• Smart grid attack likely

    The smart grid’s distributed approach exposes these networks and systems, especially in the early phases of deployment; the communication among these networks and systems will be predominantly wireless and it is assumed they will be sniffed, penetrated, hacked, and service will be denied

  • U.K. government: even modest cyber attacks will have "catastrophic" impact on public confidence

    U.K. cybersecurity agency says that cyberattack do not have to be massively severe to undermine the public confidence in the government; agency says that government eavesdroppers also face a secret “cyber arms race” to develop quantum cryptography technology

  • New security threat against smart phone users

    Researchers demonstrate how a software attack could cause a smart phone to eavesdrop on a meeting, track its owner’s travels, or rapidly drain its battery to render the phone useless; these actions could happen without the owner being aware of what happened or what caused them

  • Deadline for Massachusetts' “Written Information Security Program” looms

    As of 1 March 2010, Massachusetts will require that all Massachusetts companies — and even companies operating outside the Commonwealth, but which do business in Massachusetts — to implement stringent personal data privacy law, the data protections pertain to not just electronically stored and transmitted information but also hard copy formats

  • Hackers to compete for $100,000 for smartphone, browser hacks

    Hackers will compete for a $100,000 in prizes for exploits that successfully penetrate Apple’s iPhone 3GS, Research in Motion’s Blackberry Bold 9700, a Nokia device running the most recent version of Symbian, and a Motorola phone running Google’s Android

  • New group calls for holding vendors liable for buggy software

    The group released draft language it advises companies to incorporate into procurement contracts between user organizations and software development firms; SANS Institute, Mitre also release 2010 list of Top 25 programming errors

  • Critical infrastructure companies targeted by malware

    Companies in the critical infrastructure sector, such as oil, energy, and chemical industries, experienced a higher percentage of malware in 2009 than organizations in other sectors – much, much higher: more than 350 percent more than other industries

  • McAfee: China leads world in hacked computers

    A new study finds that more personal computers in China — about 1,095,000 computers — than in any other country have been hacked to make them zombies, then grouped into botnets to engage in massive e-mail attacks on Web sites; the prevalence of botnets is a sign of how vulnerable computer networks are to infiltration

  • Google turns to NSA for assistance in thwarting Chinese cyberattacks

    Google has developed a reputation as a company that likes to keep its distance from government agencies; the cyberattacks on Google by the Chinese intelligence services has caused Google to reconsider; it is now finalizing a new deal with the NSA to share data – the company’s first formal agreement with the NSA; the spy agency will help Google develop better defenses against Chinese encroachment

  • Security experts worry over iPad security risks

    Security experts that the fact that the iPad will be locked down as the iPhone is, will not prevent hackers using phishing attacks and browser exploits from attacking to new device; while the iPad uses the same OS as the iPhone, it is more powerful; this means attacks based on doctored PDF files may potentially become a risk

  • Critical infrastructure executives fear China

    Operators of electrical grids, telecommunications networks, and other critical infrastructure say their systems are under constant cyber attack; more than 54 percent of the respondents said their critical systems have already suffered large-scale attacks or stealthy infiltrations

  • E-passports vulnerable to traceability attacks, allowing real-time tracking of passport holders

    The electronic passports issued by the United States, the United Kingdom, and some fifty other countries are vulnerable to “traceability attacks”: hackers can remotely track an e-passport holder in real time without first knowing the cryptographic keys that protect the personal information embedded in the e-passport

  • Stealth data: a new dimension in PC data protection

    Researchers at St. Poelten University of Applied Sciences develop the first viable steganographic solution for windows; data can now be protected better than ever before with the Windows operating system, without leaving the slightest trace or giving away the tiniest hint of its existence

  • Targeted attacks top telco nightmares, replacing botnet floods

    Targeted attacks against backend systems have replaced botnet-powered traffic floods as the main concerns for security staff at telcos and large ISPs; the most potent DDoS attacks recorded in 2009 hit 49 Gbps, a relatively modest 22 percent rise from the 40 Gbps peak reached in 2008

  • Cyber sleuth finds China's fingerprints on code used in Google attacks

    SecureWorks’ Joe Stewart says he found Chinese fingerprints on the code used in the attacks on Google and other Western companies; the telltale sign is an error-checking algorithm in the software that installed the Hydraq backdoor on compromised PCs