Information Security News
Tabernus to Give Away iPad at InfoSec Europe 2013
Press Release Centre (press release)
Tabernus to Give Away iPad at InfoSec Europe 2013. 2013-04-17; By Marketers Media; Posted in Business. Tabernus, an International data erasure software developer, is giving away the brand new 16 GB Apple iPad with retina display, worth £399.00 to one ...
Microsoft today announced that it is rolling out optional two-factor authentication to the 700 million or so Microsoft Account users, confirming last week's rumors. The scheme will become available to all users "in the next few days."
It works essentially identically to existing schemes already available for Google accounts. Two-factor authentication augments a password with a one-time code that's delivered either by text message or generated in an authentication app.
Computers that you trust will be allowed to skip the two factors and just use a password, and application-specific passwords can be generated for interoperating with software that doesn't support two-factor authentication.
About mid-afternoon yesterday (Central time - US), Boston related spam campaigns have begun. The general "hook" is that it sends a URL with a subject about the video from the explosions. Similar to when Osama Bin Laden was killed and fake images were used as a hook, in this case, the video is relevant to the story and being used as a hook. Right now, very roughly 10-20% of all spam is related to this (some spamtraps reporting more, some less). Similar IPs have also been sending pump & dump scams so likely the same group has re-tasted itself.
Here is a list of subjects I've seen hit spam traps:
Here is a list of malicious URLs in those messages (use at your own risk):
bambenek \at\ gmail /dot/ com
Consolidation: a new infosec imperative
Fragmented information security systems can lead to weak spots, say experts. Consolidation of tools and streamlining of information management is needed now for proactive IT security. Information security management needs a holistic approach, says ...
Coordinated attacks used to knock websites offline grew meaner and more powerful in the past three months, with an eight-fold increase in the average amount of junk traffic used to take sites down, according to a company that helps customers weather the so-called distributed denial-of-service campaigns.
The average amount of bandwidth used in DDoS attacks mushroomed to an astounding 48.25 gigabits per second in the first quarter, with peaks as high as 130 Gbps, according to Hollywood, Florida-based Prolexic. During the same period last year, bandwidth in the average attack was 6.1 Gbps and in the fourth quarter of last year it was 5.9 Gbps. The average duration of attacks also grew to 34.5 hours, compared with 28.5 hours last year and 32.2 hours during the fourth quarter of 2012. Earlier this month, Prolexic engineers saw an attack that exceeded 160 Gbps, and officials said they wouldn't be surprised if peaks break the 200 Gbps threshold by the end of June.
The spikes are brought on by new attack techniques that Ars first chronicled in October. Rather than using compromised PCs in homes and small offices to flood websites with torrents of traffic, attackers are relying on Web servers, which often have orders of magnitude more bandwidth at their disposal. As Ars reported last week, an ongoing attack on servers running the WordPress blogging application is actively seeking new recruits that can also be harnessed to form never-before-seen botnets to bring still more firepower.
SC Magazine UK
Training up the infosec troops
SC Magazine UK
The UK has a desperate need for more infosec professionals, according to the National Audit Office (NAO). In its February 2013 landscape review of the UK's cyber security, which assessed the UK government's progress in implementing its cyber security ...
UPDATE: All seems to be well and the interuption was brief. You can check status @ http://www.apple.com/support/systemstatus/
We are getting reports of an Apple services outage and or diffuculty connecting to iTunes services. If you are seeing this please report it?
--- ISC Handler on Duty(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.