• iPhone, IE8, Firefox, and Safari easily hacked at Pwn2Own contest

    Hackers gathered for an annual contest in Vancouver demonstrate easy hacking of iPhone and all major browsers; a non-jailbroken iPhone was also hacked and its SMS database stolen; security measures taken by Firefox, Safari, and IE8 no match for hackers

  • The Norton Top 10: Seattle is the riskiest U.S. city for cybercrime; Detroit is the safest

    A study of the cybercrime-proneness of fifty American cities finds that from the perspective of cybersecurity, Seattle is the riskiest city in America: If you live and work there and use the Internet, your are more vulnerable to cybercrime than in any other place; the cyber-safest cities: Detroit, Michigan, El Paso, Texas, and Memphis, Tennessee

  • A small industry emerges to support would-be credit card thieves, malware writers

    There is money to be made in credit card theft, so a small industry has emerged to help commercialize the business; a software kit, known as Zeus, epitomizes the commercialization of the malware services industry: as is the case with other malicious software, Zeus can easily be bought online, in this case for between $400 and $700; detailed instructions on how to use it are readily available, too; to check whether a piece of malware is on the security companies’ blacklists, hackers can send their creations to Web sites such as virtest.com, which for just $1 will try the code out on more than twenty antivirus products; if the malware fails the test, would-be criminals can simply upload their malware to another site that will tweak it to render it unrecognizable

  • Delay in start date for U.K. cyberdefense center

    The U.K. government’s Cyber Security Operations Center, charged with protecting Britain’s critical IT infrastructure, was supposed to become operational yesterday; the government said it would become operational by the end of the month

  • GAO: U.S. government not properly coordinating cybersecurity efforts

    The U.S. Government Accountability Office, in addressing the Obama administration’s Comprehensive National Cyber Security Initiative (CNCI), a secretive initiative inherited from the Bush administration, warned that “Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, and it is unclear where the full responsibility for coordination lies”

  • Private industry sees opportunities in cybersecurity

    Nadia Short, director of Strategic Planning and Business Development Information Assurance Division at General Dynamics: “The release of the [DHS] budgets earlier this month indicate a growth in cyberspending across all the services…. With that, as well as continuing the natural evolution of what cyber will mean for dot-gov and dot-mil, it will mean nothing but opportunity for private industry”

  • Smart grid attack likely

    The smart grid’s distributed approach exposes these networks and systems, especially in the early phases of deployment; the communication among these networks and systems will be predominantly wireless and it is assumed they will be sniffed, penetrated, hacked, and service will be denied

  • U.K. government: even modest cyber attacks will have "catastrophic" impact on public confidence

    U.K. cybersecurity agency says that cyberattack do not have to be massively severe to undermine the public confidence in the government; agency says that government eavesdroppers also face a secret “cyber arms race” to develop quantum cryptography technology

  • New security threat against smart phone users

    Researchers demonstrate how a software attack could cause a smart phone to eavesdrop on a meeting, track its owner’s travels, or rapidly drain its battery to render the phone useless; these actions could happen without the owner being aware of what happened or what caused them

  • Deadline for Massachusetts' “Written Information Security Program” looms

    As of 1 March 2010, Massachusetts will require that all Massachusetts companies — and even companies operating outside the Commonwealth, but which do business in Massachusetts — to implement stringent personal data privacy law, the data protections pertain to not just electronically stored and transmitted information but also hard copy formats

  • Hackers to compete for $100,000 for smartphone, browser hacks

    Hackers will compete for a $100,000 in prizes for exploits that successfully penetrate Apple’s iPhone 3GS, Research in Motion’s Blackberry Bold 9700, a Nokia device running the most recent version of Symbian, and a Motorola phone running Google’s Android

  • New group calls for holding vendors liable for buggy software

    The group released draft language it advises companies to incorporate into procurement contracts between user organizations and software development firms; SANS Institute, Mitre also release 2010 list of Top 25 programming errors

  • Critical infrastructure companies targeted by malware

    Companies in the critical infrastructure sector, such as oil, energy, and chemical industries, experienced a higher percentage of malware in 2009 than organizations in other sectors – much, much higher: more than 350 percent more than other industries

  • McAfee: China leads world in hacked computers

    A new study finds that more personal computers in China — about 1,095,000 computers — than in any other country have been hacked to make them zombies, then grouped into botnets to engage in massive e-mail attacks on Web sites; the prevalence of botnets is a sign of how vulnerable computer networks are to infiltration

  • Google turns to NSA for assistance in thwarting Chinese cyberattacks

    Google has developed a reputation as a company that likes to keep its distance from government agencies; the cyberattacks on Google by the Chinese intelligence services has caused Google to reconsider; it is now finalizing a new deal with the NSA to share data – the company’s first formal agreement with the NSA; the spy agency will help Google develop better defenses against Chinese encroachment