Week of 1/30/12
UPDATE: Why Stuxnet-Like Attacks Aren't Going Away:
Report Warns of Woeful Readiness For Cyber Attacks Globally:
Ongoing Targeted Attack Campaign Going After Defense, Aerospace Industries:
Market Fail: Regulations May Be Only Hope For Securing Critical Infrastructure:
Driving Up the Cost of Exploit Development Becomes a Key Defensive Strategy:
MSUpdate trojan attacked companies in the defence sector:
State of SCADA Security 'Laughable', Researchers Say:
Privacy Fail: Is Uncle Sam Encouraging Bad Security?:
Week of 1/23/12
Hackers attack Polish government web sites:
EU to Propose New Data Breach, Privacy Regulations:
Anonymous calls on Polish hactivists to stop DDoS:
Week of 1/16/12
Critical hole in McAfee products still open after more than 180 days:
Quotation Mark Parsing Flaw Makes IE Users Vulnerable to Attack:
The Infections That Will Not Die: Conficker and AutoRun:
McAfee customers used to spread spam:
Week of 1/9/12
Exploit Code Released for ASP.NET Flaw:
New Zeus Variant Could Mean ‘Gameover’ for Unsuspecting Users:
Did Symantec source code hack reveal Indian phone surveillance?:
Researcher Releases New Version of P0f Fingerprinting Tool:
Attackers Reused Adobe Reader Exploit Code From 2009 In Extremely Targeted Hacks:
Week of 1/2/12
Report: Hacks Of China Sites May Have Exposed Information On 100 Million:
Anonymous Leaks Info Following California Police Union Website Hack:
Lilupophilupop SQL Injection Attack Tops 1 Million Infected URLs:
Report: Anonymous Targets Neo-Nazis:
Hackers publish credit card data of Israeli internet users:
New Ramnit Variant Is Stealing Facebook Credentials:
Pastebin Downed By Second DDoS Attack This Week:
Week of 12/27/11
Coviello: '2012 Will Be the Year of Resiliency';
Cybersecurity career experts: Mobile app security skills hot in 2012:
28C3: New attacks on GSM mobiles and security measures shown:
Research: Botnets, the Most Prevalent Threat in the Enterprise:
Dartmouth Cyber Security Chief: More Attention Needed To Human Element In Security:
Week of 12/19/11
Report: UK Newspaper Computer Hacking Could Be As Widespread As Phone Hacking:
Massive hacker attack on US Chamber of Commerce:
Spam drop, but targeted attack rise, is key 2011 takeaway:
In Possible Targeted Attack, Amnesty International Web Site Found Serving Malware:
Week of 12/12/11
Report Claims U.S. Cyber Analysts Trace Most Serious Attacks To Just 12 Hacking Groups in China:
Homeland Security Warns SCADA Operators Of Internet-Facing Systems:
Backdoors in industrial control systems:
FBI Likely to Get More Cybercrime Agents:
Internet Pioneers, Security Experts Send Letter to Congress Blasting SOPA:
Week of 12/5/11
From Sony's DRM Rootkit to CarrierIQ: Why Commercial Rootkits Make Us So Mad:
Carberp and Black Hole Exploit Kit Wreaking Havoc:
Download.com accused of wrapping nmap in a "trojan installer":
Cnet Apologizes for Nmap Adware Bundling:
Week of 11/28/11
Four Hacking Suspects Tied to Terrorist Group Arrested:
SMS Trojans Spreading to the Rest of the World:
Europe to ban Facebook selling users' secrets:
Hackers publish access credentials for UN staff:
Report: Computer Hacking, Theft Of Government Secrets Alleged In News International Probe:
Water pump "hack" - Russian connection explained:
Week of 11/21/11
Hacker destroys pump in US water utility:
Hacker Says Texas Town Used Three Character Password To Secure Internet Facing SCADA System:
Was The Three Character Password Used To Hack South Houston's Water Treatment Plant A Siemens Default?:
Alleged water utility hack causes confusion:
Week of 11/14/11
Hidden Apple iOS 5 Autocorrect Keyboard Bar Found by Researcher:
Google to Allow Users to Opt Out of WiFi Location Mapping System:
Researchers Crack Siri Protocol:
Report: Android malware continues to rise:
Android 4.0 face recognition flawed:
Week of 11/7/11
EU reform sets out to close US cloud data access loophole:
Critical bug in ProFTPD closed:
Adobe closes 12 critical holes in Flash:
Apple closes iPhone keysigning hole:
Week of 10/31/11
US observation satellites hacked:
Report: French Nuclear Company Areva Hit by Virus:
Symantec Traces Attacks on Chemical Industry To 20 Year Old Chinese Hacker-For-Hire:
Chemical industry in cyber-espionage crosshairs:
In Report, U.S. Accuses China, Russia of Cyber Espionage:
Week of 10/24/11
Researchers Publish New Attack on XML Encryption:
Researchers find holes in the cloud:
Microsoft Research Proposes E-Voting Attack Mitigation:
