-
Napolitano issues additional action directives
DHS secretary Napolitano issues additional Action Directives on cyber security and northern border strategy
-
-
Heartland says it has fixed security problem
Heartland Payment Systems, the sixth-largest payment processor in the United States, processes payments for 250,000 companies; thieves install malicious program on company’s computers which captured data as it flowed across the network
-
-
Experts watch for Conficker superworm to be activated
Conficker has infected at least 9 million computers; security experts anxiously wait for it to be activated; infection dwarfs the zombie army created by the infamous Storm worm, which reached a mere 1 million at its peak in September 2007
-
-
U.S. Air Force to train hundreds yearly in cyber warfare skills
As the U.S. Air Force becomes more dependent on information and networks, it needs more officers trained in cyber warfare — both to protect U.S. cuber systems, and do damage to the adversary’s systems
-
-
GAO: IRS still vulnerable to cyber breaches
U.S. tax collector makes but slow progress on vulnerabilities: Government watchdog finds that agency has fixed just 49 of 115 computer security problems found by the GAO in the November audit
-
-
The largest data breach ever?
In what may yet be the largest personal information breach ever, Heartland Payment Systems, which processes payroll and credit card payments for more than 250,000 businesses, announces that consumer credit card data may have been exposed
-
-
Sacked employee crashes employer's computers in malware revenge attack
An employee in a company which provides IT systems to fast-food restaurant is fired; he plants three malicious systems-cacheing files on systems connected to the company’s extranet, causing damage estimated qt $49,000
-
-
List of worst 25 programming errors ever Released
Leading cyber security organizations release a list of the worst 25 programming errors ever; it is a scary list
-
-
The cyber security agenda of the new administration
U.S. national leaders do grasp the importance of network security and information assurance — but seeing the problem is not the same thing as solving it
-
-
IT security spending to grow despite economic slowdown
Forrester Research finds that companies are still spending to protect their data — and that they will spend more in 2009; respondents to survey say security is an ongoing necessity unaffected by economic peaks and valleys
-
-
FBI: U.S. facing "cybergeddon"
FBI experts say that cyber attacks pose the greatest threat to the United States after nuclear war and weapons of mass destruction — and these attacks are increasingly hard to prevent
-
-
U.K. Home Office denies remote snooping plan
There have been discussions among EU ministers about giving police more authority to snoop on crime and terror suspects remotely, but the legal framework to do so is yet be created; what is more, techies says it cannot be done
-
-
New, major weakness in Internet security reported
New weakness discovered in Internet security; the vulnerability allows impersonation of secure Web sites and e-mail servers; it also allows hackers to perform virtually undetectable phishing attacks
-
-
Russia's hackers a growing global threat
There used to be a time when Russian hackers exposed chinks in American software just for the thrill of it; today they do it for cash — or for political reasons; cybercrime has outpaced the amount of illicit cash raked in by global drug trafficking
-
-
2008 was a good year for cybercrime
Cybercrime has become more sophisticated in 2008; security firms now say there are about 20,000 new malicious programs created every day, and Symantec reached a grim milestone: its antivirus software now protects against more than one million viruses
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.