Security News » Security News

Pentagon to increase security measures – Washington Post

security - Google News — Fri, 02 Apr 2010 02:36:47 +0000

Pentagon to increase security measures
Washington Post
By Ed O'Keefe Pentagon officials announced new security measures on Thursday that include more random screening of visitors and Defense Department workers, …
Pentagon Tightens SecurityWall Street Journal
Pentagon tightens security post-shootingWashington Examiner
Pentagon Security Undergoing "Complete Reinvention"NBC Washington
Washington Post (blog)
all 192 news articles »

US Sues KBR On Security Costs – Wall Street Journal

security - Google News — Fri, 02 Apr 2010 00:55:23 +0000

Forbes (blog)

US Sues KBR On Security Costs
Wall Street Journal
The government's suit alleges that between 2003 and 2006 KBR executives used three private security companies to provide armed security details for KBR …
US Justice sues KBR for improper costs in IraqReuters
US Sues Over Security Costs in IraqCourthouse News Service
Government Sues Contracting Giant KBRCBS News
BusinessWeek -Main Justice -The Associated Press
all 159 news articles »

Seattle Tops List Of Riskiest Online Cities

Internet Security News — Thu, 01 Apr 2010 21:32:37 +0000

Cybercrime affects one in five online shoppers and cost Americans $560 million in 2009 due to online fraud, according to a new report from Symantec.

Seattle Tops List Of Riskiest Online Cities

Symantec teamed up with independent research firm Sperling's BestPlaces to find and expose the top 10 cities in the U.S. most vulnerable to cybercrime.

At the top of the rankings, Seattle was found to be the riskiest cybercrime city, placing near the top in categories such as cyberattacks and potential infections; online behavior that can expose more people to cybercrime, such as online shopping and banking online.

Boston and Washington, D.C. follow second and third place. Symantec says both cities experience high levels of cybercrime, possibly due to their large number of Wi-Fi hotspots.

San Francisco and Raleigh are ranked fourth and fifth. San Francisco tops the list for riskiest online behavior and highest number of Wi-Fi hotspots per capita.

Rounding out the top 10 are Atlanta, Minneapolis, Denver, Austin and Portland. According to the Norton research, Atlanta residents experience the most cyberattacks and potential infections. Minneapolis and Portland are near the top for risky online behavior, while Denver and Austin score high across the board.

"With more people than ever relying on the Internet to stay in touch, shop and pay their bills, feeling confident and secure in our information-driven world is vital," said Marian Merritt, Norton Internet Safety Advocate.

"This study highlights the cities most at risk of cybercrime and reminds individuals, families and businesses across the country of the hazards they face each time they go online. We're here to educate consumers about how to protect themselves and ideally never fall victim to cybercrime."

Among the 50 U.S. cities examined, Detroit came in as the least risky online city. El Paso, Texas, and Memphis, Tenn came in second and third repecvively.

"Despite people's familiarity with technology and the Internet, this study shows that everyone is exposed to a certain level of risk when they are online," said Bert Sperling, founder and researcher of Sperling's Best Places.

"No matter where you live - be it Seattle or Detroit - it's important to be vigilant in everyday online behavior in order to protect yourself against cybercrime of all types."

Senators Introduce Cybercrime Bill

Internet Security News — Thu, 01 Apr 2010 21:32:37 +0000

With the growing cost of cybercrime in America and around the globe, U.S. Senators Kirsten Gillibrand (D-NY) and Orrin Hatch (R-UT) introduced today the “International Cybercrime Reporting and Cooperation Act,” new bipartisan legislation that would improve America’s leadership and cooperation with other countries to fight cybercrime worldwide.

Senators Introduce Cybercrime Bill

“Cybercrime must be a top priority for our national security,” Senator Gillibrand said. “If we’re going to protect our networks, our infrastructure, our economy and our families, we have to go after cyber criminals wherever they may be – and it must be an international effort.

“Our new legislation will require the president to provide a global assessment, identify threats from abroad, work with other countries to crack down on their own cyber criminals, and urge the President to cut off U.S. assistance and resources for countries that refuse to take responsibility for cybersecurity. Our legislation will make America safer by getting tough on cybercrime globally, and coordinating with our partners in the international community.”

For more than ten years, reports have detailed the increasing vulnerability of the U.S. to cyberattacks. A growing number of international criminal organizations are targeting U. S. citizens, commerce, and information infrastructure, including the Internet, telecommunications networks, financial systems, embedded processors and controllers in industries to steal, exploit, disrupt or destroy information.

