Cyber Security Institute
News
Sunday, July 25, 2010
FTC Slaps Twitter Down Hard For Lax Security, Privacy Violations
Social networking service Twitter has agreed to settle Federal Trade Commission charges that it deceived consumers and put their privacy at risk by failing to safeguard their personal information, the FTC said yesterday. The FTC’s complaint against Twitter charges that serious lapses in the company’s data security allowed hackers to obtain unauthorized administrative control of Twitter, including access to nonpublic user information, tweets that consumers had designated private, and the ability to send out phony tweets from any account—including those belonging to then-President-elect Barack Obama and Fox News.
Thursday, May 27, 2010
Secure POS Vendor Alliance Releases End-to-End Encryption Security Requirements
The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom (NYSE: HYC), Ingenico S.A. (EURONEXT: ING) and VeriFone (NYSE: PAY) today announced the release of its End-to-End Encryption Security Requirements related to payment card data in payment card reading devices. Targeted to vendors of POS devices, this newly released framework marks a critical step toward SPVA’s mission of widespread understanding of payment security issues and the adoption of best practices. “The SPVA’s end-to-end security requirements guidelines set a baseline for the industry and represent the first step to further strengthen payment security standards globally,” said T.K. Cheung, SPVA chairman and Hypercom vice president global quality & security.
Tuesday, May 25, 2010
McAfee, Symantec add mobile security to lineup
Two well-known anti-virus software companies are expanding their reach into the security marketplace. McAfee said Tuesday that it’s buying mobile security company Trust Digital. The announcement comes about a week after competitor Symantec’s decision to pay $1.28 billion to buy a division of VeriSign that sells security technology to websites.
Monday, May 24, 2010
Guardian Analytics raises $9 million as cybercrime rates soar
As cases of cybercrime against US business bankers reach epidemic proportions, California-based banking security firm Guardian Analytics has raised $9 million in funding, led by Sutter Hill Ventures with participation by existing investor Foundation Capital.
Saturday, May 22, 2010
Google Rolls Out Encrypted Search
Google kept this one until after the Google I/O 2010 conference, but it’s certainly a big announcement. Google has now enabled SSL (Secure Sockets Layer) encryption of its search engine ensuring that any web search user’s conduct stays private. The service includes a modified logo to help indicate that you’re searching using SSL and that you may encounter a somewhat different Google search experience,” he explained. Google has started adopting https:// secure connections for some of its services, most notably for Gmail, for which SSL connections are enabled by default for all traffic.
Friday, May 21, 2010
Cloud: Does ROI Matter?
Nobody asked about return on investment during the American Revolution. Specific cloud implementations may fail or succeed. In my research on cloud ROI for our upcoming InformationWeek Analytics report, I haven’t yet found an end user that has put together a stringent return-on-investment analysis using discounted cash flow techniques. I also spoke to a bunch of cloud providers during my research. Moorman said that the enterprise users that he speaks to are chiefly focused on how organizations look at adding cloud computing to the mix of what they’re doing today in a safe way, rather than “having a big TCO debate.” He rightly points out that IT budgets and ROI studies can be maneuvered in much the same way that statistics can be—you can tell just about any story you want to if you frame it right. Crenshaw told me, “We don’t really recommend that customers do a pie-in-the-sky model that shows that IT costs are going to drop 50-60%” because, he says, “maybe it’s credible, maybe it’s not.”
Google halts deletion of Street View Wi-Fi data
Google has stopped deleting the personal data its Street View cars collected from open Wi-Fi networks, following what the company called “some uncertainty” over the deletion process. For three years, Street View cars collected Wi-Fi payload data across 30 different countries. Some countries have asked Google to delete the data - and in some cases, it has complied - while others have requested that the data be kept for the time being. “On the instructions of the Irish data protection commissioner, Google destroyed all Wi-Fi data relating to collection in Ireland,” read an open letter from Privacy International to the European privacy commissioners earlier this week. The action could be seen as collusion to destroy evidence.”
Wednesday, May 19, 2010
ARC says Cyber Security Market Driven by Risk
The Industrial Control System (ICS) market is driven by not only business risk but also by safety and environmental concerns. In addition, national risks are becoming more of a concern and entering the risk equation in the form of regulations, compliance, and the possibility of financial penalties. “ICS cyber security is extremely dynamic, requiring constant attention and quickly bringing today’s practices in question.
Tuesday, May 18, 2010
Bye-Bye Landlines, Voice Communication?
Two separate reports paint quite a picture of how the way Americans communicate has changed—with dramatic implications for how business communications will be done in the future, as well. One quarter of U.S. homes have given up their landlines and use only a cell phone, according to a new survey conducted by the National Center for Health Statistics, a part of the Centers for Disease Control and Prevention. At the same time, The New York Times reports that while almost 90 percent of households in the United States now have a cell phone, the growth in voice minutes used has stalled in favor of data communications.
