Infosecurity News
Hulk DoS tool analyzed and mitigated
On 17 May, security researcher Barry Shteiman released Hulk (HTTP unbearable load king). It is, as its name suggests, a denial-of-service (DoS) tool that operates by sending an unbearable load of HTTP requests to the target web server, overloading it and bringing it to a standstill.
US government drags its feet on declassifying documents
The number of US government documents that were declassified, as well as the number reviewed for declassification, dropped in fiscal year (FY) 2011. This was compared with the previous fiscal year, according to an annual report by the Information Security Oversight Office (ISOO).
Majority of firms plan to institute employee monitoring for social media use
Around 60% of corporations said they plan to implement a formal security monitoring plan for employee use of social media by 2015, according to a survey by Gartner.
Military grade chips may not be as secure as we think
Sergei Skorobogatov and Chris Woods have discovered a backdoor into a military grade chip, permitting ‘a new and disturbing possibility of a large scale Stuxnet-type attack via a network or the Internet on the silicon itself’.
PayPal researcher proposes technique to thwart clickjacking attacks
Researcher Brad Hill with PayPal argues that a combination of a randomized user interface (UI) and a backend screenshot comparison tool could put an end to clickjacking attacks.
Industry group unveils voluntary principles to combat botnets
At a White House event today designed to draw attention to the problem of botnets, the Industry Botnet Group (IBG) unveiled a set of principles to combat their proliferation.
Massachusetts hospital to pay $750,000 for 2010 data breach
South Shore Hospital in South Weymouth, Mass., has agreed to pay $750,000 to settle charges brought by the state Attorney General Martha Coakley for a 2010 data breach that exposed personal information on more than 800,000 people.
Flaming Hack: What does 'Flame' mean for the rest of us?
We’ve all heard about Flame, the ‘mother of all cyberweapons’, the attack tool that takes cyberwarfare to a new level. But what does it actually mean for the rest of us?
Neelie Kroes Promises champagne connection - for the wealthy
Neelie Kroes, European Commissioner for the Digital Agenda, has promised a champagne connection for those who can afford it.
Assange’s appeal fails: extradition lawful – everything left to play for
By a majority of 5 to 2 (Lord Mance and Lady Hale dissented) the UK supreme court has this morning ruled that Julian Assange’s extradition to Sweden is lawful, “and his appeal against extradition is accordingly dismissed.” Assange was not present in court.
Kratos gets $16 million cybersecurity contract for US Antarctic Program
Kratos Defense and Security Solutions said it received a $16 million subcontract from Lockheed Martin to provide cybersecurity for the US Antarctic Program (USAP).
University of Nebraska probes breach of 650,000 records
The University of Nebraska has assembled a team of between 20 and 30 investigators to probe the breach of a database that contains personal information on up to 650,000 students, alumni, parents, and staff.
Flame proves cyberwarfare is active
Cyberwarfare is an emotive and contentious issue. But the emergence of an extensive and sophisticated attack toolkit, Flame, apparently targeted against Iran removes all doubt: cyberwar is here and active.
iOS 5.5.1 jailbreak done; iOS 6 jailbreak pending
On Friday, the iOS 5.5.1 untethered jailbreak, Absinthe 2, was released. Now the same team is already working on a jailbreak for iOS6. But users should consider this: you’re on your own if you jailbreak.
Security: do as I say, not as I do
While the role of the CISO is increasingly recognized – usually reporting directly to the board and sometimes sitting on the board – the problems it faces is highlighted by a new Cryptzone survey: security policy doesn’t apply to senior management.
US lawmakers look to reopen Google Street View probe
Two US lawmakers are asking the Justice Department to reopen its investigation into Google’s collection of data from unprotected WiFi networks for its Google Maps Street View project.
TheWikiBoat’s OpNewSon fires today
TheWikiBoat, a new hacking group that uses techniques and tools similar to Anonymous, but for the lulz rather than the principle, plans to launch its first major operation, #OpNewSon, today.
Iranian students claim to have stolen info on NASA researchers
A group of Iranian students are saying that they stole personal information on researchers at the US space agency.
Boston hospital loses laptop with patients' personal data
Boston Children’s Hospital admitted this week that 2,159 patients may have had their personal information compromised as the result of a lost laptop.
Most businesses unaware of tough Canadian anti-spam law
A surprising 60% of US and Canadian marketing executives are unaware that Canada has an anti-spam law that contains fines of up to $10 million per offense and applies to any firm that sends communications to or from Canada.