Landmark Leadership Conferences for IT Executives
Cyber Security News of the Week, July 20, 2014
by Fred F. Farkel, Monday, July 21st, 2014


Guest column by Citadel Information Group

Cyber Attack

Chinese Hackers Extending Reach to Smaller U.S. Agencies, Officials Say: WASHINGTON — After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. The New York Times, July 15, 2014

Why were this company’s computers attacked millions of times this year? Algae: About 16 months ago, a Florida-based biofuel company called Algenol noticed that its Internet service was slowing down. In checking that out, Jack Voth, Algenol’s information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China, a country where Algenol has never sought to do business. The Washington Post, July 12, 2014

Attack Campaign Targets Facebook, Dropbox User Credentials: The goal of the attackers is not fully clear but the credential theft could set up sophisticated targeted attackers. DarkReading, July 11, 2014

Financial Cyber Security

New banking malware ‘Kronos’ advertised on underground forums: A new Trojan program designed to steal log-in credentials and other financial information from online banking websites is being advertised to cybercriminal groups on the underground market. PCWorld, July 14, 2014

Cyber Warning

Vulnerability exposes some Cisco home wireless devices to hacking: Nine of Cisco’s home and small office cable modems with router and wireless access point functionality need software updates to fix a critical vulnerability that could allow remote attackers to completely compromise them. PCWorld, July 17, 2014

Beware Keyloggers at Hotel Business Centers: The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests. KrebsOnSecurity, July 14, 2014

DropCam Vulnerable To Hijacking: Researchers at DEF CON to demonstrate flaws in a popular WiFi video monitoring system. DarkReading, July 14, 2014

Cyber Security Management

SEC Playing Bigger Role in Cybersecurity: Besides clarifying disclosure requirements, the agency is prompting companies to take proactive steps. JDSUPRA, July 14, 2014

Cyber Security Management – Cyber Defense

GOOGLE SET TO CHANGE MALWARE, PHISHING WARNINGS FOLLOWING STUDY: In the not too distant future, Google will change the way it displays malware and phishing warnings in its Chrome browser. ThreatPost, July 15, 2014

Cyber Security Management – Cyber Update

Java Update: Patch It or Pitch It: Oracle today released a security update for its Java platform that addresses at least 20 vulnerabilities in the software. Collectively, the bugs fixed in this update earned Oracle’s “critical” rating, meaning they can be exploited over a network without the need for a username and password. In short, if you have Java installed it is time to patch it or pitch it. KrebsOnSecurity, July 15, 2014

Securing the Village

Meet ‘Project Zero,’ Google’s Secret Team of Bug-Hunting Hackers: When 17-year-old George Hotz became the world’s first hacker to crack AT&T’s lock on the iPhone in 2007, the companies officially ignored him while scrambling to fix the bugs his work exposed. When he later reverse engineered the Playstation 3, Sony sued him and settled only after he agreed to never hack another Sony product. Wired, July 15, 2014

National Cyber Security

Justice Department’s New Crime Chief Targets Cyber Cases: WASHINGTON—International organized crime groups, lured by the prospect of thefts that can net hundreds of millions of dollars, increasingly are turning to cybercrime, said the new head of the Justice Department’s criminal division. The Wall Street Journal, July 14, 2014

Cyber Misc

How Russian Hackers Stole the Nasdaq: In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq (NDAQ). It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country. More troubling still: When the U.S. experts got a better look at the malware, they realized it was attack code, designed to cause damage. Bloomberg, July 17, 2014

Copyright © 2014 Citadel Information Group. All rights reserved.

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you. The post Cyber Security News of the Week, July 20, 2014 appeared first on Citadel Information Group.

Comments Off on Cyber Security News of the Week, July 20, 2014

Comments are closed.