News on Computer Security

Pennsylvania CISO out of a job following RSA Conference appearance

2010-03-12T04:15:20Z

<div id="subtitle">Bob Maley, the former CISO of Pennsylvania, may have been fired because of remarks he made about a recent breach affecting the state.</div><div><p>Bob Maley, Pennsylvania's CISO since 2005, is out of a job, days after he joined a group of other state IT security chiefs on an RSA Conference panel and reportedly offered candid remarks ...

Troyak shutdown signals short-lived win against Zeus

2010-03-12T04:15:19Z

<div id="subtitle">The takedown of a rogue internet service provider known as "AS Troyak," which was linked to the prolific Zeus botnet, caused a massive but brief drop in the number of active Zeus command-and-control servers this week before attackers reconnected their criminal operations.</div><div><p>The takedown of a rogue internet service provider known as “AS Troyak,” which was linked to the prolific Zeus botnet, caused a massive, albeit brief, drop in the number of...

Cyber-attack shut 150 Montenegrin websites

2010-03-11T09:17:13Z

<div><p>A cyber-attack forced the closure of more than 150 websites hosted by Montenegro's main provider T-com, including the sites of the postal services and oil giant LukOil, officials said Thursday.</p><p>"An unauthorized attack began around 10 pm (2100 GMT) Wednesday and hackers based abroad have changed contents of some 150 websites," T-com spokeswoman Jele...

Summary Box: Huge 'botnet' only slowed by takedown

2010-03-11T07:30:34Z

<div id="subtitle">Summary Box: Limb of huge `botnet' of virus-infected PCs is amputated, but criminals reconnect</div><div><p>BOTNET AMPUTATED: An Internet provider thought to be helping spread malicious software was taken down, apparently cutting criminals off from millions of personal computers under their control.</p><p>SHORT VICTORY: Less than a day later the criminals still were able to reconnect with the computers in their remote-controlled botnet, whic...

India, Mexico, Brazil have most Mariposa bots

2010-03-11T04:15:13Z

<div id="subtitle">The Mariposa botnet infected PCs from almost every country around the world, making it one of the largest networks of compromised computers ever seen.</div><div><p>An analysis of the dismantled Mariposa botnet has revealed that it consisted of 13 million infected PCs spanning 190 countries and 31,901 cities worldwide, according to anti-virus vendor Panda Security. The botnet, which took its name from the ...

Huge 'botnet' amputated, but criminals reconnect

2010-03-11T00:16:07Z

<div id="subtitle">Limb of huge 'botnet' of virus-infected PCs is amputated, but criminals are reconnecting</div><div><p>The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control.</p><p>But the victory was short-lived. Less than a day after a service known as "AS Troyak" was unpl...

Report: Federal cybersecurity plan facing barriers

2010-03-10T04:15:50Z

<div id="subtitle">Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, according to a report released on Friday from the Government Accountability Office.</div><div><p>The federal government is facing a number of challenges in its efforts to meet objectives set forth in the recently partially declassified Comprehensive National Cybe...

Energizer software found to open backdoor

2010-03-09T04:15:23Z

<div id="subtitle">An application that allows users to view the battery charging status of the Energizer DUO USB charger contains a vulnerability that could enable an attacker to install malware on Windows machines.</div><div><p>An application that allows users to view the battery charging status of the Energizer DUO USB charger contains a vulnerability that could enable an attacker to install malware on Windows machines.The flaw, disclosed Friday by Massachusetts evokes anxiety for many, but getting in line may prove to be no big deal, reports Greg Masters.</div><div><p>A new privacy regulation in Massachusetts evokes anxiety for many, but getting in line may prove to be no big deal, reports Greg Masters.After a few delays, what has been termed the nation's strictest state data security regulation is set to go int...

A proactive data regulation

2010-03-06T04:15:38Z

<div id="subtitle">It's critical that professionals who work with client personal information follow specific, proactive steps to ensure they're in compliance.</div><div><p>Many professionals are unintentionally negligent when it comes to information security and mistakenly feel secure when storing personally identifiable information (PII) and emailing password-protected files. But, the truth is, hackers can easily gain access to confidential information and security brea...

In support of rights to privacy

2010-03-06T04:15:24Z

<div id="subtitle">A balance between basic civil rights and national security must be struck</div><div><p>The kickoff of 2010 for Google has been an interesting one. The January attack on the search giant and about 30 other companies ended in the theft of intellectual property – likely source code, say many experts. Named Operation Aurora, the sophisticated coordinated attack originating from

RSA Conference: Gonzalez may receive largest ever U.S. hacking sentence

2010-03-06T04:15:15Z

<div id="subtitle">Hacker Albert Gonzalez will likely receive a record-breaking prison term, law enforcement officials said Thursday at the RSA Conference.</div><div><p>U.S. Department of Justice (DoJ) officials are hoping that two weeks from now, hacker Albert Go...

US agencies needs clear cybersecurity roles: GAO report

2010-03-05T17:15:31Z

<div><p>US government cybersecurity efforts are being hampered by a need to better define the roles of the agencies responsible for defending against cyber threats, a US Congressional watchdog said Friday.</p><p>The need for more clearly defined responsibilities for agencies tasked with defending against cyberattacks was one of a number of "challenges" to effective cybersecurity raised in the report by the

Cyber-terrorism a real and growing threat: FBI

2010-03-05T01:16:01Z

<div><p>Terrorists, crooks and nation states are ramping up cyber-assaults that are eating away at data, cash and security in the United States, the head of the FBI warned.</p><p>"The risks are right at our doorsteps and in some cases they are in the house," Federal Bureau of Investigation chief

FBI director warns of growing cyber threat

2010-03-04T20:00:47Z

<div><p>SAN FRANCISCO (Reuters) - Militant groups, foreign states and criminal organizations pose a growing threat to U.S. security as they target government and private computer networks, FBI Director Robert Mueller said on Thursday.</p>&l...

RSA Conference: Health care information security pros discuss data security

2010-03-04T04:45:42Z

<div id="subtitle">Protecting health data becomes more difficult in a socially networked world, but blocking access to these popular sites is being met with dissent, a panel of health care CISOs said Wednesday at the RSA Conference.</div><div><p>Protecting health data becomes more difficult in a socially networked world, but blocking access to these popular sites is being met with dissent, a panel of health...

Spain smashes infected global computer network

2010-03-03T11:17:17Z

<div><p>Spanish police said Wednesday they had arrested three men suspected of building the world's biggest network of virus-infected computers which hijacked more than 13 million PCs.</p><p>The "botnet" of infected computers affected machines in almost every country in the world in homes, universities, banks, government agencies and companies, including more than half of the largest US companies on the Fortune 1,0...

Few details in White House summary of cyber plan

2010-03-03T06:15:16Z

<div id="subtitle">White House posts summary of secret Bush cyber plan, but its list of goals gives few details</div><div><p>The Obama administration on Tuesday gave the public a peek at the Bush administration's classified plan to secure the nation's computer systems, but the newly revealed list of broad goals provided few surprises and key provisions rem...

RSA Conference: White House declassifies U.S. cybersecurity initiative details

2010-03-03T04:15:22Z

<div id="subtitle">The Obama administration on Tuesday declassified a summary of the Comprehensive National Cybersecurity Initiative, a highly secretive program that began in 2008 under the Bush administration to help secure the United States in cyberspace.</div><div><p>In an effort to increase government transparency, the Obama administration has declassified...