The news last month was of the bust up of the biggest cyber crime ring in history, with 4 million victims and $14 million in losses. Now the FBI is hoping a few of those victims step forward to help with the prosecution.
In an e-mail interview with Threatpost, the hacker who compromised software used to manage water infrastructure for South Houston, Texas, said the district had HMI (human machine interface) software used to manage water and sewage infrastructure accessible to the Internet and used a password that was just three characters long to protect the system, making it easy picking for a remote attack.
When most people think of the Great Firewall of China, they think of government censors black holing the comments of political dissidents or conversations related to the long list of topics the governing Communist Party finds disruptive to political harmony. But in testimony before Congress, the head of a U.S.-based technology industry group said that the censorship is also taking an economic toll on Western Internet firms, as China steers Chinese consumers away from Western Web based services including Facebook, Google, Twitter, Yahoo and Foursquare and toward domestic competitors.
Citing a looming crisis over lax computer security, Senate Majority Leader Harry Reid said on Wednesday that the Senate will debate cybersecurity legislation. The move comes despite the lack of a coherent Senate plan and could set up a showdown with House Republicans over the government’s role in forcing industry to strengthen cyber protections, according to a report by The Hill.
The hacktivist group Anonymous, it seems, is bent on rehabilitating its image. In recent months, the anarchic hacking collective has moved from retaliatory attacks on enemies (like Aaron Barr) and outing “snitches,” to squelching out child pornography networks (Operation DarkNet, launched in October) and supporting the Occupy Wall Street protests.
Anonymous’s efforts to don the white hat AND the Guy Fawkes mask may take more than just picking different targets for its “Ops,” says Joshua Corman, the Director of Security Intelligence at Akamai Technologies. In a recent, exclusive interview with Threatpost, Corman told Threatpost editor Paul Roberts that the group’s cyber vigilantism itself is the problem and “rife with unintended consequences.”
Here’s a transcript of their talk, which took place October 26th.
F-Secure researchers claim that malware spreading via malicious PDF files is signed with a valid certificate stolen from the Government of Malaysia, in just the latest evidence that scammers are using gaps in the security of digital certificates to help spread malicious code.
The deal will settle an FTC case alleging privacy violations on the social network by forcing users to opt in to any changes to default privacy settings, according to a report in the Wall Street Journal.
After months as a consumer-only beta, Google finally opened up its Google+ social network to companies this week, launching Google Brand pages. While response to the new brand pages was tepid (Robert Scoble penned a rather scathing review), it didn’t take long for folks poking around the new feature to identify a serious shortcoming: Google brand pages allow pretty much anyone to stake out a page for any brand, regardless of their affiliation with it.
The “up side” of social networks like Facebook, Twitter and G+ are well known. But the down side of these networks for both users and for organizations that employ them are only now becoming clear. Worms, malware and spam are just the beginning of the security problems engendered by the social net. In this exclusive interview, conducted via e-mail, Threatpost editor Paul Roberts asked Joe Gottlieb, the CEO of security event management firm Sensage, about the many, subtle ways that social networks are eroding organizations’ online defenses.
An indictment filed in U.S. District Court for the Southern District of New York charges seven individuals with a a global scheme to commit Internet advertising fraud. The scheme infected more than four million machines in over 100 countries with malware. It is believed to have netted the scammers more than $14 million in commissions from online advertisers.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
