Threatpost - Traps are constantly set on the Internet to snare hackers in order to research their behavior and tactics. Many of these traps are honeypots or honeynets that take the form of deliberately unpatched computers or infrastructure exposed to the Internet that lure attackers to break in while their actions are recorded. In very few instances are decoys built into security processes. However, two experts are in the research phase of building a tool that...
Read moreInfosecurity - (ISC)², the nonprofit membership body for certified information and software security professionals, has selected its 2014 Board of Directors members, headed up by Wim Remes as chair. Remes is a managing consultant at IOActive. The 13 board members, volunteers who are industry leaders from around the globe representing business, government and academia, are elected through a voting process each year among the organization’s membership. The board provides governance and oversight for the organization, grants...
Read moreCSO Online - The Russian man who created the SpyEye Trojan used to attack countless millions of online bank accounts has pleaded guilty to conspiracy charges in an Atlanta court room. Arrested last summer after he was sent to the city by authorities in the Dominican Republic (where he was having a holiday), Aleksandr Andreevich Panin, was eventually trapped by an FBI sting in which he was fooled into selling the malware to an undercover agent posing...
Read moreUPI - A Russian military commander said Thursday a cyberdefense unit was planned for 2017 to better protect the defense sector from cyberattacks. Russian Maj. Gen. Yuri Kuznetsov was quoted by the state-backed news agency RIA Novosti as saying a cyberdefense unit will be ready "to defend the Russian armed forces' critical infrastructure from computer attacks" by 2017.
Read moreHacker News - Over the past several months, it has become clear that the Internet and our Privacy have been fundamentally compromised. A Private search engine DuckDuckGo claims that when you click on one of their search results, they do not send personally identifiable information along with your request to the third party. Like Google dorks (advance search patterns), there are thousands of similar, but technically more useful search hacks are also available in DuckDuckGo called DuckDuckGoodies. Today I am...
Read moreHacker News - A really bad year for the world's second-largest email service provider, Yahoo Mail! The companyannounced today, 'we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts', user names and passwords of its email customers have been stolen and are used to access multiple accounts. Yahoo did not say how many accounts have been affected, and neither they are sure about the source of the leaked users' credentials. It appears to have come...
Read moreComputer World - A team of researchers has developed an Android app to help people better understand when their location is being accessed, something that happens more often than people think. "All apps that access location need to request permission from the Android platform," Janne Lindqvist , who led the research project, said via email. "The problem is that people don't pay attention to these default disclosures."
Read moreCBC News - A top secret document retrieved by U.S. whistleblower Edward Snowdenand obtained by CBC News shows that Canada's electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal. After reviewing the document, one of Canada's foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada ( CSEC) was almost certainly...
Read moreThe Hacker News - Malware code can be very small, and the impact can be very severe! The Antivirus firm AVAST spotted a malicious version of the open source FTP (File Transfer Protocol) software 'FileZilla' out in the wild.
Read moreStar Tribune - Target Corp. said Wednesday that the huge data breach it suffered late last year happened after an intruder stole a vendor’s credentials and used them to gain access to the company’s computer system.
Read more