Monday, December 31, 2012

Cyber Security News for the Week of December 31, 2012

Cyber Security News for the Week of December 31, 2012
From our friends at Citadel Information Group

Cyber Crime

A costly lesson that your email - and money - aren't safe: A Lake Arrowhead man loses $8,600 when hackers use his email account to tell his accountant to transfer funds to a Texas bank. LA Times, December 20, 2012

Cyber Warning

Ransomware Extortion Scam Locks Machines, Demands Payment: The latest ransomware scam is locking down infected machines and displaying localized webpages warning users that their computer contains "banned material" and won't be unlocked until a fine is paid, according to a report from McAfee's Naganathan Jawahar. ThreatPost, December 21, 2012

Cyber Security Management - HIPAA

Health-care sector vulnerable to hackers, researchers say: As the health-care industry rushed onto the Internet in search of efficiencies and improved care in recent years, it has exposed a wide array of vulnerable hospital computers and medical devices to hacking, according to documents and interviews. The Washington Post, December 25, 2012

National Cyber Security

Iran Retracts Reports of New Stuxnet-Like Attacks Against Utilities: Iranian officials are retracting Christmas day reports that malware resembling Stuxnet had been used to attack manufacturing facilities including a power utility in southern Iran. ThreatPost, December 26, 2012
Iran Suggests Attacks on Computer Systems Came From the U.S. and Israel: Iran reported a number of new cyberattacks on Tuesday, saying foreign enemy hackers tried in recent months to disrupt computer systems at a power plant and other industries in a strategically important southern coastal province as well as at a Culture Ministry information center. The New York Times, December 25, 2012

Cyber Underworld

Exploring the Market for Stolen Passwords: Not long ago, PCs compromised by malware were put to a limited number of fraudulent uses, including spam, click fraud and denial-of-service attacks. These days, computer crooks are extracting and selling a much broader array of data stolen from hacked systems, including passwords and associated email credentials tied to a variety of online retailers. KrebsOnSecurity, December 26, 2012

Securing the Village-Events Calendar

Cloud Security Alliance-LA January Dinner Meeting; January 9, 2013. For more information and to register, go to  
ISSA-LA January Lunch Meeting; January 16, 2013. Topic: Physical Access for IT Professionals: What you don't know could already be hurting you. Speaker: Terry Gold. Visit ISSA-LA.ORG for more information and to register.
OWASP-LA Monthly Dinner Meeting; January 23, 2013. For more information and to register, go to  
ISC2-LA February Meeting; February 5, 2013: Email Bill Zajac at for more information.
ISSA-LA February Lunch Meeting; February 20, 2013.
ISSA-LA March Dinner Meeting; March 20, 2013.
Santa Monica Rotary Club; May 3, 2013: Dr. Stan Stahl, Citadel and ISSA-LA President, will speak on cybersecurity at the weekly meeting of the Santa Monica Rotary Club. In this non-technical talk - It Takes the Village to Secure the Village SM - Dr. Stahl discusses the financial implications of cyber crime, illustrates how cyber criminals take control of a user's computer, describes the limitations of technology, summarizes emerging cyber security laws, regulations and practices, and provides practical tips to lower the risk of becoming a victim.
ISSA-LA Fifth Annual Information Security Summit; May 21, 2013: SAVE THE DATE. Join over 500 of your colleagues and peers at the Universal City Hilton. Special Keynote Speaker: Howard Schmidt, former White House CyberSecurity Coordinator.'s Security Recruiter Blog