Latest Hacking and intrusion prevention News

Next steps for protecting children online - final reminder for the Westminster eForum Keynote Seminar, Morning, Thursday, 26th January 2012
posted on 20/01/2012

This seminar focuses on latest developments in public policy and business practice to protect young people from inappropriate and illegal content online, offering a timely opportunity to assess progress made and the work still to do. It includes a keynote address from the minister responsible for online child protection, Lynne Featherstone MP, Parliamentary Under-Secretary of State for Equalities and Criminal Information, Home Office. It takes place as the Parliamentary Inquiry into Online Child Protection led by Claire Perry MP - a keynote speaker at this seminar - releases its findings, as ‘ParentPort’ is launched as a cross-media regulatory ‘one-stop-shop’ for concerned parents, and ISPs begin to implement their voluntary code of conduct including giving parents an ‘active choice’ to turn on filtering. We are pleased to include presentations from a range of key interested parties: ATVOD; Child Exploitation and Online Protection Centre (CEOP); Facebook; Internet Advertising Bureau (... [more]

Digital Bond and Tenable Network Security collaborate on continuous critical infrastructure protection
posted on 20/01/2012

Digital Bond and Tenable Network Security released new SCADA plugins for both Tenable’s Nessus and Passive Vulnerability Scanner (PVS), at the S4 Conference. These plugins will identify insecure PLC configurations that would allow an attacker to take control of a critical infrastructure such as the electric grid, an oil pipeline, a chemical manufacturing plant or water treatment plant. Tenable’s Passive Vulnerability Scanner plugins allow a control system network to be monitored continuously without any interaction or impact to the network. The PVS not only identifies these PLC vulnerabilities, it also discovers a wide variety of systems which speak common SCADA protocols such as ICCP, MODBUS and DNP3. There are seven new Tenable SCADA plugins for the GE D20, Schneider Modicon Quantum and SEL 2032 SCADA PLCs or controllers. These are the devices that communicate with sensors and actuators and tell valves to open, breakers to trip or control some form of a physical process. An atta... [more]

Cryptzone partners with B2B Secure to cope with explosive growth in Benelux region
posted on 20/01/2012

Cryptzone the innovators in mitigating IT security risk have joined forces with Dutch Information Security specialist B2B Secure to manage the huge spike in demand that they’ve seen across the Benelux region. It comes as more and more companies have to address their security strategies in the wake of latest compliance rules and increasing breaches such as Diginotar which had a knock on effect especially on businesses in this region. The two companies will work closely to promote Cryptzone’s award winning information security solutions addressing policy compliance, content security, secure access and endpoint encryption. The agreement has been forged based on B2B’s knowledge and experience within the Benelux region, as well as its enormous potential for sales growth. B2B Secure is a highly professional technical and sales organization, which is able to add value to customers – a key attribute for any Cryptzone partner. “B2B Secure is the latest addition to the channel we’re building ... [more]

Five Key Challenges for Finance Sector in 2012
posted on 19/01/2012

More and more, banks are stepping up to the challenge to protect themselves against malware attacks abusing admin rights, revealed Avecto recently. In its dealings with more than 50 banks globally, Avecto found that while enterprises in most sectors are aware of the risks posed by standard users with admin rights the finance sector is ahead of the curve when it comes to eliminating them. Cyber-criminals are focusing their attacks, in an effort to monetise their malware programs. Legislation stipulates that if admin rights are not removed from users then at the very least they must audit everything they do. However, while Avecto believes financial institutions are ahead of the curve on security risks, and especially the threat from excessive user rights, it also warned the financial sector not to compromise security for the sake of delivering functionality. Paul Kenyon, Avecto’s COO, explains: “The financial sector is in the same position as every other organisation in experiencing p... [more]

Carberp Trojan dupes Facebook users stealing e-cash vouchers
posted on 18/01/2012

Trusteer publishes a blog by Amit Klein, CTO and head of Cybercrime Research, that details a new attack the company has discovered which targets Facebook users. Unlike past Facebook attacks that steal login credentials, a new configuration of the Carberp Trojan is targeting e-cash voucher systems. This new twist allows fraudsters to exploit the anonymous nature and instant financial value afforded by e-cash vouchers which are widely accepted on the Internet. A new configuration of the Carberp Trojan that targets Facebook users to commit financial fraud has been discovered. Unlike previous Facebook attacks designed to steal user credentials from the log-in page, this version attempts to steal money by duping the user into divulging an e-cash voucher. Carberp replaces any Facebook page the user navigates to with a fake page notifying the victim that his/her Facebook account is “temporarily locked”. The page asks the user for their first name, last name, email, date of birth, password ... [more]

Other Security news and resources