A conservative estimate from the Government Accountability Office (GAO) found that in 2005, U.S. businesses lost $67.2 billion as a result of cyberattacks. Since then, attacks have dramatically increased. Earlier this year, hackers in China launched a large, sophisticated attack on Google and other American businesses. The global economy overall lost over $1 trillion in 2008 as a result of cyber attacks, according to studies by McAfee, Inc.

A number of American companies are supporting the Senators’ legislation including Cisco, HP, Microsoft, Symantec, PayPal, eBay, McAfee, American Express, Mastercard and Visa, as well as Facebook.

“Microsoft strongly supports the International Cybercrime Reporting and Cooperation Act and applauds Senators Gillibrand and Hatch for their leadership in this area,” said Fred Humphries, Managing Director of US Government Affairs, Microsoft Corp.

“This legislation is a great step forward toward accessing the technology capabilities and judicial remedies of foreign countries to combat cybercrime and provide a safer, more trusted and secure Internet.”

China Leads In Targeted Malware Attacks

Internet Security News — Thu, 01 Apr 2010 21:32:36 +0000

Symantec has released its March 2010 MessageLabs Intelligence Report detailing the origins of targeted malicious attacks.

China Leads In Targeted Malware Attacks

Analysis of the origins of the targeted attacks revealed the majority of malware sent this month, originated in the United States (36.6%) based on mail server location, but when analyzed by sender location, more targeted attacks actually originated in China (28.2%), Romania (21.1%) and United States (13.8%).

"When considering the true location of the sender rather than the location of the email server, fewer attacks are actually sent from North America than it would at first seem," said Paul Wood, MessageLabs Intelligence Senior Analyst.

"A large proportion of targeted attacks are sent from legitimate webmail accounts which are located in the US and therefore, the IP address of the sending mail server is not a useful indicator of the true origin of the attack. Analysis of the sender's IP address, rather than the IP address of the email server reveals the true source of these targeted attacks."

Analysis of web security activity found 14.9 percent of all online malware intercepted was new in March, an increase of 1.6 percentage points since February. MessageLabs Intelligence also identified an average of 1,919 new websites per day hosting malware and other potentially unwanted programs such as spyware and adware, a decrease of 61.6 percent since February.

Other report highlights:

Spam: In March 2010, the global ratio of spam in email traffic from new and previously unknown bad sources was 90.7 percent (1 in 1.10 emails), an increase of 1.5 percentage points since February.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 358.3 emails (0.28 percent) in March, an decrease of 0.05 percentage points since February. In March, 16.8 percent of email-borne malware contained links to malicious websites, a decrease of 13.7 percentage points since February.

Phishing: In March, phishing activity was 1 in 513.7 emails (0.19 percent), a decrease of 0.02 percentage points since February. When judged as a proportion of all email-borne threats such as viruses and Trojans, the proportion of phishing emails had increased by 8.4 percentage points to 64.6 percent of all email-borne threats.

Fake Antivirus Software Spreads On Facebook

Internet Security News — Thu, 01 Apr 2010 21:32:36 +0000

Marketers have determined in study after study that social networks are powerful things; a recommendation from a friend can be worth incalculably more than a bunch of random emails or even proper commercials. Facebook users should watch out, then, as a security firm’s determined that fake antivirus software is on the loose.

Fake Antivirus Software Spreads On Facebook

Earlier today, F-Secure came across something labeled “Facebook AV.” An official blog post explained, “Once installed on one Friend’s account, this application tags 20 Friend[s] into a picture . . .” The application also appears to cause the first person to post a link and a phrase like “try this” beneath the picture.

Then when the person’s friends investigate why they’ve been tagged and click on the link, they’re asked to install the app, and the cycle begins again.

Fortunately, not much else seems to happen as a result; there have been no reports of credit card info getting stolen or computer screens going black. It’s just the “social” nature of this problem that’s annoying, and the possibility that victims will lose an online friend or two if they’re perceived to be spammers or simply clueless.

Facebook’s addressing the issue, at least. The F-Secure blog post stated, “Facebook is already in the process removing and preventing such rogue apps.”

Chinese Hackers Thought To Be Back In Yahoo Email Attack

Internet Security News — Thu, 01 Apr 2010 21:32:35 +0000

It’s not hard to imagine that, sooner or later, computer experts outside China might choose to reinforce the Great Firewall (in an attempt to keep Chinese hackers contained) rather than fight it and support free speech. And it’s not hard to imagine that they’d do so in the near future, considering that Chinese hackers have been accused of going after key individuals yet again.

Chinese Hackers Thought To Be Back In Yahoo Email Attack

Andrew Jacobs, who’s based in Beijing, wrote, “In what appears to be a coordinated assault, the e-mail accounts of more than a dozen rights activists, academics and journalists who cover China have been compromised by unknown intruders.”

The accounts – which were provided by Yahoo, not Google, this time around – were in some cases just made inaccessible. But Jacobs added, “In the case of this reporter, hackers altered e-mail settings so that all correspondence was surreptitiously forwarded to another e-mail address.”

That’s potentially a very aggressive move, considering that many of these reporters and activists could have been in touch with (and protecting the identities of) Chinese dissidents. Prison sentences or even executions might occur if the Chinese government learned the dissidents’ names.

Yahoo did tell the affected email accounts’ owners of the problem, though, and the situation seems to have been remedied.

Majority Of New Malware: Banker Trojans

Internet Security News — Thu, 01 Apr 2010 21:32:35 +0000

Unfortunately for the rest of the world, PandaLabs has determined that malware makers are still hard at work. And unfortunately for everybody’s finances, malware makers aren’t content to churn out little “gotcha” tricks, instead focusing more than anything on banker Trojans.

Majority Of New Malware: Banker Trojans

Here are all of the unpleasant details in one bite: PandaLabs declared in a statement, “[T]he amount of new malware in circulation has continued to increase at a record pace. In this first quarter, the most prevalent category was once again banker Trojans, accounting for 61 percent of all new malware.”

Sean-Paul Correll, a threat researcher at PandaLabs, then followed up these observations by saying, “The growing prevalence of banker Trojans signals to us that online accounts for both consumers and businesses continue to be increasingly attractive financial targets for cybercriminals.”

Correll also remarked, “In addition, the widespread availability of DIY kits online has spurred new, less technical individuals into the cybercrime business as evidenced by the Mariposa case.”

So it looks like we’re in for a rough year if some way isn’t found to put a halt to the proliferation of this stuff.

Of course, it’s possible to hope that the dismantling of Mariposa might be the start of a trend, but even the arrest of Mariposa’s authors could prove to be a problem, considering that they may avoid serving jail time. Other cybercriminals will then have less of an incentive to switch career paths.

PandaLabs recommended that people try to stay safe by being especially cautious when searching for popular topics like the iPad and Facebook applications. Be careful on social networks, too, since malware authors are increasingly using those to distribute their creations.

Botnet research suggests progress in cybercrime war

Robert Westervelt — Thu, 01 Apr 2010 21:31:19 +0000

Joe Stewart, director of research at SecureWorks Inc. says investigators are getting better at tracking down botnets, but legal issues persist.

Pentagon security revamped after shooting – Washington Post (blog)

security - Google News — Thu, 01 Apr 2010 21:10:32 +0000

Pentagon security revamped after shooting
Washington Post (blog)
Pentagon security officials announced new security measures Thursday that include more random screening of visitors and Defense Department workers, …
Pentagon Tightens SecurityWall Street Journal
New safety measures at PentagonWashington Post (blog)

all 188 news articles »

Cray Awarded $45 Million Supercomputer Contract From the National Nuclear … – MarketWatch (press release)

security - Google News — Thu, 01 Apr 2010 20:11:36 +0000

Daily Caller

Cray Awarded $45 Million Supercomputer Contract From the National Nuclear …
MarketWatch (press release)
The NNSA will use the new supercomputing system to ensure the safety, security and effectiveness of the United States' nuclear stockpile, and will run the …
Cray gets $45 mln supercomputer contractReuters
Cray in $45M Contract With US Nuclear AgencyABC News
NNSA Selects Cray to Build Next Supercomputing PlatformHPCwire
HPCwire
all 94 news articles »

Explosive Breast Implants — Not an April Fool’s Joke

Schneier on Security — Thu, 01 Apr 2010 18:33:46 +0000

Is MI5 playing a joke on us? Female homicide bombers are being fitted with exploding breast implants which are almost impossible to detect, British spies have reportedly discovered. [...] MI5 has also discovered that extremists are inserting the explosives into the buttocks of some male bombers. “Women suicide bombers recruited by Al Qaeda are known to have had the explosives…

How Will British Elections Change Their National Security Policy? – The American (blog)

security - Google News — Thu, 01 Apr 2010 17:02:20 +0000

The American (blog)

How Will British Elections Change Their National Security Policy?
The American (blog)
However, in other ways, it's not clear how great a change in national security policies one can expect. The fact is, the United Kingdom, under Blair, ...

and more »

Funding to boost security at Pembrokeshire energy sites – BBC News

security - Google News — Thu, 01 Apr 2010 16:24:53 +0000

BBC News

Funding to boost security at Pembrokeshire energy sites
BBC News
The Home Office has approved funding to boost security at key energy sites in Pembrokeshire, says Dyfed-Powys Police. The force said 26 jobs would be ...

and more »

Apple Hires Security Company to Guard iPad Shipments – The Mac Observer

security - Google News — Thu, 01 Apr 2010 16:04:58 +0000

Telegraph.co.uk

Apple Hires Security Company to Guard iPad Shipments
The Mac Observer
Apple is serious about keeping iPads out of customer's hands before April 3rd, and has even gone so far as to hire a security company to guard iPad …
Apple hires security agency to track, guard iPad shipmentsMacNN
Apple Hires Security Agency to Guard iPad Shipments at UPS HubsErictric
iPad UPS Shipments Reportedly Under Guard [Website Reports That Apple Has …TFTS (blog)

all 140 news articles »

Russian President tells security services to be ‘more cruel’ on extremist … – Daily Mail

security - Google News — Thu, 01 Apr 2010 15:41:28 +0000

ABC News

Russian President tells security services to be 'more cruel' on extremist …
Daily Mail
By Mail Foreign Service Russian President Dmitry Medvedev made a surprise visit today to the violence-hit southern province of Dagestan to urge security …
In Britain, Transport Security Still a ConcernVoice of America
Medvedev in Dagestan for security talksCNN International
Medvedev holds security meeting in North CaucasusRT
Reuters India -APA -Xinhua
all 3,351 news articles »

Google Introduces Message Security Tool For Email Service – ITProPortal

security - Google News — Thu, 01 Apr 2010 15:02:39 +0000

Google Introduces Message Security Tool For Email Service
ITProPortal
Search engine giant Google has upgraded its Google Message Security tool, an email filtering feature based on pre-set policies and secures email systems …
Google Fortifies Enterprise Message SecurityInformationWeek

all 4 news articles »

Guide released to mitigate damage of cyberattacks

Latest articles from SC Magazine US — Thu, 01 Apr 2010 14:28:16 +0000

Cybersecurity responsibility must extend beyond the walls of IT and into the finance department – or companies risk continued losses, according to a new report.

Military Corps established to strengthen security in Taliban stronghold – Xinhua

security - Google News — Thu, 01 Apr 2010 13:27:23 +0000

Military Corps established to strengthen security in Taliban stronghold
Xinhua
"With the formation of Corps 215 security would be strengthened in Helmand," Afghan Defense Minister Abdul Rahim Wardak in his opening remarks said. ...

and more »

Security News » Security News

Pentagon to increase security measures – Washington Post

US Sues KBR On Security Costs – Wall Street Journal

More Evidence Discovered Of Vodafone-Mariposa Problem

Seattle Tops List Of Riskiest Online Cities

Senators Introduce Cybercrime Bill

China Leads In Targeted Malware Attacks

Fake Antivirus Software Spreads On Facebook

Chinese Hackers Thought To Be Back In Yahoo Email Attack

Majority Of New Malware: Banker Trojans

Botnet research suggests progress in cybercrime war

Pentagon security revamped after shooting – Washington Post (blog)

Cray Awarded $45 Million Supercomputer Contract From the National Nuclear … – MarketWatch (press release)

Explosive Breast Implants — Not an April Fool’s Joke

How Will British Elections Change Their National Security Policy? – The American (blog)

Funding to boost security at Pembrokeshire energy sites – BBC News

Apple Hires Security Company to Guard iPad Shipments – The Mac Observer

Russian President tells security services to be ‘more cruel’ on extremist … – Daily Mail

Google Introduces Message Security Tool For Email Service – ITProPortal

Guide released to mitigate damage of cyberattacks

Military Corps established to strengthen security in Taliban stronghold – Xinhua