Study: Cybercrime Costs Grow 26%

A big challenge when attempting to drum up support for investments in information security is demonstrating the cost of data breaches and other cybercrimes. But because very few cyber-attack victims have revealed the costs involved, sizing up the potential financial impact is tough. And that can make it ...

Europol Confirms Arrest of Blackhole Exploit Kit Creator 'Paunch'

Following 24 hours of uncertainty, Europol has confirmed that the renowned Russian cyber-criminal known as Paunch has been arrested.An artist\\'s illustration shows a supermassive black hole, a phenomenon which gives its name to one of the most prevalent cyber-threats on the web. (Reuters)In a move likely to have ...

WHOIS Privacy Plan Draws Fire

Internet regulators are pushing a controversial plan to restrict public access to WHOIS Web site registration records. Proponents of the proposal say it would improve the accuracy of WHOIS data and better protect the privacy of people who register domain names. Critics argue that such a shift would ...

FBI confirms they were behind Freedom Hosting's takeover

Posted on 16 September 2013.|Have you faced any of these situations: malware infection, cracked passwords, defaced website, compromised DNS, licensing violations, stolen hardware and other issues which can cause cardiac arrest?Posted on 13 September 2013.|Medical identity theft is a national healthcare issue with life-threatening and hefty financial consequences.

London Underground cleaners to refuse fingerprint clock-on

Cleaners working on the London Underground will resort to industrial action this week in protest against the introduction of a controversial biometric clocking-in system.Starting at just after midnight on Thursday morning, "up to 300 cleaners" will join in the action by refusing to scan their fingerprints every time ...

"Stop spy on us!" 14 NASA sites hacked

Over 170,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest security threats. Don\\'t show me this againHi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security ...

How the US government inadvertently created Wikileaks

I was in Germany for Chaos Congress 2009, a hacker conference, and after attending a series of talks I was headed back to my hotel when I spotted Julian Assange. This predated my working as a project manager at DARPA as a hacker-in-residence, if you will. It was ...

Magic Lantern: Keyboard Recorder of the FBI

Rumors of Magic Lantern first hit the internet airwaves when Bob Sullivan, a prominent journalist and co-founder of MSNBC network, accused the FBI for using powerful keylogger software to aid in its investigations of extortion and harassment. The Bureau denied the allegations until official FBI documents produced in court proved that the FBI had developed the tool, in 2002 . This high-tech keyboard Recorder was capable of remote installation unlike previous keyloggers which had to be physically installed in a target computer. The documents further stated that the use of ...

Argentine teenage 'superhacker' held

Police in Argentina have arrested a 19 year-old man accused of heading a gang of hackers who targeted international money transfer and gambling websites. Dubbed "the superhacker", the teenager was making $50,000 (£31,500) a month, working from his bedroom in Buenos Aires, police say. The arrest operation shut ...

FBI Admits It Controlled Tor Servers Behind Mass Malware Attack

It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors.Freedom Hosting’s operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas. It’s not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted ...

New Passive Vulnerability Scanner (PVS) 4.0 Released

The Passive Vulnerability Scanner (PVS) version 4.0 was released today and is available to the public. It features a brand-new HTML5 web-based interface and a standalone version, allowing users to track and review vulnerabilities discovered from sniffing network traffic.View a two-minute video by Tenable Technical Product Manager Jack ...

Security of Java takes a dangerous turn for the worse, experts say

The security of Oracle\\'s Java software framework, installed on some three billion devices worldwide, is taking a turn for the worse, thanks to an uptick in attacks targeting vulnerabilities that will never be patched and increasingly sophisticated exploits, security researchers said.The most visible sign of deterioration are in-the-wild ...

IOActive Labs Research: Vulnerability bureaucracy: Unchanged after 12 years

One of my tasks at IOActive Labs is to deal with vulnerabilities; report them, try to get them fixed, publish advisories, etc. This isn\\'t new to me. I started to report vulnerabilities something like 12 years ago and over that time I have reported hundreds of vulnerabilities - many of them found by me and by other people too. It\\'s really sad to tell that, as of right now, 12 years later, I continue to see most (if not all) of the same problems. Not only that, but some organizations ...

Phishers use free iPhone 5S as lure ahead of launch

Posted on 6 September 2013.|This article discusses what DoS attacks are, some various types of DoS attacks, tips to keep them at bay, and references to security tools to help you mitigate vulnerabilities.Posted on 5 September 2013.|A new Ponemon Institute study examined the disconnect between an organization’s commitments ...

Limit Exposure to Facebook Friends of Friends

Yesterday, Forbes reporter Kashmir Hill asked a question which has been on my mind for years:Why Doesn\\'t Facebook Show You What A \\'Friend of a Friend\\' Sees On Your Profile?The question is in reference to Facebook\\'s \\'View As\\' feature which can be used to audit your account. And ...

Google encrypts data amid backlash against NSA spying

Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday.The move by Google is among the most concrete signs yet that recent revelations about the National Security Agency’s sweeping surveillance efforts have provoked significant backlash within an American technology industry that U.S.

FBI accused of planting backdoor in OpenBSD IPSEC stack

In an e-mail sent to BSD project leader Theo de Raadt, former NETSEC CTO Gregory Perry has claimed that NETSEC developers helped the FBI plant "a number of backdoors" in the OpenBSD cryptographic framework approximately a decade ago.Perry says that his nondisclosure agreement with the FBI has expired,

Majority of Tor crypto keys could be broken by NSA, researcher says

The majority of devices connected to the Tor privacy service may be using encryption keys that can be broken by the National Security Agency, a security researcher has speculated.Rob Graham, CEO of penetration testing firm Errata Security, arrived at that conclusion by running his own "hostile" exit node ...

Insecure home webcam crackdown

A company whose home cameras were hacked, causing privacy intrusions for hundreds of people, has been admonished by the US Federal Trade Commission.The FTC scolded manufacturer Trendnet for the weaknesses that meant supposedly private video feeds were in fact viewable by anyone online.Commonly referred to as the Internet ...

Obad.a Trojan now being distributed via mobile botnets

For the first time malware is being distributed using botnets that were created using completely different mobile malware.