Monday, October 28, 2013

Cyber Security News and Education for the Week of October 28, 2013

Cyber Security News of the Week  
From our friends at Citadel Information Group

Cyber Crime

Hackers compromise official PHP website, infect visitors with malware (updated): Maintainers of the open-source PHP programming language have locked down the website after discovering two of its servers were hacked to host malicious code designed to surreptitiously install malware on visitors' computers. are technics, October 24, 2013

Cyber Attack

U.N. nuclear agency says malware infected some computers: (Reuters) - Malicious software infected some U.N. nuclear agency computers over the past few months but no data in its network has been compromised, the agency said on Tuesday. Reuters, October 22, 2013

Cyber Privacy

Senator Demands More Info From Experian: In the wake of revelations that credit bureau Experian sold consumer data to the proprietors of an underground identity theft service, a powerful U.S. senator is calling on the company to divulge more information on the extent of the potential damage to consumers. KrebsOnSecurity, October 24, 2013

Big Data Is Opening Doors, but Maybe Too Many: IN the 1960s, mainframe computers posed a significant technological challenge to common notions of privacy. That's when the federal government started putting tax returns into those giant machines, and consumer credit bureaus began building databases containing the personal financial information of millions of Americans. Many people feared that the new computerized databanks would be put in the service of an intrusive corporate or government Big Brother. The New York Times, March 23, 2013

Cyber Warning

GTA 5 Malware May Have Already Infected Thousands Of Computers: Here's a good rule of thumb: if a game hasn't been released for your chosen platform, don't download it. It's true on Android, and it's true on Windows. While we assume that GTA 5 will be coming to PC at some point, there are already torrents claiming to offer the massively popular crime sim to Windows users, and one of them is a giant malware file that may have already infected thousands of computers. Forbes, October 22, 2013

Cyber Security Management - Cyber Update

Cisco Fixes DoS, Remote Code Executioin Bugs In Six Products: Telecommunications company Cisco rolled out three patches for multiple products yesterday, addressing vulnerabilities that could've led to a denial of service (DoS) attack or allowed an attacker to execute code and obtain sensitive information. ThreatPost, October 24, 2013

Cyber Security Management - Cyber Defense

Not Your Father's IPS: SANS Releases Results On Its Network Security Survey: BETHESDA, Md., Oct. 25, 2013 /PRNewswire-USNewswire/ - SANS announces the results of a new survey sponsored by Hewlett-Packard on network security. In it, 439 survey responses show that IPS is still mainly deployed at the perimeter and is doing a fairly good job at detection, yet only 11% of respondents are turning on IPS to block automatically for 100% of their traffic. DarkReading, October 25, 2013

Protect your Facebook account from hackers with two-factor authentication: Nobody likes it when their friends suddenly start spewing links to weight-loss supplements and porn on Facebook. Don't be that person. Using Facebook's two-factor authentication feature can help keep undesireables out of your account-perhaps saving some friendships. TechHive, October 22, 2013

Cyber Security Management - HIPAA

Calif. AG offers medical identity theft prevention tips: Healthcare providers, payers, healthcare information organizations (HIOs) and policy makers all need to do their part in preventing medical identity theft and there are some best practices they can follow to lower the number of fraud incidents. HealthITSecurity, October 22, 2013

Securing the Village

US government releases draft cybersecurity framework: NIST comes out with its proposed cybersecurity standards, which outlines how private companies can protect themselves against hacks, cyberattacks, and security breaches. CNet, October 22, 2013

Information sharing key to security, say European experts: Sharing information on threats faster is essential in the face of increasingly sophisticated attacks, says Freddy Dezeure, head of the European Union computer emergency response team (EU-Cert). ComputerWeekly, October 23, 2013

National Cyber Security

Amid New Storm in U.S.-Europe Relationship, a Call for Talks on Spying: BERLIN - While President Obama has tried to soften the blow, this week's disclosures about the extent of America's spying on its European allies have added to a series of issues that have sharply eroded confidence in the United States' leadership at a particularly difficult moment. The New York Times, October 25, 2013

Cyber Calendar

The 28th Annual 2013 ISSA SoCal Security Symposium: The SoCal Security Symposium features over 30 vendor exhibits and several industry experts discussing current security issues such as eDiscovery, cloud security, threat vectors, mobile security, and much more. There will be lots of give a ways and prizes! This conference will provide tremendous networking opportunities. You'll come away with advice and knowledge you can start applying to your environment immediately. Your registration will include your breakfast, lunch, ice cream social, CPE credits (8) and entrance into the conference sessions and exhibit area. ISSA-OC, Event Date: October 30, 2013's Security Recruiter Blog