Feb 21

White House threatens trade sanctions for countries found cyber-snooping

Posted in: Today's Chili

White House threatens trade sanctions for countries found cybersnooping

International diplomacy may feel like schoolyard antics, but the participants do have something a little heavier to throw at each other. After President Obama signed an executive order to improve national cyber security, the White House is now reportedly opening the box marked Trade and Diplomatic Sanctions, which it’ll lob at any country that’s found to be appropriating US trade secrets. The executive has published a report, outlining a dozen thefts from companies such as GM, Ford and DuPont, fingering China as being behind a majority of them. If the hacking persists, then James Lewis, of the Center for Strategic and International Studies, says the White House should deny visas or access to US banks to Chinese people and corporations — making us wistful for the courtroom dramas of yore.

Update: We’ve corrected the story to correctly attribute the comments made by James Lewis.

Filed under: ,

Comments

Via: WSJ

Source: White House (.PDF)

No Comments | Tags: , , , , , , , ,
Feb 19

Reuters: Apple employee computers hacked, no evidence of stolen data

Posted in: Today's Chili

Last week, Facebook was the target of of a sophisticated hacking attack and now reports have surfaced that Apple’s been victimized by a similar scheme. Reuters is reporting that a number of Apple’s employees’ Macs were infiltrated by a hacking scheme, but “there was no evidence that any data left Apple.” To address the cyber security flaw found by the digital ne’re-do-wells, Apple has promised a software patch will be released later today [Psst… it’s available now.]. So, it appears the folks in Cupertino have things under control, and we’ve reached out to the company to confirm that’s the case. We’ll update things here when we hear back.

Update: Apple has provided us with the following statement regarding the matter.

“Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.

Since OS X Lion, Macs have shipped without Java installed and as a added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.”

Filed under: , ,

Comments

Source: Reuters

No Comments | Tags: , , , , , ,
Feb 12

President Obama signs executive order focused on improving national cybersecurity

Posted in: Today's Chili

While the President is currently giving his State of the Union address (viewable on YouTube here), earlier today he signed an executive order intended to improve the network security of “critical infrastructure.” As noted by The Hill, the order charges the National Institute of Standards and Technology with the task of creating a framework of best practices for operators in industries like transportation, water and health to follow, due in the next 240 days. The Department of Homeland Security is also heading up a voluntary program works with various agencies and industry groups to make sure the policies are actually adopted, and find ways to create incentives for that to happen.

The order has arrived after cybersecurity legislation failed to pass through Congress, and has been rumored heavily throughout the last few weeks. The president called for Congress to pass legislation to prevent cyberattacks during his speech, and this order is reportedly meant as a step in that direction. The Wall Street Journal indicates many businesses want liability protection against attacks in exchange for following the guidelines, which would require approval form Congress in order to happen.

It includes language accounting for privacy concerns as well, with agencies required to look over the potential impact of their work, and release public assessments. The DHS is to report in a year how its work impacts civil liberties and provide recommendations on mitigating such risks. There’s a lot to read through, so you can check out the document itself embedded after the break, or wait for those various agency reports for more updates.

Filed under: ,

Comments

Source: The Hill, Reuters, Wall Street Journal

No Comments | Tags: , , , , , , , ,
Oct 26

Hackers Just Stole Over 3 Million Social Security Numbers

Posted in: Today's Chili

If you’ve filed tax returns in South Carolina sometime since 1998, you might be in a little bit of hot water. An unidentified, foreign hacker has gotten into the state’s Department of Revenue, pilfering around 3.6 million social security numbers, and 387,000 credit and debit card numbers. In other words, no small haul. More »

No Comments | Tags: , , , ,
Oct 25

AMD, Intel and RSA team up, form the Cyber Security Research Alliance

Posted in: Today's Chili

Tech giants, including AMD, Intel and RSA teamup to form the Cyber Security Research Alliance

Sure, it’s not the first elite cybercrime-fighting team we’ve heard of, it’s also not everyday you hear the likes of Intel, Lockheed Martin and AMD buddying up on research. The companies are looking to address the “complex problems” in cyber security, with the private, non-profit group (which also includes Honeywell and RSA/EMC) aiming to work somewhere between government-funded security research and commercial products already out there. The Cyber Security Research Alliance is already in talks with NIST, and plans to launch a security research symposium early next year. The CSRA will also start tracking cyber security R&D, “prioritize” those aforementioned challenges, and hopefully come together for the greater good.

