The pen tester’s view of 2011: awareness rises but complacency reigns Tweet December 2011 | Derek Parkinson | Leave a comment The high-profile breaches of 2011 have helped to raise awareness of security and how even global companies can fail to get it right, but we are still complacent in our attitudes to security, warns pen testing expert and SANS instructor … Continue reading →
Stratfor clients braced for disclosures Tweet December 2011 | Derek Parkinson | Leave a comment Two of the dominant themes of 2011 – hacktivist exploits and embarrassing security breaches – are set to continue to the end of the year after associates of Anonymous hacked into Stratfor, a Texas-based provider of intelligence on security-related issues. … Continue reading →
Spammers turn on festive themes Tweet December 2011 | Derek Parkinson | Leave a comment Like legitimate merchants, criminals make the most of the holiday season, hoping to snare unwary shoppers with scam emails claiming to come from online stores, banks and credit card companies. “During the holiday rush many users will not pay very … Continue reading →
Nearly half of UK companies offer staff no cyber security training Tweet November 2011 | Derek Parkinson | Leave a comment Cyber crime is now the third most common type of crime suffered by businesses in the UK, but many are not well prepared to deal with it, with 45% offering no security training to staff, according to experts. Of all … Continue reading →
2011: the year of China’s cyber spies Tweet November 2011 | Derek Parkinson | Leave a comment Revelations about the extent of China’s cyber espionage activities, drawing together hackers, industry and its own Government, is the most significant security development in 2011, says Imperva. The cumulative cost of this is difficult to estimate, but could be anywhere … Continue reading →
Cyber war: clear and present danger? Tweet November 2011 | Derek Parkinson | Leave a comment How real is the threat of cyber war? Deciding this question often focuses on examples such as the cyber attacks on Estonia, Georgia, and Iran. For those who think cyber war is a “clear and present danger” these provide enough … Continue reading →
Duqu malware update: all eyes on Microsoft Tweet November 2011 | Derek Parkinson | Leave a comment Microsoft is under the spotlight following the discovery that the Duqu “son of Stuxnet” malware infects machines by exploiting a zero-day vulnerability in Windows. Further investigations by CrySyS, the Hungarian team that first spotted the malware in the wild, and … Continue reading →
Nitro campaign linked to wider espionage attacks Tweet November 2011 | Derek Parkinson | Leave a comment A wave of attacks designed to steal research data from chemicals companies across the world, including five based in the UK, appear to have been carried out by hackers in China, according to an investigation carried out by Symantec. The … Continue reading →
UK tops global league for phishing emails Tweet October 2011 | Derek Parkinson | Leave a comment The UK is awash with phishing emails, in October becoming the most heavily targeted country in the world with one in every 178 emails a phishing attempt, according to the latest Symantec Intelligence Report. This represents a concentration of phishing … Continue reading →
RSA attack was not “surgical strike” – Brian Krebs Tweet October 2011 | Derek Parkinson | Leave a comment The notorious phishing attack that cost RSA at least $66m now appears to be part of a far wider campaign than previously thought, targeting at least 750 organisations according to security researcher Brian Krebs. Although the source of his information … Continue reading →
