category
cyberethics

Offensive / Proactive tactics, will they really work? Blackhat day 1

Blackhat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Jeff mentioned working for a former

Guarding against password reset attacks with pen and paper

With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics.  In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem:  How to guard

Facebook/app data privacy – sharing gone wild

So you browse your favorite restaurant review site and settle on a great Mediterranean restaurant, and “magically” a variety of preferences get fed back to your Facebook profile, to be shared, re-shared and re-shared, ricocheting around the internet to form purportedly value-added experiences elsewhere you visit. That’s great news if you want your preferences bounced

Anonymous and the Megaupload Aftermath: Hacktivism or Just Plain Ugly?

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet. The accuracy of those figures may be questionable, but

Ransomware stoops to new lows – fake law enforcement

Ransomware, the practice of providing fake notifications that “you’re infected” and then selling a fake solution that removes the fake malware they just installed, has been a boon for scammers. Now, they’re taking it a step farther, throwing in a law enforcement scare. In this latest scam, an official-looking banner appears on infected machines, purporting

2012 predictions: online data brokers come under fire

In 2011 we saw an increase concern about, and scrutiny of, what exactly social networking sites do with the data you input, both internally as well as what gets shared with third parties. But in 2012 some of that scrutiny will shift to those third parties as more people ask: What are they doing with

Holiday shopping? We know where you are

Well, not you exactly you, but malls are rolling out technology that tracks customers’ patterns throughout the mall using cell signals. They say they aren’t collecting personal information, but say they want to be able to track customer traffic patterns, for example, how many customers visit Starbucks after visiting Nordstroms. The technology, called FootPath, is

US Pentagon: it’s official, military response to cyber attacks

Awhile back we noticed signals from the US Pentagon that they were considering the possibility of a traditional military response to cyber attacks on US physical infrastructure. Basically, a cyber attack on infrastructure could be considered an act of war. We now see the official report released, confirming this. The report states, “When warranted, we

Anonymous – is hacktivism here to stay?

Months back a rather vocal series of micro-hacktivist groups formed a somewhat larger, more vocal pseudo-organized non-organization ruled essentially democratically via IRC (among other things), attempting to cast light on perceived misdeeds by the large corporation (or government organization) du-jour they thought had behaved badly. The idea was to hack an organization, parade them around

Which anonymizing VPN is really anonymous?

On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common

Rig an election for around 25 bucks

Actually $26, according to a study conducted by Argonne National Laboratory in Illinois, which was able to hack a Diebold voting machine with “about $26 and an 8th-grade science education.” In light of the rapidly approaching 2012 U.S. Presidential Election, it seems there may be a need to give serious attention to securing our election

WikiLeaks 2.0 – a new kid in town

Following the plight of the oft-storied WikiLeaks organization, we see a new variant to hit the streets soon, GlobaLeaks. Apparently WikiLeaks has garnered a bit of a following with the community, along with the attraction of a fair share of consternation from governments around the world. This new effort attempts to extend that further. Law

Google your own health record?

Is that possible? Well, a researcher with Identity Finder, Aaron Titus, believes so, since he says he managed to use internet searches to unearth a trove of unsecured private health records on a website, around 300,000 of them. He notified the company, Southern California Medical-Legal Consultants, which represents doctors and hospitals seeking payment from patients

Social-networking to blame for social unrest?

We see this morning a post about British Prime Minister Cameron’s assertion yesterday during a Parliament presentation that, “Free flow of information can be used for good. But it can also be used for ill. And when people are using social media for violence, we need to stop them.” Sort of hearkens back to the

Rental laptops: We can SEE you

Finally scraped up enough money to rent a laptop? Turns out the rental company may be getting a little more of your information than you thought. Seems they have the ability to secretly turn on the webcam and take a look around, especially if they suspect shenanigans on your part, like maybe not returning their

Iran Admits Stuxnet Infected Its Nuclear Power Plant

While the defining research on the Stuxnet topic doesn’t go this far, Forbes writer Trevor Butterworth went out on a limb to name names along with detailing the warfare aspects: As I noted last week – and as the news media have only begun to grasp – Stuxnet represents  a conceptual change in the history

Cyber-crimefighters pwn Carders.cc

Brian Krebs, source of a lot of key research on the banking trojan focus on small to medium sized business, has reported that cyber-vigilantes have rattled the cage of a major carder site by posting their member’s passwords: Ironically, the anonymous authors of the e-zine said they were able to compromise the criminal forum because

Privacy: Lawsuit Alleges School Used Webcams to Lurk in Students’ Homes

Wow. File this under ‘how stupid thoughtless can any one person in a position of absolute power be…’ One school official abuses the built-in webcam access used with anti-theft software [legal malware] which they had packaged onto school laptops… to their own detriment. What sparked the discovery was Assistant Principal Lindy Matsko's assertion in early November that

Cybercrime and Cyberwarfare: Warnings Unheeded?

Last week Al Quaeda cyberterrorism attack information was declassified and made public. Today’s New York Times had an applicable editorial to whether cybersecurity issues are over-blown or under-believed: Predictions of disaster have always been ignored — that is why there is a Cassandra myth — but it is hard to think of a time when

Smells Like Teen Spirit

I've just read a news item about a nine year old boy who has been accused of hacking into his school's computer system. It seems police claim the nine year old hacked into the Blackboard Learning System used by his school to change teacher's and staff member's passwords, change and delete course content and change

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.