Top CyberSecurity News For 31st May 2016

  1. 65 million Pre-Yahoo Acquisition Tumblr Accounts Were HackedFrom HackRead. Tumblr recently revealed that it discovered a breach in their systems which affected users accounts and their passwords. The company said that the hack had happened back in 2013, but they just recently discovered it. It also refused to give figures of how many of its users had been affected. However security researchers have done an independent analysis, and it appears the numbers actually stands at 68 million.

  2. How new cyber espionage group Danti is targeting govtFrom Financial Express. Cybersecurity is an area of great concern in business as well as government circles. Internet security experts have identified a major cyberespionage activity in India. Recently, IT security firm Kaspersky Lab made a startling revelation that a fairly new and previously unknown cyberespionage group, called Danti, may already have full access to internal networks in Indian government organisations.
Advertisements

Top CyberSecurity News For 30th May 2016

  1. Teen held for hacking into EPABXFrom The Hindu. A 19-year old man pursuing ITI course from a college in Odisha was caught by the Cyber Crime team of Cyberabad police for hacking the EPABX of a private firm in the city using a mobile phone, resulting in financial loss to the company.According to the police, Himalaya Mohanty, who lives in Shibapura village in Balasore district in Odisha, is pursuing ITI course from a private institute. In November 2015, Mohanty hacked the EPABX code of Lloyd Electrical and Engineering Limited in Hyderabad, resulting in a bill of Rs. 60 lakh.

Top CyberSecurity News For 29th May 2016

  1. A Controversial Surveillance Firm Was Granted a Powerful Encryption CertificateFrom Motherboard. A controversial surveillance company whose products have been detected in Iran and Sudan was recently issued a powerful encryption certificate by a US cybersecurity company. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec, the company that provided it, downplayed concern from the security community.

Top CyberSecurity News For 28th May 2016

  1. North Korea Linked With Hacks Stealing From BanksFrom US News And World Report. Network security researchers have linked cyber attacks that stole millions of dollars from Asian banks to hacking incidents attributed to North Korea, raising questions as to whether the cash-strapped hermit kingdom is seeking new ways to replenish its coffers.

  2. Did the Clinton Email Server Have an Internet-Based Printer?From Krebs On Security. The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain “clintonemail.com.” But here’s a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email server for the Clintons also had the not-so-bright idea of connecting it to an Internet-based printer. 

Top CyberSecurity News For 27th May 2016

  1. State Department argues against ‘cyber arms’ treatyFrom CIO.com. Even as top U.S. diplomats press issues of cybersecurity and Internet freedom in virtually every top-level meeting with their foreign counterparts, it’s too soon to begin contemplating a formal, multilateral treaty laying out parameters for digital rules of the road, according to a senior State Department official.

    2. Trojans OverviewFrom NY Cybersecurity. A Trojan is a type of malware that, unlike viruses and worms, does not self-replicate. Named after the mythological wooden horse used to sneak Greek warriors through the gates of Troy, Trojans are often disguised as legitimate software in order to avoid detection or trick users into installing the Trojan onto their system.

Top CyberSecurity News For 26th May 2016

  1. Beware of keystroke loggers disguised as USB phone chargers, FBI warns. From ArsTechnica. FBI officials are warning private industry partners to be on the lookout for highly stealthy keystroke loggers that surreptitiously sniff passwords and other input typed into wireless keyboards. Always-on sniffer remotely uploads all input typed into Microsoft Wireless keyboards. The FBI’s Private Industry Notification is dated April 29, more than 15 months after whitehat hacker Samy Kamkar released a KeySweeper, a proof-of-concept attack platform that covertly logged and decrypted keystrokes from many Microsoft-branded wireless keyboards and transmitted the data over cellular networks. To lower the chances that the sniffing device might be discovered by a target, Kamkar designed it to look almost identical to USB phone chargers that are nearly ubiquitous in homes and offices.

  2. Microsoft Bans Simple Passwords That Appear in Breach ListsFrom Softpedia. 

    Following the huge debacle related to the LinkedIn data breach that came to light last week, Microsoft’s Identity Protection team has decided to ban the usage of common or simple passwords that may be easy to guess or have already appeared in breach lists. Microsoft says it has already activated this feature for regular Microsoft Account users and is holding a limited private preview for Microsoft Azure Active Directory services.

