Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
The U.S. Energy Department says the electricity system "faces imminent danger" from cyber-attacks, which are growing more frequent and sophisticated, but grid operators say they are already on top of the problem.
In the department’s landmark Quadrennial Energy Review, it warned that a widespread power outage caused by a cyber-attack could undermine "critical defense infrastructure" as well as much of the economy and place at risk the health and safety of millions of citizens. The report comes amid increased concern over cybersecurity risks as U.S. intelligence agencies say Russian hacking was aimed at influencing the 2016 presidential election.
"Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency," it said in the 494-page report. "The current cybersecurity landscape is characterized by rapidly evolving threats and vulnerabilities, juxtaposed against the slower-moving deployment of defense measures." Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/
|
Scooped by
Gust MEES
|
Über das Unternehmen Geofeedia konnten US-Behörden Standortdaten von Facebook- und Twitter-Nutzern sammeln. Facebook, Instagram und Twitter kennen viele Details ihrer Nutzer. Dies hat offenbar auch die US-Regierung erkannt und die Datenströme der Dienste über die Analytics-Plattform Geofeedia angezapft . Laut der Bürgerrechtsorganisation American Civil Liberties Union (ACLU) nutzte unter anderem die Polizei diese Informationen, um die Rassenproteste in Oakland und Baltimore zu überwachen.
Die Sammlung der Daten wurde von dem in Chicago ansässigen Unternehmen Geofeedia übernommen, das die Informationen dann an rund 500 Strafverfolgungs- und Sicherheitsbehörden weitergereicht haben soll. Neben persönlichen Informationen wurden auch Standortdaten von Nutzern gesammelt.
Facebook und Twitter beteuern, dass es sich bei dem abgegriffenen Daten um öffentlich zugängliche Informationen handeln würde. Als Reaktion auf die Vorwürfe schränkten beide Unternehmen den Zugriff von Geofeedia auf die Datenströme der sozialen Netzwerke ein oder sperrten den Anbieter sogar. Learn more / En savoir plus / Mehr erfahren: https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/ http://www.scoop.it/t/securite-pc-et-internet/?tag=Privacy
|
Scooped by
Gust MEES
|
Yahoo, Staples und Target, JPMorgan Chase oder T-Mobile: Die Liste der Unternehmen, die in den vergangenen zwei Jahren zum Opfer von Online-Attacken wurden, ist lang. Und: Die Hacker machen auch vor Behörden und Institutionen nicht Halt. Ob große Einzelhändler wie Staples und Target, Finanzriesen wie JPMorgan Chase, Mobilfunker wie T-Mobile oder nun der Internet-Dino Yahoo: Cyber-Attacken machen immer mehr Unternehmen zu schaffen und gehören in den USA inzwischen fast schon zum Alltag. Die üblichen Verdächtigen sind dabei meist Hacker im Auftrag anderer Staaten, häufig werden Russland und China als Übeltäter genannt. Trotz der zunehmenden Bedrohung sind viele Firmen immer noch nicht ausreichend gegen Angriffe aus dem Internet gerüstet. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Cyber-Attacks https://gustmees.wordpress.com/2013/05/13/visual-cyber-security-see-attacks-on-real-time/
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Security researcher Chris Vickery came across an online database, hosted on a Google Cloud server, containing 154 million US voter records.
It emerged that the poorly-secured database belonged to an unnamed client of data brokerage firm L2. The client has blamed hackers for leaving the database accessible from the outside world, without even the simplest password. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
The market for hacked servers might be much larger than previously thought, with new evidence suggesting that hackers sold access to over 170,000 compromised servers since 2014, a third of them located in the U.S.
The new revelation comes from antivirus firm Kaspersky Lab, whose researchers reported last week that a black market website called xDedic was selling remote access to more than 70,000 compromised servers for as little as US$6.
Following the report, a user with the moniker AngryBirds shared several Pastebin lists of IP addresses along with dates that allegedly represented hacked servers sold on xDedic since Oct. 2014.
The combined lists contained around 176,000 unique IP addresses, 100,000 more than the Kaspersky Lab researchers gathered themselves from the black market website. Validating the lists was not easy, especially since xDedic only displays the first two octets of a server’s IP address—for example 111.111.*.*.
However, the researchers found enough correlations to suggest that the new database of hacked servers is real and was copied from xDedic around February by someone who had access to see the full IP addresses. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Every week seems to bring news of another case of ransomware.
It’s nasty stuff. Nasty enough that the US and Canada on Thursday issued a rare joint cyber alert warning about the recent surge in ransomware attacks, in which data is encrypted and crooks demand payment for it to be unlocked.
The plague doesn’t appear to be going away anytime soon. Why should it? It’s proving a lucrative swindle for cyberthieves.
Enabling the ransomware plague is the fact that many people and businesses aren’t protecting themselves by locking down their computers and files.
If you do get infected with ransomware, unless you’ve got back-ups or the crooks made some kind of cryptographic mistake, you’re left with either paying or losing your locked-up files forever: a prospect that’s caused many to pay up.
From the alert, distributed by the US Department of Homeland Security and the Canadian Cyber Incident Response Centre:... Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/ict-security-tools/?tag=Ransomware
|
Scooped by
Gust MEES
|
A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/ict-security-tools/?tag=Ransomware
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
They're part of a competition sponsored by the U.S. Military, which will give the winner $2 million. In order to be selected as the winner, a team's systems must autonomously create network defenses, deploy patches and mitigations, monitor the network, and evaluate the defenses of competitors. It's a tall order, but the competitors are formidable, including one team that completed the first round in just six hours. The teams hail from around the world; there's no citizenship requirement even though the competition is funded by the U.S. military. Among them are professors and students from UC Berkeley and the University of Idaho, as well as a group of French, British, and American security researchers who met as students at UC Santa Barbara.
