The security researcher and self-proclaimed internet troll earned 41 months behind bars Monday for his role in using a script to retrieve data on roughly 120,000 Apple iPad users from a public web server.
Whistleblowing organizations like WikiLeaks and accused hacktivists like Hammond are not foreign spies lusting to plunder intellectual property from U.S. corporations and government agencies in order to profit and gain a competitive advantage.
The FBI and DoJ are targeting high-level U.S. officials in hopes of learning who released classified information about Stuxnet to the press. What the government is not doing is publicly explaining why it launched Stuxnet.
Hopefully the death of Aaron Swartz will lead to awareness and changes that prevents a future genius, who has so much more to offer internet users across the world, from a suicide by hanging.
The cozy relationship between national security reporting and the United States government was back on full display Wednesday with a story from the New York Times, headlined "Bank hacking was the work of Iranians, officials say."
Prosecutors around the country are sending a clear message to hackers and activists who want to use their computers to promote a political ideology: We plan to throw the book at you.
The sophisticated worm Stuxnet must be mentioned in any stories or discussions around Israel being targeted by attacks related to its ongoing conflict with Gaza.
The third and final presidential debate was heavy on the kinetic and light on the cyber. And it shouldn't have surprised anybody.
Just skimming the headlines last week, one would think cyber space blew up. But it was just a few DDoS attacks. And with a White House cyber security executive order looming, it's critical that all stakeholders act with reason.
In the high-priced market of exploit sales, developers resist government regulations -- but are more than happy when one wants to open its coffers to them.
Private and public sectors must take seriously the need to share threat data to prevent cyber attacks, but a heavy-handed approach like CISPA places us at far greater risk as a country.
It's time for Apple to step up its game when it comes to dealing with security threats.
Hugh Thompson, an adjunct professor at Columbia and program committee chairman of the RSA Conference, got me thinking that, in the face of hacktivism, security these days also means deliberating business practices.
When it comes to stopping individuals who want to compromise industrial control systems, the Anonymous group is certainly not Enemy No. 1.
Hiding the facts behind a cyberattack only stands to benefit the criminal.
Just when you thought a company would bend, but not break, in the wake of a major data breach, a certificate authority went bankrupt just weeks after coming clean.
Couldn't make it to Black Hat? Don't worry -- we've got you covered with what's making news.
Cybercriminals have "brandjacked" our trusted name, and we feel obligated to let you know.
The actions of the hacktivist group LulzSec could lead to better security across industries -- or force the internet to become a much less enjoyable place.
There's an old adage in sports that defense wins championships. The information security industry may need to become more familiar with it.
Most security companies, I like to believe, are noble and ethical enterprises. Yes they make good money out of the fact that the online world is a dark, scary place, but they also provide an invaluable service: protecting innocent individuals and organizations from the dangers that lurk in the shadows.
After speaking last night with a journalist who is covering the anti-government protests in Egypt, MSNBC's Rachel Maddow joked that she had been tempted to stop everything during the interview to tweet what the reporter had been telling her.
In this instance, the public fervor isn't over the release of secret diplomatic cables but a U.K. academic paper detailing a vulnerability in chip-and-PIN.
I'm sorry to hear that federal prosecutors, in a desire to get WikiLeaks founder Julian Assange to the United States to face charges for his role in the exposure of classified diplomatic cables, are turning to the Computer Fraud and Abuse Act for help.
If you think there is nothing personal to gain for public officials who use words like "cyberterrorism," think again.
Pardon me for being a little suspicious of the so-called Lieberman-Collins-Carper cybersecurity bill.
I recently chatted with Randi Levin, CTO of the city of Los Angeles, for a cover story I'm writing about cloud computing and the security ramifications of the technology.
DEFCON is in sight, but not before the final day of Black Hat. Here's what's making news.
Here are some interesting tidbits coming out of the first day of the world's biggest hacker conference, taking place in Las Vegas.
Never mind the fact that Windows users are at risk to malicious code, the release of zero-day vulnerability affecting Windows XP systems has added fire to two age-old battles: bug secrecy versus disclosure and Google versus Microsoft. Neither seem resolvable.
Think of the Gulf oil spill as a breach not spewing barrels of a viscous liquid but lots of credit card numbers. How does your organization plan to respond from a public relations perspective?