AusCert 2010: Australia protected by anti-DDoS vigilantes
An informal, low-lying group of sharp minds might be the world’s best defence against Distributed Denial of Service (DDoS) attacks, but legal uncertainty is hindering their capabilities. And it is through this IT grapevine that these groups of researchers and engineers will be notified when a significant DDoS attack strikes. But according to SecureWorks malware researcher and group member, Joe Stewart, these DDoS defenders may face persecution for launching what he says are essential retailiatory attacks due to legal grey areas.
Risk of cyber-attacks growing: CSIS memo
A top secret memo written by Canada’s spy agency warns that cyber-attacks on government, university and industry computers have been growing “substantially.” The heavily censored briefing note, obtained by CBC News using Canada’s access to information law, outlines the increasing vulnerability of Canada’s energy, financial and telecommunications systems face from cyber-attackers. “Compromises of computer and combinations networks of the Government of Canada, Canadian universities, private companies and individual customer networks have increased substantially,” says the June 2009 memo written by the Canadian Security Intelligence Service.
CA unveils new cloud products and community
CA Technologies, which has changed its name from CA Inc., has launched a series of cloud computing products and services at CA World this week in Las Vegas. Cloud Commons —a collaborative community and website for IT professionals, which will help them figure out how to best use cloud computing—has been unveiled by CA Technologies. Among the website’s many features is an initiative, led by two Carnegie Mellon University researchers, for an industry-wide, globally accepted measure for calculating the benefits and risks of cloud-computing services. The researchers are seeking industry involvement via a consortium being formed with researchers from other educational institutions, end user organizations and technology providers, who have expertise in measuring and managing IT-enabled services.
Amazon cloud-based database gains high-availability feature
Amazon Web Services has added a new high-availability feature called Multi-Availability Zone (Multi-AZ) to its cloud-based Relational Database Service (RDS), the company said on Tuesday. The addition of Multi-AZ provides better database availability by automatically configuring a standby copy of the database, which is stored in a different physical location from the original in Amazon’s cloud.
Monday, May 17, 2010
Five Ways To (Physically) Hack A Data Center
You can spend millions of dollars on network security, but it’s all for naught if the data center has physical weaknesses that leave it open to intruders. Red team experts hired to social-engineer their way into an organization say they regularly find physical hacking far too easy. Ryan Jones, senior security consultant with Trustwave’s SpiderLabs, says data centers he has investigated for security weaknesses commonly have the same cracks in the physical infrastructure that can be exploited for infiltrating these sensitive areas. Jones says the five simplest ways to hack into a data center are by crawling through void spaces in the data center walls, lock-picking the door, “tailgating” into the building, posing as contractors or service repairman, and jimmying open improperly installed doors or windows.
Wednesday, April 07, 2010
Researchers expose complex cyber espionage network
Security researchers from the Information Warfare Monitor (Citizen Lab and SecDev) and the ShadowServer Foundation, have released the findings from their eight month investigation, “Shadows in the Cloud”, detailing the inner workings of complex cyber espionage network that was systematically stealing sensitive documents/correspondence from the Indian government, the United Nations, as well as Dalai Lama’s offices, from January to November 2009.
Friday, April 02, 2010
Database Security Suffers From Leadership Gap
If there’s one sure thing about database security, it’s that most organizations are unsure about who exactly is in charge of protecting their data stores. According to a survey of 175 IT decision-makers polled by ESG, nearly a quarter of them reported that a lack of inter-departmental cooperation was one of the greatest risks to their database security.
Tuesday, March 30, 2010
FAA Launches Real-Time Security Pilot With IBM
The Federal Aviation Administration has begun a research and development pilot aimed at helping the agency detect and react to hackers before they have a chance to attack FAA systems, IBM and the FAA announced Tuesday. The pilot makes use of recently released IBM software called InfoSphere Streams, which was developed in conjunction with the Department of Defense and can perform real-time analytics on heavy throughput data streams of up to millions of events or messages per second. FAA security analysts are swamped on a daily basis with a massive volume of security information coming from the FAA’s firewalls, intrusion detection systems, and wireless detection systems as well as data feeds from other agencies and commercial security services such as VeriSign’s iDefense. In recent years, they have included theft of personal information on 48,000 former and current employees, a takeover of the FAA’s domain controllers, and a viral infection that forced the FAA to shut down systems in Alaska, according to a 2009 report from the Department of Transportation’s inspector general.
Wednesday, March 17, 2010
Forensics for GPS Unit
Blackthorn2 - http://www.blackthorn2.com/
TomTom
Forensic Analyser - TomTom Edition - http://www.gpsforensics.org/reviews_forensicanalyzer.html - company seems to be dead
TomTology - http://www.forensicnavigation.com/#/products/4527490520
EnCase Enscript - can parse TomTom files once they have been recovered from a device
XACT - http://www.msab.com/
Garmin
Device Seizure http://www.paraben.com/catalog/product_info.php?cPath=25&products_id=405
\Garmin\GPX\Current.gpx is an text file that contains trips details
Wednesday, March 03, 2010
Crackdown on Mariposa: Botnet Infected 13 Million PCs
Security software firms worked with international law enforcement agencies, the FBI and the Georgia Tech Information Security Center to neutralize and eventually arrest three criminals who allegedly masterminded a massive botnet scam that ensnared more than 13 million PCs. The suspects, who officials say called themselves the “Nightmare Days Team” and dubbed their botnet project “Mariposa,” were arrested at their Basque Country residence by Spanish authorities last month. The arrests came after a year-long investigation by local law enforcement agencies and security software vendors Panda Security, which is headquartered in Bilbao, Spain, and Defence Intelligence of Ottawa, Ontario.
