cyber security
Latest
SEC: Public companies must report cyberattacks within four days
In a move to prevent public companies from delaying news about cyberattacks, the US Security and Exchange Commission has set a four-day deadline to disclose "material cybersecurity incidents."
Sega left one of its European servers wide open
A misconfigured Amazon Web Services S3 bucket contained sensitive information which allowed researchers to arbitrarily upload files to Sega-owned domains and abuse a 250,000-user email list.
Google pulls Android app with 100 million users after it spread malware
CamScanner, a popular app used to scan PDF documents, was reportedly spreading malware. The app has been around since 2010, and it's been downloaded more than 100 million times. As the Russian antivirus firm Kaspersky discovered, the app recently began spreading malware on Android devices. Google has since pulled CamScanner from the Google Play Store.
UK report details new and existing Huawei security issues
The US has been vocal about its qualms with Chinese tech giant Huawei -- going as far as to charge it with a laundry list of crimes, from stealing trade secrets to wire fraud. But European governments have taken a more moderate approach. That might be changing though. A new report reveals that the UK is unhappy with Huawei's tech and concerned about the risks it brings to the country's telecommunications networks.
The Engadget Podcast Ep 8: He's Simple, He's Dumb, He's the Pilot
On this week's episode managing editor Dana Wollman, reviews editor Cherlynn Low and senior editor Devindra Hardawar join host Terrence O'Brien to discuss Elon Musk's plans to colonize Mars, racing 3D boats in Red Hook and the over-simplification of "the cyber" at the first presidential debate.
US backpedals on plan to regulate hacking software
After a huge outcry from the security community, the US government will re-write proposed regulations on software used to hack smartphones and computers, according to Reuters. The Department of Commerce wants to heavily restrict the development and testing of exploits, zero-days and other intrusion software, which sounds like a good thing on the face of it. However, security professionals discovered that it would've severely limited, and possibly even criminalized, research into surveillance software. That might have made internet security worse than ever by keeping such exploits confined to the black market.
Wall Street wants more government help to combat cyber attacks
Wall Street is worried. Not about government regulation or investigations by law enforcement agencies. No, the countries financial institutions are concerned about cyber attacks. The Securities Industry and Financial Markets Association, or SIFMA, has proposed that it and the government join forces in an effort to combat the 21st century threat. As Wall Street's biggest trade group, the organization already wields plenty of influence, but to help convince the American government it has hired former NSA director Keith Alexander.
Snowden says encryption and oversight are key to protecting the public from surveillance
Speaking to a packed exhibit hall through a Google Hangout, Edward Snowden said the keys to protecting the public from government surveillance is encryption and civilian oversight. The world's most famous whistleblower has said it before, but reiterated it for the SXSW crowd, that end-to-end encryption would go a long way towards protecting user data from both spying and attackers. Many current communications systems, like the aforementioned Hangout, encrypt data at either end, but companies often decrypt your information in between because it needs to harvest data in order to serve up ads. If communications are encrypted the entire time, mass surveillance of the sort that the NSA has engaged in becomes extremely difficult and prohibitively expensive. Of course, if you're a target of the NSA, encryption won't be able to protect you. However, breaking through those protections would require a much more targeted attack, rather than a broad collection of data.
AMD, Intel and RSA team up, form the Cyber Security Research Alliance
Sure, it's not the first elite cybercrime-fighting team we've heard of, it's also not everyday you hear the likes of Intel, Lockheed Martin and AMD buddying up on research. The companies are looking to address the "complex problems" in cyber security, with the private, non-profit group (which also includes Honeywell and RSA/EMC) aiming to work somewhere between government-funded security research and commercial products already out there. The Cyber Security Research Alliance is already in talks with NIST, and plans to launch a security research symposium early next year. The CSRA will also start tracking cyber security R&D, "prioritize" those aforementioned challenges, and hopefully come together for the greater good.
DARPA to hold one-day cyberwarfare workshop, attendance not mandatory
Oh, the fruits of the global village are many: connecting strangers with fetishes, fostering culture through memes and engendering cyber attacks via remote since the late 20th century. It's the advanced decomposition of that latter rotten apple, however, that has DARPA -- the government's far-out research arm -- taking a proactive stance and casting an agency-wide intelligence net to shore up on future defense protocol. To do this, the DoD offshoot's holding a one-time workshop next month, dubbed Plan X Proposers' Day, with the aim of bringing personnel together to brainstorm and implement infrastructure specifically centered around cyberwarfare analysis and research. One area the project, which just received $110 million in funding, will specifically avoid is the creation of actual cyberweapons. So, yeah, while this effort's less Goldeneye and more of a strategic think tank initiative, it still warms the heart to know our nation's best, brightest and most secretive are hard at work protecting our digital butts.
Flame malware extinguishes itself, Microsoft protects against future burns
The folks behind that nasty Flame trojan that burned its way through the Middle East aren't the kind to brag -- the malware's manufacturers apparently started dousing their own fire last week. According to Symantec reports, several compromised machines retrieved a file named browse32.ocx from Flame controlled servers, which promptly removed all traces of the malware from the infected systems. Although the attackers seem spooked, Microsoft isn't taking any chances, and has issued a fix to its Windows Server Update Services to block future attacks. The update hopes to protect networked machines from a similar attack by requiring HTTPS inspection servers to funnel Windows update traffic through an exception rule, bypassing its inspection. The attackers? "They're trying to cover their tracks in any way they can," Victor Thakur, principal security response manager at Symantec told the LA Times, "They know they're being watched." Check out the source link below for the Symantec's run down of the trojan's retreat.
Google starts warning affected users about state-sponsored cyber attacks
The fallout from malware like Stuxnet and Flame might soon be rearing its head at a Google Plus page or Gmail inbox near you. A post on its online security blog states that Google will now issue warnings in the form of a strip placed just below the upper menu bar to users being targeted by suspected state-sponsored cyber attacks. Google stressed that such warnings don't mean that its systems have been compromised but it does make it highly likely that the recipient may be the target of state-sponsored phishing or malware. How exactly does Google know this to be the case? The company declined to offer specifics, only saying that data from victim reports and its own analysis strongly point toward the involvement of states or state-sponsored groups. Google also didn't mention how often it sees such malicious activity, though coverage of Stuxnet and Flame certainly has put a spotlight on cyber warfare involving nations. In the meantime, feel free to hit the source link below for Google's tips on how to secure your account.
Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time
Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak. No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.
U.S. Department of Defense preps cyber rules of engagement, plans to work more closely with ISPs
The Pentagon left no room for argument last year when it declared cyber attacks a potential act of war. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," a military official reportedly remarked. Yikes. Before we start bombing chimneys, however, the Department of Defense plans to draft up some relevant guidelines, noting in a recent House Armed Services Committee hearing that it will be delivering a set of cyberspace-specific rules of engagement in the coming months. "We are working closely with the joint staff on the implementation of a transitional command and control model for cyberspace operations," said Madelyn Creedon, assistant secretary of defense for Global Strategic Affairs. In addition to setting ground rules for cyber-engagements, the DOD also plans to expand efforts to share classified information on possible threats with internet service providers and defense contractors.
Hacker spites Symantec, puts pcAnywhere's source code out in the open
Symantec said that folks running its pcAnywhere utility were at an "increased risk" when it revealed that the company had been hacked and its source codes pilfered, and advised customers to stop using pcAnywhere for the time being. Sage advice, as a hacker with the handle YamaTough -- who's affiliated with Anonymous -- helped do the deed and has now published the code for all the world to see. Apparently, the hacker and hackee had attempted to broker a deal for $50,000 to keep the code private, but neither side negotiated in good faith -- YamaTough always intended to release the code, and law enforcement was doing the talking for Symantec to catch him and his hacking cohorts. The good news is, Symantec has released several patches to protect pcAnywhere users going forward. As for the stolen code for Norton Antivirus, Internet Security and other Symantec software? Well, the company's expecting it to be disclosed, too, but because the code is from 2006, customers with current versions can rest easy.
