Landmark Leadership Conferences for IT Executives
Cyber Security News of the Week, September 29, 2013
by Fred F. Farkel, Monday, September 30th, 2013


Guest column by Citadel Information Group

Cyber Security News of the Week

Cyber Crime

Data Broker Giants Hacked by ID Theft Service: An identity theft service that sells Social Security numbers, birth records, credit and background reports on millions of Americans has infiltrated computers at some of America’s largest consumer and business data aggregators, according to a seven-month investigation by KrebsOnSecurity. KrebsOnSecurity, September 25, 2013

Identity Theft

Sapphire credit card holders to be on their own for fraud protection: Holders of Chase bank’s popular Sapphire credit card may be wondering why they’ll soon be on their own when it comes to keeping fraudsters at bay. LA Times, September 26, 2013

Cyber Privacy

Schools’ Use of Cloud Services Puts Student Privacy at Risk. Schools that compel students to use commercial cloud services for email and documents are putting privacy at risk, says a campaign group calling for strict controls on the use of such services in education. CIO, September 23, 2013

Cyber Warning

New Mac OS Malware exploited two known Java vulnerabilities: A new Mac OS Malware has been discovered called OSX/Leverage.A, which appears to be yet another targeted command-and-control Trojan horse, that creates a backdoor on an affected user’s machine. The Hacker News, September 24, 2013

COMPROMISED JAPANESE MEDIA SITES SERVING EXPLOITS FOR LATEST IE ZERO DAY: Attackers exploiting a zero-day vulnerability in Microsoft’s Internet Explorer browser have compromised several popular local Japanese media outlets and have infected systems belonging to government, high tech and manufacturing organizations in Japan. Researchers at FireEye said the attacks appear to be a large-scale intelligence gathering operation and are dropping a knock-off of the McRAT remote access malware to exfiltrate data from compromised computers. ThreatPost, September 23, 2013

Another iOS 7 Bug Lets Anyone Make Calls From Locked iPhones-And This One Has No Quick Fix: Apple has yet to fix one nasty bug in the lockscreen of iOS 7, and the next one has already appeared. Forbes, September 23, 2013

Security Org Raises Internet Threat Level After Seeing Expanded IE Attacks: Computerworld – The Internet Storm Center on Saturday boosted its threat level to “Yellow,” indicating a “significant new threat” to Internet users from attacks exploiting an unpatched vulnerability in all versions of Microsoft’s Internet Explorer (IE) browser. CIO, September 23, 2013

Dropbox and Similar Services Can Sync Malware: A growing body of research shows how to use cloud storage synchronization services to get around firewalls. MIT Technology Review, August 21, 2013

Cyber Update

Apple Fixes Two iOS 7 Bugs That Allowed Access To Locked iPhones. One week after the first of two flaws were revealed that opened major security holes in the iPhone’s lockscreen, Apple has stamped out the bugs with the release of iOS 7.0.2. Forbes, September 26, 2013

Cyber Security Management

Five Habits IT Security Professionals Need To Break. If security professionals want to take their craft in new directions, then they need to stop thinking in old ways, experts said in a panel here Tuesday. Dark Reading, September 25, 2013

Attackers sharpen skills: What that really means for CISOs: Today, IBM is revealing the results of its X-Force 2013 Mid-Year Trend and Risk Report, which shows that Chief Information Security Officers (CISOs) must increase their knowledge of the evolving vulnerability and attack landscape, such as mobile and social technologies, to more effectively combat emerging security threats. Help Net Security, September 24, 2013

Critical Infrastructure

Destructive Attacks On Oil And Gas Industry A Wake-Up Call: Some 30,000 or so hard drives were scrapped and replaced with new ones last year on Saudi Aramco’s internal corporate network after a massive cyberattack destroyed data on the oil and natural gas company’s Windows machines. While the massive attack didn’t directly affect Saudi Aramco’s oil production and exploration systems, it raised the stakes for the increasingly targeted oil and gas industry and also raised concerns of possible market fallout from such attacks. Dark Reading, September 23, 2013

National CyberSecurity

Brazilian president: US surveillance a ‘breach of international law.Brazil’s president, Dilma Rousseff, has launched a blistering attack on US espionage at the UN general assembly, accusing the NSA of violating international law by its indiscriminate collection of personal information of Brazilian citizens and economic espionage targeted on the country’s strategic industries. The Guardian, September 23, 2013

Cyber Sunshine

FBI arrests Temecula man, 19, in ‘sextortion’ of Miss Teen USA: The FBI has arrested a 19-year-old Temecula man who authorities believe to be involved in a “sextortion” case involving Miss Teen USA Cassidy Wolf from Orange County, officials said Thursday. LA Times, September 26, 2013

The IT Summit would like to thank Citadel Information Group for allowing us to provide this information to you.

Comments Off on Cyber Security News of the Week, September 29, 2013

Comments are closed.