New malware, backdoor.ADDNEW, has been identified. It is based on the Russian DaRK DDoSer malware and has a surprising link with the Gh0st RAT trojan.
NullCrew hacks MoD – leaks thousands of plaintext credentials
NullCrew remembered the 5th of November by breaking into mod.co.uk and stealing and dumping more than 3400 email addresses and passwords. While the date of the breach cannot be verified, it does look as if it happened on the Guy Fawkes anniversary.
UK public sector tops £2m in data handling fines
Public sector organizations in the UK are leaking money thanks to a full £2 million in fines that councils, the NHS, police forces and others have seen in response to poor data handling.
Apple releases update for iOS addressing iPhone, iPad critical flaws
Apple has released a new iOS, version 6.0.2, that addresses a handful of vulnerabilities in the system affecting iPhone 3GS and later, the iPod touch fourth generation and later, and the iPad 2 and later devices.
Team GhostShell declares war on Russia – leaks 2.5 million records
Announcing its Project Hellfire back in August, hacking group Team GhostShell warned, “Two more projects are still scheduled for this fall and winter. It’s only the beginning.” Now it introduces Project BlackStar with an initial leak of 2.5 million rec…
ASIS revamps POA reference for security professionals
Security professional organization ASIS International has released a new edition of its Protection of Assets (POA) reference series, to dovetail with its 35h certification program anniversary and a stepped-up focus on global collaboration.
Georgia: Russia responsible for Georbot cyber-spy attack
In a testament to the ever-changing nature of state-sponsored cyber-espionage, the governmental Computer Emergency Response Team (CERT) of the Republic of Georgia has published a breakdown of the so-called “Georbot Botnet,” a campaign carried out again…
Megaupload takedown demonstrates the danger of storing data anywhere in the cloud
The Electronic Frontier Foundation (EFF) has warned about US government claims that a Megaupload user lost his property rights by using cloud storage has implications for all data stored by any user or company with any cloud provider, including Amazon’…
As the cloud expands, CSA offers guidance for Security as a Service
The Cloud Security Alliance (CSA) has released the Security Information and Event Management (SIEM) guidance report as part of its Security as a Service (SecaaS) Implementation Guidance.
A look at the Russian underground cyber market
“The Russian shadow economy is an economy of scale, one that is service oriented and that has become a kleptocracy wherein crony capitalism has obtained a new lease on life in cyberspace,” says a new report into the cybercriminal Russian underground.