Design 21: Social Design Network

http://rodelholst.newsvine.com/_news/2013/05/14/18259614-abney-and-associates-online-warning-and-fraud-prevention-spear-phishing-campagne

A spear phishing campaign targeting 11 companies in the energy sector occurred in October, according to the Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT).

After a power company has posted on its website the names, addresses, corporate email, and titles of employees in the industry who attended a recent meeting of the Committee, the attackers were able to use the information to craft their messages, ICS-CERT said in its latest newsletter (PDF).

The malicious e-mails asked recipients to click on a link attached that would direct access to the new email address of the sender. Instead, the link takes users to a website that served as malware. Another e-mail with a malicious attachment is supposed to be associated with the campaign, according to the bulletin.

The campaign failed, leading to "no known infections or intrusions," the report said.

A spear phishing campaign targeting 11 companies in the energy sector occurred in October, according to the Industrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT).

After a power company has posted on its website the names, addresses, corporate email, and titles of employees in the industry who attended a recent meeting of the Committee, the attackers were able to use the information to craft their messages, ICS-CERT said in its latest newslette...

FTC cracks down on tech support scam run from India http://www.zimbio.com/IT+Security/articles/Jfrzwh58d04/Abney+Associates+FTC+cracks+down+tech+support Phone con attempted to convince people that their computers had a virus and then sign them up to multi-year contracts The US Federal Trade Commission has carried out a huge international crackdown on a number of "tech support" scams being run out of India which have conned people in the UK, US, Canada and elsewhere out of millions of pounds since 2008. As explained by the Guardian in 2010, the scams used "boiler room" tactics, dialling through phone books for English-speaking countries. People who answered the phone were told the call came from Microsoft or their internet service provider, and that the person's computer was "reporting viruses". The caller would then perform an unnecessary "fix" on the computer and charge the person for it – and sometimes sign them up to multi-year "support" contracts. The cost could run to hundreds of pounds. People in the US, UK, Canada, Australia and New Zealand were targeted because they, like the people carrying out the scam, are English-speaking. The Guardian understands that the scam was worth millions of pounds a year to the organised gangs carrying it out. At the FTC's request in six cases, a federal district judge froze the US assets of 17 people and 14 companies that have been accused of taking part in the operations. The FTC has als...

http://www.allvoices.com/contributed-news/14463927-an-abney-associates-news-blog-infosecurity-europa-2013

Cloud dataskydd, enterprise nyckelhantering, mobil handel, säker kommunikation och cyber kvalitetssäkringLondon, Storbritannien - 18 April 2013 - Thales, ledare i system och kommunikationsutrustning informationssäkerhet, kommer att visa upp sin linje av hög kvalitetssäkring dataskydd, mobila betalningar och cyber security solutions på årets Infosecurity Europa, 23-25 April, 2013.Stark kryptering samt nyckelhantering är hörnstenar i dagens IT-infrastruktur, besök monter F30 där Thales kommer att demonstrera sin senaste lösningar för:Moln dataskyddStark kryptering samt nyckelhantering redovisas som det säkraste och mest effektiva sättet att skydda data och som gäller lika för molnet liksom i det företaget. För organisationer att ta upp molntjänster och migrera känsliga och värdefulla data till virtualiserade och molnbaserade distributioner, de behöver en hög kvalitetssäkring, pålitlig nyckelhantering lösning som tillåter dem att behålla kontrollen över sina nycklar, och därmed deras data. Thales portföljen skyddar kritiska data tillgångar under hela deras livscykel - när lagring, passerar över kommunikationsnät och medan användningen av business program - som alla är viktiga aspekter av en strategi för molnsäkerhet. Thales släpper den 2: a upplagan av sin forskning årsrapport - kryptering i molnet. Studien, som produceras i samband med Ponemon Institute, är baserad på en u...

http://thorrotot.deviantart.com/art/Internet-News-Abney-and-Associates-Blog-Oracle-ko-366329398

San Francisco: Oracle Corp. julkaisi suuret tietoturvapäivityksen tiistaina version Java ohjelmointikieli, joka kulkee sisällä Web-selaimet, jotta se vähemmän suosittu kohde hakkereille. Korjaustiedosto korjaa 42 heikkouksia Java, kuten "valtaosa" ne, jotka on luokiteltu kriittisenä, sanoi Oracle varatoimitusjohtaja Hasan Rizvi. Sarjan suuri tietoturva-aukkoja Java-plugin selaimille on paljastunut viime vuonna tutkijat ja hakkerit, ja jotkut käyttää rikollisryhmien ennen edellisiä korjaustiedostoja on myönnetty. Yksi hakkerointi kampanjalla ilmaista tänä vuonna tartunnan tietokoneiden Microsoft Corp: n Windows- ja Apple software sisällä satoja yrityksiä, kuten Facebook Inc., omena osakeyhtiö ja Twitter. Tilanne kasvoi niin huono aiemmin tänä vuonna Yhdysvaltain Department of Homeland Security suositellaan, että tietokoneen käyttäjät poistaa Java selaimen. Mutta monet suuret yritykset käyttävät sisäinen ohjelmisto, joka perustuu Java ja painamalla Oracle tekee kielen turvallisempaa.

Watch Video/Presentatio:

http://www.slideshare.net/rodelholst/internet-news-abney-and-associates-blog http://www.dailymotion.com/video/xz3q8binternet-news-abney-and-associates-blogtech

http://www.infoworld.com/t/cyber-crime/cyber-criminals-tying-emergency-phone-lines-through-tdos-attacks-215585 Liknar DDoS-attacker, TDO används också för att pressa pengar från mål, inklusive företag och offentliga organ Nöd-leverantörer och andra organisationer är att vara riktade med TDO (telefoni förnekande av tjänst) anfalla, enligt en säkerhetsvarning från Department of Homeland Security (DHS) och FBI erhålls av säkerhetsexpert Brian Krebs. TDO attacker använda höga volymer av automatiserade samtal för att knyta upp målet telefonsystem, stoppa inkommande och utgående samtal. "Dussintals sådana attacker har riktade raderna [public safety svara punkt] administrativa PSAP (inte den 911 nöd-fodrar)," enligt registreringen. "Det är spekulerade att regeringen kontor/emergency services är att vara"riktade"på grund av nödvändigheten av funktionella telefonlinjer." Akut tjänsteleverantörer är inte de enda organisationer riktade: "många liknande attacker har inträffat riktar sig till olika företag och offentliga organ, inklusive den finansiella sektorn och andra offentliga krisinsatser intressen, inklusive luft ambulans, ambulans och sjukhuset kommunikation." Förövarna använder attackerna för att pressa pengar från målet organisationer, enligt registreringen. De börjar med de organisationer som tar emot ett samtal från en representant från en påstådd avlöningsdag lån företag, under vilken en anropare--oftast tala i en "stark accent&quo...

https://abney-and-associates.jux.com/1026338

SHANGHAI — China has issued a new call for international “rules and cooperation” on Internet espionage issues, while insisting that accusations of Chinese government involvement in recent hacking attacks were part of an international smear campaign.

The remarks, by Foreign Minister Yang Jiechi, were China’s highest-level response yet to intensifying reports that the Chinese military may be engaging in cyberespionage.

“Anyone who tries to fabricate or piece together a sensational story to serve a political motive will not be able to blacken the name of others nor whitewash themselves,” he said.

Speaking to the news media on the sidelines of the annual session of the National People’s Congress on Saturday, Mr. Yang said that the reports were “built on shaky ground” and that cyberspace should not be turned into a battlefield.

Beijing has stepped up its response to the attacks in recent weeks, saying that China is often the victim of such attacks. Although security experts have found evidence that many of the most aggressive attacks can be traced back to Internet addresses inside China, the Chinese military recently said that attacks on its own computers were linked to Internet addresses in the United States.

Many experts on the issue acknowledge that it is difficult to pinpoint the origins of attacks. However, some experts in the United States and Canada say there is more and more evidence that the attacks on W...

http://www.nytimes.com/2013/03/11/world/asia/china-calls-for-global-hacking-rules.html?_r=2&

SHANGHAI — China has issued a new call for international “rules and cooperation” on Internet espionage issues, while insisting that accusations of Chinese government involvement in recent hacking attacks were part of an international smear campaign.

The remarks, by Foreign Minister Yang Jiechi, were China’s highest-level response yet to intensifying reports that the Chinese military may be engaging in cyberespionage.

“Anyone who tries to fabricate or piece together a sensational story to serve a political motive will not be able to blacken the name of others nor whitewash themselves,” he said.