  3. Here’s how the US military is beating hackers at their own gameFrom Tech Insider.  There’s an unseen world war that has been fought for years with no clear battle lines, few rules of engagement, and no end in sight. But it’s not a shooting war; not a war where combatants have been killed or wounded — at least not yet. It’s a war that pits nations against each other for dominance in cyberspace, and the United States, like other nations employing professional hackers as “cyber soldiers,” sees it as a battlefield just like any other.

Top CyberSecurity News For 25th May 2016

  1. Insure against a cyberwhat now? How the heck do we crunch those numbers?.From The Register. The head of a UK industry insurance organisation has called for the government to create a database where companies would be obliged to “record details of cyber attacks”. Insurers are struggling to assess premiums for newly introduced cyber insurance policies in the absence of background info, according to the head of the Association of British Insurers (ABI). Insufficient data was inhibiting the growth of the industry.
  2. Which Cybersecurity Data Should You Trust? From McAfee Labs. We are constantly battered by cybersecurity data, reports, and marketing collateral—and we shouldn’t treat all of this information equally. Security data has inherent limitations and biases, which result in varying value and relevance in how it should be applied. It is important to understand which data is significant and how best to allow it to influence your decisions. A tsunami of security metrics, reports, analyses, blogs, papers, and articles vie for our attention. Sources range from reporters, researchers, professional security teams, consultants, dedicated marketing groups, and even security-operations people who are adding data, figures, and opinions to the cauldron. We are flooded with data and opinions.

Top CyberSecurity News For 24th May 2016

  1.  Customs invests $1.4M to beef up cybersecurityFrom Manila Bulletin. The Bureau of Custom has invested $1.4 million in a comprehensive cybersecurity program that will protect the government’s second largest tax agency from cybercriminal activities. Customs Commissioner Alberto D. Lina said they partnered with Microsoft Philippines to implement reforms in the agency’s information and communications technology and establish the highest data integrity assurance levels. Lina said Customs is the first government agency to implement a comprehensive cybersecurity program in less than year. Earlier, several government institutions, including the Commission on Elections’ controversial “comeleak,” were targeted by cybercriminals that drastically affected public trust.
  2. Cyber-crooks meet their match with Israeli-developed GPS protectorFrom Times Of Israel. Farr more than a tool for Waze users to figure out the best routes to their destinations, the Global Positioning System is used in a wide variety of endeavors and industries. Among them, to name a few, are agriculture, to help farmers determine the ideal spots to plant crops; shipping, to guide ships across the ocean; retail sales, to help companies keep track of their products; aviation, to ensure that planes are able to get to their destination; and defense, to position systems to ensure response to attack.

  3. ‘Dark Territory: The Secret History of Cyber War’: The worldwide war of keystrokes. From Pittsburgh Post-Gazette.  You’ve heard the complaining, from the White House on down, about the cyberattacks on our country. Well, yes, you guessed it: We started it. That’s one of the central thrusts of Fred Kaplan’s “Dark Territory: The Secret History of Cyber War.” Because it pioneered computing, the U.S. intelligence agencies enjoyed decades of dominance over rivals, and even learned how to remotely wreak havoc on, say, the Iranian nuclear program. But because nearly everything in our country is networked, we’re uniquely vulnerable now that the rest of the world has caught up.

Top CyberSecurity News For 23rd May 2016

  1. Learn to Hack from Phineas Fisher, the Man Who Pwned the Hacking Team From Softpedia. Phineas Fisher, the hacker who compromised the networks of Hacking Team and Gamma Group, two international surveillance software providers, has released a “how-to” video, detailing various hacking techniques. The video is more than just proof-of-concept learning material, and it actually presents a step-by-step process of his latest hack, the website of the Sindicat De Mossos d’Esquadra (SME), which is Spain’s Catalan police union. This is not the first time Phineas Fisher does this, as just a month ago he released a detailed guide on how he broke into Hacking Team’s servers and quietly stole all of their most sensitive data. At the time of writing, SME’s website is down, meaning Phineas Fisher’s hack was successful. Even more, the hacker dumped all the stolen data online but was later removed by the hosting service.

Top CyberSecurity News For 22nd May 2016

  1. National Crime Agency warns of growing threat from cyber crime attacksFrom The Drum. The UK’s National Crime Agency has warned that the threat from cyber crime is “growing fast” and becoming more “technically proficient and aggressive”.In an interview with the Times, the agency pointed to financial trojans masquerading as legitimate software and distributed denial of service attacks as the biggest cyber crime threats to UK businesses.