Continue reading AMD, Intel and RSA team up, form the Cyber Security Research Alliance

Filed under: , , , ,

AMD, Intel and RSA team up, form the Cyber Security Research Alliance originally appeared on Engadget on Thu, 25 Oct 2012 10:07:00 EDT. Please see our terms for use of feeds.

Permalink Security Week  |  sourceCyber Security Research Alliance  | Email this | Comments

No Comments | Tags: , , , , , , , , , , , , , , , , , , , ,
Oct 24

Huawei gives Australia peeks at its network hardware and code to regain trust

Posted in: Today's Chili

Huawei denied the Sydney Opera House in Australia

Huawei has had an image problem lately among countries skittish about trusting a Chinese telecom giant with the backbone of networks that its home government might like to snoop. The company’s Australian chairman John Lord thinks that’s just paranoia, and he’s planning radical transparency in the country to recover what trust he can after Huawei lost a National Broadband Network deal. The firm is willing to give the Australian government “unrestricted” access to both networking hardware and source code to prove that there’s no espionage afoot. Lord even likes the idea a domestic inspection agency that would greenlight equipment across the industry. All of the proposals represent a one-way conversation, however — Canberra hasn’t said if it’s receptive enough to drop the cold attitude. There’s a distinct chance that any successful return to favor wouldn’t come soon enough to recover the most lucrative contracts, which could make any Australian change of heart a Pyrrhic victory.

Filed under: ,

Huawei gives Australia peeks at its network hardware and code to regain trust originally appeared on Engadget on Wed, 24 Oct 2012 14:29:00 EDT. Please see our terms for use of feeds.

Permalink CNET  |  sourceBBC  | Email this | Comments

No Comments | Tags: , , , , , , , , , , , , , , ,
Sep 30

The Head of Homeland Security Stays Secure by Not Using Email, At All [Cybersecurity]

Posted in: Today's Chili

If you’re super concerned about cybersecurity and keeping your information and personal rendezvous private, there are plenty of measures you can take. If you’re super hardcore, you can do the same thing Department of Homeland Security Secretary Janet Napolitano does: just don’t use email. More »

No Comments | Tags: , ,
Aug 23

DARPA to hold one-day cyberwarfare workshop, attendance not mandatory

Posted in: Today's Chili

DARPA to hold oneday cyberwarfare workshop, attendance not mandatory

Oh, the fruits of the global village are many: connecting strangers with fetishes, fostering culture through memes and engendering cyber attacks via remote since the late 20th century. It’s the advanced decomposition of that latter rotten apple, however, that has DARPA — the government’s far-out research arm — taking a proactive stance and casting an agency-wide intelligence net to shore up on future defense protocol. To do this, the DoD offshoot’s holding a one-time workshop next month, dubbed Plan X Proposers’ Day, with the aim of bringing personnel together to brainstorm and implement infrastructure specifically centered around cyberwarfare analysis and research. One area the project, which just received $110 million in funding, will specifically avoid is the creation of actual cyberweapons. So, yeah, while this effort’s less Goldeneye and more of a strategic think tank initiative, it still warms the heart to know our nation’s best, brightest and most secretive are hard at work protecting our digital butts.

Filed under:

DARPA to hold one-day cyberwarfare workshop, attendance not mandatory originally appeared on Engadget on Thu, 23 Aug 2012 15:44:00 EDT. Please see our terms for use of feeds.

Permalink Fast Company  |  sourceFederal Business Opportunities (pdf)  | Email this | Comments

No Comments | Tags: , , , , , , , , , ,