Top 10 Stories

  ZDNet: A recent spam campaign exhibits more than the usual amount of cleverness, as described by Jim Clausing at the SANS Institute. Clausing investigated a suspicious email of a type that was spreading several weeks ago. It contained a link which, when followed on most platforms, went to a typical spam site. When followed on Android, it distributed Android malware.  

    Computer Weekly: The US Internet securty organisation CERT has published a warning of increasing DRDoS (Distributed Reflection and amplification DDoS) attacks using Internet Service Providers' NTP (Network Time Protocol) servers (http://www.kb.cert.org/vuls/id/348126). According to their analysis NTP is the second most widely used vehicle for DDoS attacks (after DNS). In plain language that means, if I want to take a victim web site down, I can send a spoofed message to a vulnerable ISP...

  Arstechnica: Researchers have uncovered a recent denial-of-service attack that employed an unusual, if not unprecedented, technique to surreptitiously cause thousands of everyday Internet users to bombard the target with a massive amount of junk traffic. The attack worked by exploiting a Web application vulnerability on one of the biggest and most popular video sites on the Web, according to a blog post published recently by researchers at security firm Incapsula, which declined to identify the site...

IB Times: It has now been 1,031 days since FBI special agent Christopher Tarbell knocked on the brown door of apartment 6F, a sixth floor apartment in the 90 Avenue D apartment block, part of the Jacob Riis projects in New York City and arrested the man who had been leading a group of hackers known as LulzSec. Hector Xavier Monsegur - better known by his online persona Sabu - answered the down in jeans and a...

Sydney Morning Herald: The European Parliament has voted to end mobile roaming fees by 2016 and bar providers from prioritising some internet traffic over others, moves that will cheer Europe's consumers and frustrate industry seeking new forms of revenue. In a session in Brussels, legislators backed telecom reform legislation that will phase out roaming fees across the 28-country European Union by December 2015, bolster consumer protections on mobile and broadband contracts and seek to make...

  BBC: The first System 360 mainframe was unveiled on 7 April 1964 and its arrival marked a break with all general purpose computers that came before. The machines made it possible to upgrade the processors but still keep using the same code and peripherals from earlier models.  

SC Magazine: A persistent cross-site scripting (XSS) vulnerability in a popular site that hosts video content enabled an attacker to carry out a distributed denial-of-service (DDoS) attack against a different site, according to California-based website security company Incapsula, which helped mitigate the Thursday attack. The video content website is one of the largest and most popular and sits in the Alexa top 50, according to a Thursday post by Ronen Atias, a security researcher with Incapsula, who...

Infosecurity: There is a growing global criminal-infrastructure-as-a-service economy being perpetrated through exploit kits and compromised website redirection chains – with billions of attacks adding to cybercriminals' sophistication and ability to evade detection. According to the latest Websense Security Labs 2014 Threat Report, the infrastructure of an attack campaign is now typically constantly developed, enhanced and reused throughout the entire threat lifecycle.  

  Gov Info Security: In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it? Today, when cyberthreats are pervasive, should securing critical information assets be put above the operation and managing of information technology?    

Revolution News: Members of Anonymous made a recent posting on Pastebin with the tags #OpPigRoast and #OpAlbuquerque in response to the recent actions of the Albuquerque police department,  Snowden revelations, and crackdown on the Occupy protest movement.  What is described as a 0-Day exploit for D0xing entire police departments, is a simple legal means for the public to identify Police officers, with the intention to develop a nationwide database for the tracking of misconduct.