Recent Posts

Homeland Security: Hack Attempts On Energy, Manufacturing Way Up in 2013

Attempted cyber attacks on critical infrastructure in the U.S., including energy and critical manufacturing jumped sharply in the first half of 2013, according to a just-released report from the Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT). ICS-CERT said that cyber incidents across all critical infrastructure in the U.S. are on pace to double in 2013. The agency has responded to 200 such incidents so far  in fiscal year 2013 (October of 2012 to May of 2013), compared to 198 incidents for all of fiscal year 2012. A majority of those incidents – 53% – were against organizations in the energy sector, ICS-CERT reported. The report is just the latest from DHS about threats to the energy sector. The agency warned energy firms after seeing a sharp jump in attacks during 2012, when attacks on energy firms accounted for around 40% of the malicious activity directed […]

Continue Reading

More Questions For Facebook On Extent Of Ghost Profiles

The security firm that disclosed a security hole in a Facebook feature that allows users to download their own data file says the social network giant still has questions to answer about the extent of the data breach. Writing on their blog, researchers at Packet Storm Security said that Facebook has underestimated the extent of the breach, which affected around six million users of the social networking site and an unknown number of non-Facebook users. Packet Storm says that Facebook’s analysis of the breach failed to account for ways in which it could be exploited, in an iterative fashion, to glean information on Facebook users beyond the individual pieces of data that may have been viewed by users who used the Download Your Information (DYI) feature. The firm also called Facebook to task for failing to notify non-users whose information was exposed in the incident. On Monday, Security Ledger wrote […]

Continue Reading

Richard Clarke: Car Hacking Possible In Crash That Killed Michael Hastings

OK – let me start by saying that The Security Ledger isn’t a web site that’s going peddle in rumor or unfounded conspiracy theories. Period. AND let me note that Richard Clarke, the former Cyber Security Czar and U.S. National Coordinator for Security, Infrastructure Protection and Counter-terrorism just told the Huffingtonpost.com that he thinks a car hack may have played a role in the suspicious, single car accident that killed investigative reporter Michael Hastings last week. Whoa! If you don’t know, Hastings was a Polk Award winning correspondent for the web site Buzzfeed.com, where he covered national security. He died, at age 33, in a fiery, single car crash in Los Angeles last week after the Mercedes he was driving hit a tree and burst into flames. The car was almost totally destroyed. The Los Angeles County Coroner confirmed Hastings identity but said it would likely take weeks to determine the cause of […]

Continue Reading

Facebook Mum On Future Of Ghost User Accounts

Facebook acknowledged on Friday that a flaw in a feature that lets users download their own profile information exposed personal information on approximately six million users, including phone numbers and e-mail addresses that were not shared with the site, but is staying mum on the future of wide ranging information harvesting practices revealed by the bug. In a blog post, the social networking giant said the security hole was disclosed by an independent security researcher and forced the company to disable the Download Your Information (DYI) feature until it could be fixed. Despite the large number of people affected, Facebook said individual pieces of private data like an e-mail address or telephone number were only exposed to one or two other Facebook users. However, Facebook has not said whether it will cease using non-public data from users’ contacts to fill out dossiers on other Facebook users, a practice that has […]

Continue Reading

HBR: Internet Of Things Has ‘Profound’ Impact On Risk

The advent of a global network of Internet connected devices – sometimes referred to as the “Internet of Things” will bring about a “data democratization” that will upend traditional IT security models and pose considerable risks for organizations.   That’s the conclusion of two leading authorities on the so-called “Internet of Things” (IoT), Christopher J. Rezendes and W. David Stephenson, who write that its impact on businesses will be “profound,” and that cyber security will be one of the biggest challenges that organizations must address. In a guest post on the Harvard Business Review blog on Friday, Rezendes, the president of INEX Advisors, and Stephenson, an author and consultant specializing in the Internet of Things argue that  “the very principle that makes the IoT so powerful — the potential to share data instantly with everyone and everything (every authorized entity, that is) — creates a huge cybersecurity threat.” The authors predict […]

Continue Reading
1 366 367 368 369 370 395