Lawmakers join forces on cybersecurity legislation – Nextgov: “Senators from several committees are working together to craft comprehensive cybersecurity legislation by the end of the year, the head of a key oversight committee said on Monday. Lawmakers are open to a range of legislative options aimed at better protecting Web sites against hackers and improving [...]
Is Cloud Computing Secure? Prove It: “Organizations need to take care to ensure that applications in the cloud are secure and compliant–and can be proven as such. Experts say the public cloud might not be suitable for some applications right now, but that providers will face increasing pressure to develop systems that can be used [...]
Small Businesses Vulnerable To Cybercrime – Technology News – redOrbit: “Cyber criminals are shifting their attention away from larger, more secure businesses to smaller more vulnerable businesses, according to federal authorities who testified before the Senate Homeland Security and Governmental Affairs committee on Monday. Michael Merritt, assistant director of the U.S. Secret Service’s office of [...]
“A security breach at Downeast Energy and Building Supply has exposed banking information of hundreds of customers and cost the company $150,000, the Maine Public Broadcasting Network first reported yesterday. The Brunswick-based company fell victim to an email ‘phishing scam’ that gave hackers access to one of Downeast’s KeyBank accounts, according to a statement posted [...]
“Waves of targeted email attacks, often called spear phishing, are exploiting client-side vulnerabilities in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. This is currently the primary initial infection vector used to compromise computers that have Internet access. Those same client-side vulnerabilities are exploited by attackers when users visit [...]
“An analyst at a Defense Department spy satellite agency faces federal hacking charges after allegedly poking around in a top-secret system used in a classified terrorism investigation involving the FBI and the U.S. Army. Brian Keith Montgomery worked on a covert program for the National Geospatial-Intelligence Agency — the spy agency in charge of satellite [...]
“There are lots of opinions of where the greatest vulnerabilities in computers and networks lie—just read the comments to any security-related post on this blog for an earful. Hard data, however, has generally been lacking. A new study assembled by the SANS Institute, and based on reports from 15,000 organizations surveyed by risk assessment companies [...]
“John Bumgarner, a former cyber-security expert for the CIA and other U.S. intelligence agencies, is attracting much attention for his report concluding that Russia’s military offensive in Georgia last year was coordinated with a pre-arranged civilian cyber-attack on the country. What appears to have gone unreported is Bumgarner’s conclusion that the region’s oil apparatus was [...]
“In it, a convicted young hacker who got into hacking at an early age, got caught by the authorities, was given a suspended prison sentence and got slapped by huge fines, answers questions about himself. Provided it’s genuine (and it seems that way from the answers), it’s a fascinating opportunity: I bet many of you [...]
A Romanian hacker well-known for discovering SQL injection vulnerabilities in high-profile Websites has struck again — this time on RBS WorldPay’s site, where he says he hit the jackpot, the company’s database. The hacker, who goes by “Unu,” says he accessed RBS WorldPay’s database via a SQL injection flaw in one of its Web applications. [...]
