Small Is Beautiful for Cyber Criminals
Hackers are increasingly targeting small companies for cyber-attack and the amount of malware directed at mobile operating systems is rapidly escalating, according to Symantec’s Internet Security Threat Report for 2012. The report, issued last month, said half of all targeted attacks last year were aimed at businesses with fewer than 2,500 employees. The largest growth area for targeted attacks was … Read more
Posted in Network Security, Security Management, Security Threats
Tagged Cyber Attack, malware, Security Threat, Symantec
Leave a comment
Commission Calls For ‘Aggressive’ Anti-Hack Laws
A high-level commission into the theft of US intellectual property (IP) has made wide-reaching recommendations on tightening cybersecurity, including “aggressive” changes to the law to bring it up to date with rapidly evolving computer crime. The Commission on the Theft of American Intellectual Property, chaired by former director of national intelligence Dennis Blair and former ambassador to China Jon Huntsman, … Read more
Posted in Security Threats
Tagged cyber attacks, cybersecurity, Network Security, security awareness
Leave a comment
Cyber Attacks on Critical Infrastructure Could Cause Disaster
Critical infrastructure in the US – including the energy sector with its nuclear power facilities – is increasingly coming under cyber attack from hostile nations and a range of other hackers, with potentially disastrous consequences. The warning was issued earlier this month by Charles Edwards, deputy inspector general of the Department of Homeland Security (DHS), who emphasized the need for … Read more
Stuxnet May Have Been a Flop, Report Says
A new report published by a respected British think tank has challenged the conventional wisdom that the Stuxnet worm was a major setback to Iran’s nuclear ambitions. Ivanka Barzashka, a researcher in the Department of War Studies at King’s College London, said in the report – based largely on data from the International Atomic Energy Agency (IAEA) – that Stuxnet … Read more
Possible Stuxnet Defense Developed
Researchers at North Carolina State University (NCSU) have developed an innovative way of protecting networked control systems from cyber attack – raising the possibility of a defense against Stuxnet-type sabotage. A release from NCSU (http://news.ncsu.edu/releases/wms-chow-dncs/) said Dr. Mo-Yuen Chow and PhD student Wente Zeng had created an algorithm that detects and isolates cyber attacks on systems of the kind used … Read more
On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 2
In Part 1 of this post about the DMARC (Domain-based Message Authentication, Reporting and Conformance) standards for digital messaging integrity, Alec Peterson of Message Systems and Sam Masiello of Groupon, both representing DMARC.org, gave us great information about the new technical specification designed to reduce the phishing abuse of known and controlled domains. Today we pick up where we left … Read more
Posted in Security Management, Security Threats, Uncategorized
Tagged DMARC, email security, phishing
Leave a comment
Incapsula: WordPress Default Setting Opens up Sites to DDoS Exploit
Popular content management system WordPress is harboring a default setting that is making is susceptible to compromise, according to recent research. Gur Shatz, CEO of IT security vendor Incapsula, wrote in a blog post that a recent Distributed Denial of Service (DDoS) attack mitigated by his firm exposed this vulnerability. “These sites were not compromised, taken over, or rooted. Instead, … Read more
APWG: Nearly Half of All Phishing Attacks Leveraged Hacked Hosting Providers
Hacked hosting providers are becoming a fertile launch pad for new phishing attacks, accounting for nearly half of all phishing incidents during the second half of 2012, according to new research from the Anti-Phishing Working Group (APWG). The fact that these phishing attacks are increasing is not surprising, since based on earlier reports spear phishing is the main way cyber … Read more
Posted in Security Threats, Uncategorized
Tagged APWG, email security, spear-phishing
Leave a comment
FSOC: Financial Regulators Warn of Ongoing Cyber Attacks
The federal government issued a strong warning to the financial services sector: Beware of cyber threats, according to the recently released 2012 Financial Stability Oversight Council (FSOC) report. The FSOC report, which fulfills a Congressional mandate to describe “significant financial market and regulatory developments, analyze potential emerging threats, and make certain recommendations,” found cyberattacks to be a significant “operational risk.” … Read more
Posted in Security Threats, Uncategorized
Tagged DDoS, distributed denial-of-service attacks, federal, FSOC
Leave a comment
On Your DMARC, Get Set, Go! Putting Integrity into Your Email Security Policy, Part 1
What are you doing to make the integrity of your corporate email/messaging an integral part of your information security policy? If you don’t have a definitive answer for this question, then read on. I’ve got some great advice from experts on the topic that you can take action on today to protect your company’s brand. I recently interviewed Alec Peterson, … Read more
Posted in Security Management, Security Threats, Uncategorized
Tagged DMARC, email security, phishing
Leave a comment
