Breaches

Default-avatar

New Malware Targets POS Systems and ATMs, Hits Major US Banks

March 27, 2013 Added by:Infosec Island

A new malware targeting point-of-sale (POS) systems and ATMs has stolen payment card information from several US banks, researchers say. The author behind the malware appears to have links to a Russian cyber-crime gang.

Comments  (0)

1de705dde1cf97450678321cd77853d9

Hardening Is Hard If You're Doing It Right

March 20, 2013 Added by:Ian Tibble

The early days of deciding what to do with the risk will be slow and difficult and there might even be some feisty exchanges, but eventually, addressing the risk becomes a mature, documented process that almost melts into the background hum of the machinery of a business.

Comments  (1)

Da3ca2c61c4790bcbd81ebf28318d10a

Из России с любовью - "From Russia With Love"

March 15, 2013 Added by:Krypt3ia

A site popped up with the domain name exposed.su and within the pages (other than malware lurking for an IE exploit) sits all kinds of personal financial data for famous people. Among the people hit on this site were the likes of Hillary Clinton, Al Gore, FBI Director Mueller and others.

Comments  (1)

Da3ca2c61c4790bcbd81ebf28318d10a

So APT Is China *snicker* Now What?

February 28, 2013 Added by:Krypt3ia

As RSA comes to a close and the corridors of the hall stop ringing with the acronym APT, I find myself once again looking at the problem as opposed to the hype.

Comments  (0)

306708aaf995cf6a77d3083885b60907

China's PLA Behind Massive Cyber Espionage Operation

February 19, 2013 Added by:Mike Lennon

In a fascinating, unprecedented, and statistics-packed report, security firm Mandiant made direct allegations and exposed a multi-year, massive cyber espionage campaign that they say with confidence is the work of China.

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

All Up in Your Bitness.

February 18, 2013 Added by:Wendy Nather

Security is an unrelenting business, one that you can never prove is done adequately. You'll never be finished, and you can never know if you can even take a break. And it's never fully appreciated by the people who make a living based on that reality: the vulnerability finders and the "solution" providers.

Comments  (0)

A58bf865b185e0e3f665473bf8f3ca6d

Opinion: Recent ISACA Study Adds Fuel to the APT Fire

February 18, 2013 Added by:Steve Ragan

Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

What ‘Identity Thief’ The Movie Gets Wrong

February 13, 2013 Added by:Kelly Colgan

The movie “Identity Thief” opened nationwide last weekend, and while we love a good laugh, this flick comes at a cost: the truth. Here are five major plot points that do a disservice to an often-misunderstood crime...

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Security Analytics: Hype or Huge?

February 01, 2013 Added by:Simon Moffatt

This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

The Rise of Exploit Kits According to Solutionary SERT

January 28, 2013 Added by:Pierluigi Paganini

The report revealed the surprising efficiency of well-known vulnerabilities usually included in the popular exploits sold in the underground, around 60% are more than two years old, and 70% of the exploit kits analyzed (26) were released or created in Russia...

Comments  (0)

296634767383f056e82787fcb3b94864

RBN Connection to Kaspersky's Red October Espionage Network

January 15, 2013 Added by:Jeffrey Carr

Kaspersky made an astonishing announcement today with its discovery of a sophisticated cyber espionage network (most likely Russian) that has been operating since May 2007 and continues to this day. It has successfully infiltrated embassies, research organizations, military and government agencies, energy facilities (including nuclear power plants) predominantly in the Commonwealth of Independent ...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Common Sense Cybersecurity

January 13, 2013 Added by:Larry Karisny

We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

Briefly on "The Network Use of Force Continuum"

January 08, 2013 Added by:Ali-Reza Anghaie

I have long said that history and legal precedent will eventually defend "hack back" techniques for those with well established procedures and some degree of market clout (e.g. DIB, Fortune 100s). I've even said, when discussing the Patriot Hacker "The Jester", that self-defense and stand-your-ground will almost certainly come into play and be successfully used in some legal context.

Comments  (0)

E745f78c8d9499cf7e9aea2084be2e0a

2013 - Year of the D(efense)

December 26, 2012 Added by:Matthew McWhirt

Many of the security incidents encompassing 2012 could have been mitigated, and some even fully prevented, if fundamental information security best practices had been reviewed and assessed, and controls encompassing incident response phases had been fully vetted...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Closing the Vault Door

December 18, 2012 Added by:Suzanne Widup

For those of you who have appreciated The Leaking Vault series of data breach reports, I have some sad news. As I was days away from releasing the third installment, I received an email from Brian Martin with the Open Security Foundation stating that I do not have permission to use their data without a license...

Comments  (4)

03b2ceb73723f8b53cd533e4fba898ee

ProjectWhiteFox 1.6M accounts exposed,Team Ghostshell vs UN Y.2770 standard

December 12, 2012 Added by:Pierluigi Paganini

The hackers during the operation named ProjectWhiteFox have targeted a wide range of companies operating in different sectors such as aerospace, nanotechnology, banking, law, military, education and government, following a list of the targets hacked...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »