 Info Security News Mailing List
Carries news items (generally from mainstream sources) that relate to security.
List Archives
Latest Posts
Hackers take down Chicago website
InfoSec News (May 21)
http://www.chicagotribune.com/news/local/ct-met-nato-website-down-20120521,0,5070454.story
By Hal Dardick
Chicago Tribune
May 21, 2012
Anti-NATO hackers brought down the city of Chicago's home page for hours
Sunday as leaders of the military alliance met in Chicago and thousands
of protesters took to the streets.
The page, cityofchicago.org, went down from midmorning until early
afternoon after a shadowy group posted a YouTube video...
RSA SecurID software token cloning: a new how-to
InfoSec News (May 21)
http://arstechnica.com/security/2012/05/rsa-securid-software-token-cloning-attack/
by Dan Goodin
Ars Technica
May 21 2012
A researcher has devised a method attackers with control over a victim's
computer can use to clone the secret software token that RSA's SecurID
uses to generate one-time passwords.
The technique, described on Thursday by a senior security analyst at a
firm called SensePost, has important implications for the...
Is cloud-based security really cheaper?
InfoSec News (May 21)
http://www.csoonline.com/article/706738/is-cloud-based-security-really-cheaper-
By Antone Gonsalves
CSO
May 21, 2012
Businesses in new study were five times more likely to have decreased
spending on managing security over three years.
As part of its marketing strategy for selling to small- and medium-size
businesses (SMBs), Microsoft this week released the results of a study
on the use of cloud-bases security. The survey of SMBs, whether...
Iranian Hackers Claim They Compromised NASA SSL Digital Certificate
InfoSec News (May 21)
http://www.darkreading.com/security-monitoring/167901086/security/attacks-breaches/240000784/iranian-hackers-claim-they-compromised-nasa-ssl-digital-certificate.html
By Kelly Jackson Higgins
Dark Reading
May 21, 2012
A self-professed Iranian hacker gang announced in an online post that it
compromised an SSL certificate belonging to NASA and subsequently
accessed information on "thousands" of NASA researchers.
Word of the alleged...
Anonymous hacks Bureau of Justice, leaks 1.7GB of data
InfoSec News (May 21)
https://www.zdnet.com/blog/security/anonymous-hacks-bureau-of-justice-leaks-17gb-of-data/12260
By Emil Protalinski
Zero Day
ZDNet May 21, 2012
The hacktivist group Anonymous claims to have leaked 1.7GB of data
belonging to the United States Bureau of Justice Statistics (BJS). The
file, which has been uploaded as a torrent and posted on The Pirate Bay,
reportedly contains internal e-mails as well as the website’s “entire
database...
Obama Cybersecurity Czar Schmidt Steps Down
InfoSec News (May 18)
http://www.darkreading.com/compliance/167901112/security/news/240000583/obama-cybersecurity-czar-schmidt-steps-down.html
By Kelly Jackson Higgins
Dark Reading
May 17, 2012
The nation's first cybersecurity czar, Howard A. Schmidt, has resigned
his historic post and will be succeeded by Michael Daniel, chief of the
White House budget office's intelligence branch.
Schmidt said in a statement that he is leaving to spend more time with...
How Stuxnet Came Back to Haunt the U.S.
InfoSec News (May 18)
http://www.theatlanticwire.com/technology/2012/05/how-stuxnet-came-back-haunt-us/52466/
By Megha Rajagopalan
ProPublica
May 17, 2012
Last week, the Department of Homeland Security revealed a rash of cyber
attacks on natural gas pipeline companies. Just as with previous cyber
attacks on infrastructure, there was no known physical damage. But
security experts worry it may only be a matter of time.
Efforts to protect pipelines and other...
