Sophos - Naked SecurityThe anonymising service Tor has seen a huge surge in popularity this month with the number daily users shooting up to over 1,200,000 from a fairly consistent average of 550,000 directly connected users over the last year.
CSO OnlineThe common reaction is an almost knee-jerk demand for more, stricter controls. In most cases, these controls won't work. If we want people engaged in the process, we need to let them take responsibility. We need to develop transparent systems and demystify what happens. It's time to reinforce that if something doesn't "feel right," stepping forward is not only okay, it's rewarded.
Sophos - Naked SecurityGerman researchers have shown how commodity mobile phones can be turned into call jammers.
Worse still, their attacks could be adapted for eavesdropping and even interception, where a crook receives your calls or SMSes instead of you.
Reality TV mother-of-eight Kate Gosselin sues husband for "hacking" email, phone, revealing private infoSophos - Naked SecurityKate Gosselin, who appeared in a reality TV docusoap about her life with her eight children, including sextuplets, is suing her husband for allegedly hacking into her personal email account, her phone and her bank account, as well as stealing a hard drive full of personal files including family photos.
Sophos - Naked SecurityAs cloud services become more pervasive criminals continue to try and convince corporate users to surrender their identities.
Google Docs is the latest target, so look out!
Trend Micro - Security IntelligenceThe recent attacks on New York Times, Twitter and others while DNS-related, were not the result of a weakness in the DNS at all. They resulted from weaknesses in domain registrar infrastructure. The DNS components related to this event performed exactly as they were designed and instructed to do. While it is true that the […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNYT/Twitter Hacks Show DNS Is Not Broken, But Domain Registrars Might Be
TrendLabs - Malware BlogThe recent attacks on New York Times, Twitter and others while DNS-related, were not the result of a weakness in the DNS at all. They resulted from weaknesses in domain registrar infrastructure. The DNS components related to this event performed exactly as they were designed and instructed to do. While it is true that the […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroNYT/Twitter Hacks Show DNS Is Not Broken, But Domain Registrars Might Be
Krebs on SecurityA hacking group calling itself the Syrian Electronic Army (SEA) has been getting an unusual amount of press lately, most recently after hijacking the Web sites of The New York Times and The Washington Post, among others. But surprisingly little light has been shed on the individuals behind these headline-grabbing attacks. Beginning today, I'll be taking a closer look at this organization, starting with one of the group's core architects.
Trend Micro - Security IntelligenceRecently, security researchers disclosed two Java native layer exploits (CVE-2013-2465 and CVE-2013-2471). This caused us too look into native layer exploits more closely, as they have been becoming more common this year. At this year’s Pwn2Own competition at CanSecWest, Joshua Drake showed CVE-2013-1491, which was exploitable on Java 7 running on Windows 8. CVE-2013-1493 has […]Post from: Trendlabs Security Intelligence Blog - by Trend MicroJava Native Layer Exploits Going Up
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.