Tag: critical infrastructure

Report: Home Depot A Common Thread Linking Trove Of Stolen Credit Cards

Home Depot said it is investigating “some unusual activity” on its networks and working with “banking partners and law enforcement,” after security blogger Brian Krebs named the company as a common thread connecting a trove of stolen credit card accounts that have appeared in underground forums.  Krebs reported on Tuesday that “multiple banks” see evidence that Home Depot stores are the source of a “massive new batch” of stolen credit and debit cards that went on sale this morning in underground “carding” forums. The breach is believed to have affected Home Depot stores throughout North America – around 2,500 stores in total. The company has held off from confirming a breach, so far. And as of early Wednesday, Home Depot’s home page made no mention of the incident. In a statement to Reuters, spokesperson Paula Drake said that the company is holding off pending an internal investigation, and is working with law enforcement. […]

Continue Reading

Securing Networks in the Internet of Things Era | Help Net

Cricket Liu, the CIO of Infoblox has an interesting editorial over at Help Net Security today that looks at the challenge of securing the Internet of Things. Among other things, he reveals the results of a commissioned survey of 400 network professionals in the UK and US that revealed  that 78 percent already have precursor IoT devices on their networks – including badge readers, networked cash registers, vending machines and so on. Seventy three percent of those surveyed acknowledged using connected surveillance gear like CCTV on their networks. That shouldn’t be surprising. What is surprising is that a strong majority of respondents – 63 percent – also saw those devices and IoT in general as a threat to network security. So: IoT adoption is gaining speed, and worries about IoT security are gaining traction. The survey suggests that few IT organisations have deployed IoT-specific infrastructure, such as dedicated networks for IoT devices or management […]

Continue Reading

Update: Facebook awards $50K Internet Defense Prize for Work on Securing Web Apps

Saying that research dollars for cyber security are disproportionately devoted to work on “offensive” techniques (like hacking), social media giant Facebook has awarded two researchers  a $50,000 prize for their work on cyber defense. The company announced on Wednesday that Johannes Dahse and Thorsten Holz, both of Ruhr-Universität Bochum in Germany for their work on a method for making software less prone to being hacked. The two developed a method for detecting so-called “second-order” vulnerabilities in Web applications using automated static code analysis. Their paper (PDF here) was presented at the 23rd USENIX Security Symposium in San Diego. In a blog post announcing the prize, John Flyn, a security engineering manager at Facebook, said the Internet Defense Prize recognizes “superior quality research that combines a working prototype with significant contributions to the security of the Internet—particularly in the areas of protection and defense.” Dahse and Holz’s work was chosen by a panel […]

Continue Reading

Time for an Administrator of Things (AoT)? – Security Intelligence Blog

Trend Micro’s Security Intelligence Blog has an interesting post today that looks at the changing demands of networked environments populated by smart “stuff.” Their conclusion: homes and businesses might find increasing need for someone to manage smart devices. “Managing a household full of smart devices calls for the skills of both a multi-user IT administrator and a handyman. Let’s call this role the Administrator of Things (AoT).” As in the early days of business networks, this role is currently ill-defined, Trend notes, with “ordinary users” taking on AoT tasks despite “scant evidence that they are ready for it.” Trend’s Geoff Grindrod doesn’t take a strong position on what the implications of all this complexity. (“This is something that should be looked into,” the report says.) However, he does anticipate friction. “How well people can actually perform (the job of AoT) has a huge impact on their daily lives, which includes the security of their household,” […]

Continue Reading

Report: Hospital network hacked, 4.5 million records stolen

News today that Community Health Systems, a national hospital network that  operates 206 hospitals across the United States, was the victim of a cyber attack that resulted in the theft of 4.5 million patients. According to CNN Money, hackers gained access to patient names, Social Security numbers, physical addresses, birthdays and telephone numbers. The breach affects anyone  who received treatment from a physician’s office tied to a Community Health Systems network-owned hospital in the last five years. The FBI is investigating the breach. Community Health Systems’ hospitals operate in 28 states but have their most significant presence in Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas. Help Net Security has a panel of experts comment. The consensus is that the healthcare sector is more in the cross hairs for sophisticated attacks that are intended to steal personal information that can be used for identity theft scams. Read more over at CNN Money: Hospital network hacked, 4.5 million […]

Continue Reading
1 75 76 77 78 79 97