The e-crime unit at the Scottish Crime and Drug Enforcement Agency is bringing in the raft of new investigators in response to increased demand for officers with the skills to tackle internet crime.
The plans to expand the unit have emerged in the wake of the arrest of an 18-year-old alleged computer hacker from Shetland, following an operation involving the agency and the Metropolitan Police.
Read full article: http://bit.ly/rutTANRead full article: http://bit.ly/neZxQu
When McAfee's report about massive global cyberattacks hit the news media, many observers were quick to point to China as the culprit. Now China is speaking out -- and aggressively denying the claims.The People's Daily, the state-run newspaper in China, cited Chinese officials as condemning the accusations and said they don't "hold water." "It is irresponsible to link China to Internet hackers," Chinese officials said.
Read her article: http://bit.ly/o1VquDThe Second Annual Cost of Cybercrime Study, sponsored by ArcSight, an HP company, is based on a representative sample of 50 organizations in various industry sectors. While the research focused on organizations located in the United States, many are multinational corporations. For consistency purposes, the benchmark sample consists of only larger-sized organizations (i.e., more than 700 enterprise seats).
The Internet security firm McAfee has produced evidence that no computer system now in existence cannot be hacked. Also, what's been revealed as "hackers in China," have opened the computer security doors "to more than 70 governments, corporations and public and private organizations in 14 countries," stated an Aug. 4 PBS report that "shocked" computer science experts here at the University of Oregon in Eugene. In turn, the a PBS expert noted that "I do know that McAfee has been briefing Congress, the White House, other executive agencies. And I received a statement from Sen. Feinstein, the head of the Senate Select Committee on Intelligence, expressing her extreme concern after reading this (McAfee) report."
The most common test for an antivirus utility involves showing it thousands or millions of samples and checking how many it recognizes. More advanced tests observe the product in action as it cleans up malware infestations and prevents attacks. Vulnerability researcher Tavis Ormandy feels this just isn't the right way to evaluate a product.
In a talk at the Black Hat conference Ormandy, better known as a Google infosec engineer, reported on a completely different approach. Ormandy contends that antivirus vendors should be completely open about the way their products work, rather than hiding behind market-speak and techno-babble.
Read full article: http://bit.ly/qZ7houAntiSec, a group of online hackers, said it breached 10 gigabytes of sensitive data from after gaining access to more than 70 U.S. law enforcement Web sites.
The hackers who claimed to have gotten emails, credit card information among other sensitive information, is said to be retaliating against the arrests of alleged members accused of hacking into the CIA, Britain's Serious Organized Crimes Agency, or SOCA, and Sony.
Detectives are examining evidence that the watchdog body investigating police malpractice was targeted by computer hackers stealing information for unscrupulous private investigators.
They are investigating claims the hackers used bogus email addresses similar to ones used by officials from Independent Police Complaints Commission to plant computer viruses which enabled them to access confidential files.
In a massive 10GB data cache titled 'Shooting Sherrifs Saturday', the AntiSec organization released the contents of over 300 email accounts across 56 law enforcement agencies, police training videos and identities of persons submitting tips though an anonymous tip system. Email correspondence contains private information including social security numbers for police officers as well as credit card numbers, email addresses, home addresses and personal exchanges between officers. In addition, members of AntiSec claim to have used the stolen credit card numbers to place donations to the Bradley Manning Support Network, ACLU, Electronic Frontier Foundation and other organizations.
Word on the internet is that the National Security Agency(NSA)—of which I'm sure you're well aware—has very publicly stated it's setting up shop at Defcon alongside corporations to recruit hackers to the dark side.
As reported by Reuters, Richard "Dickie" George, technical director of the NSA's Information Assurance Directorate (cyber defense wing)–we'll henceforth call him Simply Dick—is looking to recruit you to work on the "hardest problems on Earth." They're appealing to your ego, your vanity. Simply Dick is looking for hackers only in it for the game; those willing to become pro-state, or at least ideologically neutral.
Read full post: http://bit.ly/qoDiob
If you want to plan a cyber war, look no further than the Bruce Willis movie, Live Free or Die Hard. That may sound fishy, but that is what a former government cyber war expert told the Defconsecurity conference today in Las Vegas.
Chris Cleary, a former senior planner at the U.S. Cyber Command and manager of cyber strategy at security firm Sparta, isn't allowed to talk about the government's plans for cyber war. But he was able to analyze the 2007 Bruce Willis film, about a terrorist-hacker named Thomas Gabriel who seeks to bring down the nation through a series of cyber attacks. Willis supplies the firepower as a good hacker tries to fight back.
Read full article: http://bit.ly/nMTkbVAt the DefCon hacker conference this weekend in Las Vegas, a team from Facebook has been making the rounds and delivering an unusual message: Please hack us. We'll pay you for it.
The team, led by Facebook's Chief Security Officer Joe Sullivan, is promoting the company's new "bug bounty program," which pays researchers to report security flaws in the social-networking site of more than 750 million active users.
