The U.S. Department of Homeland Security will begin issuing terror alerts via Facebook and Twitter starting the end of this month.
Color-coded alerts will be a thing of the past, and instead of five different warning levels, only two will remain — elevated and imminent — and the public will only hear about them some of the time.
These changes would all go into effect by April 27, according to the Associated Press.
To read more about this click here.
The National Security Agency, the top U.S. electronic intelligence service, has joined a probe of the October cyber attack on Nasdaq OMX Group Inc. amid evidence the intrusion by hackers was more severe than first disclosed, according to people familiar with the investigation.
The involvement of the NSA, which uses some of the world’s most powerful computers for electronic surveillance and decryption, may help the initial investigators — Nasdaq and the FBI — determine more easily who attacked and what was taken. It may also show the attack endangered the security of the nation’s financial infrastructure.
“By bringing in the NSA, that means they think they’re either dealing with a state-sponsored attack or it’s an extraordinarily capable criminal organization,” said Joel Brenner, former head of U.S. counterintelligence in the Bush and Obama administrations, now at the Washington offices of the law firm Cooley LLP.
Check out the entire article – Bloomberg
IEEE, the world’s leading society for technical professionals, has warned some 800 members that their credit card and personal information may have been stolen. The FBI has been notified of the breach.
The group disclosed the November, 2010 breach in a letter to the New Hampshire Attorney General, dated February 24, in keeping with that state’s data privacy law. While the source and purpose of the security breach aren’t known, IEEE’s membership of technical professionals raises concerns about whether group members might be the targets of sophisticated phishing and social engineering attacks using stolen data.
Check out the full article – ThreatPost
Details about the recent cyber attacks against security firm RSA suggest the assailants may have been taunting the industry giant and the United States as they stole secrets from a company whose technology is used to secure many banks and government agencies
Earlier this month, RSA disclosed that
“an extremely sophisticated cyber attack” targeting its business unit “resulted in certain information being extracted from RSA’s systems that relates to RSA’s SecurID two-factor authentication products.” The company was careful to caution that while data gleaned did not enable a successful direct attack on any of its SecurID customers, the information “could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.”
Read the full article at KrebsOnSecurity
An official audit of NASA’s network has concluded that the space agency faces a high risk of cyberattack.
Experts from the Office of the Inspector General (OIG) paint a grim picture of the state of the space agency’s server infrastructure, warning that vulnerabilities in its systems leave it open to defacement, denial of service or information-stealing attacks.
In particular, six unnamed IT systems were found to be at risk to attacks that might allow hackers to seize remote control of critical systems over the net – which included systems that control spacecraft – as a result of unpatched software vulnerabilities.
Read the full article – The Register
After a decade of abuse, Autorun is finally being retired in older versions of Windows.
On Tuesday, Microsoft began pushing an update that changes the way Windows Server 2008 and earlier versions of the OS respond when USB thumb drives and other portable media are plugged in. Until now, those versions dutifully executed code embedded in autorun.inf files without first prompting the user. The default behavior provided a convenient way to propagate malware such as Conficker, which hijacked the feature to spread itself each time an infected drive was inserted.
Read the full article – The Register
Computer hackers have breached the systems of the company that runs the Nasdaq stock exchange in New York but did not penetrate the part of the system that handles trades, Nasdaq said Saturday. The exchange’s operating company, Nasdaq OMX, said in a statement that it had discovered suspicious files on its United States servers, and that it immediately began conducting an investigation in conjunction with outside firms and federal law enforcement agencies.
The company said it had determined that a Web-based application on its servers called Directors Desk, on which corporations can store and share information, might have been affected. Nasdaq said the suspicious files “were immediately removed and at this point there is no evidence that any Directors Desk customer information was accessed or acquired by hackers.”
“At no point was any of Nasdaq OMX’s operated or serviced trading platforms compromised,” the company said.
Read the full article – The New York Times