email

Super Cookies, Web Analytics Behind Malicious Profiling

In-brief: FireEye is warning about a sophisticated campaign of online surveillance that combines web “super cookies” and common analytics software to target individuals with links to international diplomacy, the Russian government and the energy sector.

Iran Games Google’s 2FA in Attacks on EFF, Others

In-brief: Hackers believed to be linked to the government of Iran are using sophisticated attacks on Google’s two-factor authentication technology to break into the e-mail accounts of individuals within the country and in the Iranian diaspora, according to Citizen Lab.

Everything Tastes Better with Bluetooth: Understanding IoT Risk

In-brief: Marc Blackmer of Cisco says that, with so much promise, it can be hard to anticipate how individual or company-wide decisions to embrace the IoT might bear on cyber risk. 

Was Malware Behind A Billion Dollar Heist?

In-brief: The New York Times reports on a massive online heist involving more than 100 banks worldwide and losses of between $300 million and $1 billion, according to the security firm Kaspersky Lab. 

Cyber Resilience? Sony Employees Back To Faxes and Face to Face

There’s a fascinating article on TechCrunch that cites a current (anonymous) Sony Pictures Entertainment employee talking about life at the company in the wake of a crippling November 24th cyber attack that wiped out thousands of computer systems and stole terabytes of data from the company. According to the story, Sony employees have resorted to using circa 1990s fax machines to transmit documents and – horror – having face to face communications in lieu of texting, e-mail or social networking, all of which are disabled within Sony’s environment. [Read more Security Ledger coverage of the Sony Pictures hack here.] “We had barely working email and no voicemail so people talked to each other,” the source tells TechCrunch. “Some people had to send faxes. They were dragging old printers out of storage to cut checks…It was crazy.” “That is what a major corporate security breach sounds like,” TechCrunch writes. “The squeal […]