"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
Microsoft issued a temporary fix for a vulnerability in the Windows kernel used to spread Duqu, the so-called "son of Stuxnet" trojan.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
The attacks, which occurred at four department locations, were not described in detail, but were deemed "successful" for adversaries, according to the annual audit.
The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
News that the U.S. was considering a cyberattack to disable Libya's radar system may indicate knowledge of the same flaws Israel is believed to have used against Syria in 2007.
Portsmouth, N.H.-based certificate authority (CA) GlobalSign plans to be back fully operating on Monday after temporarily suspending the issuance of SSL credentials due to claims from a hacker linked to attacks on Comodo and DigiNotar. In a Monday post to Pastebin, a hacker claimed responsibility for the major attack on DigiNotar and said he has access to four other CAs, including GlobalSign. "We are adopting a high-threat approach to bringing services back online and we are working with a number of organizations to audit the process," the company said in a news release. GlobalSign is still investigating the hacker's claims, but said it believes CAs are facing an "industry-wide" attack.
A Chinese military documentary appears to offer a rare glimpse of an actual state-sponsored hacking tool being used to attack a U.S. website affiliated with the dissident Falun Gong religious movement.
The Anonymous hacking collective on Monday released tens of thousands of military credentials, in addition to details on alleged questionable business practices at consulting firm Booz Allen Hamilton.
Months after hackers invaded the computer systems of at least three federal government institutions employees are still feeling the effects.
The FBI must bolster its information sharing and cybersecurity expertise to effectively investigate and combat the most serious cyber intrusions, according to a new audit.
Attack toolkits have been refined to the point where they are producing high success rates for their criminal users.
Comodo has confirmed that two additional registration authorities affiliated with the company also were compromised in a highly publicized SSL certificate fraud attack disclosed last week.
Cybercriminals have shifted their efforts from targeting individuals' personal information to the intellectual capital of global corporations, according to a report released Monday.
The number of cyber incidents affecting U.S. federal agencies shot up 39 percent in 2010, according to a new report from the Office of Management and Budget (OMB), but experts said the increase is partly a reflection of improved discovery capabilities within government.
The global financial services firm was targeted by the same Chinese hackers that attacked systems at Google and Adobe, according to internal emails stolen from HB Gary.
Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers believed to be from China to steal proprietary information about oil and gas field bids and operations, according to Bloomberg News. McAfee earlier this month disclosed details about the intrusions, dubbed "Night Dragon." The security firm, however, did not list any of the victim companies. According to Bloomberg, citing unnamed individuals familiar with the investigations, the list of targeted companies also includes Marathon Oil, ConocoPhillips and Baker Hughes. — AM
More than 100 foreign intelligence agencies have attempted to penetrate U.S. government defense networks, a Pentagon official said Tuesday at the 2011 RSA Conference in San Franscisco.
Sophisticated hackers, believed to be from China, have broken into the networks of several global oil, energy and petrochemical companies.
#OpEgypt and #Jan25 lead in this cyberwarfare analysis on psychological operations using social media. The old-school mobile phone is now the instrument of real-time sitreps. Will cellular network technology be the next risk for state-sanctioned cyberwarfare? Part three of a series.
Cybercrime attack toolkits are now used in the majority of internet attacks, according to a report released Tuesday by Symantec.
The number of breaches affecting Canadian organizations grew last year, but the cost associated with these incidents decreased by more than $654,000 - or almost 80 percent - during the same period.
Cyberwarfare is the boogeyman of 2011. If the risks are real, who holds responsibility for collapses of the power grid and communication networks?
Stuxnet has radically changed the global perception of cyberwarfare leveraging internet-connected SCADA vulnerabilities of critical infrastructure. Will the lights stay on or are we in for trouble?
The Google-China attacks, revealed in January, kicked off a year in which the threat of cybespionage to steal corporate and government secrets firmly entrenched itself as part of the security battle zone.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- CozyDuke APT group believed to have targeted White House and State Department
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure