Is Russia Poised to Retaliate Against Sanctions With Cyber Attacks?

Way last April, a time when the world seemed a more peaceful place, Leon Panetta and Richard Clarke were quoted warning of impending Russian cyber attacks in the wake of an escalating response from the West to Russia’s intransigence in the Ukraine. While there have certainly been a spate of defacements that are two sided…

Details

NSF Cybersecurity Ideas Lab: Some Ideas Worth Considering

This past February I participated in an amazing three day innovation and ideation lab pulled together by Farnam Jahanian, Assistant Director, Directorate for Computer and Information Science and Engineering, National Science Foundation (NSF), with a lot of help from an organizing committee drawn from some of the most intelligent technology people around. The task at…

Details

General (Ret.) Keith Alexander Pivoting to the Enterprise

According to a report in Foreign Policy, former NSA head Keith Alexander has ideas. Ideas he wants to patent and turn into a business.  Admittedly, Alexander has had exposure to countering network borne attacks. In particular, he was in charge of the team at NSA that detected the presence of the Agent.btz worm on the…

Details

The House Committee on Homeland Security Passes Three Cybersecurity Bills

The House Committee on Homeland Security passed three cybersecurity bills with broad bipartisan support on Monday. The Critical Infrastructure Research and Development Advancement Act of 2013 amends the Homeland Security Act of 2002. The bill directs the Department of Homeland Security to develop a strategy for developing technology to be used in protecting critical infrastructure…

Details

Announcing the Marriage of the IT Security Office and the Network Management Group

Ok, maybe it’s not a marriage but more along the lines of living together. In a previous article, I spoke about moving to a Continuous Monitoring security model, which focuses on monitoring outbound traffic. As we move to completing our monitoring infrastructure, I’ve been pleased with the results so far and excited by the challenges discovered…

Details

Six Indictments in $1.6M StubHub Cybertheft Case

Six people were indicted on Wednesday as part of an international ring of cyber-criminals that hijacked over 1,000 StubHub accounts and defrauded the ticketing service of approximately $1.6 million, the Manhattan district attorney said. The six suspects are accused of being part of a cybercrime ring that hijacked StubHub accounts and purchased tickets with stolen credit…

Details

Cybercriminals Successfully Bypass Two-factor Authentication at some European Banks

Cybercriminals are successfully bypassing two-factor authentication systems at some European banks and transferring funds out of victim accounts, Trend Micro said. The sophisticated attack campaign uses malicious email attachments, phishing sites, rogue DNS servers, fake SSL certificates, and malicious Android apps to steal session tokens used by banks as part of the two-factor authentication scheme,…

Details

The Security and Visibility of Critical National Infrastructure: ViaSat’s Mega-SIEM

There has been plenty of talk about the threat of cyber-attacks on critical national infrastructure (CNI). So what’s the risk, what’s involved in protecting CNI and why, to date, do attacks seem to have been limited? CNI is the utility infrastructure that we all rely on day-to-day; national networks such as electricity grids, water supply…

Details

Treasury Secretary Says Financial Firms Need to Do More to Fight Cybersecurity Threats

Financial firms need to do more to fight cybersecurity threats, Treasury Secretary Jacob Lew told attendees at a financial conference on Tuesday. Lew spoke at the 2014 Delivering Alpha conference produced by CNBC and Institutional Investor. The Department of Treasury released excerpts of his speech today. There have been more than 250 distributed denial of…

Details

TrapX Researchers Discover Attack Embedded in Logistics Devices

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Hand held bar code scanners and RFID chips have changed logistics dramatically in recent years. From manufacturing to every stage…

Details