Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group (APWG).
Browsing Category: SMB Security
The investor services company told Threatpost that an investigation has determined that data stolen by a rogue employee didn’t contain shareholder data. However, the company still hasn’t retrieved two USB drives containing company email and documents that outline some of Computershare’s closely held business plans.
The Pentagon’s Defense Advanced Research Projects Agency (DARPA), which is credited with helping to create the modern Internet, used a conference to call on hackers and other visionaries to help save it.
Adobe has issued a security update for its Shockwave Player to address critical security issues in the popular media player.
Financial Records of Millions At Risk After Computershare Insider Copies Data To USB… Then Loses The USB
Computershare, the investor services firm, has filed suit against a former employee it charges with making off with thousands of pages of proprietary company documents, including information on shareholder names, account numbers and financial holdings.
Remote hackers springing inmates from their jail cells — it sounds like a plot lifted from an old episode of “24” or “Prison Break.” But authorities are concerned by new research that claims such an attack is feasible.
by Dan GeerEditor’s Note: As the CISO of In-Q-Tel, the CIA-backed strategic investment firm focused on developing technologies for the intelligence community, Dan Geer gets paid to help find the answers to big questions about computer security, national security, privacy and technology. Headlines proliferate about sophisticated cyber attacks, the looming specter of cyber warfare and ongoing espionage by nations like China and Russia. That means Dan’s job gets more important with each passing day. So what’s on Dan Geer’s mind these days? We asked him what questions he was mulling and, as usual, the answers we got back were both eye-opening and provocative. Here, in Monday morning ‘shot of espresso’ format (and with as little editing as possible) is our three minute speed date with Dan’s brain.
Another Dutch certificate authority, KPN, has stopped issuing digital certificates after finding attack tools on a server in its Web infrastructures. The CA said that while it doesn’t have evidence right now that it’s CA infrastructure was compromised, it is taking the actions as a precaution.
In its most blunt statement to date, the U.S. government accused both China and Russia of conducting far flung cyber espionage campaigns against U.S. and other Western firms in an effort to promote domestic interests.
In a speech on Wednesday, Federal Chief Information Officer Steven VanRoekel said that a federal plan for qualifying and providing security audits on private sector cloud providers will become mandatory for any agency that wanted to contact with third party cloud providers, according to a report on GovInfoSecurity.com. But even as the U.S. federal government forges ahead with plans to shift a quarter of its IT spending to cloud-based services, efforts to launch that program – the Federal Risk and Authorization Management Program (FedRAMP)- are falling way behind schedule, according to a GAO report.