Fortune 500 Gets "F" In Social Engineering Hacking Test:
Week of 10/17/11
Duqu-pocalypse Reveals Gulf Between Security, Critical Infrastructure Sectors:
The Mystery of Duqu:
Using Stuxnet and Duqu as Words of Mass Disruption:
Week of 10/10/11
White House order tackles insider threat post-WikiLeaks:
CCC cracks government trojan:
US government continues to target WikiLeaks volunteer:
Did the German Government Break The Law With Its Lawful Intercept Trojan?:
Government uses secret order to pry open WikiLeaks email:
Anti-virus software fails to deal with government trojan:
RSA: "We were hacked by a nation state":
SEC Says Public Companies May Need to Disclose Attacks:
Week of 10/3/11
10 Security Tips to Prevent a Cloud Migration Disaster:
Symantec Unveils DLP For Tablets, O3 Cloud Security Service
Cloud management practices - SC Magazine US:
DHS cloud computing: Homeland Security’s model private cloud strategy:
Week of 9/26/11
Microsoft Takes Down Kelihos Botnet:
Microsoft's botnet shutdown won't stop Mac malware:
Tillmann Werner on the Kelihos Botnet takedown:
Week of 9/19/11
Japan fesses up to first cyber attack on defense industry:
More vulnerabilities found in SCADA systems:
Nation-State attackers are Adobe's biggest worry:
Massachusetts inaugurates new cyber security center:
Week of 9/12/11
Ten years after, the attackers have taken the lead:
Spam report: USA no longer the world's most obnoxious nation:
Return of the BIOS trojans:
Cyber attacks are becoming lethal, warns US cyber commander:
Week of 9/5/11
Comodo hacker claims credit for DigiNotar attack:
Audit report shows many cracks in DigiNotar security:
Microsoft revokes trust in five DigiNotar root certs:
GlobalSign stops issuing certs as it investigates claims of compromise:
Browser makers update their DigiNotar disaster updates:
DigiNotar hacker says he has GlobalSign database backups, other data:
Apple mum on plans to protect users from DigiNotar SSL hack:
GlobalSign investigation continues, some CA services to return Monday:
DigiNotar certificate fraud addressed with Snow Leopard and Lion updates:
Week of 8/29/11
Attackers obtain valid cert for Google domains, Mozilla moves to revoke it:
DigiNotar says it's CA infrastructure was compromised:
Dutch government scrambling to reassure citizens about security of digital ID system:
Fake Google certificate is the result of a hack:
New versions of Chrome and Firefox disable DigiNotar root:
Dutch site claims Mozilla, Yahoo, Wordpress, Tor Project all targets in DigiNotar attack:
DigiNotar keeping Tor Project in the dark on fraudulent certificates:
Comodo, DigiNotar attacks expose crumbling foundation of CA system:
What you need to know about the DigiNotar hack:
Week of 8/22/11
Ramnit worm evolves into financial malware:
Ice IX, the first crimeware based on the leaked ZeuS sources:
Apache DoS bug resurfaces, spurring new attacks:
Botnet attacks pizza delivery service:
Week of 8/15/11
Kespersky study finds Adobe software is biggest security risk:
Video: Take a look inside Adobe's bug patching program:
Adobe says "We didn't hide vulnerabilities in latest patch:
Adobe explains Flash Player hole count differences:
Week of 8/8/11
RSA offers suggestions on security:
IT security spending does not equal database security, survey finds:
Symantec: Boot sector malware in vogue:
ISO and IEC publish standards on biometric data security:
Week of 8/1/11
IBM to unveil secure open wireless systems at Black Hat:
Black Hat: Remote DOS, backdoor, Easter egg among newly discovered Siemens holes:
Black Hat 2011: Macs in the age of the APT:
Black Hat: Google's Chrome OS could enable nasty web based attacks:
Black Hat 2011: New program to reduce the complexity of government-funded security research:
Securing mobile devices may be an impossible task:
Week of 7/25/11
White House provides information security rules for federal teleworkers:
http://bit.ly/p3fkRe
US calls for international collaboration on transnational crime and cybercrime:
US Says cybercrime a major national security threat:
US government warns of potential Stuxnet variants:
House committee passes bill to force ISPs to retain user data for 12 months:
Week of 7/18/11
Google + suspends anonymous account, group launches Anon Plus in response
Sophos video of LulzSec hack on The Sun:
FBI charges 16 in connection with cyber attacks:
Anonymous claims hack of NATO, sends warning to FBI:
AnonPlus, Anonymous's social network, is hacked:
