Authentication lies at the heart of security — ensuring that only authorized users can access relevant data is the basis of keeping data safe and companies compliant. This is the role of identity and access management (IAM) systems. But in recent year…
Attack on South Korean targets part of a larger cyber-espionage campaign
The March 20 cyber-attack on South Korean financial services and media firms, known as Dark Seoul, was thought to be significant not only for the high-profile nature of the targets but also for the use of a Master Boot Record (MBR) wiping functionality…
Patch Tuesday preview: July 2013
Microsoft will issue seven security bulletins in this month’s Patch Tuesday tomorrow. Six are marked critical and one is marked important, heralding a busy period for both desktop and server admins.
99% of Android Devices Vulnerable to App Modification
A stealth start-up founded last year has discovered and described a vulnerability that it claims affects 99% of all Android devices – in fact every device sold since Android 1.6 (Donut); that is, nearly 900 million devices.
The European Parliament has voted in favor of a new directive on cybercrime
By a vote of 541 to 91, with 9 abstentions, EC proposals for a directive on stiffer penalties across Europe for cybercriminals have been adopted by the European Parliament. Denmark has chosen to opt out of the directive, preferring to maintain its own …
Darkleech now delivering ransomware
Darkleech compromises the Apache web servers that deliver a large part of the internet. It fetches an instance of the Blackhole exploit kit, which delivers the Nymaim ransomware. $300 to get your computer back.
Ubisoft, maker of Assassin’s Creed and Ghost Recon, breached
Ubisoft, the French game company that asked Kaspersky Lab to make sure hacking in its upcoming Watch Dogs game looks real, got hacked for real with names, emails and passwords stolen.
Identity Officer
This morning, Dave Kearns of KuppingerCole revived an old conversation started by my friend Matt Pollicove of CTI back in 2006 about the potential need for an Identity Officer. I had some comments then, but I wanted to add another thought now that I’m …
CEOP’s annual report on the threat of child abuse
The UK’s Child Exploitation and Online Protection Centre (CEOP) has published the second of its annual Threat Assessment of Child Sexual Exploitation and Abuse reports.
MI5 and GCHQ: Britain facing 70 advanced cyber attacks per month
The UK’s MI5 and the Government Communications Headquarters (GCHQ) have revealed that according to their information-gathering activities, Britain faces around 70 sophisticated cyber-espionage operations per month against its government and industry ne…