Government

The fallout from last month's S4 Conference continues in February, with a planned Valentine's Day release of tools that make it easy to test and exploit vulnerable programmable logic controllers and other industrial control systems. Among the releases will be a tool for cracking passwords on the common ECOM programmable logic controllers by Koyo Electronics, a Japanese firm, according to a blog post by Reid Wightman for Digital Bond.  Read more »

A report finds that around half of the Fortune 500 corporations and government agencies infected with the DNS Changer malware are still infected, two months after authorities moved to shut down the massive botnet.  Read more »

CANCUN, MEXICO - A prominent privacy activist says that leading software vendors, and the U.S. government are failing the public when it comes to Internet privacy, and that big changes are needed to prevent consumers from criminals, advertisers and government spies. Read more »

CANCUN, MEXICO -- A panel of top law enforcement officers in charge of cyber criminal investigations reveals that the guys with the white hats face an uphill climb if they want to take down cyber criminal kingpins, with outdated laws and processes on the one hand, and an increasingly skeptical and privacy-conscious public on the other. Read more »

CANCUN--The skill of attackers, combined with the difficulty and cost of finding and fixing vulnerabilities in software--especially after deployment--has reached the point that it's now more effective and efficient for vendors to concentrate on making life more difficult for those attackers looking to exploit bugs.  Read more »

Verisign, the Internet security company responsible for management of the .COM domain, told federal regulators that it was the victim of several successful attacks in 2010, but that those incidents were not reported to the company's management until September, 2011. The news was first reported by Reuters. Read more »

Threatpost's exclusive interview with Ralph Langner continues, as our conversation shifts from  the legacy of the Stuxnet worm to larger issues facing the critical infrastructure sector including mounting attacks, tensions between vendors and security researchers over responsible disclosure, and what's needed to secure critical infrastructure and industrial control systems.   Read more »

A new report finds that the 'bad guys' are winning, and that most nations are ill-prepared for crippling cyber attacks. Read more »

Ralph Langner is the closest thing to a rock star that you get in the Dockers and pocket-protector world of industrial control systems. The German researcher made headlines in 2010 as among the first security experts to analyze parts of the Stuxnet worm's code devoted to manipulating programmable logic controllers by Siemens, and the first to explicitly link the Stuxnet malware with an effort to disable Iran's uranium enrichment operation.

 Read more »

Facebook and the state of Washington are suing an ad network they accuse of encouraging people to spread spam through clickjacking schemes and other tactics. Read more »