When I typed "How do I" into Google today, the first auto response to show was "How do I delete my Facebook account?" "Whaaat?" was my first reaction. After all, this is the most popular website in the world. Why would anyone want to leave it?
All signs point to Thursday's Sun Java update being a fix for a gaping vulnerability in Sun Java, but Oracle has yet to confirm it.
The information security industry took a step back this week with news that the CISO of the state of Pennsylvania, Bob Maley, lost his job, likely over remarks he made during a panel discussion last week at the RSA Conference.
One of the great unintended consequences of my job, having covered the IT security space for nearly four years, is my great inability to accurately gauge the awareness that mainstream America has for cyber-risks.
Just how true is a Wall Street Journal report that Citigroup lost tens of millions of dollars to hackers? Let's put our conspiracy theory goggles on.
Time and time again, we've seen information security regulations and guidelines delayed due to the burden they might impose on small businesses. This bowing down must end.
Joe Simitian, a Democratic state senator from California, is still scratching his head, some two weeks after Gov. Arnold Schwarzenegger vetoed SB-20, an update to the landmark 2003 Golden State breach notification bill, known as SB-1386.
The security of online banking is being tested like it's never been tested before. A number of recent incidents have made the news in which...
As we gear up for the 20th anniversary edition of SC Magazine, set to drop in November, I've been forced to get pretty nostalgic...
I am just back from two weeks on jury duty. The hours were good, lunch in Chinatown was a treat, and I was heartened by...
Ever since the economy went down the toilet, and President Obama took office, I've been doing a lot of thinking about infrastructure -- and how...
News this week that Juniper Networks had pulled Barnaby Jack's planned Black Hat presentation and demo on ATM software vulnerabilities was met with dismay...
News late last week that Jeff Moss was appointed as one of 16 fresh faces to the U.S. Department of Homeland Security Advisory...
First it was Microsoft, then Oracle, then Cisco, and now Adobe.
The San Jose, Calif. maker of the ubiquitous Acrobat and Reader software is...
If there was one buzzword during the recent RSA Conference that permeated across the session halls at the Moscone Center (and likely even reached...
I just got finished reading a lengthy article about Facebook in New York Magazine - easily my favorite magazine in the whole world, well,...
Well, as most rational-minded people predicted, April 1 came and went with a barely a whimper (as far as we know) from our pal...
I have a pretty good feeling that on April 1, the joke will be on us.
Us, being the media, which has flocked to...
Was the campaign for Sen. Norm Coleman, R-Minn., serious when it tried to throw around a bunch of fancy security technology jargon and emotion-provoking adjectives...
The SC Magazine team was not in Washington, D.C. for the Black Hat show, but we certainly didn't want the great research revelations and other...
The latest trend in cybercrime appears to be trying to crack into the websites belonging to companies that are in the business of stopping cybercrime.
When Google flagged the entire World Wide Web as malicious for about an hour stretch on Saturday morning EST, I was fast asleep, nursing...
The Payment Card Industry Data Security Standard (PCI DSS) took a severe blow this week when leading payment processor Heartland Payment Systems announced it...
When President-elect Barack Obama is sworn in today as the 44th commander-in-chief, will his BlackBerry be bolted to his belt, as we have become so...
There's a lot of bad news circulating these days around cyberthreats - and I'll spare you the somber recount, especially on a Friday.
So,...
One of the bigger announcements coming out of Macworld Expo in San Francisco today is a new pricing structure for iTunes: Beginning today, songs on...
It's been more than five years since California passed its pioneering SB-1386, which requires companies that lose personal information of customers to notify them, took...
I have a surefire way to gauge the state of the economy: Count how many holiday cards I receive in my office mailbox.
Two...
Each and every day, we write about the latest IT security news - and often our connection to the story ends right after we hit...
This had to tick off a lot of people: I read this week that convicted New Zealand bot herder Owen Thor Walker, 19, did not receive any...
With a new presidential administration about to take office, many are hopeful that the “change” promised on the campaign trail will begin to take effect...
The web, you see, is connectionless at bottom. I’m not referring to protocols, for those of you technically bent.
What I mean, in a...
In today's sophisticated threat landscape, innovation is a critical component to an effective defense strategy.
That innovation typically comes to bear at the tiny technology companies, whose goal,...
