Hackers Deface 49 U.S. House Websites
28 January 2010
SC MAGAZINE (NEW YORK, NY) - Hackers defaced 49 websites belonging to U.S. House of Representatives' members and committees soon after President Obama delivered his State of the Union address on Wednesday night. Virginia-based GovTrends, a web solutions provider, managed the affected sites. According to Jeff Ventura, spokesman for the Office of the Chief Administrative Officer in the U.S. House, each member can opt to have their site hosted and managed internally or by a third-party vendor. The Red Eye Crew, a group of hackers from Brazil, claimed responsibility for the defacements. The group previously defaced hundreds of Brazilian government sites and the website of Old Dominion University in Norfolk, Va. Source: http://www.scmagazineus.com/hackers-deface-49-us-house-websites/article/162576/ (Reliability: 47.94 - High)
Friday, January 29, 2010
Non-Government Targets
CSO's Detail Cyber-Security Worries In Survey
27 January 2010
FEDERAL NEWS RADIO (WASHINGTON, DC)--A new survey shows that cyber crime is increasingly becoming an issue for chief security officers. CSO Magazine teamed up with Deloitte to find out who is worried about what. Rich Baich is a principal with Deloitte, and said one of the biggest discoveries is that the phrase 'cyber criminal' is often misunderstood. Deloitte not only recommends the 'fortress' approach to cyber defense, but also recommends looking outward and trying to find the threats yourself. Source: http://www.federalnewsradio.com/index.php?nid=19&sid=1873647
(Reliability: 41.62 --Moderate)
27 January 2010
FEDERAL NEWS RADIO (WASHINGTON, DC)--A new survey shows that cyber crime is increasingly becoming an issue for chief security officers. CSO Magazine teamed up with Deloitte to find out who is worried about what. Rich Baich is a principal with Deloitte, and said one of the biggest discoveries is that the phrase 'cyber criminal' is often misunderstood. Deloitte not only recommends the 'fortress' approach to cyber defense, but also recommends looking outward and trying to find the threats yourself. Source: http://www.federalnewsradio.com/index.php?nid=19&sid=1873647
(Reliability: 41.62 --Moderate)
White Hat Defensive Methods
Cyber Security Center Offers New Data Mining Tools
26 January 2010
UTD NEWS CENTER (DALLAS, TX)--The University of Texas at Dallas is conducting data-mining research at the Cyber Security Research Center in order to provide researchers and developers with a number of useful data sets and tools. The Data Mining Tool Repository initially provides three tools: malware code detection, novel class detection for stream data, and stream data classification with limited labeled data. More tools will be added as they become available, including a privacy-preserving data-mining toolkit and a security tool for cloud computing. The Cyber Security team has won more than USD 10 million in research funds since its creation, including grants from the National Science Foundation, the Intelligence Advanced Research Projects Activity, and the National Geospatial Intelligence Agency. Source: http://www.utdallas.edu/news/2010/01/26-003.php (Reliability: 44.26 --Moderate)
26 January 2010
UTD NEWS CENTER (DALLAS, TX)--The University of Texas at Dallas is conducting data-mining research at the Cyber Security Research Center in order to provide researchers and developers with a number of useful data sets and tools. The Data Mining Tool Repository initially provides three tools: malware code detection, novel class detection for stream data, and stream data classification with limited labeled data. More tools will be added as they become available, including a privacy-preserving data-mining toolkit and a security tool for cloud computing. The Cyber Security team has won more than USD 10 million in research funds since its creation, including grants from the National Science Foundation, the Intelligence Advanced Research Projects Activity, and the National Geospatial Intelligence Agency. Source: http://www.utdallas.edu/news/2010/01/26-003.php (Reliability: 44.26 --Moderate)
Cyber Security Organizations
APCERT Completes Annual Cybersecurity Drill
28 January 2010
http://www.bernama.com.my/bernama/v5/news_lite.php?id=472015 (Reliability: 39.52 -- Moderate)
28 January 2010
BERNAMA (KUALA LUMPUR) — Members of the Asia Pacific Computer Emergency Response Team (APCERT) Thursday completed their annual cybercrime fighting drill, further refining their anti-cybercrime tactics. Cybersecurity Malaysia played the role of exercise coordinator for the third year. The theme for this year's drill was "Fighting Cyber Crimes with Financial Incentives" and 16 teams from 14 countries attended the drill, responding to simulated incidents and sharing information to detect, analyze malware and take actions to shut down or block systems hosting phishing sites or involved in distributed denial of service attacks across the region.
