Command and Control Used in Sanny APT Attacks Shut Down
Two message boards used by the Sanny malware as a command-and-control channel have been shut down by the Korea Information Security Agency in conjunction with security company FireEye.
Apple Adds Two-Factor Authentication to iTunes Accounts
Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification codes sent via SMS.
Experts Tell Congress Serious Deterrence Needed to Impede Foreign Cyber Attacks
The House Foreign Affairs Subcommittee on Europe, Eurasia, and Emerging Threats typically is more concerned with economics and political issues than cyber attacks, but the members spent this morning in a hearing trying to come up with an answer to a fairly straightforward, but thorny question: What consequences are serious and meaningful enough that they will deter U.S. enemies from infiltrating the country’s networks?
The Department of Homeland Security and the ICS-CERT issued an advisory yesterday warning of serious vulnerabilities in Siemens industrial control software deployed in a number of industries including water, gas and oil, and chemical.
Disruptions to businesses in South Korea continue today after hackers used wiper malware to take a number of banks and television networks offline yesterday. A number of financial systems at a half-dozen banks and production systems inside South Korea’s major television networks remain down, kicking off speculation as to who is behind the attacks and how they got in.
Microsoft received more than 11,000 requests for user information or content data from law enforcement agencies in the United States last year and supplied some user content in more than 1,500 of those cases. Overall, the company received more than 70,000 requests from law enforcement agencies worldwide and gave up some user content in 2.2 percent of those cases.
Dennis Fisher talks with Wade Williamson of Palo Alto Networks about the use of compromised FTP accounts in targeted attacks and malware campaigns, and how attackers are adapting their techniques.
The Chameleon botnet continues to steal millions of dollars from online advertisers through fraudulent clicks made by malware.
Google’s announcement that its Google Public DNS resolution service now supports DNSSEC is being applauded, but experts caution that despite Google’s high profile, this only puts a slight dent in a larger issue.
The other Korea’s specter loomed large among speculators and fingers pointers Wednesday morning when reports surfaced that the networks of several prominent South Korean banks and broadcasters dropped offline.
