Daily CyberSecurity News For 31st October 2016

  1. The next president will face a cybercrisis within 100 days, predicts reportFrom CNBC.com. 

    The next president will face a cybercrisis in the first 100 days of their presidency, research firm Forrester predicts in a new report.

     The crisis could come as a result of hostile actions from another country or internal conflict over privacy and security legislation, said Forrester analyst Amy DeMartine, lead author of the firm’s top cybersecurity risks for 2017 report, due to be made public Tuesday.
Advertisements

Top CyberSecurity News For October 10th 2016

  1. Apple Watch Banned From Cabinet Meetings Over Spy FearsFrom TechWeek Europe. Ministers have been forbidden to wear the Apple Watch during cabinet meetings due to the risk they could be hacked by Russian agents, according to a report.

    Prime minister Theresa May imposed the new rules following several high-profile hacks that have been blamed on Russia, according to The Telegraph, which cited unnamed sources.

Top CyberSecurity News For October 2nd 2016

  1. Cybercriminals’ Superior Business Savvy Keeps Them AheadFrom Dark Reading. Rick Holland of Digital Shadows visits the Dark Reading News Desk at Black Hat to explain how the attackers’ superior business agility, faster change management, specialized job force, lower barriers to entry and bulletproof hosting keeps them ahead of the good guys.

Top CyberSecurity News For September 29th 2016

  1. Guccifer 2.0 and Russia’s hidden agendaFrom SC Magazine. 

    Among the routine stream of network compromises and dumped login credentials this year, one attack stands head and shoulders above the rest for intrigue – the Democratic National Committee (DNC) breach. The hack led to political uproar, a high-level resignation, damaging leaks and, in a complete reversal of the norm, the nation state hackers have become more public since being discovered.

    It is worth starting with a recap. The FBI alerted the DNC to the presence of attackers on their network in April this year, but incident response specialists CrowdStrike found that there were two state-sponsored attackers with access to sensitive emails and data. The investigators assessed the network was first breached in the summer of 2015 and established the attackers had stolen large quantities of emails, campaign documents and donor information. Before the hack was publicly disclosed in mid-June, WikiLeaks founder Julian Assange announced the whistle-blowing website had ‘enough evidence’ to indict Hillary Clinton.

Top CyberSecurity News For 25th September 2016

  1. The Democratization of Censorship. From KrebsOnSecurity. 

    John Gilmore, an American entrepreneur and civil libertarian, once famously quipped that “the Internet interprets censorship as damage and routes around it.” This notion undoubtedly rings true for those who see national governments as the principal threats to free speech.

    However, events of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach.

Top CyberSecurity News For 22nd September 2016

  1. Yahoo Confirms At Least 500 Million Accounts Were HackedFrom Fortune. 

    Yahoo said on Thursday that information for at least 500 million user accounts was stolen from its network in 2014 by what it believed was a state-sponsored actor, a theft that appeared to the biggest cyber breach ever.

    Yahoo said data stolen may have included names, email addresses, telephone numbers, dates of birth, and encrypted passwords but that unprotected passwords, payment card data, and bank account information did not appear to have been compromised, the company said.

    “This is the biggest data breach ever,” said well-known cryptologist Bruce Schneier.

Top CyberSecurity News For 10th September 2016

  1. Missed Opportunities Detailed Ahead of Personnel Agency HackFrom ABC.com. 

    t was time to purge the hacker from the U.S. government’s computers.

    After secretly monitoring the hacker’s online movements for months, officials worried he was getting too close to critical information, so they devised a plan, called the “Big Bang,” to expel him.

    Trouble was, with all their attention focused in that case, they missed the other hacker entirely.

    A congressional report provides previously undisclosed details and a behind-the-scenes chronology of one of the worst-ever cyberattacks on the United States. It lays out missed opportunities before the break-in at the Office of Personnel Management exposed security clearances, background checks and fingerprint records. That intrusion — widely blamed on China’s government — compromised personal information of more than 21 million current, former and prospective federal employees; led to the resignation of the OPM director; and drew outrage over changing explanations about its severity.

Top CyberSecurity News For 9th September 2016

  1. Israeli Online Attack Service ‘vDOS’ Earned $600,000 in Two Years. From KrebsOnSecurity. 

    vDOS  a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets.

    The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principal owners and masterminds of the attack service, with support services coming from several young hackers in the United States.

Top CyberSecurity News For 30th August 2016

  1. US Suspects Russia Behind Computer Hacking in 2 State Election DatabasesFrom Voice Of America. 

    U.S. officials suspect Russian hackers were responsible for breaking into two state election databases earlier this month.

    “This is the closest we’ve come to tying a recent hack to the Russian government,” one official told NBC News on Monday.

    The FBI has not identified the two U.S. states whose data bases were attacked, but Yahoo News, which first reported the breaches, quoted sources who say Arizona and Illinois were targeted.

    According to Yahoo News, an Illinois election board official said the voter registration system was shut down for 10 days last month after hackers stole personal information on approximately 200,000 voters.

Top CyberSecurity News For 25th August 2016

  1. Government Hackers Caught Using Unprecedented iPhone Spy ToolFrom Motherboard. Since its founding in 2010, [Israeli vendor] NSO has developed a reputation for providing sophisticated malware to governments that need to target cellphones in their investigations, although the use of its tools has never been documented before. The company claims that its products are completely stealthy, like a “ghost.” The company has been so guarded about its wares that it’s never had a website, and has rarely given interviews or any comments to the press. But some information has leaked out, including an investment for $120 million by a US-based venture capital firm in 2014 and a subsequent reported valuation of $1 billion.