.
Microsoft, McAfee, TrendMicro, Sophos, and Symantec are now part of Facebook’s third party security providers, offering a range of antivirus packages for Windows and Mac users.
The vendors have become part of the social network’s “Facebook Security Family“, which could be a major boon for security vendors who now …
VMware Source Code Leaked, Posted Online
VMware this week acknowledged that hackers obtained access to some of its source code and posted it online, but the firm downplayed the impact of the breach.
In a statement, Iain Mulholland, director of VMware’s Security Response Center, said his firm’s security team became aware of the posting on Monday and said there is “the possibility that more files may be posted in the future.”
The documents …
House Approves Controversial CISPA Cyber-Security Bill
Though the House was not expected to vote on the controversial CISPA legislation until tomorrow, lawmakers approved the bill late on Thursday by a vote of 248 to 168.
206 Republicans voted in favor of CISPA, as did 42 Democrats, while 28 Republicans and 140 Democrats voted against it. Fifteen members did not vote. The full vote tally is available on House.gov.
CISPA now moves to the …
InfoSec 2012: IBM launches new threat analytics engine
IBM is growing its Security Systems unit with the launch of a new threat analytics appliance, which the company claims can identify suspicious behaviour in the network to protect organisations against hidden threats.
IBM launched its Security Systems division in October 2011, drawing together disparate security products developed by IBM over the previous 14 years and putting new focus on the four “mega trends” of Mobile, …
Facebook source code hacker Glenn Mangham on ‘what really happened’
Glenn Mangham, the Facebook hacker who stole the social network’s source code, has gone public with a deeper explanation of how he penetrated the website.
The 26-year-old student, of York, posted a lengthy writeup on his blog and a video, saying that he accepts full responsibility for his actions and that he did not think through the potential ramifications.
“Strictly speaking what I did broke the law …
VMware virtualisation source code stolen, but impact unclear
VMware ESX source code has been stolen and posted online, but the company says its virtualisation platform doesn’t necessarily pose an increased risk to customers.
The stolen code amounts to a single file from sometime around 2003 or 2004, the company said.
“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers,” according …
Nissan says hackers stole user IDs and hashed passwords
Nissan has found malicious software on its network that stole employee user IDs and hashed passwords, but said that no personal information or emails appeared to have been compromised.
The car company released a statement on April 20, one week after the intrusion was detected. Jeff Kuhlman, Nissan’s head of global communications, said that Nissan delayed disclosing the breach sooner in order to cleanse its network …
O2 launches mobile wallet service in the UK
Mobile operator O2 has launched a mobile wallet service to compete with rival mobile payment systems from the likes of Barclays, Google and PayPal.
The new service, called O2 Wallet, allows consumers to transfer money across any network, make online purchases and conduct price comparisons by scanning product barcodes in shops. Users can also get daily discounts from retailers such as Debenhams, Comet, Sainsbury’s Direct, and …
UK businesses face weekly cyber attacks
Large organisations in the UK have been hit with an average of 54 cyber attacks over the last year, with 15 percent admitting to have had their networks successfully penetrated by hackers.
In a survey of 447 organisations conducted by PwC, 70 percent of large organisations said they had detected significant attempts to break into their networks, and one in seven detected hackers within their systems …
Google boosts Vulnerability Reward Program bounties to $20,000
Google has raised the bounties it pays independent researchers for reporting bugs in its core websites, services and online applications to $20,000.
The search giant boosted the maximum reward from $3,133, and also added a $10,000 payment to the programme.
The Vulnerability Reward Program will now pay $20,000 for vulnerabilities that allow remote code execution against google.com, youtube.com and other core domains, as well as what …
Securing your business in the cloud
This article is part of the Business IT Series in association with Intel
Opinion
Securing your business in the cloud
Published: 14:44, 23 April 12
Any IT professional who has heard “send it to my Gmail” echo across the office will know how impossible it is to keep employees from using outside applications for work when those provided don’t quite meet their needs.
The odd email may not be the …
One in five Apple Macs harbour PC malware
A recent security scan of 100,000 Apple Macs found that almost three percent were infected with Mac-capable malware including the recent Flashback Trojan, security company Sophos has reported.
All told, 2,700 machines showed evidence of infection, three quarters of these being infected by Flashback (or Flashflake), a piece of Java-based malware that probably ranks as the first significant global Apple malware outbreak yet recorded.
