-
Chinese cyber spies target British defense official
A high official in the British Ministry of Defense was targeted by a sophisticated Chinese spear phishing operation that aimed to steal military secrets; the plan was foiled last year when the official became suspicious of an e-mail she received from a contact she had met at a conference
-
-
DHS official: Stuxnet a "game changer"
The head of the Cybersecurity Center at DHS said Stuxnet is an incredibly large, complex threat with capabilities never seen before; “This code can automatically enter a system, steal the formula for the product you are manufacturing, alter the ingredients being mixed in your product, and indicate to the operator and your anti-virus software that everything is functioning as expected,” he said
-
-
New anti-cybercrime software emulates DNA matching process
The biologically inspired software digitally mimics the DNA matching process used in the real world. The software tracks the sequence of events that follow a hacker’s first access request into a secure network system and creates a “digital fingerprint”
-
-
China "hijacked" sensitive U.S. Internet traffic to Chinese servers
Highly sensitive Internet traffic on U.S. government and military Web sites was briefly “hijacked” and routed through Chinese servers earlier this year; for eighteen minutes on 8 April, a Chinese state-owned telecommunications firm rerouted e-mail traffic to and from Web sites of the U.S. Senate, the Department of Defense, along with “many others” including NASA and Department of Commerce
-
-
New Facebook app monitors users' social circle for danger
How long will it be before it is impractical to use Facebook without a dedicated app to protect you from spammers and scammers? New app scans your wall, inbox, and any comments on your profile for malicious links that might lead to sites that try to install malware or hijack your account details. It also checks your privacy settings and offers reminders and tips on how much you are sharing and how to change those settings
-
-
U.S. Internet hosts are essential for criminal botnets
Cybercrime is often associated with Russia and China, and rightly so — but many of the servers vital to their activities are located elsewhere; facilities provided by Internet companies in the United States and Europe are crucial to these criminal gangs’ activities
-
-
Best 300 U.S. student hackers compete for cybersecurity scholarships, prizes
The seventh Annual Cyber Security Awareness Week competition at the Polytechnic Institute of New York University; 120 teams from high schools across the country — consisting of 300 of the U.S. best student hackers — competed under the watchful eyes of representatives from the CIA, NSA, DHS, and NSA; the students compete for scholarships and prizes by solving simulated security crises likely to emerge in an increasingly wired world
-
-
Keystroke biometric solution will protect against hacking
Virginia Tech researchers develop an authentication framework called “Telling Human and Bot Apart” (TUBA), a remote biometrics system based on keystroke-dynamics information; the technology will prevent hackers from using a computer program designed to produce keystroke sequences in order to spoof more conventional security systems
-
-
PwC recruits cybersecurity talent with online puzzles
PricewaterhouseCoopers (PwC) found a new way to recruit IT security professionals; it aimed to dig out U.K. talent hidden under the radar by settling up tests for hackers at different levels of ability, uncovering teenagers and people already working in the IT profession; PwC says that winning these cyber contests is typically an indication of good problem solving, curiosity to learn, and a driven work ethic
-
-
U.K. opens cybersecurity test range to test critical networks
The U.K. Ministry of Defense has opened a cybersecurity test range, where utilities and banks can pit their networks against human hackers and computer viruses
-
-
Chinese hackers steal South Korean defense secrets
Chinese hackers have stolen secrets on South Korea’s defense and foreign affairs by using bogus e-mails claiming to come from Seoul officials and diplomats; similar attacks originating in China-based servers briefly crippled U.S. and South Korean government and commercial Web sites in July 2009
-
-
U.S. considering Aussie Internet security program
The Obama administration is considering adoption of parts of an Internet security scheme which will go into effect in Australia in December; the plan will allow Internet service providers to alert customers if their computers are taken over by hackers — and could limit these customers’ online access if they do not fix the problem
-
-
U.K. security firms say GCHQ's cyberattack warning overwrought
U.K. cybersecurity industry insiders say last week’s warnings by Britain’s cybersecurity chief about the cyber threat the U.K. was facing may have over-hyped threats — and may have been related more to the run-up to the U.K. government’s comprehensive spending review announcement than to new threat information
-
-
Microsoft releases barrage of fixes at Stuxnet and more
Microsoft on Tuesday released a record high number of software patches aimed at countering computer threats including a Stuxnet “worm” attacking industrial networks; the 49 fixes released by Microsoft were ranked in importance from “critical” to “moderate” and addressed vulnerabilities in an array of Microsoft programs used in personal computers
-
-
Microsoft cleaned 6.5 million zombie PCs during April-June 2010
Microsoft cleaned in excess of 6.5 million zombie computers between April and June 2010, but the company’s efforts alone are not enough to put a stop to the increasing threat that botnets represent to users, businesses and critical infrastructure
-
More headlines
The long view
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.