Former DHS Cybersecurity Chief Reitinger Named Sony CISO
Former Department of Homeland Security cyber-security chief Philip Reitinger has been named as the new executive vice president and Chief Information Security Officer of Sony Corporation.
Government
Researcher Will Demo Crippling Siemens Attack Using Metasploit
For years, there’s been an argument that the sophistication of industrial control systems is enough to keep script kiddies – or low-skilled hackers – away. Well, so much for that.
Ten Reasons The Diginotar Breach Will Be Bigger Than Stuxnet
by Roel SchouwenbergEditor’s note: This story was reposted from Securelist.com.In an almost unprecedented event the Dutch minister of internal affairs gave a press conference at 1:15 AM Friday to Saturday night. He announced the Dutch government was revoking trust in Diginotar.
A co-founder of The Tor Project says his organization is being kept in the dark about the status of a dozen fraudulent SSL certificates issued in its name by a compromised root server operated by Diginotar. The bogus certificates could be used to carry out man in the middle attacks, or trick unsuspecting Internet users into downloading a compromised version of the Tor anonymity software.
There are more signs that a July compromise of DigiNotar, a certificate authority based in the Netherlands, may have been driven by political motives. A Dutch Web site, nu.nl, reported on Wednesday that digital certificates belonging to Mozilla, Yahoo.com, Wordpress and The Tor Project were among dozens reported stolen from DigiNotar.
A Massachusetts man plead guilty on charges of foreign economic espionage on Tuesday after selling trade secrets from his former employer to an undercover FBI agent posing as an Israeli intelligence officer.
Call it “RSA on the Rhine.” Government officials in The Netherlands were left scrambling Tuesday to reassure nervous citizens that the country’s digital ID system, dubbed DigID, was safe after it was revealed that DigiNotar, the certificate authority that backs the DigID system, had been compromised by hackers and used to issue fraudulent certificates.
VASCO, the parent company of DigiNotar, says that the fraudulent certificate for Google’s domains that the certificate authority issued was just one of many such bogus certificates it handed out in recent months, and blamed the growing scandal on an attack on its CA infrastructure.
It’s no secret that China is a major source of attacks on governments and political groups (and individuals). However, it’s been harder to prove that the Chinese government and military is directly involved in such attacks. At least until now.
Join Paul Roberts, Threatpost editor, and our panel of experts as they discuss security regulations, concerns and challenges within the Education market. Along with Paul, Steve Mazzola of Belmont Public Schools, David Escalante of Boston College and Josh Corman of the 451 Group provide hands-on insight into this market.
