Category: IT Security

An anonymous reader writes “Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran’s Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government’s Cyber Security Framework. Langner’s Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government’s framework.”

Original article at Slashdot

Marc Gilbert got a horrible surprise from a stranger on his 34th birthday in August. After the celebration had died down, the Houston resident heard an unfamiliar voice coming from his daughter’s room; the person was telling his sleeping 2-year-old, “Wake up, you little slut.” When Gilbert rushed in, he discovered the voice was coming from his baby monitor and that whoever had taken control of it was also able to manipulate the camera. Gilbert immediately unplugged the monitor but not before the hacker had a chance to call him a moron.

Read the full article at Hitb

Black Hat 2013 concluded in the first week of August.
Continue reading “Interesting and scary things from Black Hat 2013”

Without adequate controls to manage store systems and the increase in number and variety of devices – retailers can expect security costs to continue to increase rapidly. Earlier this year, McAfee and IHL Group conducted an anonymous survey of senior retail and hospitality executives to discuss their strategies to meet PCI compliance and security for their retail systems.

 

Read More

Dropbox, the popular file hosting service that has managed to amass over 100 million users in the five years since it was launched, has had its fair share of problems: security glitches, hacks, being used as a malware hosting site, etc.

The latest one are two researchers that not only managed to reverse engineer (unpack, decrypt and decompile) the Dropbox client software (i.e. desktop app), but have documented the step-by-step process and have made it public.

 

Read More

For very many people, security is one of the most important issues when it gets to sending their files into the cloud. They worry that their files will be seen or even compromised by other persons because that is what took place in the past. The user accounts used to be hacked, cloud storage systems failed and personal files and data were exposed. Therefore, how can you successfully prevent that from ever happening even when the account gets hacked or something happens to your provider of cloud storage?

 

Read Full article ..

Businesses are increasingly looking at technologies to better detect targeted attacks and defend against phishing campaigns designed to trick end users into clicking on malicious files. Endpoint security technologies are now using a variety of new measures, from sandboxing to isolate and inspect the behavior of files to crowdsourcing capabilities that provide businesses faster protection against custom malware.

 

Read More

You should be already aware of the data theft risks that USB flash drives pose to your company – even a seemingly lowly 2GB drive can hold a lot of precious data – but a new threat has emerged which makes them even more dangerous.

 

Writing on the Webroot blog, security expert Dancho Danchev highlights the dangers facing corporations, both small and large, from low-cost USB flash drives that are capable of bypassing Microsoft’s AutoRun protection measures present on Windows 7 and Windows 8.

 

Read More