For nearly seven decades, the American public has accepted one version of the events that led to Japan's surrender. By the middle of 1945, the war in Europe was over, and it was clear that the Japanese could hold no reasonable hope of victory. After years of grueling battle, fighting island to island across the Pacific, Japan's Navy and Air Force were all but destroyed. The production of materiel was faltering, completely overmatched by American industry, and the Japanese people were starving. A full-scale invasion of Japan itself would mean hundreds of thousands of dead GIs, and, still, the Japanese leadership refused to surrender.
A couple of geeks security researchers have made some interesting finds that they chose to show off at the Black Hat security conference in Las Vegas. Don Bailey and Matthew Solnik from iSec Partners showed the crowd that by using an Android-powered smartphone and a technique they've called 'war texting', they could lock and unlock the doors on a new Subaru Outback and even start its engine all by remote.
The two set up their own custom GSM network and through that method, they were able to intercept password authentication messages between the server and the car. The entire process of them intercepting the messages took them only a couple of hours, the duo claimed.
Read full article: http://bit.ly/nMaaCQ
The strange e-mails arrived in executives' inboxes around the same time that the Australian oil company was negotiating a deal with a Chinese energy company.
The e-mails had the same structure and format as those sent around the company and were baited with text that appeared to refer to a supposed continuing discussion between executives. The messages looked authentic from a nontechnical perspective, just part of normal electronic communication within a company.
Read full article: http://bit.ly/oPZfuwRead full article: http://bit.ly/pwbGtH
Former Central Intelligence Agency's Counter-Terrorism head Cofer Black has said that a battered al-Qaeda, following Osama bin Laden's death, could enter cyberspace to launch a global jihad against the West.
Black said al-Qaeda would resort to "small and agile" tactics, including online attacks.
"They will enter the cyber world because it's comparatively remote, comparatively safer than strapping on a bomb," ABC News quoted Black, as saying at a Black Hat Technical Security Conference in Las Vegas.
Read full article: http://bit.ly/qKbtf6Defense Secretary Leon Panetta warns that the United States must remain diligent in protecting itself from terrorist attacks, including possible cyber-attacks.
Panetta says the country could face a cyber-attack that would be equivalent to the bombing of Pearl Harbor. He says such an attack "could virtually paralyze this country."
PETALING JAYA: "Anonymous", a group of hackers who claimed responsibility for hacking government websites in June, has threatened to launch fresh attacks on Oct 24.
Its goal this time – revealed through a 5.25-minute YouTube video clip – is to undermine Prime Minister Najib Tun Razak's 1Malaysia campaign.
Read full article: http://bit.ly/qucMrHRead full article: http://bit.ly/nMVxgk
The British Metropolitan police - aka Scotland Yard - has issued a public warning to UK cyber activists linked to the Anonymous collective.
"The investigation into the criminal activity of so-called 'hacktivist' groups #Anonymous and #LulzSec continues. We [also] want to remind people of the law in this area," Scotland Yard wrote in an official (extended) tweet.
Meet WASP, the Wireless Aerial Surveillance Platform, one of the star attractions of this year's Black Hat conference for computer security professionals in Las Vegas.
It's a remote-controlled plane with a computer in its belly that can fly up to 400 feet above the ground, snoop quietly on wireless networks below and attack one if it wants to. It can also pretend to be a GSM cellphone tower, eavesdropping on calls and text messages that pass through.
Read full article: http://bit.ly/nBNeT0The Electronic Frontier Foundation (EFF) has told Cisco to help stop the Chinese government from violating the human rights of its citizens.
The group is reacting to the networking firm's earlier announcement that it would help the Chinese government build up an extensive camera surveillance network in Chongqing. This, as well as its assistance in building the Great Firewall of China, should give it enough leverage to convince its new friend to stop abusing its citizens' human rights.
"This is the same company that sold equipment to China to build the Great Firewall, which prevents Chinese Internet users from accessing much of the Internet, including online references to the Tiananmen Square protests, information on China's human rights abuses, and social media sites such as Facebook and Twitter," wrote the EFF's Jillian York in a blog post.
Read full article http://bit.ly/mU3LHNChina's top official newspaper on Friday dismissed as irresponsible suggestions Beijing was the "state actor" behind massive Internet hacking of governments and companies that security company McAfee this week said it had discovered.
The report in the People's Daily, the main mouthpiece of China's ruling Communist Party, did not quote any official reaction to the hacking allegations but is the closest to an official response that Beijing has given to the McAfee report.
Read full article: http://bit.ly/q4Tu6XComputerworld - Malware used in the attack against RSA Security earlier this year was controlled from China, a well-known botnet researcher said Wednesday.
Joe Stewart, director of malware research for Dell SecureWorks, traced the command-and-control (C&C) servers used to oversee the RSA attack to networks in Beijing and Shanghai.
