Landmark Leadership Conferences for IT Executives
Cyber Security News of the Week, September 22, 2013
by Fred F. Farkel, Monday, September 23rd, 2013


Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Crime

Crooks Hijack Retirement Funds Via SSA Portal: If you receive direct deposits from the Social Security Administration but haven’t yet registered at the agency’s new online account management portal, now would be a good time take care of that: The SSA and financial institutions say they are tracking a rise in cases wherein identity thieves register an account at the SSA’s portal using a retiree’s personal information and have that retiree’s benefits diverted to prepaid debit cards that the crooks control. KrebsOnSecurity, September 18, 2013

Cyber Privacy

LinkedIn Appeals For National Security Letter Transparency, Calls Ban "Unconstitutional": LinkedIn on Tuesday joined the fray of Internet companies requesting permission from the Foreign Intelligence Surveillance Court to publish data on the number of National Security Letters it receives. ThreatPost, September 18, 2013

Government Standards Agency "Strongly" Suggests Dropping its Own Encryption Standard: Following revelations about the NSA’s covert influence on computer security standards, the National Institute of Standards and Technology, or NIST, announced earlier this week it is revisiting some of its encryption standards. ProPublica, September 13, 2013

Online Bank Fraud

Shylock Financial Malware Back and Targeting Two Dozen Major Banks: Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. ThreatPost, September 18, 2013

Computer hackers arrested over plot to steal millions from Santander: An audacious bid to hack into a high street bank’s computer system and steal millions of pounds has been foiled, according to police. The Telegraph, September 13, 2013

Cyber Warning

‘Lily Collins And Nude Photos’ Results Could Lead To Malware: Why Is She The Most Dangerous Celebrity To Search?: Lily Collins, Phil Collins’ daughter and star of "The Mortal Instruments: City of Bones," has been named McAfee’s "Most Dangerous Celebrity" for 2013. Collins is one of the top young stars today, but searching for her online could land users on a page full of spam, adware or malware. International Business Times, September 17, 2013

Microsoft releases temporary fix for vulnerability in all IE versions, warns of targeted IE8 and IE9 attacks: Microsoft is investigating a new remote code execution vulnerability in Internet Explorer and preparing a security update for all supported versions of its browser (IE6, IE7, IE8, IE9, IE10, and IE11). The company has issued a security advisory in the meantime because it has confirmed reports that the issue is being exploited in a "limited number of targeted attacks" specifically directed at IE8 and IE9. The Next Web, September 17, 2013

Cyber Security Management

Deliberately flawed? RSA Security tells customers to drop NSA-related encryption algorithm: An encryption algorithm with a suspected NSA-designed backdoor has been declared insecure by the developer after years of extensive use by customers worldwide, including the US federal agencies and government entities., September 20, 2013

6 essential components for security awareness programs: There’s more to security awareness programs than just computer-based training and phishing exercises. Ira Winkler and Samantha Manke outline the six must-haves to ensure your program is effective CSO, September 18, 2013

Social engineering and phishing attacks are getting smarter, but are employers?: September 16, 2013 – A new study on user risk shows that employers are willingly conducting user awareness training, but only half of them follow-up with additional tests to gauge such training’s effectiveness. CSO, September 16, 2013

How to Stop the In-House Data Thief: Edward Snowden has triggered a blizzard of media coverage with his revelations of classified intelligence information he stole while working as a U.S. National Security Agency contractor. That should serve as a warning to corporate executives: It could happen to you. The Wall Street Journal, September 15, 2013

Cyber Security Management – HIPAA

Healthcare IT Security Is Difficult, But Not Impossible: Data breaches threaten healthcare organizations from all angles – from hackers, thieves and forgetful employees – and touch all facets of IT infrastructure. Updated HIPAA rules make organizations responsible for the actions of their business associates, too. Healthcare IT security is a daunting task, but with a little planning, it’s not an impossible one. CIO, September 18, 2013

Cyber Underworld

Why Are Hackers Flooding Into Brazil?: The answer, to channel notorious bank robber Willie Sutton: Because that’s where the money is. Bloomberg, September 13, 2013

Cyber Insurance

Cyber insurance: Understanding the legal language: Chief risk officers (CROs) and others worried about cyber risk are increasingly turning to cyber insurance to offset their risk. But is the cover as black and white as it first seems? ComputerWeekly, September 17, 2013

Cyber Misc

WHOIS Privacy Plan Draws Fire: Internet regulators are pushing a controversial plan to restrict public access to WHOIS Web site registration records. Proponents of the proposal say it would improve the accuracy of WHOIS data and better protect the privacy of people who register domain names. Critics argue that such a shift would be unworkable and make it more difficult to combat phishers, spammers and scammers. KrebsOnSecurity, September 16, 2013

Cyber Sunshine

Barclays Cybercrime Suspects Arrested Over $2.1 Million Theft: London police arrested eight men in connection to a 1.3 million pound ($2.1 million) computer-aided robbery from a Barclays Plc (BARC) branch in the capital. Bloomberg, September 20, 2013

FBI Admits It Controlled Tor Servers Behind Mass Malware Attack: It wasn’t ever seriously in doubt, but the FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Wired, September 13, 2013

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Comments Off on Cyber Security News of the Week, September 22, 2013

Comments are closed.