[ISN] Gaza and Crimea conflicts could have been predicted by monitoring cyber attacks

http://www.telegraph.co.uk/news/worldnews/middleeast/israel/11034421/Gaza-and-Crimea-conflicts-could-have-been-predicted-by-monitoring-cyber-attacks.html By Harriet Alexander telegraph.co.uk 14 Aug 2014 Surges in cyber attacks could be used as an early warning system to predict conflicts between countries, researchers from an internet security company have found. Before both the recent Gaza conflict and the annexation of Crimea analysts noted a spike in “malware” – malicious software – sending out messages. “We can see the digital equivalent of troops on the border,” said Kevin Thompson, a threat analyst for FireEye – the security company which carried out the research. Many countries are now using malware to both gather intelligence and actively attack targets in hostile countries. “If the US, or Korea, or Japan was about to go to war, you would see a bump in callbacks – it’s just part and parcel of today’s national security undertakings,” said Kenneth Geers, one of the researchers. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] IRS Gave Sensitive Data to Convict Sentenced to 21 Years

http://www.nextgov.com/cio-briefing/2014/08/irs-gave-sensitive-data-convict-sentenced-21-years/91478/ By Aliya Sternstein Nextgov.com August 14, 2014 The Internal Revenue Service failed to conduct background checks on many contract workers who handled sensitive taxpayer data, an internal review reveals. The findings arrive at a time when identity theft has become an everyday threat in the public and private sectors. At the IRS, contractors hired for courier, printing, document recovery, and sign language and interpreter services who accessed sensitive information had not undergone investigations, which is a policy violation. A Treasury Inspector General for Tax Administration report released today details several situations where employees had ample opportunity to steal data. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Ferguson’s tiny IT operation in the maelstrom

http://www.computerworld.com/s/article/9250388/Ferguson_s_tiny_IT_operation_in_the_maelstrom By Patrick Thibodeau Computerworld August 14, 2014 Ferguson, Mo., the city in the midst of protests over a fatal police shooting, runs the type of IT department that gets almost no attention. Ferguson doesn’t have a CIO or the type of big IT vision found in larger communities, at least judging from the documents it makes available online. It operates with two IT employees, a network administrator and an IT specialist, and uses an outside contractor for some services, according to budget documents. It’s a city of only 21,000. The fatal police shooting of 18-year-old Michael Brown on Aug. 9 has had enormous impact nationally, drawing attention from President Barack Obama on Thursday. It has also made this city a target of the hacker group Anonymous. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Australian teen uncovers security flaw in PayPal

http://www.theage.com.au/it-pro/security-it/australian-teen-uncovers-security-flaw-in-paypal-20140815-1044cx.html By Ben Grubb Deputy technology editor The Age – IT Pro August 15, 2014 An Australian teenager who found a security flaw in an Australian public transport authority’s website has found another serious vulnerability, this time in the site of global payments provider PayPal. The flaw, uncovered by 17-year-old Melbourne schoolboy Joshua Rogers, allowed hackers to bypass the payment provider’s two-factor authentication system, which adds an extra layer of optional security via a one-time code sent via SMS to the user, or a number generator card. With access to a victim’s PayPal account using the flaw, a hacker could have purchased items online or withdrawn money sitting in the account. Joshua told Fairfax Media via email that he published a blog post on August 4 with a link to a YouTube video demonstrating the issue after the payment company ignored his initial email about the flaw on June 5. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Supervalu Says Hackers May Have Stolen U.S. Customers’ Data

http://www.bloomberg.com/news/2014-08-15/supervalu-says-hackers-may-have-stolen-u-s-shoppers-card-data.html? By Robert Valpuesta Bloomberg.com Aug 15, 2014 Supervalu Inc. (SVU) said customers’ payment-card details may have been stolen as the U.S. grocery chain with more than 3,300 stores became the latest to fall victim to hackers. The data may have been stolen from cards used in Supervalu stores from June 22 to July 17 following a network intrusion, the Eden Prairie, Minnesota-based company said in a statement today. Payment companies have been notified and law-enforcement agencies are investigating, it said. Supervalu joins a lengthening list of companies whose systems have been compromised. Minneapolis-based retailer Target Corp. was victim of a breach last year that allowed hackers to gain access to payment data for 40 million customers’ cards. Hackers in Russia have amassed 1.2 billion sets of looted user names and passwords, the largest known cache of stolen personal information, U.S. company Hold Security LLC said this month. Cybercrime costs as much as $575 billion a year and remains a growth industry with attacks on banks, retailers and energy companies that will worsen, according to a June report by the Washington-based Center for Strategic and International Studies and sponsored by network security company McAfee Inc. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail