Search Results for "Apt"

NSA’s PRISM Puts Privacy Startup Silent Circle Into Orbit

Government surveillance has been getting a lot of attention in recent weeks, with the leak of classified information about spying by the National Security Agency using information provided by U.S. telecommunications and Internet firms including Verizon, Facebook, Google and Apple. The stories have revealed the very different legal standards that govern electronic communications and more traditional communications such as phone and postal mail. They have also put many otherwise lawful Internet users in search of technology that will keep their private conversations and thoughts well…private. That, in turn, has sparked concern in the government that civilian use of encryption will hamper lawful interception of communications. Wired.com reported last week that, for the first time, encryption thwarted government surveillance under court-approved wiretaps. That report,  from the U.S. Administrative Office of the Courts (AO), said encryption was reported for 15 wiretaps in 2012, compared with just 7 wiretaps conducted during previous years. […]

Continue Reading

Homeland Security: Hack Attempts On Energy, Manufacturing Way Up in 2013

Attempted cyber attacks on critical infrastructure in the U.S., including energy and critical manufacturing jumped sharply in the first half of 2013, according to a just-released report from the Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT). ICS-CERT said that cyber incidents across all critical infrastructure in the U.S. are on pace to double in 2013. The agency has responded to 200 such incidents so far  in fiscal year 2013 (October of 2012 to May of 2013), compared to 198 incidents for all of fiscal year 2012. A majority of those incidents – 53% – were against organizations in the energy sector, ICS-CERT reported. The report is just the latest from DHS about threats to the energy sector. The agency warned energy firms after seeing a sharp jump in attacks during 2012, when attacks on energy firms accounted for around 40% of the malicious activity directed […]

Continue Reading

Richard Clarke: Car Hacking Possible In Crash That Killed Michael Hastings

OK – let me start by saying that The Security Ledger isn’t a web site that’s going peddle in rumor or unfounded conspiracy theories. Period. AND let me note that Richard Clarke, the former Cyber Security Czar and U.S. National Coordinator for Security, Infrastructure Protection and Counter-terrorism just told the Huffingtonpost.com that he thinks a car hack may have played a role in the suspicious, single car accident that killed investigative reporter Michael Hastings last week. Whoa! If you don’t know, Hastings was a Polk Award winning correspondent for the web site Buzzfeed.com, where he covered national security. He died, at age 33, in a fiery, single car crash in Los Angeles last week after the Mercedes he was driving hit a tree and burst into flames. The car was almost totally destroyed. The Los Angeles County Coroner confirmed Hastings identity but said it would likely take weeks to determine the cause of […]

Continue Reading

HBR: Internet Of Things Has ‘Profound’ Impact On Risk

The advent of a global network of Internet connected devices – sometimes referred to as the “Internet of Things” will bring about a “data democratization” that will upend traditional IT security models and pose considerable risks for organizations.   That’s the conclusion of two leading authorities on the so-called “Internet of Things” (IoT), Christopher J. Rezendes and W. David Stephenson, who write that its impact on businesses will be “profound,” and that cyber security will be one of the biggest challenges that organizations must address. In a guest post on the Harvard Business Review blog on Friday, Rezendes, the president of INEX Advisors, and Stephenson, an author and consultant specializing in the Internet of Things argue that  “the very principle that makes the IoT so powerful — the potential to share data instantly with everyone and everything (every authorized entity, that is) — creates a huge cybersecurity threat.” The authors predict […]

Continue Reading

Late To The Party, Microsoft Offers Mega Bounties For Software Bugs

Microsoft on Wednesday announced its first ever formal program to pay security researchers for finding software vulnerabilities in its newest products. The bug bounty program will launch on June 26 and be formally unveiled at the upcoming Black Hat Briefings hacker conference in Las Vegas at the end of July.  And, though late to the party, Microsoft is making up for lost time by going large. The Redmond, Washington software maker will pay researchers up to $100,000 for “truly novel” exploitation techniques that defeat protections built into the very latest version of Windows, 8.1 Preview. It will additionally pay $50,000 for ideas for defensive strategies that accompany a bypass, raising the total potential purse for an exploit and accompanying remediation to $150,000. Additionally, Microsoft announced a short-term bounty program for its Internet Explorer 11 Preview, with the company paying up to $11,000 USD for critical vulnerabilities that affect Internet Explorer […]

Continue Reading
1 310 311 312 313 314 335