Landmark Leadership Conferences for IT Executives
Cyber Security News of the Week, April 21, 2013
by Fred F. Farkel, Monday, April 22nd, 2013


Guest column by Citadel Information Group

ISSA-LA – Securing the Village

Healthcare HITECH Privacy and Security Highlights ISSA-LA Fifth Annual Information Security Summit: The Los Angeles Chapter of the Information Systems Security Association and the Healthcare Information and Management Systems Society Southern California hold the Healthcare HITECH Privacy and Security Summit on Tuesday, May 21, 2013 in LA. PRLog, April 17, 2013

Cyber Crime

Reddit hit with a denial-of-service attack: The social news site Reddit is being hit with what the company called a “malicious” denial of service attack, first disclosed via its official Twitter account Friday. The Washington Post, April 19, 2013

Schnucks breach will likely cost millions: Book stores. Banks. Even data security companies. They’ve all become recent targets of increasingly sophisticated, determined – some say talented – hacker gangs. St. Louis Post-Dispatch, April 7, 2013

Cyber Underworld

Where Kim Dotcom Got His Start: The House Of Coolness: Kim Dotcom, who I profile in the latest issue of the magazine, is a born entrepreneur. In fact, he’s launched so many money making ventures in his 39 years that not all of them fit into our print edition. But one, at least, was controversial enough among Dotcom’s one-time hacker peers that it deserves its own historical footnote. Forbes, April 17, 2013

Cyber Warning

Data security firm warns of malware exploiting Boston bombings: Chicago-based data security firm Trustwave said it has detected “a large-scale malicious spam campaign” circulating online that is exploiting this week’s Boston bombings. ChicagoTribune, April 19, 2013

Malware and domain-squatters target Boston Marathon bombing: The scummier end of the online community has been quick to use Monday’s bombing of the Boston Marathon as bait for multiple malware dispersals, plus a spot of old-fashioned online fraud along the way. The Register, April 17, 2013

Cyber Threat

Browsers Pose the Greatest Threat to Enterprise, Microsoft Reports: Microsoft’s latest security report has found that Web-based attacks pose the greatest threat to companies, giving credence to efforts to develop browser alternatives to accessing the Internet. CIO, April 19, 2013

Study: 32.8 Million Android Phones Infected with Malware: Do you have an anti-virus app on your Android phone yet? If not, a new study conducted by security firm NQ Mobile suggests you’re playing with fire: The number of malware threats to your Android phone has increased 163% over the past year alone. Time, April 17, 2013

Microsoft: Worms And Rogue AV Dying, Web Threats Thriving: For the first time in nearly four years, the top malware threat plaguing enterprises is not the Conficker worm: Web-based attacks have taken over, according to new data gathered from more than 1 billion Windows machines worldwide. DarkReading, April 17, 2013

Symantec report finds small businesses battered by cyber crime: Cyber criminals are increasingly targeting small businesses due to their less sophisticated defenses, according to a new report from Symantec. InfoWorld, April 16, 2013

Cyber Security Management – Cyber Update

Java Update Plugs 42 Security Holes: Oracle Corp. today released an update for its Java SE software that fixes at least 42 security flaws in the widely-installed program and associated browser plugin. The Java update also introduces new features designed to alert users about the security risks of running certain Java content. KrebsOnSecurity, April 16, 2013

Cyber Security Management – Cyber Defense

Microsoft adds two-factor authentication to keep accounts secure: If you’re an active user of Outlook, SkyDrive, Office Web Apps, or other Microsoft services, you may want to add two-step verification for an extra layer of security. PCWorld, April 17, 2013

Google further secures Chrome against malicious extensions, will start malware download prompts next week: Google on Wednesday announced it has added new measures to protect Chrome users being targeted by malicious extensions. This time, the company is focusing on extensions that are abusing enterprise options or manipulating Chrome preferences; the company says you can expect to see “Safe Browsing” malicious download warnings “within a week.” The Next Web, April 17, 2013

Cyber Security Management – Online Bank Fraud

Bank Sues Cyberheist Victim to Recover Funds: A bank that gave a business customer a short term loan to cover $336,000 stolen in a 2012 cyberheist is now suing that customer to recover the fronted funds, after the victim company refused to repay or even acknowledge the loan. KrebsOnSecurity, April 19, 2013

Cyber Security Management – HIPAA

HIPAA Compliance: What Providers Should Know About HITECH Act Mandatory Audits:Investigations by the Office for Civil Rights related to compliance with the Health Insurance Portability and Accountability Act will no longer be initiated by only complaints and self-reported breaches. Section 13411 of the HITECH Act requires HHS to provide for periodic audits of covered entities’ and business associates’ compliance with the HIPAA Privacy Rule, Security Rule and Breach Notification standards. While the audits are not intended to be investigations, an audit could reveal a serious compliance issue that could lead to a separate enforcement investigation by OCR. These mandatory audits are further evidence of the increased enforcement efforts of HHS. Becker’s Hospital Review, April 17, 2013

National Cyber Security

CISPA Passes In The House, (Again) But Faces Resistance In Senate And White House (Again): The controversial Cyber Intelligence Sharing and Protection Act passed in the House of Representatives Thursday despite growing opposition to the bill, legislation designed to allow data about digital threats to be shared between the government and the private sector, but which opponents say could circumvent protections against users’ private data being siphoned from companies to the Department of Homeland Security or intelligence agencies. The bill now faces an uphill battle in the Senate and a possible veto from the White House. Forbes, April 18, 2013

Cyber Defenders

U.S. Air Force cadets win cyber war game with NSA hackers: HANOVER, Maryland (Reuters) – A U.S. Air Force Academy team on Friday beat out rivals from other elite military colleges after a three-day simulated cyber “war” against hackers from the National Security Agency that is meant to teach future officers the importance of cybersecurity. Yahoo News, April 19, 2013

Cyber Research

Machine Learning Susses Out Social-Network Fraud: Machine learning techniques can be used to detect fraud and spies on social networks based on certain features, such as the number of followers and the number of devices used to access the network.DarkReading, April 19, 2013

Securing the Village – Events Calendar

Santa Monica Rotary Club; Lunch Meeting, May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk – It Takes the Village to Secure the Village SM – Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user’s computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.

ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: Join 800 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator. For more information and to register, visit ISSA-LA.

Citadel Information Group … Delivering Information Peace of Mind ® to Business and the Not-for-Profit Community

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Comments Off on Cyber Security News of the Week, April 21, 2013

Comments are closed.