Information Security News
by Sean Gallagher
Back in the days when I worked in the computer security business, I always used to say that the one thing I could always be thankful for was that there'd be no lack of work. Today, I'm thankful that all I have to do is write about security, considering the target-rich environments that information security professionals have to deal with.
On Tuesday, December 3, I'll be in New York City at the Harvard Club to moderate a panel hosted by the Information Security Forum, discussing the top six reasons why infosec professionals will continue to collect a paycheck in the new year. The panelists for the half-day executive seminar on the 2014 "Threat Landscape"—including ISF Global Vice President Steve Durbin and Garcia Cyber Partners principal Greg Garcia—and I will discuss ISF's forecasted top six security threats to business in 2014 and what to do about them.
Here's are some of the topics that will be on the panel's "threatdown":
A company billing itself as one of Europe's biggest Bitcoin exchanges said it suffered a coordinated attack that succeeded in stealing almost $1 million worth of the digital currency, marking the latest in a string of high-stakes heists hitting companies that hold large sums online.
Kris Henriksen, CEO of Denmark-based Bitcoin Internet Payment Services (BIPS), made that claim last week in a Web post that said the attack began as a distributed denial-of-service (DDoS) attack. Two days later, Henriksen said, the same attackers targeted the BIPS network again and managed to use the damage they previously inflicted to somehow tamper with the channel that connects BIPS data storage systems to company servers.
"On November 15, BIPS was the target of a massive DDoS attack, which is now believed to have been the initial preparation for a subsequent attack on November 17 that overloaded our managed switches and disconnected the iSCSI connection to the SAN on BIPS servers," the CEO wrote. "Regrettably, despite several layers of protection, the attack caused vulnerability to the system, which has then enabled the attacker/s to gain access and compromise several wallets."
Posted by InfoSec News on Nov 26https://www.cerias.purdue.edu/site/blog/post/the_passing_of_a_pioneer/
Posted by InfoSec News on Nov 26http://www.govhealthit.com/news/years-end-policy-work-hipaa-disclosure-accounting
Posted by InfoSec News on Nov 26http://www.windsorobserver.co.uk/news/windsor/articles/2013/11/25/95303-loss-of-388-council-laptops-described-as-not-a-big-security-breach/
Posted by InfoSec News on Nov 26http://news.techworld.com/security/3490854/racing-post-website-in-chaos-after-hackers-raid-database/
Posted by InfoSec News on Nov 26http://arstechnica.com/security/2013/11/red-october-crypto-app-adopts-two-man-rule-used-to-launch-nukes/