Spam filters, junk mail folders and honeypots across the globe got a much-needed respite this week after a Northern California-based web hosting firm - McColo -
There’s nothing new about heading to the polls and picking a president, but citizens have a new source today for obtaining the results: the internet.
Lately, it seems everything's (and everyone's) been going rogue.
You might be most familiar with claims by an aide of Sen. John McCain that GOP...
It wasn't too long ago that Microsoft bore constant criticism for its lack of transparency regarding security vulnerabilities and subsequent fixes.
One cannot objectively...
H4ck3rs Are People Too is a recently released documentary that gives an enlightening and...
In a few hours at a press conference in California, Apple is expected to announce two new MacBook laptops priced at around $1,200 and $1,500....
Fox News, in an exclusive, says yes.
Citing some unnamed sources, Fox reported Friday that the World Bank, which provides financial assistance to developing...
When I wrote this week about the breach at the University of Indianapolis, in which the personal data of some 11,000 students, faculty and...
The launch today of Android, Google’s new cell phone OS, has elicited the usual hoopla.
The system, in partnership with T-Mobile’s G1 cell phone,...
After word spread that a hacker leaked the contents of vice presidential candidate Sarah Palin's Yahoo email account by knowing a couple of pieces...
Considering two years of feedback have gone into revising the Payment Card Industry Data Security Standard (PCI DSS) for its next coming-out party, the most...
To believe the data, the trends, the analysts and the other interested observers, lawlessness is the status quo in computer security.
I’m just talking...
A new spam campaign is emerging that exploits the seedier side of computer users. In a new wave of social engineering, in language that might...
As the field of information security continues to evolve into, well, a true field, many professionals are starting to ask themselves: How should I be approaching my...
Because our current administration seems committed to conditioning Iraqi security forces (with the hope that they'll be able to restore order when U.S. troops eventually withdraw),...
The news: Gary McKinnon, the alleged NASA hacker, has failed in his last ditch appeal to the European Court of Human Rights to have his...
As the Rolling Stones used to say, “What can a poor boy do?"
Despite taking all the prescribed precautions and having proper defenses in...
“So, I have this watch I’d like to sell you. You probably don’t need a watch, and...
The university environment tends toward open communications. The free flow of information is not only encouraged, but necessary for learning. Millions of students at these...
Perhaps it's the writer in me, but I view a federal judge's decision to bar three MIT students from presenting research findings at the...
It’s been a busy time on the cyber warfare front. First there were rumblings of attacks on Georgia governmental websites, then actual attacks, followed by...
After his presentation at the Black Hat conference in Las Vegas, keynoter Ian O. Angell, professor of Information...
Ladies and gentlemen, we got 'em.
The Saddam Husseins of the computer hacker world have been caught, federal authorities announced today.
(Of...
Imagine a web browser that sits as an application on your desktop. If you click to open, it delivers you to a previously set website....
News item:
The Neosploit team is leaving the IT underground.
Citing a negative return on investment, the Neosploit developers are walking away from...
Maybe it’s just me, but it seems that some small inroads are being made by law enforcement in fighting cybercrime. For example, in recent weeks...
Last Thursday, I wrote a news article for the SC website covering a speech on cybersecurity that Sen. Barack Obama delivered at Purdue...
A federal judge has put off until next week the sentencing of so-called spam king Robert Alan Soloway. More witnesses need to take the stand,...
Some somber news to report in the information security community.
Sunbelt Software points us to this sad account of Webroot co-founder Steven Thomas....
As thousands of people prepare to visit China for next month’s Olympics, the question arises: What precautions should tourists take to protect digital devices, such...
In an era of shameless self promotion, it’s time to be shameless. SC Magazine is planning a conference, called the SC World Congress, that will...
It was a tiny glitch, but one of those annoying obstructions to the work process.
Art director Brian Jackson and I both were having...
As one security researcher told me not too long ago, we are in the "golden era of the web attacker."
At the time, we...
Human nature can rarely change, and when it does, it is mostly a reaction to environmental variation. This is Darwinism, and was famously reflected in...
What will it take for public attitudes to shift regarding data theft?
Despite state laws on the books and several well-publicized -- and dozens...
Apple has had a lot of good days in its 32-year history. More good days than most companies on this planet.
But today, at...
