The Cost of Cyber-Spying: Boredom, Bitterness

A blog reportedly written by a Chinese military hacker hints at the drudgery of building viruses. continue…

A Brute Force Defense Against Injection Attacks

Injection attacks are a common security problem for Web developers. The interpreted nature of most development languages makes them especially vulnerable to these attacks. This article explains what an injection attack is and provides some simple steps that you can take to defend your site against them. What is an Injection Attack? An injection attack takes place when a malevolent programmer puts code in the query string or other parts of the HTTP request. The interpreter executes the malicious code,… continue…

Symantec Pushes Back Against New York Times Hacking Report

Posted In Cloud
Symantec has issued a statement about its role in the recent cyber-attacks on The New York Times. continue…

The Hunt for Red October

Posted In Cloud
Kaspersky Lab has spotted a cyber-espionage campaign, dubbed “Red October,” that’s existed for at least five years. continue…

The 2012 Breakdown of Data Breaches. Ho ho ho

Cartoon Thief
Security breaches are expected nowadays. Their occurrence can seem routine to those of us who don’t spend our professional lives preoccupied with finding new ways to stop them. If you want to get a sense of how the numbers break down, here’s an infographic that sums it all up nicely, with a holiday theme to lighten it up. Infographic: Mobistealth

For Hacker Intelligence, Visit Their Forums

Mind Power
The best way to protect your networks is to think like a hacker, and the best way to find out what hackers think is to spend some time on their public discussion boards. This is exactly what the analysts from Imperva, a security research firm, did and the results are intriguing. In last month’s Hacker Intelligence Report #13, they looked at one of the largest discussion forums (they don’t reveal which one, but it has a quarter of a million… continue…

Has Sony’s PlayStation 3 Finally Been Hacked For Good?

Posted In Living in Tech
Redesigned Sony Playstation 3
Sony’s PlayStation 3 has had its share of security meltdowns, of course, but a recent development might mean that the aging console is hacked for good. In the past, PS3 security has been something of a cat and mouse game. Sony’s had to deal with a range of piracy-enabling firmware and USB dongles, not to mention Geohot’s release of the “metldr” root key. The release of firmware 3.60 largely patched things up and security systems were implemented to keep those… continue…

Russian Website Selling Hacked Servers: Report

Posted In DataCenter
Servers here! Get yer hacked servers! Just a few dollars for compromised Fortune 500 PCs! continue…

Irony: McAfee, Trust Guard Certifications Invite Trouble

These days it’s tough to find an online merchant that doesn’t display either a McAfee Secure or Trust Guard logo somewhere. The marks indicate that the websites undergo vigorous daily security scans. We consumers are then meant to feel safe to shop away in confidence that our credit card details won’t end up in the wrong hands. Now, a pair of security consultants is arguing that the programs may inadvertently place websites at greater risk. Unintended Consequences The problem isn’t… continue…

Europeans Flog Themselves with Cyber Attacks

Cyber Europe 2012
A massive denial of service attack hit more than 300 European public and private institutions this week, including major government agencies such as the UK’s spy agencies MI5 and MI6 and several banks. The interesting thing is that the assault wasn’t by some hacker. It was a coordinated attempt by the agencies and businesses themselves. Welcome to the latest round of defensive planning for the next real cyber war. The Cyber Europe 2012 exercise was run by the European Network… continue…