Blog

US prosecutors have launched what they say is the country’s largest ever hacking fraud case.

Five men in Russia and Ukraine have been charged with running a hacking operation that allegedly stole more than 160 million credit and debit card numbers from a number of major US companies over a period of seven years.

Losses from the thefts amounted to hundreds of millions of dollars.

Corporate victims included Nasdaq, Visa, Dow Jones and JC Penney.

Paul Fishman, US Attorney for the District of ...

Over the years, I have heard variations of the thought that is roughly: “I don’t have to secure these systems because they will be reset tomorrow”. I used to hear this from kiosk vendors and libraries, but I now hear it from organizations that are rolling-out Virtual Desktop Infrastructure (VDI) and public cloud initiatives.

It is a risky – but very real -assumption that the primary advantage of virtualization and cloud is ‘disposable computing’, and related to that, all of the problems of ...

Traditional Security Technologies Focus on Detecting Strong Indications of Compromise, but Can’t Identify Weaker Indications of Compromise…

We all know that advanced attackers have the resources, expertise and persistence to compromise any organization, at any time; attackers fundamentally understand the nature of classic security technologies and their applications and exploit the gaps between them. They relentlessly drive their attacks home, frequently using tools that have been developed specifically to circumvent the target’s chosen security infrastructure. Once they penetrate the network they ...

South Korea’s defense ministry is banning its employees from using the camera and Web connectivity functions on their smartphones when used within the ministry’s building, in a move to prevent potential military data leaks.

Under the ministry’s newly implemented mobile device management plan, its staff will be required to install a smartphone app which deactivates certain smartphone fuctions such as Internet connectivity and camera while they are inside the ministry building in the country’s capital Seoul, Yonhap News Agency reported on Wednesday.

Employees will ...

China sees rise in international Trojan and botnet attacks

China saw an increase in Trojan and botnet attacks coming from other countries in 2012, as the amount of mobile malware in the country also surged, according to a local security group.

During the year, a total of 73,000 Trojan and botnet command-and-control servers had hijacked 14.2 million host machines in ...

SQL injection, phishing, watering holes – the usual

The Department of Homeland Security, via its ICS-CERT group, is reporting growing attacks against critical infrastructure with the energy sector leading the way.

Its most recent ICS-CERT Monitor report states that of more than 200 incidents it investigated between October 2012 and May 2013, 53 percent were in the energy sector. This far outstripped attempts to attack “critical manufacturing” facilities at 17 percent, while the transport and communications sectors could only manage to attract ...

A federal hearing today on NSA surveillance programs leaked by former NSA contractor Edward Snowden produced some interesting numbers about the scope of the data collections and other issues. We’ve produced a roundup below of some of the interesting stats and intelligence gleaned from the discussion.

The hearing, before Congress’s ...

Former NSA contractor Edward J. Snowden, currently on the run, has set a precedent which may hamper future whistleblowers in the United States.

Once the now-fugitive leaked details about surveillance on American citizens to the media, Snowden went on the run — moving from Hong Kong to Russia over the weekend — and is expected to attempt ...