CANCUN–The skill of attackers, combined with the difficulty and cost of finding and fixing vulnerabilities in software–especially after deployment–has reached the point that it’s now more effective and efficient for vendors to concentrate on making life more difficult for those attackers looking to exploit bugs.
Browsing Category: Hacks
Verisign, the Internet security company responsible for management of the .COM domain, told federal regulators that it was the victim of several successful attacks in 2010, but that those incidents were not reported to the company’s management until September, 2011. The news was first reported by Reuters.
Threatpost’s exclusive interview with Ralph Langner continues, as our conversation shifts from the legacy of the Stuxnet worm to larger issues facing the critical infrastructure sector including mounting attacks, tensions between vendors and security researchers over responsible disclosure, and what’s needed to secure critical infrastructure and industrial control systems.
Hackers operating behind Chinese IP addresses reportedly compromised seven Canadian law firms and the Canadian Finance Ministry and Treasury Board in an attempt to disrupt the high-profile acquisition of the Potash Corporation of Saskatchewan by the Australian mining giant BHP Billiton Ltd.
A new report finds that the ‘bad guys’ are winning, and that most nations are ill-prepared for crippling cyber attacks.
Susan Panico, the head of Sony’s PlayStation Network (PSN), has left that company, according to a report from Venture Beat.
Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.
The groups of attackers that employ the Zeus toolkit for their scams and malware campaigns have long used sites in the .ru Russian TLD as homes for their botnet controllers. Security researchers and law enforcement agencies have had a difficult time making headway in getting these domains taken down, but now it seems that some changes in the way that the Russian organization in charge of the .ru domain is enforcing rules for fraudulent domains is forcing attackers to move to a long-forgotten TLD owned by the former Soviet Union.
The Web site of Sayres and Associates was offline Tuesday, just days after news broke that the firm had parted ways with Aaron Barr, Anonymous’s most famous victim. The reasons for the site’s disappearance, and for Barr’s departure are unclear.
The Pwn2Own contest at the CanSecWest conference has become one of the landmark events on the calendar each year, as researchers gather with nervous vendors in a tiny room to see who can own which browser on which platform and how quickly. But this year’s contest will have a much different look than past editions, with participants vying for more than $100,000 in cash by amassing points over the course of three days.