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
There have been hacking attempts on election systems in more than 20 states — far more than had been previously acknowledged — a senior Department of Homeland Security official told NBC News on Thursday.
The "attempted intrusions" targeted online systems like registration databases, and not the actual voting or tabulation machines that will be used on Election Day and are not tied to the Internet.
The DHS official described much of the activity as "people poking at the systems to see if they are vulnerable."
"We are absolutely concerned," the DHS official said. "The concern is the ability to cause confusion and chaos."
Only two successful breaches have been disclosed, both of online voter registration databases, in Illinois and Arizona over the summer. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=Elections
|
Scooped by
Gust MEES
|
Two-hundred thousand voter records were stolen from the Illinois board of elections, and a few murky clues point yet again to Russian hackers.
|
Scooped by
Gust MEES
|
Dans deux états américains, des pirates se sont introduits dans les bases de données où sont stockées des informations relatives aux électeurs. Voilà ce qu'a annoncé Yahoo News hier lundi sur base d'une mise en garde confidentielle du FBI. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?
|
Scooped by
Gust MEES
|
Nach langem Ringen tritt heute die Regelung "EU-US-Datenschutzschild" in Kraft. Die neue Richtlinie soll Standards bezüglich des Umgangs mit europäischen Informationen in den USA festlegen. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=EU
|
Scooped by
Gust MEES
|
A commercial data transfer pact provisionally agreed by the EU executive and the United States in February received the green light from EU governments on Friday, the European Commission said, paving the way for it to come into effect next week.
Its introduction should end months of legal limbo for companies such as Google, Facebook and MasterCard after the EU's top court struck down the previous data transfer framework, Safe Harbour, on concerns about intrusive U.S. surveillance.
Representatives of European Union member states voted in favor of the EU-U.S. Privacy Shield, which will underpin over $250 billion dollars of transatlantic trade in digital services by facilitating cross-border data transfers that are crucial to international business.
"Today member states have given their strong support to the EU-U.S. Privacy Shield, the renewed safe framework for transatlantic data flows," Commission Vice-President Andrus Ansip and Justice Commissioner Vera Jourova said in a statement.
The Commission, the EU executive, will formally adopt the Privacy Shield on Tuesday.
The Privacy Shield seeks to strengthen the protection of Europeans whose data is moved to U.S. servers by giving EU citizens greater means to seek redress in case of disputes. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=EU
|
Scooped by
Gust MEES
|
A database with 154 million US voter registration records has been leaking information on a dizzying array of intimate details, including gun ownership, Facebook profiles, address, age, position on gay marriage, ethnicity, email addresses and whether a voter is “pro-life.”
MacKeeper security researcher Chris Vickery found the instance of a CouchDB database wide open, configured as it was for public access with no username, password, or other authentication required.
As Vickery said in a post, he tracked down and notified the company that was the source of the database. It was shut down within 3 hours.
On Tuesday, Vickery reached out to the company – a data brokerage firm named L2 – to report his theory: that one of its clients had purchased data from L2 and was hosting it in an insecure manner.
L2 said that yes, that was the case. He and L2 CEO Bruce Willsie tracked down the client, and the database was taken offline within 3 hours. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
The Supreme Court has approved a rule change that will allow US judges to issue search warrants for accessing computers and devices in any jurisdiction.
That would greatly expand the FBI's hacking capability, say civil liberties groups, who are opposing the planned changes.
Under existing rules, judges can only issue orders within their jurisdiction, often only a few miles across or a few local districts.
But the Justice Dept. argued the changes are necessary to keep up the pace against criminals, who often work across multiple jurisdictions -- even countries.
|
Scooped by
Gust MEES
|
A strain of ransomware has infected the computer systems of MedStar Health, a healthcare provider operates ten hospitals across the Washington DC and Baltimore region.
The attack has resulted in the organisation taking an extreme measure to stop the infection from spreading further: it has shut down large portions of its network.
As The Washington Post reports, the malware is thought to have been discovered early on Monday morning, and some staff have claimed that they saw ransom demands had popped up on infected PC’s screens demanding payment in “some kind of internet currency”.
In a Facebook post, MedStar Health issued a statement confirming it had fallen victim, and that users had experienced problems accessing their computers. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/ict-security-tools/?tag=Ransomware
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Asked whether the Justice Dept. would demand source code in the future, the spokesperson declined to comment.
It's not uncommon for tech companies to refer to their source code as the "crown jewel" of their business. The highly sensitive code can reveal future products and services. Source code can also be used to find security vulnerabilities and weaknesses that government agencies could use to conduct surveillance or collect evidence as part of ongoing investigations.
Given to a rival or an unauthorized source, the damage can be incalculable. The government has demanded source code in civil cases filed under seal but also by seeking clandestine rulings authorized under the secretive Foreign Intelligence Surveillance Act (FISA), a person with direct knowledge of these demands told ZDNet. We're not naming the person as they relayed information that is likely classified.
We contacted more than a dozen tech companies in the Fortune 500. Unsurprisingly, none would say on the record if they had ever received such a request or demand from the government. Learn more: https://gustmees.wordpress.com/2013/12/21/privacy-in-the-digital-world-shouldnt-we-talk-about-it/ http://www.scoop.it/t/securite-pc-et-internet/?tag=Cyberespionage...
|
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/securite-pc-et-internet/