Link: http://bit.ly/q9w1sDChina's top official newspaper on Friday dismissed as irresponsible suggestions Beijing was the "state actor" behind massive Internet hacking of governments and companies that security company McAfee this week said it had discovered.
The report in the People's Daily, the main mouthpiece of China's ruling Communist Party, did not quote any official reaction to the hacking allegations but is the closest to an official response that Beijing has given to the McAfee report.
Read full report here: http://bit.ly/q4Tu6XThe US Department of Homeland Security (DHS) has issued an unclassified threat assessment detailing the tactics and capabilities of Anonymous.
Although the DHS claimed Anonymous hasn't demonstrated "any capability" to damage critical infrastructure, the department did (grudgingly) acknowledge that certain members have displayed "moderately higher levels" of skill and creativity - as is evidenced in operations where a combination of methods and techniques were employed to target multiple networks.
Read full article: http://bit.ly/q56O4iMore than 70 companies, governments and non-profit organizations around the world were attacked by hackers in a massive cyberspying operation that experts say was likely conducted by China.
In a report released Wednesday, the security firm McAfee said the five-year mission included a wide range of victims, including the United Nations, the International Olympic Committee, a Department of Energy Research Laboratory and nearly two dozen defense contractors. The victims were spread across more than a dozen countries, though 49 of the 72 identified targets were located in the United States.
Read Full Article: http://bit.ly/nG9TsTValeina Allison got a call from her bank on a busy morning two years ago about a wire transfer from her company's account. She told the manager she hadn't approved the transfer. The problem was, her computer had.
As Allison, chief executive officer of Sterling Heights, Michigan-based Experi-Metal Inc., was to learn, her company computer was approving other transfers as she spoke. During hours of frantic phone calls with her bank, Allison, 45, was unable to stop this cybercrime in progress as transfer followed transfer. By day's end, $5.2 million was gone.
Read full article: http://bit.ly/n5uKhEValeina Allison got a call from her bank on a busy morning two years ago about a wire transfer from her company's account. She told the manager she hadn't approved the transfer. The problem was, her computer had.
As Allison, chief executive officer ofSterling Heights, Michigan-based Experi-Metal Inc., was to learn, her company computer was approving other transfers as she spoke. During hours of frantic phone calls with her bank, Allison, 45, was unable to stop this cybercrime in progress as transfer followed transfer. By day's end, $5.2 million was gone.
As U.S.-Pakistani relations spiral downward, the specter of a showdown between the increasingly antagonistic allies is garnering more attention, including the worst-case scenario of the U.S. attempting to "snatch" Pakistan's 100-plus nuclear weapons if it feared they were about to fall into the wrong hands.
That would be a disastrous miscalculation, former Pakistani President and army chief Pervez Musharraf told NBC News, saying that such an incursion would lead to "total confrontation" between the United States and Pakistan.
IT security firm McAfee claims to have uncovered one of the largest ever series of cyber attacks.
It lists 72 different organisations that were targeted over five years, including the International Olympic Committee, the UN and security firms.
McAfee will not say who it thinks is responsible, but there is speculation that China may be behind the attacks.
A widespread cyber-espionage campaign that stole government secrets, sensitive corporate documents and other intellectual property for five years from more than 70 public and private organizations in 14 countries has been uncovered by a McAfee researcher, Vanity Fair reported today.Office Leaks (www.officeleaks.com), a new social media platform created for employees, is changing workplace culture from the inside out by giving every office an anonymous forum. This allows employees to freely express their thoughts without navigating office politics or the threat of repercussions.
"Office Leaks is genuinely 'pro-employee' in an economy that is not," says Ryan Masanz, the site's creator. "Every day we hear about lay-offs, foreclosures, and bills targeting workers' rights -- and the decision to stand up and speak your mind is a difficult one. Office Leaks levels the playing field to encourage challenging ideas and honest criticism."
Read full article: http://bit.ly/qXJpfCThe Met has warned would-be "hacktivists" that its investigation into Anonymous and LulzSec continues, and that suspects potentially face a 10-year jail sentence.
Police took the usual step of issuing the warning via Twitter, which members and supporters of the hacking groups have often used to seek publicity and communicate.
Read full article: http://bit.ly/p7OqmLAnonymous is considering putting itsmost formidable DDoS weapon in cold storage following a recent series of high-profile arrests of the hacker group's members, according to the AnonOps blog.
Members of Anonymous are pushing to retire the group's Low Orbit Ion Cannon (LOIC) while the loosely organized hacker collective develops a new DDoS tool to take down websites called #RefRef, an AnonOps Communications blog post revealed Tuesday.
Read full article: http://bit.ly/qDL1hT 
Malicious hackers have pounced on a zero-day vulnerability in a widely used image-resizing utility that ships with themes for the popular WordPress blogging platform.
The timthumb utility, used to handlecropping, zooming and resizing web images, is used by millions of blogs running certain themes and because it writes files into a directory during the image-resizing process, it can be used to launch web attacks.
Read full article: http://bit.ly/ork9fT