In second place …
India overtakes US as the world’s leading source of email spam
More email spam originated from India during the first three months of 2012 than from the US, making the south Asian country the world’s leading spam source.
Security firm Sophos said that India was responsible for 9.3% of global email spam traffic seen from January to March, according to their latest Dirty Dozen report, which lists the top 12 countries from which most spam originates.
The US, …
‘Nuke the box’
A campaign is underway to clean up as many as 300,000 computers infected with DNSChanger viruses that divert victims’ traffic to sites that can further exploit the machines and their owners, but it’s not clear that goal can be accomplished without drastic measures.
If a machine is infected with DNSChanger, that infection is often accompanied by a rootkit that is very difficult to remove, says Jose …
Iran oil terminal network hit by mystery "worm"
Iran appears to have has suffered a cyberattack that has disrupted and possibly damaged state websites and caused the facilities at the country’s key Kharg Island oil facility to be disconnected from the Internet, news agencies are reporting.
The Iranian Mehr news agency briefly said that the Iranian Oil Ministry, the National Iranian Oil Company which control the huge oil production terminal had been targeted by …
IT comparison site comparetheware.com launches at InfoSec
Comparetheware.com, a new IT search portal that enables businesses to research and compare technologies and find suppliers, has launched at the InfoSecurity conference in London today.
The website aims to help any organisation that needs to make an IT purchase to research the product, compare specifications and prices, ask for quotes and find a “trusted supplier” that will not only supply the product but also install …
Guardian Analytics launches mobile banking fraud detection tool
Guardian Analytics launched FraudMAP Mobile this morning, a product for financial institutions that detects possible fraudulent online banking transactions executed with a mobile device.
FraudMAP Mobile is an extension of the security vendor’s FraudMAP Online product for desktop computers, which studies how a bank’s customer uses an online banking site.
The software, which runs on a bank’s servers, creates a mathematical model for how a person normally …
GoldKey Lite Token with Built-In Flash
You don’t enter a password to start your car—you just stick in the key and go. GoldKey Lite Token with Built-In Flash ($89 direct for 8GB unit) lets you start your computer in the same way. Insert the USB device to log in, pull it out to put Windows into lockdown. That’s just one of the many security and encryption features packed into this tiny …
Contradicting Earlier Reports, Flashback Malware Infections Still High
Flashback infections are increasing! Flashback infections are decreasing! Flashback infections are staying the same!
So which is it?
Here’s the backstory: As we reported previously, Mac users have been hit with a nasty bit of malware that requires absolutely nothing on their part save for visiting malicious websites in order for Flashback to enter their systems. It’s easily preventable, so …
Don’t Lose the Internet in July! FBI Repeats DNSChanger Warning
If you’ve still got DNSChanger on your computer, you could be in for a frustrating summer. The FBI has repeated a warning that as many as half a million computers still infected with the malware could lose their Internet connections on July 9 because the agency is shutting down an expensive workaround to the problem.
The FBI has been running DNS servers since last year to …
Tech experts rubbish government web snooping tactics
The UK government’s proposal to separate communications data from content, as part of new plans to allow intelligence services to monitor all internet activity, is infeasible according to a panel of technology experts.
Speaking at the ‘Scrambling for Safety‘ conference at the London School of Economics yesterday, Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, said that the distinction between traffic …
Twitter spammers infect users with fake antivirus programs
A large spam campaign observed on Twitter during the last couple of days directed users to malicious websites that exploited vulnerabilities in browser plug-ins to infect their computers with rogue antivirus programs, according to security researchers from antivirus firm Kaspersky Lab.
While monitoring the spam campaign for several hours, Kaspersky’s researchers counted 4,148 tweets containing malicious links being sent from 540 compromised Twitter accounts.
“Our analysis is …
Tory MP calls for RIPA powers to be revoked
Conservative party MP David Davis has said that the powers of unwarranted intelligence, surveillance and interception granted in the Regulation of Investigatory Powers Act 2000 (RIPA) should be revoked.
Speaking at the ‘Scrambling for Safety’ conference at the London School of Economics (LSE) yesterday, Davis slammed the government’s plans to allow intelligence services to monitor all internet activity in real time, claiming that most ministers “do …