KSE site hacked on day of launching
InfoSec News (May 18)
http://www.arabtimesonline.com/NewsDetails/tabid/96/smid/414/ArticleID/183360/reftab/36/t/KSE-site-hacked-on-day-of-launching/Default.aspx
Arab Times
18/05/2012
KUWAIT CITY, May 17: The website of Kuwait Stock Exchange (KSE) was
hacked on the day it was launched, reports Al-Jaridah daily quoting
reliable sources.
They disclosed that the hackers managed to copy all data from the
website before deleting them. The website administration team...
Fake Google Chrome Installer Steals Banking Details
InfoSec News (May 18)
http://www.informationweek.com/news/security/vulnerabilities/240000575
By Mathew J. Schwartz
InformationWeek
May 17, 2012
Beware fake Chrome installers for Windows.
A file named "ChromeSetup.exe" is being offered for download on various
websites, and the link to the file appears to be legitimately hosted on
Facebook and Google domains. In reality, the software won't install
Google's Chrome browser, but an...
UK now a top ten nation for hacking traffic, logs show
InfoSec News (May 18)
http://news.techworld.com/security/3358334/uk-now-top-ten-nation-for-hacking-traffic-logs-show/
By John E Dunn
Techworld
17 May 2012
A growing volume of attempted hacks and probes has propelled the UK into
the global top ten for this type of traffic, the NCC group has reported.
For the first three months of 2012, the UK was at number seven on the
list with 2.4 percent of hacking traffic according to intrusion
detection log data sourced from...
Chicago Police Department computers hacked?
InfoSec News (May 17)
http://secondcitycop.blogspot.com/2012/05/hacked.html
By SCC (retired)
Second City Cop
May 17, 2012
We've been informed about "virus warning" type windows popping up on the
Department computers lately. We're told it occurs dozens of times during
the processing of a simple arrest.
Guess what happened? And guess who predicted it?
NATO protestors have infiltrated the CPD computers with a worm
that is wreaking...
'Dead Man Walking' Tricks Airport Into Giving Him Top Security Job
InfoSec News (May 17)
http://www.wired.com/threatlevel/2012/05/airport-security-id-theft/
By Kim Zetter
Threat Level
Wired.com
May 16, 2012
The TSA may have its eagle sights set on your underwear and water
bottle, but it failed to miss the real security threat under its nose,
it was revealed Monday, after a supervisor holding a top security job in
a New Jersey airport was arrested for using the stolen identity of a
dead man.
Bimbo Olumuyiwa Oyewole, known to...
Delete Data To Delete Risk
InfoSec News (May 17)
http://www.darkreading.com/database-security/167901020/security/news/240000521/delete-data-to-delete-risk.html
By Ericka Chickowski
Contributing Writer
Dark Reading
May 16, 2012
Earlier this month, a Missouri state senator led a filibuster to block
the vote on the creation of a new prescription-tracking database within
the state -- on the grounds that should a breach occur to expose this
database, it would expose embarrassing information...
Hong Kong CERT wants bigger team to tackle cyber threats
InfoSec News (May 17)
http://www.theregister.co.uk/2012/05/17/hkcert_funding_call_china/
By Phil Muncaster
The Register
17th May 2012
Hong Kong’s Computer Emergency Response Team (HKCERT) has called for
more resources to help it step up attempts to proactively monitor and
deal with attacks on organisations in the special administrative region
(SAR) of China.
Speaking to The Register, centre manager Roy Ko argued that the nature
of the threats facing...
After 7 Years, No End in Sight to Phone Hacking Scandal
InfoSec News (May 17)
https://www.nytimes.com/2012/05/17/world/europe/no-end-in-sight-to-inquiry-into-murdochs-media-empire.html
By RAVI SOMAIYA
The New York Times
May 16, 2012
LONDON -- The phone hacking scandal that shook Rupert Murdoch’s global
media empire and hit the heart of the British government began quietly
on a Monday in 2005, when aides to the British royal family gathered in
a palace office appointed with priceless antiques to air suspicions that...
More Lists
Dozens of other network security lists are archived at
SecLists.Org.
|