More than 3000 US Companies Notified of Breaches in 2013 – Report

Federal law enforcement notified more than 3,000 U.S. companies in 2013 that their computer systems and networks had been breached, according to a Washington Post report. Lisa Monaco, deputy national security adviser for homeland security and counterterrorism, first disclosed how many times the government had tipped off the private sector to cyber-attacks at a White…

Details

Dormant VM Images: A Sealed Box of Evil?

Imagine for a moment a villain (or villains) trapped powerless for years. After being reanimated by an unsuspecting populace, the newly-released evil goes forth to wreak havoc until it’s only once again conquered through tremendous effort and sacrifice. Sound familiar?  It should.  What’s described above is a routinely-occurring fictional trope (often referred to as “Sealed Evil…

Details

How Symantec Can Pull Out of a Tail Spin

It should come as no surprise to anyone that Symantec’s recently fired CEO Steve Bennett’s strategy of cut costs and improve operations has failed miserably. As I wrote when Symantec’s board replaced then CEO Enrique Salem with Bennett, in the IT security industry innovation far outweighs the usual business practices of accounting, inventory control, and workforce “optimization.” …

Details

Former Microsoft Employee Arrested for Leaking Code

A former Microsoft employee has been arrested for allegedly stealing trade secrets related to Windows 8, according to the Seattle Post-Intelligencer. Alex Kibkalo, a former senior architect at Microsoft, is accused of stealing Windows-related trade secrets while working for the company, according to a complaint filed on March 17 in the U.S. District Court for…

Details

Rumors Swirl that Twitter Shelved Encryption Project

Considering that many vendors and online services are rushing to encrypt their user communications and other network traffic in the wake of the Edward Snowden revelations, it’s surprising that Twitter may have shelved its own encryption project. Anonymous sources told The Verge that Twitter has stopped a project to encrypt direct messages sent between users.…

Details

Cyber Attacks Underway in Ukraine-Russia Conflict

While Ukraine gears up for a military offensive in response to the referendum in Crimea voting to secede and join Russia, attackers on both sides of the border have already begun lobbing attacks in the cyber realm. Attackers operating under the name “Cyber Berkut” launched a series of distributed denial-of-service attacks against a number of…

Details

Pingbacks from 162,000 WordPress Sites Used in DDoS Attack

Attackers don’t need special tools or malware to launch distributed denial-of-service attacks. A recent DDoS attack that brought down a site involved 162,000 WordPress sites and a documented feature. A popular WordPress site was hit by a large HTTP-based (Layer 7) distributed flood attack, sending hundreds of requests per second, said Daniel Cid, CTO of…

Details

Vietnamese National Pleads Guilty to Selling Access to Experian-Owned Database

The Vietnamese national who sold criminals access to the Experian-owned database containing information on 200 million US Consumers pleaded guilty to running an identity theft service, according to a report by security writer Brian Krebs. Vietnamese national Hieu Minh Ngo admitted at a March 3 federal court hearing to letting criminals search the Court Ventures database…

Details