http://www.ere-security.com/rss.xml ERE Information Security Auditors RSS Description en-us Copyrights © 2007-2008. All rights reserved. 2012-05-17T10:27:26+01:00 ERE RSS Admin ERE Information Security Auditors RSS http://news.cnet.com/8301-1009_3-57429139-83/new-malware-strain-locks-up-computers-unless-ransom-is-paid/?tag=txt;title New malware strain locks up computers unless ransom is paid. A campaign of "ransomware" is locking people out of their computers unless they pony up the right amount of money. Spotted by security blog abuse.ch, the malware taps into an exploit kit known as "Blackhole." Sold underground, Blackhole is used by criminals to infect computers through security holes in the browser or third-party plug-ins, such as Java and Adobe Reader http://news.cnet.com/8301-1009_3-57427087-83/u.k.s-soca-web-site-targeted-in-ddos-attack/ It's been a tough year for the U.K.'s Serious Organized Crime Agency (SOCA). The organization confirmed to TechWeekEurope today that its site has once again become the target of a distributed denial of service (DDoS) attack, and has been forced to take its site offline to "limit the impact" of the threat. "Clearly the things we'd like to stress are that the SOCA website contains only publicly available information, it does not provide access to operational material," a SOCA spokesperson told TechWeekEurope. "DDoS attacks cause a temporary inconvenience to website visitors, they don't impose a security risk to the organization. We will monitor the situation and put the site back up when it is appropriate to do so." http://www.homelandsecuritynewswire.com/seworld20120430-nato-prepares-for-a-new-futuristic-war NATO prepares for a new, futuristic war NATO’s Operation Locked Shields, an international military exercise the military alliance conducted last month, was different from trasditional war games. There were no bullets, tanks, aircraft, ships, or camouflage face-paint. The troops involved in the exercise spent most of their time in air-conditioned rooms within a high security military base in Estonia. The exercise, a window into what a future war would look like, had one team of IT specialists detailed to attack nine other teams, located in different parts of Europe. The IT experts, working from their terminals in the Nato Co-operative Cyber Defense Center of Excellence, created viruses, worms, Trojan Horses, and other Internet attacks, aiming to hijack and extract data from the computers of their “enemies.” http://www.infoworld.com/d/security/report-security-threats-small-companies-can-spread-larger-organizations-192072 Report: Security threats at small companies can spread to larger organizations Attackers used smaller businesses with less stringent security as gateways to their ultimate targets: large corporations or governments that hold valuable secrets, according to a Symantec report on Internet security. In addition, adversaries target lower-level employees because they are more likely to open up malware attachments to emails that compromise their machines and then their networks, according to "Internet Security Threat Report: 2011 Trends," put out by Symantec. [Half the targeted attacks were directed at companies with fewer than 2,500 employees, the study says, and while they may not own assets that the attackers want, they may represent backdoors into larger businesses that do own such assets. http://www.homelandsecuritynewswire.com/dr20120426-cyberattack-disrupts-iran-s-oil-production-system Cyberattack disrupts Iran’s oil production system The Iranian oil industrywas subject to cyber attack this past weekend,but the Iranian government saysit has contained and controlled the damage from the malware; this is the fourth known cyber attack on Iran’s civilian and military infrastructure The Iranian oil industrywas subject to cyber attack this past weekend,but the Iranian government saysit has contained and controlled the damage from the malware. It has yet provided no details of the virus, or how the system was infiltrated. Internet access at the targeted sites was disrupted during the attack. The network systems at the Kharg Island depot, which handles up to 90 percent of Iran’s petroleum exports, were disconnected from the Internet, along with the systems at a number of unspecified facilities in other parts of the country, including the oil ministry’s Website. http://www.homelandsecuritynewswire.com/dr20120425-better-cybersecurity-for-the-healthcare-industry Better cybersecurity for the healthcare industry Healthcare organizations face ever more threatening cyber attacks. In response, the Health Information Trust Alliance (HITRUST) has established the HITRUST Cybersecurity Incident Response and Coordination Center to provide support for the healthcare industry Healthcare organizations face ever more threatening cyber attacks. In response, the Health Information Trust Alliance (HITRUST) has established the HITRUST Cybersecurity Incident Response and Coordination Center to provide support for the healthcare industry. HITRUST says this support includes facilitating the early identification of cybersecurity