Hackers from China breached the federal weather network recently, forcing cybersecurity teams to seal off data vital to disaster planning, aviation, shipping and scores of other crucial uses, officials said. NOAA did not say its systems were compromised.
Officials also said that the agency did not notify the proper authorities when it learned of the attack. NOAA officials declined to discuss the suspected source of the attack, whether it affected classified data and the delay in notification. Determining the origin of cyberattacks is very difficult and Chinese officials have denied repeated accusations that they intrude in U.S. government computer systems for espionage or other purposes.
Read moreA detailed analysis by cybersecurity experts from the University of Maryland found that website administrators nationwide tasked with patching security holes exploited by the Heartbleed bug may not have done enough.
First disclosed Heartbleed presents a serious vulnerability to the popular OpenSSL software, allowing anyone on the Internet to read the memory of systems that are compromised by the malicious bug. Experts analyzed the most popular websites in the United States to better understand the extent to which systems administrators followed specific protocols to fix the problem. Website administrators everywhere should have immediately taken three steps to regain better control and security over their systems.
Read moreResearchers have spotted a new technique used by phishers which could trick even more users into believing they are entering their information in a legitimate web form.
Instead of replicating as faithfully as possible a legitimate website, the attackers need only to set up a phishing page with a proxy program which will act as a relay to the legitimate site, and create a few fake pages for when users need to enter their personal and financial information. In the spotted attack, users are directed to the malicious site by clicking on a search result they got by entering a product's name. The attackers used a number of techniques to make the URL appear in the results.
Read moreComputers housing the world’s most sensitive data are usually isolated from the internet. They’re also not connected to other systems that are internet-connected, and their Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring mobile phones within range of the computers.
All of this is done to keep important data out of the hands of remote hackers. But these security measures may be futile in the face of a new technique researchers in Israel have developed for stealthily extracting sensitive data from isolated machines — using radio frequency signals and a mobile phone. The attack recalls a method the NSA has been secretly using for at least six years to siphon data in a similar manner.
Read moreAn investigation of this year's Home Depot hack reveals it wasn't just millions of credit card numbers that were stolen – millions of email addresses were pilfered, too. Along with credit card numbers stolen from Home Depot earlier this year, investigators said that a great amount of email addresses were taken, too.
A joint investigation of law enforcement officials, Home Depot representatives and independent security analysts found that no "passwords, payment card information or other sensitive personal information" was held in the stolen files which contained the customer email addresses. The investigation report detailed how the hack occurred.
Read moreDo you know the weakest link in the security chain that protects your personal data, banking files and other kinds of critical information? It’s you. For years there was one great threat that no security system could truly stand against: the human factor.
Nowadays, IT pros from security departments answer the question of what to allow and disallow: prohibit too much and employees will start to ignore rules or they will not be able to work efficiently. Give them too much freedom and you risk critical corporate information and their precious personal files draining away at data signaling speed. There will never be a balance until we learn that we are responsible for the data leakages that we cause.
Read moreA cyberattack on federal security clearance contractor USIS, was unnoticed for months before it was revealed by the company and government agencies earlier this year.
Officials and others familiar with an FBI investigation and related official inquiries told that the breach, similar to previous hacker intrusions from China and cost the company hundreds of millions of dollars in lost government contracts. In addition to trying to identify the perpetrators and evaluate the scale of the stolen material, the government inquiries have prompted concerns about why computer detection alarms inside the company failed to quickly notice the hackers.
Read moreAs banks and retailers are barreling toward a 2015 deadline to replace magnetic-stripe credit and debit cards with more secure cards that come embedded with a microchip, researchers have announced a critical flaw in the card system.
The card system fails to recognize transactions made in non-UK foreign currencies and can therefore be tricked into approving any transaction. What’s more, because the cards allow for contactless transactions, wherein consumers need only to have the card in the vicinity of a reader without swiping it, a thief carrying a card reader designed to read a card that’s stored in a wallet or purse could conduct fraudulent transactions without the victim ever removing their card.
Read moreIn his career-ending extramarital affair that came to light in 2012, General David Petraeus used a stealthy technique to communicate with his lover Paula Broadwell: the pair left messages for each other in the drafts folder of a shared Gmail account.
Now hackers have learned the same trick. Only instead of a mistress, they’re sharing their love letters with data-stealing malware buried deep on a victim’s computer. Researchers say they’ve found a strain of malware on a client’s network that uses that new, furtive form of “command and control”—the communications channel that connects hackers to their malicious software—allowing them to send the programs updates and instructions and retrieve stolen data.
Read moreThe size and volume of distributed denial-of-service attacks has exploded in the past year, with a 389 per cent increase in average attack bandwidth between the third quarter of 2013 and the third quarter of 2014.
This should make companies consider using Cloud-based security services, such as the DDoS filtering technology Akamai provides. Defending against DDoS attacks in the cloud gives companies the ability to fight and deflect these attacks with a distributed infrastructure. One extended campaign targeting a gaming site featured 39 distinct DDoS attacks over a two-month period, with eight of the attacks peaking at over 100 Gbps.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland