Latest Hacking and intrusion prevention News

IT security lessons that Australia can teach us (2/2)
posted on 22/03/2012

This fully-embedded firmware approach is fairly unique to SCADA-based operating systems, but helps one to understand that a highly controlled operating system and software environment – as mandated under the Australian DSD’s diktat - has a far lower risk of subversion than the free-for-all software approach see in the cost-cutting UK public sector. Here at Avecto, whilst we understand the impetus behind moving to open source software that a growing number of UK government departments and allied public sector agencies are moving towards as part of their cost-cutting strategy, this does not mean that the Australian ideas enshrined in the DSD report cannot also be applied here in the UK. This is because the principle on which our security offerings are built is Windows privilege management - namely the control over who has access to specific applications running on the corporate IT platform, as well as the underlying data. This means, for example, that if the admin team only run their... [more]

Cryptzone says $1.5m penalty over loss of million-plus US healthcare records is an insult to the customers concerned
posted on 16/03/2012

Commenting on a $1.5 million penalty handed down to BlueCross BlueShield for the 2009 theft of 57 unencrypted hard drives from the US health insurer, Cryptzone says that the real penalty has been borne by the million-plus customers whose personal information was stolen. Daniel Nilsson, Chief Business Development Officer for the European IT threat mitigation specialist, says that the loss of the patient data – which included their names, US Social Security numbers, dates of birth, health plan IDs and diagnosis information – was a gross invasion of privacy for the customers concerned and will have been worrying to many of the more vulnerable, including the long-term unwell and elderly amongst them. “Frankly, if I were a client of this health insurer, I would feel aggrieved and insulted that my personal details – including the health problems I was being treated for – were worth less than $1.50 per patient. If this had happened in Europe under the proposed EU data breach penalties, the f... [more]

The RSA Security breach – 12 months down the technology turnpike by Andy Kemshall – CTO SecurEnvoy
posted on 16/03/2012

It’s been 12 months since the security world woke to the horror that RSA Security’s systems had been compromised and – as the company has reluctantly confirmed – its many tens of millions of SecurID hardware tokens would have to be re-issued to clients. Andy Kemshall, CTO of SecurEnvoy, reviews the IT security fiasco and what could have been done to prevent the fallout… The sophisticated multi-pronged attack that struck RSA Security last March has resulted in the high profile IT security vendor overhauling the manufacturing and distribution of its SecurID tokens. For readers who may have overlooked the saga, the attack compromised RSA Security's network of about 40 million tokens and involved the use of stolen SecurID information to launch an attack on a key RSA Security customer, Lockheed Martin, the US defence contractor in the early spring of last year. Whilst RSA officials have sought to minimise the fallout from the security faux pas - pointing to the fact that it has staged ... [more]

Microsoft SharePoint and LinkedIn data at risk from Framesniffing Attacks
posted on 14/03/2012

Context Information Security has highlighted a weakness in Internet Explorer, Chrome and Safari web browsers that enables remote attackers to steal sensitive information held on private Microsoft SharePoint sites, as well as mine data from other public websites such as LinkedIn. In these Framesniffing Attacks, a hidden HTML frame is used to load a target website inside the attacker's malicious webpage to read information about the content and structure of the framed pages. The attack bypasses browser security restrictions that are meant to prevent webpages directly reading the contents of third-party sites loaded in frames. “Using Framesniffing, it's possible for a malicious webpage to run search queries for potentially sensitive terms on a SharePoint server and determine how many results are found for each query,” said Paul Stone, senior security consultant at Context. “For example, with a given company name it is possible to establish who their customers or partners are; and once this ... [more]

Fake Antivirus aimed at businesses and consumers identified by GFI® Software
posted on 09/03/2012

GFI® Software has identified new variations of rogue security code aimed at businesses and consumers, often distributed through spam carrying the Blackhole exploit GFI Software released its VIPRE® Report for February 2012, a collection of the 10 most prevalent threat detections encountered during the month. Most notably, GFI Labs has been documenting a new wave of fake antivirus applications (or rogue AV) on its Malware Protection Centre blog. Growing since the start of the year, last month brought a significant spike in new variations of rogue AV. “While the velocity at which rogues were successfully propagating may have slowed toward the end of last year, they are certainly back now, and they remain a popular tactic among cybercriminals,” said Christopher Boyd, senior threat researcher at GFI Software. “Users should not let their guard down. As always – no matter how convincing they look – always take the time to evaluate any piece of software that claims your PC is infected, prompt... [more]

Other Security news and resources