attacks, coordination of response activities, and creation of best practices. In addition, the center will make available cyber threat information to the broader industry. http://www.infoworld.com/d/security/conficker-microsoft-says-two-basic-security-steps-might-have-stopped-infections-191756 Conficker: Microsoft says two basic security steps might have stopped infections If businesses and consumers stuck to security basics, they could have avoided all cases of Conficker worm infection detected on 1.7 million systems by Microsoft researchers in the last half of 2011. According to the latest Microsoft Security Intelligence report, all cases of Conficker infection stemmed from just two attack methods: weak or stolen passwords and exploiting software vulnerabilities for which updates existed. So using strong passwords and boosting password security in combination with promptly patching known vulnerabilities would have gone a long way toward reducing the number of Conficker infections, which rose by more than 500,000 in the fourth quarter of 2011, according to the study. Despite these simple steps, Conficker has remained at the top of the enterprise threat list for the past two and a half years, the study says. http://isc.sans.org/diary/OpenSSL+reissues+fix+for+ASN1+BIO+vulnerability/13042 OpenSSL reissues fix for ASN1 BIO vulnerability OpenSSL has posted an updated advisory today indicating the fix for CVE-2012-2110 released on 19APR2012 was not sufficient to correct the ASN1 BIO vulnerability issue for OpenSSL version 0.9.8. Please note that this latest issue only affects OpenSSL 0.9.8v. OpenSSL 1.0.1a and 1.0.0i already contain a patch as released on the 19th sufficient to correct CVE-2012-2110. Please upgrade to 0.9.8w. http://www.darkreading.com/database-security/167901020/security/attacks-breaches/232900882/healthcare-industry-now-sharing-attack-intelligence.html Healthcare Industry Now Sharing Attack Intelligence Large healthcare organizations and the U.S. Department of Health and Human Services (HHS) have banded together to share attack and threat intelligence in a new incident response and coordination effort established specifically for their industry. The Health Information Trust Alliance (HITRUST) today announced the launch of the new HITRUST Cybersecurity Incident Response and Coordination Center as a go-to online community for helping spot cybersecurity attacks against healthcare organizations and coordinating incident response to threats and attacks. "We [all] started to see, eight- to 12 months ago, and uptick in more focused attacks or attempts against healthcare systems, coming from around the world," says Roy Mellinger, CISO at WellPoint, one of the 15 founding participants in the new cyber-coordination center. "We needed something to help us protect" our data, so the center is a crucial resource, according to Mellinger. http://news.cnet.com/security/?tag=hdr;snav Security & Privacy A new variant of Flashback, the malware found earlier this month to be infecting hundreds of thousand of Macs, has spawned a new variant, security researchers announced today. The new variant -- dubbed Flashback.S -- "is actively being distributed in the wild," taking advantage of a Java vulnerability that Apple has already patched, security company Intego said in a statement. The new variant installs itself on the user's home folder without a password and then deletes all folders and files from the Java cache folder to mask its presence. http://news.cnet.com/8301-1009_3-57419595-83/google-ups-cash-reward-for-being-hacked/?tag=txt;title Google ups cash reward for being hacked In an effort to cut down on hacking, bugs, and vulnerabilities, Google offers dollar rewards for people to hack into its Web services. The Internet giant began swapping security research for cash over the past couple of years, but today it announced that it was upping the ante. "In just over a year, the program paid out around $460,000 to roughly 200 individuals," Google security team members Adam Mein and Michal Zalewski wrote in a blog post. "We're confident beyond any doubt the program has made Google users safer." http://www.infoworld.com/d/security/most-it-and-security-professionals-see-anonymous-serious-threat-their-companies-191502 Most IT and security professionals see Anonymous as serious threat to their companies The majority of IT and security professionals believe that Anonymous and hacktivists are among the groups that are most likely to attack their organizations during the next six months, according to the results of a survey sponsored by security vendor Bit9. Sixty-four percent of the nearly 2,000 IT professionals who participated in Bit9's 2012 cyber Security Survey believe that their companies will suffer a cyber attack during the next six months and sixty-one percent of them chose hacktivists as the likely attackers. Respondents had the option to select up to three groups of attackers who they believe are most likely to target their organizations. The choices were Anonymous/hacktivists, cyber criminals, nation states, corporate competitors and disgruntled employees.