Cybersecurity

The U.S. Transportation Security Administration, part of the Department of Homeland Security, has spent more than a billion dollars on full-body scanners designed to strengthen airport security. It turns out that at least one model of scanner in use for four years -- the Rapiscan Secure 1000 full-bo...

In a move influenced by Edward Snowden's revelations about the NSA's email snooping, Yahoo and Google last week announced that they were cooperating on end-to-end encrypting their webmail products. "We will release source code this fall so that the open source community can help us refine the experi...

The NSA is working on a new program codenamed "MonsterMind" that will automate the monitoring of traffic patterns on the Internet to look for attacks, whistleblower Edward Snowden revealed. When it detects an attack, MonsterMind will automatically block it from entering the U.S. cyberinfrastructure....

News that a Russian gang has stockpiled more than a billion purloined user name and password combinations has revved up the Internet's reputation as a post industrial Wild, Wild West. Just how much havoc will be raised by the gang remains to be seen. The data thieves so far appear content to use the...

USIS, the contractor that did the background checks on Washington Navy Yard shooter Aaron Alexis and NSA leaker Edward Snowden, on Thursday reported that its computer systems have been breached. "Our internal IT security team recently identified an apparent external cyberattack on USIS' corporate ne...

A Russian cybercriminal gang so far has stolen 4.5 billion credentials, of which 1.2 billion appear to be unique, Hold Security has announced. The credentials belong to more than 500 million email addresses. Two reports released Tuesday may help explain why the cybergang was so successful. About 92 ...

There are a lot of things going on at the moment. Israel is tactically defending itself against Hamas -- winning the battles but losing the war, because the Israeli government can't see the big picture. The U.S. is still blaming Snowden for leaks, even though Russia clearly is able to pull damaging ...

News that two Carnegie-Mellon CERT researchers have developed an inexpensive way to breach the Tor network has the project, privacy advocates, and probably criminals who use the network equally concerned. The Tor Project posted has advised relays to upgrade to Tor 0.2.r.23e or 0.2.5.6-alpha to close...

Russia wants Apple and SAP to turn over their source code in yet another instance of fallout resulting from leaks about NSA surveillance activities. The suggestion reportedly came last week, when Communications Minister Nikolai Nikiforov met with executives of the two companies: Peter Nielsen, Apple...

SPOTLIGHT ON SECURITY

Hackers Back to Their Old Tricks

Old tricks that have helped hackers penetrate computers for months or longer worked again last week at Goodwill and Stubhub. Taking a page from the gang that pillaged payment card and personal information from Target last year, hackers clipped payment card information from an undisclosed number of G...

SPOTLIGHT ON SECURITY

Failure to Communicate Hamstrings Cyberdefenders

A failure to communicate between security pros and company brass may be contributing to the inability of a significant number of organizations to reduce the risk of cyberattacks on their systems. That was one of the findings last week in a study conducted by the Ponemon Institute and sponsored by We...

The Tor Project is working to remedy a vulnerability in its anonymity software following the sudden cancellation of a talk at next month's Black Hat security conference in Las Vegas that would have revealed it. The planned talk, entitled "You Don't Have to be the NSA to Break Tor: Deanonymizing User...

The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain con...

Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database. The Project Zero team has promised to send bug r...

It's a given that hackers can and do penetrate websites with laughable ease, ranging from those of retailers to those of the United States government. It certainly doesn't help the security-minded to know that the U.S. National Security Agency and other countries' spy agencies, including the UK's GC...

Technewsworld Channels