-
New Web threats threaten OS, other applications
IBM researchers release proof-of-concept for new cross-environment hopping (CEH) attack methods
-
-
Corporations riddled with security holes
How safe is your network? If you are a typical U.K. organization, the answer is: “Not very safe”; three expert reports paint a damning picture of business security, with online vulnerabilities rising as companies and authorities fail to apply patches, update antivirus software, and leave firewalls disabled
-
-
China in campaign to impriove coastal water, inland waterways security
China has a long coast and many rivers and canals; there are about 200,000 boats and ship plowing these waters, the the Chinese authorities want them to be able to communicate more effectively with security and law enforcement; U.K. company helps
-
-
Cybercrime server with 500 Mb of personal data discovered
IT security company discovers a hackers’ crimeserver containing 500 Mb of personal, health care, and financial data for sale to the highest bidder
-
-
New Trojan targets Australian business bankers
A systematic phishing campaign has been targeting Aussie financial institutions; a Trojan masked as a bank’s security update proceeds to launch a multi-staged attack, looking for not just usernames and passwords, but chat room credentials, secure downloads, and anything the attackers believe may be useful
-
-
New Air Force Cyber Command politically savvy
One way to secure the Hill’s backing — and bucks — for any new program is to spread it over as many states and congressional districts as possible; AFCYBER may be a new outfit, but its leaders are perfectly aware of this old political truth
-
-
Network penetration competition as part of security training
In recent years the goals of computer hackers have changed; the intent of many hackers used to be the thrill of breaking into a network, now the goal is often money; companies and other organizations had better take network security more seriously.
-
-
Cyber mishap causes nuclear power plant shutdown
Worries about critical infrastructure vulnerabilities: The move to SCADA systems boosts efficiency at utilities because it allows workers to operate equipment remotely, but experts say it also exposes these once-closed systems to cyber attacks
-
-
Top ten rules for IT security
Uniloc offers ten useful rules to keep the organization’s networks safe from intruders and hackers;
-
-
New compression technique makes VoIP vulnerable to eavesdropping
New VoIP compression technique, called variable bit rate compression, produces different size packets of data for different sounds; simply measuring the size of packets — without even decoding them — can identify whole words and phrases with a high rate of accuracy
-
-
Chinese cyber-attacks target U.S. lawmakers
Computers in the office of a Virgnia congressman targted by Chinese hackers; information on four computers in the office of Congressman Frank Wolf, a harsh critic of China’s human rights record, compromised
-
-
Killing Internet worms dead
Internet worms flood the Internet with junk traffic, and at their most benign, they overload computer networks and shut them down; Buckeyes researchers find new way to combat worms
-
-
Malicious software threatens internet economy
Around one in four personal computers in the United States — or fifty-nine million — is already infected with malware; a booming market in cyber attack software and services has also made attacks more sophisticated and cheaper to perform
-
-
Worry: VoIP especially suitable for conveying hidden messages
Steganography involves concealing messages within digitally transmitted images or sound files; VoIP systems tolerate packet loss and have built-in redundancy, and are thus especially suitable for conveying hidden messages; law enforcement officials have expressed frustration about the difficulty of deciphering VoIP messages made by suspected terrorists using Skype
-
-
Botnet cyberattack costs Japanese company 300 million yen
There is a new type of blackmail in Japan: Hackers use botnets in denial-of-service attacks on companies’ computers — ending the attacks only when hefty ransom is paid
-
More headlines
The long view
States Rush to Combat AI Threat to Elections
By Zachary Roth
This year’s presidential election will be the first since generative AI became widely available. That’s raising fears that millions of voters could be deceived by a barrage of political deepfakes. Congress has done little to address the issue, but states are moving aggressively to respond — though questions remain about how effective any new measures to combat AI-created disinformation will be.
Ransomware Attacks: Death Threats, Endangered Patients and Millions of Dollars in Damages
By Dino Jahic
A ransomware attack on Change Healthcare, a company that processes 15 billion health care transactions annually and deals with 1 in 3 patient records in the United States, is continuing to cause massive disruptions nearly three weeks later. The incident, which started on February 21, has been called the “most significant cyberattack on the U.S. health care system” by the American Hospital Association. It is just the latest example of an increasing trend.
Chinese Government Hackers Targeted Critics of China, U.S. Businesses and Politicians
An indictment was unsealed Monday charging seven nationals of the People’s Republic of China (PRC) with conspiracy to commit computer intrusions and conspiracy to commit wire fraud for their involvement in a PRC-based hacking group that spent approximately 14 years targeting U.S. and foreign critics, businesses, and political officials in furtherance of the PRC’s economic espionage and foreign intelligence objectives.
Autonomous Vehicle Technology Vulnerable to Road Object Spoofing and Vanishing Attacks
Researchers have demonstrated the potentially hazardous vulnerabilities associated with the technology called LiDAR, or Light Detection and Ranging, many autonomous vehicles use to navigate streets, roads and highways. The researchers have shown how to use lasers to fool LiDAR into “seeing” objects that are not present and missing those that are – deficiencies that can cause unwarranted and unsafe braking or collisions.
Tantalizing Method to Study Cyberdeterrence
By Trina West
Tantalus is unlike most war games because it is experimental instead of experiential — the immersive game differs by overlapping scientific rigor and quantitative assessment methods with the experimental sciences, and experimental war gaming provides insightful data for real-world cyberattacks.