Monday, March 01, 2010
Verizon Offers Up Its Data Breach Framework
Verizon Business here today released to the public its framework for gathering and analyzing forensics data from a data breach that is the basis for its comprehensive annual data breach reports. The hope is that the framework will facilitate more cooperation and data-sharing among breach victim organizations.
Friday, February 19, 2010
Computer Jargon Baffles Users, Hinders Security
Faced with such gobbledegook, many of the world’s nearly 2 billion Internet users conclude that security is for “experts” and fail to take responsibility for the security of their own patch of cyberspace—a potentially costly mistake. That was the message from cyber experts who met this week to work out how to protect computer users from the growing problem of online theft, fraud, vandalism, abuse and espionage.
Thursday, January 21, 2010
Enterprises Look for Help Managing Security Logs
Managed SIM services started to gain momentum over the past two years, largely due to compliance mandates such as the Payment Card Industry data security requirements. Managed security services have been growing in popularity over the past several years, and the latest task enterprises are looking to offload to an outside provider is security information management.
Monday, January 11, 2010
Virtualization security remains a work in progress
While adoption of server virtualization is proceeding at a gallop, the effort to refine virtualization security reached only a slow trot in 2009. Roughly 18% of server workloads have been virtualized, and research firm Gartner expects that number to climb to 28% in 2010 and almost 50% by 2012. But adapting traditional firewall, intrusion detection, antimalware and other types of security and monitoring software to run optimally in this radically changed hypervisor-based architecture is still very much a work in progress.
Tuesday, January 05, 2010
World Cup Cybercrime 2010
The Research team in ESET have put their heads together to discuss the likely shape of things to come in the next twelve months in computer security and cybercrime (and cyberwarfare, to use one of the buzzwords of the moment).
Thursday, December 17, 2009
Cloud Security Alliance releases updated guidance
The Cloud Security Alliance (CSA) on Thursday released the second version of its guidance for secure adoption of cloud computing services. The new version, Guidance for Critical Areas of Focus in Cloud Computing—Version 2.1, provides more specifics in several areas and more actionable advice, said Jim Reavis, Cloud Security Alliance co-founder and executive director.
Thursday, December 10, 2009
Internet posting prompts TSA investigation
Five Transportation Security Administration employees have been placed on administrative leave since it was discovered that sensitive guidelines about airport passenger screening were posted on the Internet. The move was disclosed as senators questioned administration officials yesterday about the second embarrassing security flap at the Homeland Security Department in as many weeks. Assistant Homeland Security Secretary David Heyman told senators yesterday that a full investigation into the Internet security lapse is under way, and that the TSA employees have been taken off duty pending results of that probe.
Wednesday, December 09, 2009
New cloud hacking service steals Wi-Fi passwords
For US$34 (£20), a new cloud-based hacking service can crack a WPA (Wi-Fi Protected Access) network password in just 20 minutes, its creator says. The WPA Cracker service bills itself as a useful tool for security auditors and penetration testers who want to know if they could break into certain types of WPA networks. It works because of a known vulnerability in Pre-shared Key (PSK) networks, usually used by home and small-business users.
Germany plans Internet virus phonecall alerts
German officials are planning to step up the fight against online viruses by phoning Internet users to warn them their computers are infected, an industry summit was told Tuesday. Germany’s federal computer security agency (BSI) and the German internet business federation ECO said Internet providers already had the technology to know which of their customers were infected. Germany would set up a national help desk to advise people step by step over the telephone on ridding computers of viruses.
Tuesday, December 08, 2009
Smart grids may be prone to cyberattacks
Smart-grid networks that depend heavily on technology both for energy efficiency and for better management of electricity consumers are vulnerable to cyberattacks that can endanger entire cities, industry findings show. Ann Whyte, a spokeswoman for Defense Support Services LLC (DS2), a Lockheed Martin and Day & Zimmermann company, said suppliers that are planning to install electricity smart meters in every home by 2020 need to adopt new power-line communications technology to ensure the grids remain safe from cyberattacks.
Tuesday, November 24, 2009
FBI’s network against cyber crime
Last week, when the Senate’s Subcommittee on Terrorism and Homeland Security held a hearing entitled “Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace”, the NSA wasn’t the only agency who gave an overview of its actions and practices concerning the subject. Steven R. Chabinsky, Deputy Assistant Director, of the FBI Cyber Division, also addressed the Subcommittee. He stated that “the FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century.” Chabinsky reminded that “terrorists do not require long term, persistent network access to accomplish some or all of their goals.