Speaking to the news media on the sidelines of the annual session of the National People’s Congress on Saturday, Mr. Yang said that the reports were “built on shaky ground” and that cyberspace should not be turned into a battlefield.

Beijing has stepped up its response to the attacks in recent weeks, saying that China is often the victim of such attacks. Although security experts have found evidence that many of the most aggressive attacks can be traced back to Internet addresses inside China, the Chinese military recently said that attacks on its own computers were linked to Internet addresses in the United States.

Many experts on the issue acknowledge that it is difficult to pinpoint the origins of attacks. However, some experts in the United States and Canada say t...

Et økende antall DDoS-angrep vil være program basert, Gartner har advart, men det er ikke den eneste trusselen selskapene står overfor: forskerne avdekket to nye Java dagsaktuelle bugs, mens indikasjoner var at spammere er å trykke inn et sikkerhetsproblem av sine egne i form av mobile SMS-med nye ubegrenset planer tilbyr nye muligheter for utnyttelse.

Sikkerhetsleverandøren Trustwave LED sin egen phishing-kampanjen, mens studier antydet at Stuxnet malware hadde vært i bruk siden minst 2007. Symantec slo umiddelbart det, noe som tyder på koden hadde faktisk vært under utvikling siden 2005.

I mellomtiden, nye malware som er kjent som MiniDuke var å bli stemplet som en cyberespionage angrep som det rev gjennom 23 europeiske regjeringer, mens Bank of America led av en brudd som den skyldte på en tredje part.

Det er ikke alene: en islamsk hacking gruppe har lovet å gjenoppta sin cyberattacks på amerikanske banker, mens etterforskere advart om et smutthull i HTML5 som kan brukes til å fylle en offerets harddisk med søppel data.

Bor på toppen av slike angrep er viktig ikke bare for åpenbare grunner, men fordi-en ny studie forteller oss-lider en cyberattack eller data brudd tendens til å skremme av investorene. Selvfølgelig, kan forårsaker en presentere sine egne problemer også, som WA hacker Dylan Wheeler er å finne ut.

http://www.goodreads.com/topic/show/1236220-abney-associates-apple-now-blocks-older-versions-of-adobe-s-flash-playe

Apple has tightened up security in its Safari Web browser following recent patches to Adobe's Flash technology. As part of an update that went out yesterday, OS X will now block older and thus vulnerable versions of Flash, forcing users to update to the latest version if they wish to view Flash-based content. In order to block older versions of the software, Apple is using its Xprotect malware scanner, which is built into Mac OS X and can spot and quarantine known malware. The move comes roughly a month after Apple began blocking older versions of Oracle-owned Java on OS X over security concerns. That issue proved to be a bit more complex, with Apple last week saying that it too was targeted as part of an organized hacking attempt that capitalized on Java vulnerabilities, but did not target the company's customers. Earlier this week Adobe pushed out a software update that patched three vulnerabilities in Flash, two of which it said were designed to target Mozilla's Firefox browser.

Related Articles: http://chirpstory.com/li/55958 http://www.myvideo.de/watch/9

http://my.opera.com/andreiwhitebeard/blog/2013/03/04/abney-associates-apple-now-blocks-older-versions-of-adobes-flash-player-in-saf

A new security update from Apple blocks outdated versions of Adobe's Flash plug-in, forcing users to nab the newest version.

Apple has tightened up security in its Safari Web browser following recent patches to Adobe's Flash technology. As part of an update that went out yesterday, OS X will now block older and thus vulnerable versions of Flash, forcing users to update to the latest version if they wish to view Flash-based content. In order to block older versions of the software, Apple is using its Xprotect malware scanner, which is built into Mac OS X and can spot and quarantine known malware. The move comes roughly a month after Apple began blocking older versions of Oracle-owned Java on OS X over security concerns. That issue proved to be a bit more complex, with Apple last week saying that it too was targeted as part of an organized hacking attempt that capitalized on Java vulnerabilities, but did not target the company's customers. Earlier this week Adobe pushed out a software update that patched three vulnerabilities in Flash, two of which it said were designed to target Mozilla's Firefox browser.

Get more info: http://chirpstory.com/li/55958 http://www.myvideo.de/watch/9001514/InternationalInternetandTechnologyWarningAbneyAssociates_Review