Week of 7/11/11
AntiSec Crew attacks FBI contractor IRC Federal:
Anonymous hacks Booz Allen Hamilton
Booz Allen Hamilton speaks after hiding behind 'no comment':
Monsanto confirms Anonymous hacking attack:
McCain pushes for select committee to examine Wikileaks, Anonymous attacks:
Week of 7/4/11
Fox News Twitter account hacked:
Secret Service investigating Fox News hack:
Hackers plant phony celebrity news on Sony Music Ireland site:
http://bit.ly/n3zRKM
http://bit.ly/n3zRKM
Washington Post job site hacked:
Anonymous hacks Turkish government sites:
Panda Labs report: Media focusing on hacks, malware showing no signs of slowing:
Week of 6/27/11
Google adds security features to help reduce phishing:
Spam profits down, hackers turn to targeted attacks:
Google+ spam campaign by pill-pushers:
Week of 6/20/11
DoD launches program to aid defense contractors in defending networks:
Presidential advisory committee backs alternative network in case of internet takedown:
Hackers may face 20 years in jail if seen to threaten US national security:
EU to compel banks to admit serious data breaches:
Congressmen, witnesses question data breach bill's specifics:
Twelve nations collaborate to shut down international scareware cybercrime rings:
Week of 6/11/11
Control systems, smart meters could be vulnerable to smart grid attack:
Siemens patches SCADA holes, downplays threat:
White House stresses cybersecurity as smart grid policy priority:
Critical infrastructure vulnerable to holes in Chinese SCADA software:
Week of 6/6/11
Consumeration of IT gives information security personnel headaches:
Apps pose "primary threat" from workplace personal device use, warns ISF:
IT security - what you must know in the mobile era:
http://nakedsecurity.sophos.com/2011/06/09/it-security-what-you-need-to-know-know-in-the-mobile-era/
Week of 5/30/11
Were RSA hackers behind Lockheed Martin breach?
L3 warns employees about attacks using compromised SecureID tokens:
China-based Gmail attacks targeted US officials / activists:
Pentagon adds cyber weapons to arms list:
SecureID attack spreads to L-3 and Northrop:
Another military contractor, Northrop, hit by hackers:
RSA security breach explained - why US defense programs could be compromised:
Week of 5/23/11
Many employees clueless on mobile security policies:
Former employees can hold employers hostage by keeping encryption keys:
XSS attack on Hotmail highlights personal email risks to business:
Insider data breach costs Bank of America over $10 million, secret service says:
FTC tips for businesses on protecting personal data:
Week of 5/16/11
Obama administration lays out new US cyber security strategy:
FCC sets up web site to educate small businesses about cyber security:
Researchers cancel talk on SCADA attacks after being asked by government and Siemens:
Government recruiting cyber security job candidates:
Week of 5/2/11
Survey finds security left behind in rush to the cloud:
Overcoming cloud security challenges:
UK government using unique methods to find cyber security folks:
Healthcare industry trending toward cloud security:
New partnership brings added security to cloud-based apps:
FireHost announced PCI-compliant cloud hosting:
Week of 4/25/11
Two-thirds of PCI-compliant firms had no credit card breaches:
67% of companies fail credit card security compliance:
Visa exec upbeat on data security:
What is the role of user authentication in PCI security?
Week of 4/18/11
Verizon releases 2010 security report, finds more breaches but fewer records compromised:
Audio podcast of the Verizon report:
Video podcast on the Verizon report:
Week of 4/11/11
Survey finds companies more concerned about accidental inside data breach than outside hacks:
What's holding up the cloud?
Computer Weekly on securing the cloud:
PCI compliance and the cloud:
HIPAA presents greatest compliance challenges for information security:
Security Week blog on PCI compliance:
Discussion on PCI compliance and the cloud:
Survey finds many firms have poor understanding of information security risks:
Week of 4/3/11
Linux/Unix operating system Gnome 3 released:
Gnome 3 Developer Center online:
In-depth look at Gnome 3, including video:
Tips for using the new Gnome 3:
Week of 3/28/11
MySQL site hacked using SQL injection:
TechTarget article on the MySQL attack:
Tips on how to protect your web site and web apps from SQL injection attacks:
Tips on avoiding cross-scripting hacks similar to the MySQL attack:
