"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
The attacks, which occurred at four department locations, were not described in detail, but were deemed "successful" for adversaries, according to the annual audit.
The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
News that the U.S. was considering a cyberattack to disable Libya's radar system may indicate knowledge of the same flaws Israel is believed to have used against Syria in 2007.
Portsmouth, N.H.-based certificate authority (CA) GlobalSign plans to be back fully operating on Monday after temporarily suspending the issuance of SSL credentials due to claims from a hacker linked to attacks on Comodo and DigiNotar. In a Monday post to Pastebin, a hacker claimed responsibility for the major attack on DigiNotar and said he has access to four other CAs, including GlobalSign. "We are adopting a high-threat approach to bringing services back online and we are working with a number of organizations to audit the process," the company said in a news release. GlobalSign is still investigating the hacker's claims, but said it believes CAs are facing an "industry-wide" attack.
A Chinese military documentary appears to offer a rare glimpse of an actual state-sponsored hacking tool being used to attack a U.S. website affiliated with the dissident Falun Gong religious movement.
The Anonymous hacking collective on Monday released tens of thousands of military credentials, in addition to details on alleged questionable business practices at consulting firm Booz Allen Hamilton.
Months after hackers invaded the computer systems of at least three federal government institutions employees are still feeling the effects.
The FBI must bolster its information sharing and cybersecurity expertise to effectively investigate and combat the most serious cyber intrusions, according to a new audit.
Attack toolkits have been refined to the point where they are producing high success rates for their criminal users.
Comodo has confirmed that two additional registration authorities affiliated with the company also were compromised in a highly publicized SSL certificate fraud attack disclosed last week.
Cybercriminals have shifted their efforts from targeting individuals' personal information to the intellectual capital of global corporations, according to a report released Monday.
The number of cyber incidents affecting U.S. federal agencies shot up 39 percent in 2010, according to a new report from the Office of Management and Budget (OMB), but experts said the increase is partly a reflection of improved discovery capabilities within government.
The global financial services firm was targeted by the same Chinese hackers that attacked systems at Google and Adobe, according to internal emails stolen from HB Gary.
Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers believed to be from China to steal proprietary information about oil and gas field bids and operations, according to Bloomberg News. McAfee earlier this month disclosed details about the intrusions, dubbed "Night Dragon." The security firm, however, did not list any of the victim companies. According to Bloomberg, citing unnamed individuals familiar with the investigations, the list of targeted companies also includes Marathon Oil, ConocoPhillips and Baker Hughes. — AM
More than 100 foreign intelligence agencies have attempted to penetrate U.S. government defense networks, a Pentagon official said Tuesday at the 2011 RSA Conference in San Franscisco.
Sophisticated hackers, believed to be from China, have broken into the networks of several global oil, energy and petrochemical companies.
#OpEgypt and #Jan25 lead in this cyberwarfare analysis on psychological operations using social media. The old-school mobile phone is now the instrument of real-time sitreps. Will cellular network technology be the next risk for state-sanctioned cyberwarfare? Part three of a series.
Cybercrime attack toolkits are now used in the majority of internet attacks, according to a report released Tuesday by Symantec.
The number of breaches affecting Canadian organizations grew last year, but the cost associated with these incidents decreased by more than $654,000 - or almost 80 percent - during the same period.
Cyberwarfare is the boogeyman of 2011. If the risks are real, who holds responsibility for collapses of the power grid and communication networks?
Stuxnet has radically changed the global perception of cyberwarfare leveraging internet-connected SCADA vulnerabilities of critical infrastructure. Will the lights stay on or are we in for trouble?
The Google-China attacks, revealed in January, kicked off a year in which the threat of cybespionage to steal corporate and government secrets firmly entrenched itself as part of the security battle zone.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context