Landmark Leadership Conferences for IT Executives
Cyber Security News of the Week, February 2, 2014
by Fred F. Farkel, Monday, February 3rd, 2014


Guest column by Citadel Information Group

Cyber Crime

Point-Of-Sale System Attack Campaign Hits More Than 40 Retailers: Another day, another point-of-sale (POS) breach revelation: Dozens of retailers have been infected with a family of malware that stole payment card and personal information from some 50,000 customers. DarkReading, January 30, 2014

Target traces security breach to stolen vendor credentials: Target’s investigation of the massive security breach which allowed hackers to take millions of credit and debit card numbers has revealed a stolen vendor’s credentials as a source of access. ZDNet, January 30, 2014

New Clues in the Target Breach: An examination of the malware used in the Target breach suggests that the attackers may have had help from a poorly secured feature built into a widely-used IT management software product that was running on the retailer’s internalb network. KrebsOnSecurity, January 29, 2014

Microsoft Says Law Enforcement Documents Likely Stolen By Hackers:Social media and email accounts of some Microsoft employees were hit by phishing attacks, the company said. CIO, January 26, 2014

Sources: Card Breach at Michaels Stores: Multiple sources in the banking industry say they are tracking a pattern of fraud on cards that were all recently used at Michaels Stores Inc., an Irving, Texas-based arts-and-crafts retailer that maintains more than 1,250 stores across the United States. KrebsOnSecurity, January 25, 2014

Cyber Attack

Hackers attack Yahoo Mail accounts: Yahoo Mail was recently the target of a cyber-attack, the company revealed in a blog post Thursday. CNN, January 30, 2014

Hackers break into Israeli defence computers, says security company: Palestinians are suspected of being behind email attack on civil administration machines that monitor Israeli-occupied territory. The Guardian, January 27, 2014

EFF ACTIVISTS, JOURNALISTS HIT BY TARGETED MALWARE ATTACK: Phishing and malware attacks are among the more democratic and populist threats on the Internet. You don’t have to stand in the crowd in order to be targeted; the attackers will get to you sooner or later. But while most malware campaigns are aimed at the masses, attackers often save their best stuff for high-value targets, as a recent campaign targeting American journalists and activists from the EFF shows. ThreatPost, January 20, 2014

Cyber Privacy

Businesses gather more information than they need from consumers: Moira Hahn, like many consumers, always took it for granted that businesses wanted as much of her personal information as they could get. LA Times, January 30, 2014

Flipping the Switches on Facebook’s Privacy Controls: FACEBOOK is all about sharing. But if you value your privacy, using the service means deciding not only what you want to share, but also who gets to see it. The New York Times, January 29, 2014

U.S. Relaxes Some Data Disclosure Rules: WASHINGTON — The Obama administration says it will allow Internet companies to give customers a better idea of how often the government demands their information, but will not allow companies to disclose what is being collected or how much. The New York Times, January 27, 2014

Spy Agencies Tap Data Streaming From Phone Apps: When a smartphone user opens Angry Birds, the popular game application, and starts slinging birds at chortling green pigs, spies could be lurking in the background to snatch data revealing the player’s location, age, sex and other personal information, according to secret British intelligence documents. The New York Times, January 27, 2014

Cyber Warning

DAILYMOTION STILL INFECTED, SERVING FAKE AV MALWARE: More than three weeks after notifying video-sharing site DailyMotion that it was compromised, security company Invincea reports the popular website is still infected. Threatpost, January 31, 2014

Careful! Malicious FileZilla FTP Client Circulating Steals FTP Login Credentials: Looking for a solid and feature rich FTP client? FileZilla is one of the better ones out there, but surfer beware, malware writers have taken notice of the popular program and have decided to prey on individuals who aren’t super diligent with their downloading habits. In other words, be real careful when downloading the FileZilla FTP client because there are fake copies making the rounds that are coded to steal your FTP login credentials. Hot HardWare, January 28, 2014

Sync’n’steal: Hackers brew Android-targeting Windows malware: Internet Igors have stitched together the first strain of Windows malware that can hop over and infect Android smartphones and tablets. The Register, January 27, 2014