Source:http://www.bernama.com.my/bernama/v5/news_lite.php?id=472015 (Reliability: 39.52 -- Moderate)
Thursday, January 28, 2010
Cyber Laws & Regulations
House Websites Hacked, Leading To Call For Review
29 January 2010
WP(WASHINGTON) —Hackers attack 49 websites that belong to House members and committees. The attacks took place after shortly after the President Obama’s State of the Union address. House Speaker Nancy Pelosi and Minority Leader John A. Boehner are calling for a review of policies. GovTrends, an Alexandria based company is responsible for managing the websites. The Chief Administrative Officer (CAO) maintains the majority of House websites. However, private vendors are responsible for 40 percent of the websites. Both Pelosi and Boehner state this is not their first request for a review of website security. Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/01/28/AR2010012803562.html(Reliability: 47.94 – High)
29 January 2010
WP(WASHINGTON) —Hackers attack 49 websites that belong to House members and committees. The attacks took place after shortly after the President Obama’s State of the Union address. House Speaker Nancy Pelosi and Minority Leader John A. Boehner are calling for a review of policies. GovTrends, an Alexandria based company is responsible for managing the websites. The Chief Administrative Officer (CAO) maintains the majority of House websites. However, private vendors are responsible for 40 percent of the websites. Both Pelosi and Boehner state this is not their first request for a review of website security. Source: http://www.washingtonpost.com/wp-dyn/content/article/2010/01/28/AR2010012803562.html(Reliability: 47.94 – High)
Friday, January 22, 2010
Government Targets
80% Of Government Websites Miss DNS Security Deadline
21 January 2010
COMPUTER WORLD (FRAMINGHAM, MA) - Most U.S. federal agencies, including the Department of Homeland Security, failed meet a 31 December 2009 deadline to deploy new authentication mechanisms on their Web sites that would prevent hackers from hijacking Web traffic and redirecting it to bogus sites. In August 2008, the Office of Management and Budget required federal agencies to roll out an extra layer of security on their .gov Web sites known as DNS Security Extensions (DNSSEC). DNSSEC is an Internet Standard that allows websites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption to prevent spoofing attacks. Source: http://www.computerworld.com/s/article/9147018/80_of_gov_t_Web_sites_miss_DNS_security_deadline?taxonomyId=13&pageNumber=2 (Reliability: 47.94 -- High)
21 January 2010
COMPUTER WORLD (FRAMINGHAM, MA) - Most U.S. federal agencies, including the Department of Homeland Security, failed meet a 31 December 2009 deadline to deploy new authentication mechanisms on their Web sites that would prevent hackers from hijacking Web traffic and redirecting it to bogus sites. In August 2008, the Office of Management and Budget required federal agencies to roll out an extra layer of security on their .gov Web sites known as DNS Security Extensions (DNSSEC). DNSSEC is an Internet Standard that allows websites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption to prevent spoofing attacks. Source: http://www.computerworld.com/s/article/9147018/80_of_gov_t_Web_sites_miss_DNS_security_deadline?taxonomyId=13&pageNumber=2 (Reliability: 47.94 -- High)
Non-Government Targets
CMU CyLab Teams Up With Northrop Grumman
21 January 2010
(The Tribune Review) Pittsburgh - Carnegie Mellon University joined a cyber-security consortium founded by Northrop Grumman. Carnegie Mellon's CyLab will join comparable research facilities at Purdue University and Massachusetts Institute of Technology to tackle cyber-security problems. CyLab is a University wide research program dedicated to cyber-security, privacy, and dependability. The program includes more than 50 faculty and 130 graduate students. Marynoele Benson, a Northrop Grumman spokesperson said, the consortium will tackle national infrastructure system security mobile-device forensics and secure systems design. Source: http://www.pittsburghlive.com/x/pittsburghtrib/news/pittsburgh/s_663293.html (Reliability: 55.15 - High)
21 January 2010