Source code theft prompts Symantec to issue warning to customers
Security software publisher Symantec has confirmed it was the victim of a cyber attack, resulting in the theft and disclosure of product source code. Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers -- the suit claims Symantec employed scare tactics to encourage users to purchase its wares. Via its website, the company affirmed Anonymous' claims, citing a source code heist dating back to 2006. The post goes on to suggest that users running Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, Symantec Endpoint Protection 11.0, or Symantec AntiVirus 10.2 apply the latest maintenance patches. If you have the company's pcAnywhere solution deployed, Symantec suggests only using it for "business critical purposes," as this software is "at increased risk." Those looking to stay up-to-date on the breach and what Symantec is doing to ameliorate its effects can get the blow-by-blow from the source link below.
US Cyber Command completes major cyber attack simulation, seems pleased with the results
The US Cyber Command is barely out of its infancy, but it's already crossed one milestone off its to-do list, with the successful completion of its first major test run. The exercise, known as Cyber Flag, was carried out over the course of a single week at Nellis Air Force Base in Nevada, where some 300 experts put their defense skills to the test. According to Col. Rivers J. Johnson, the participants were divided into two teams: "good guys," and "bad guys." The latter were delegated with the task of infiltrating the Cyber Command's networks, while the former were charged with defending the mock cyberattack and keeping the government's VPN free of malware. The idea, according to the agency, was to simulate a real-world attack on the Department of Defense, in order to better evaluate the Command's acumen. "There were a variety of scenarios based on what we think an adversary would do in real world events and real world time," Johnson explained. "It was a great exercise." The Colonel acknowledged that the good guys weren't able to defend against all of the attacks, but pointed out that the vast majority were recognized and mitigated "in a timely manner." All told, Cyber Flag was deemed a success, with NSA Director and Cyber Command chief Gen. Keith Alexander adding that it "exceeded" his own expectations.
Defcon Kids event invites hackers to bring their genetic back-up units
Apparently, kids aren't at all put off by the air of misadventure and notoriety that surrounds hacking. In fact, they're so eager to partake in lock-picking workshops, clue-deciphering seminars and social engineering round-tables, that Defcon in August will have a side event totally dedicated to proto-hackers aged 8-16. The focus will be strictly on well-intentioned hacking and cyber-security, so there's little risk that your progeny will be set on a life-path that ends in a lengthy jail term. Nevertheless, the organizers warn that the main adult event will be going on all around the kids' areas, leading to a risk of exposure to bad language, possible nudity and an "assortment of philosophies." And if that doesn't deter them, nothing will.
DARPA setting up a $130 million 'virtual firing range' to help battle cyber attacks
The US government is serious about online security, just ask any one of its cyber commandos. Adding to its arsenal for battling the big bad hackers, Reuters reports that DARPA is working on a National Cyber Range, which would act a standalone internet simulation engine where digital warriors can be trained and experimental ideas tested out. Lockheed Martin and Johns Hopkins University are competing to provide the final system, with one of them expected to soon get the go-ahead for a one-year trial, which, if all goes well, will be followed by DARPA unleashing its techies upon the virtual firing range in earnest next year. The cost of the project is said to run somewhere near $130 million, which might have sounded a bit expensive before the recent spate of successful hacking attacks on high profile private companies, but now seems like a rational expenditure to ensure the nuclear missile codes and the people crazy enough to use them are kept at a safe distance from one another. DARPA has a pair of other cleverly titled cybersecurity schemes up its sleeve, called CRASH and CINDER, but you'll have to hit the source link to learn more about them.
Pentagon says cyber attacks are acts of war: send us a worm, get a missile in return?
Well, the Pentagon is finally fed up with hackers picking on its buddies and foreign intelligence taking shots at its computer systems, and has decided that such cyber attacks can constitute an act of war. Of course, the powers that be won't be bombing you for simply sending them some spyware, but attempts to sabotage US infrastructure (power grids, public transit, and the like) may be met with heavy artillery. It's unclear how our government will identify the origin of an attack or decide when it's serious enough to start shooting, but Uncle Sam is looking to its allies to help create a consensus answer for those questions. The retaliatory revelation is a part of the Pentagon's new cyber strategy that'll be made public in June -- so saboteurs beware, your next internet incursion might get you an ICBM in your backyard.