Cyber Security Management

Lack of stronger cyber security may cost world economy $3 trillion: Failure to boost cyber security could cost the world economy a staggering $3 trillion as new regulations and approaches to deal with destructive attacks would stifle innovation, says a report. Economic Times, January 20, 2014

Cyber Security Management – Cyber Defense

Chip-and-PIN Security Push To Pit Retailers Against Banks: While the cost of breaches typically falls on the merchants, card issuers and banks would foot much of the bill for improving the security of the payment-card system. DarkReading, January 30, 2014 does more to protect your password, study of top 100 sites finds: Apple, Microsoft, Chegg, Newegg, and Target do the best job of safeguarding customer passwords, according to a comprehensive study of the top 100 e-commerce websites that also ranked Major League Baseball, Karmaloop, Dick’s Sporting Goods, Toys R Us, and Aeropostale as performing the worst. ars technica, January 24, 2014

The 25 worst passwords of 2013: “password” gets dethroned:“123456″ is finally getting some time in the spotlight as the world’s worst password, after spending years in the shadow of “password.” CSO, January 20, 2014

National Cyber Security

N.S.A. Choice Is Navy Expert on Cyberwar: WASHINGTON — In nominating Vice Adm. Michael S. Rogers as the new director of the National Security Agency on Thursday, President Obama chose a recognized expert in the new art of designing cyberweapons, but someone with no public track record in addressing the kinds of privacy concerns that have put the agency under a harsh spotlight. The New York Times, January 30, 2014

Pentagon, GSA map out acquisition cybersecurity; tester finds issues remain: (Reuters) – The U.S. Defense Department and General Services Administration on Wednesday mapped out six broad reforms to improve the cybersecurity of more than $500 billion in goods and services acquired by the U.S. federal government each year. Reuters, January 29, 2014

Cyber Career

Information security salaries set to rise in 2014: Salaries for information security professionals are set to rise across the board in the coming year as demand for people with skills in this sector increases. ComputerWeekly, January 30, 2014

Cyber Survey

Microsoft Maps Out Malware Haves And Have-Nots: Some countries suffer disproportionately from malware infections and cybercrime, and Windows XP could exacerbate the problem. Dark Reading, January 22, 2014

Cyber Sunshine

Feds to Charge Alleged SpyEye Trojan Author: Federal authorities in Atlanta today are expected to announce the arrest and charging of a 24-year-old Russian man who allegedly created and maintained the SpyEye Trojan, a sophisticated botnet creation kit that has been implicated in a number of costly online banking thefts against businesses and consumers. KrebsOnSecurity, January 28, 2014

Suspected email hackers for hire charged in four countries: Eleven people were charged in the U.S., India, China and Romania for their suspected involvement with websites offering email hacking services. PC World, January 27, 2014

Revenge-porn king Hunter Moore indicted on 7 counts of aggravated identity theft: Hunter Moore, king of revenge porn, aka “the most hated man on the internet”, he who claims to have slept well in spite of posting nude or sexually explicit photos without victims’ permission, was indicted on Thursday by a federal grand jury. NakedSecurity, January 27, 2014

Cyber Calender

“Lunch Meeting – It Takes the Village to Secure the Village”: Dr. Stan Stahl, President of the Los Angeles Chapter of the Information Systems Security Association and President of Citadel Information Group presents. SOCALAFP, Event Date: February 14, 2014

Cybersecurity Essentials for Business Professionals: Please join us in this free presentation where we will discuss essential issues that every entrepreneur and business professional must know about cybersecurity laws, guidelines, and protocols. This event will be moderated and conducted by Salar Atrizadeh, Esq., principal and founder of the Law Offices of Salar Atrizadeh. Also, Stan Stahl, Ph.D., President of Citadel Information Group and ISSA-LA, Brad Maryman, and Howard Miller will serve as panelists Law Offices of Salar Atrizadeh, Event Date: February 21, 2014

Copyright © 2014 Citadel Information Group. All rights reserved.

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you. The post Cyber Security News of the Week, February 2, 2014 appeared first on Citadel Information Group.

Comments Off on Cyber Security News of the Week, February 2, 2014

Comments are closed.