(The Tribune Review) Pittsburgh - Carnegie Mellon University joined a cyber-security consortium founded by Northrop Grumman. Carnegie Mellon's CyLab will join comparable research facilities at Purdue University and Massachusetts Institute of Technology to tackle cyber-security problems. CyLab is a University wide research program dedicated to cyber-security, privacy, and dependability. The program includes more than 50 faculty and 130 graduate students. Marynoele Benson, a Northrop Grumman spokesperson said, the consortium will tackle national infrastructure system security mobile-device forensics and secure systems design. Source: http://www.pittsburghlive.com/x/pittsburghtrib/news/pittsburgh/s_663293.html (Reliability: 55.15 - High)
White Hat Defensive Methods
Lockheed Martin Introduces IronClad™- Secure Computing On A USB Flash Drive18 January 2010
PRNEWSWIRE (HERNDON, VA)--Lockheed Martin's new IronClad™ USB drive shrinks a laptop's hard drive -- including the entire operating system, software applications, and files -- onto a secure flash drive. The IronClad technology runs the operating system directly off of the flash drive, meaning the user's files never touch the hard drive of the borrowed computer, and the device leaves no trace that it was ever there. Each IronClad device is fully encrypted and delivers hardware-level protection against today's most insidious malware threats, including nearly undetectable rootkits. In addition, each IronClad™ USB drive has a smart network built around it, so IT managers have round-the-clock control of and visibility into the status and security of every device. Source: http://www.prnewswire.com/news-releases/lockheed-martin-introduces-ironcladtm---secure-computing-on-a-usb-flash-drive-81977922.html (Reliability: 40.48 -- Moderate)
Image Source: http://legitreviews.com/images/news/2010/IronClad.jpg
Cyber Security Organizations
NetApp Joins Lockheed Martin Cyber Security Technology Alliance
20 January 2010
20 January 2010
CNN MONEY (SUNNYVALE) — NetApp has joined Lockheed Martin's Cyber Security Technology Alliance and will provide the storage management solution for the new NexGen Cyber Innovation and Technology Center. NetApp has made significant investments in its operating system and data security and has achieved the United States government authorized Common Criteria Certification (CCC). NetApp will be joining other technology leaders such as Cisco, Microsoft, and VMware in this alliance. Source:
http://money.cnn.com/news/newsfeeds/articles/marketwire/0578667.htm (Reliability: 47.94 -- High)
Comment: The objective of the Lockheed Martin Cyber Security Technology Alliance 
is to collaborate on solutions that can help provide early threat detection, protection, and multilayer autonomic self-healing capabilities to meet customers' future security challenges. The alliance combines the strengths of its various member companies' solutions and integrates their best practices, hardware, software, and tools within a new research, development, and collaboration center called the NexGen Cyber Innovation and Technology Center. The center is fully equipped for live cyber-technology exercises and demonstrations to help customers integrate solutions and test them in conditions that are representative of their actual environment.
Image Source: http://www.lockheedmartin.com/data/assets/isgs/NexGenEntrance.jpg
is to collaborate on solutions that can help provide early threat detection, protection, and multilayer autonomic self-healing capabilities to meet customers' future security challenges. The alliance combines the strengths of its various member companies' solutions and integrates their best practices, hardware, software, and tools within a new research, development, and collaboration center called the NexGen Cyber Innovation and Technology Center. The center is fully equipped for live cyber-technology exercises and demonstrations to help customers integrate solutions and test them in conditions that are representative of their actual environment.
Image Source: http://www.lockheedmartin.com/data/assets/isgs/NexGenEntrance.jpg
Cyber Laws & Regulations
Clinton Urges Global Response To Internet Attacks
21 January 2010
NYT (WASHINGTON) —United States (US) Secretary of State Hillary Rodham Clinton states that the US will defend itself from cyber attacks. Clinton’s speech calls for the international condemnation of countries and people involved in cyber attacks. The US is postponing the use of a démarche pending China’s actions after the allege attack against Google. Clinton’s speech is also critical of China’s internet censorship and calls on private sector firms to challenge it. Clinton also sites Saudi Arabia, Egypt, Tunisia, Vietnam, and Uzbekistan for their censorship. Source: http://www.nytimes.com/2010/01/22/world/asia/22diplo.html?scp=2&sq=Cyber%20Law&st=cse (Reliability: 48.36 – High)
Subscribe to:
Posts (Atom)