• New Trojan targets Australian business bankers

    A systematic phishing campaign has been targeting Aussie financial institutions; a Trojan masked as a bank’s security update proceeds to launch a multi-staged attack, looking for not just usernames and passwords, but chat room credentials, secure downloads, and anything the attackers believe may be useful

  • New Air Force Cyber Command politically savvy

    One way to secure the Hill’s backing — and bucks — for any new program is to spread it over as many states and congressional districts as possible; AFCYBER may be a new outfit, but its leaders are perfectly aware of this old political truth

  • Network penetration competition as part of security training

    In recent years the goals of computer hackers have changed; the intent of many hackers used to be the thrill of breaking into a network, now the goal is often money; companies and other organizations had better take network security more seriously.

  • Cyber mishap causes nuclear power plant shutdown

    Worries about critical infrastructure vulnerabilities: The move to SCADA systems boosts efficiency at utilities because it allows workers to operate equipment remotely, but experts say it also exposes these once-closed systems to cyber attacks

  • Top ten rules for IT security

    Uniloc offers ten useful rules to keep the organization’s networks safe from intruders and hackers;

  • New compression technique makes VoIP vulnerable to eavesdropping

    New VoIP compression technique, called variable bit rate compression, produces different size packets of data for different sounds; simply measuring the size of packets — without even decoding them — can identify whole words and phrases with a high rate of accuracy

  • Chinese cyber-attacks target U.S. lawmakers

    Computers in the office of a Virgnia congressman targted by Chinese hackers; information on four computers in the office of Congressman Frank Wolf, a harsh critic of China’s human rights record, compromised

  • Killing Internet worms dead

    Internet worms flood the Internet with junk traffic, and at their most benign, they overload computer networks and shut them down; Buckeyes researchers find new way to combat worms

  • Malicious software threatens internet economy

    Around one in four personal computers in the United States — or fifty-nine million — is already infected with malware; a booming market in cyber attack software and services has also made attacks more sophisticated and cheaper to perform

  • Worry: VoIP especially suitable for conveying hidden messages

    Steganography involves concealing messages within digitally transmitted images or sound files; VoIP systems tolerate packet loss and have built-in redundancy, and are thus especially suitable for conveying hidden messages; law enforcement officials have expressed frustration about the difficulty of deciphering VoIP messages made by suspected terrorists using Skype

  • Botnet cyberattack costs Japanese company 300 million yen

    There is a new type of blackmail in Japan: Hackers use botnets in denial-of-service attacks on companies’ computers — ending the attacks only when hefty ransom is paid

  • Cyber attacks grow in sophistication, menace; most originate in China

    More and more cyber attacks on organization aim to allow criminals to take control over enterprise assets; most attacks on companies and organizations around the world originate in China

  • Glaring gaps in network security, II

    Specialists in penetration testing take six hours to hack the FBI; hacking the networks of Fortune 500 companies takes much less time; even companies which have been Sarbanes-Oxley compliant for several years have been hacked within twenty minutes, with the hackers taking control of the business; these hackers proved they could actively change general ledgers and do other critical tasks

  • Glaring gaps in network security, I

    Specialists in penetration testing take six hours to hack the FBI; hacking the networks of Fortune 500 companies takes much less time; even companies which have been Sarbanes-Oxley compliant for several years have been hacked within twenty minutes, with the hackers taking control of the business; these hackers proved they could actively change general ledgers and do other critical tasks

  • Is the Internet "Critical Infrastructure"?

    The Internet’s architecture is optimized to be cheap and ubiquitous; such a network is never going to be perfectly secure or reliable; transactions that absolutely have to be done correctly and on time need to be done on a dedicated network