blog trackingRealtime Web Statistics Incidents Archives | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘incidents’

Singapore boosts cyber security after hacking incidents

Source: National Cyber Security – Produced By Gregory Evans

Singapore boosts cyber security after hacking incidents

A man looks at the activist hacker group Anonymous issuing a warning online to “go to war” with the Singapore government over recent Internet licensing rules on November 1, 2013. Roslan Rahman/AFP SINGAPORE – Singapore on Tuesday, August 26, announced […]

For more information go to, http://www., or

The post Singapore boosts cyber security after hacking incidents appeared first on National Cyber Security.

View full post on National Cyber Security

CBP/CBIG news release: Caribbean interagency group apprehends 57 undocumented migrants in two incidents

Top Priority Sector:  border_security Five citizens of the Dominican Republic charged Tuesday with alien smuggling Homepage position: Read More….

View full post on The Cyber Wars

2 Struggle NBA Players Accused Of Assaulting Girlfriends In Separate Incidents

A pair of struggle NBA players were recently in the news for domestic violence incidents involving their girlfriends. DeAndre Liggins of the OKC Thunder allegedly assaulted his girlfriend with an Xbox and was arrested on Saturday (September 1). Royce White, who missed last season (his rookie year) because of mental issues (OCD and anxiety disorder), was […]

View full post on Hip Hop Security

Popular SC beach area deemed high risk for pilots after laser incidents

Mark Rockwell Top Priority Sector:  airport_aviation_security Image Caption:  Grand Strand The popular “Grand Strand” beach area on the South Carolina coast has been deemed “very high risk” by Coast Guard commanders after some of its rescue search pilots were temporarily blinded by lasers pointed repeatedly at aircraft in the area from the ground. Coast Guard […]

View full post on The Cyber Wars

NIST publishes updated guide for managing computer security incidents

Mark Rockwell Top Priority Sector:  it_security The National Institute of Standards and Technology (NIST) published the final version of its guide to managing computer security incidents. The publication, said the institute, is based on best practices from government, academic and business organizations, and includes a new section expanding on the important practice of coordination and […]

View full post on The Cyber Wars

Mobile malware incidents on rise, says smartphone survey

The cost-saving culture of ‘bring your own device’ smartphones is tempting enterprises into taking risks they would not contemplate for conventional computing devices, a survey by Goode Intelligence has suggested.

The Third mSecurity Survey (summary PDF) confirmed that Apple’s iPhone is currently the dominant device, present in 77 percent of in the surveyed businesses, ahead of BlackBerry on 70 percent and the rapidly rising Android on 65 percent.

When asked whether their organisation allowed BYOD smartphone use, 71 percent said they did with 47 percent agreeing that company data was being stored on these devices.

Many of these smartphones were not being managed as secure devices, with fewer than one in five adding anti-malware and only half employing data encryption.

Perhaps not coincidentally, mobile malware incidents rose in 2011 with 24 percent reporting evidence of infection, up from nine percent in 2010 and 7 percent in 2009.

“The past three years have been extraordinary for mobile and there are no signs of this abating. Smartphones and tablet computers are having a transformational effect on the way that an organisation does business and manages information,” said survey author, Alan Goode.  

“There is a big question over whether information security professionals can keep up with the pace of change currently seen with smart mobile devices (SMD) and can manage the risks associated with them.”

Against this striking incident statistic has to be set the size and scope of Goode’s survey, which questioned only 130 IT professionals from a range of countries. Although (as the company points out) these figures are taken from real enterprises rather than being based on malware discovered by a secity company, it would be a stretch to infer similar incident levels in UK companies.

The report also supplied no data on incident rates on different platforms nor which threats had been encountered.

As with malware generally to some extent, mobile malware is extremely regional which reflects the culture of businesses in different countries and the way mobile applications are offered. The Far East and Russia have had problems with rogue Android apps being used for premium rate tariff fraud, a phenomenon that has not struck on any scale in Western countries — yet.

It is also difficult to infer is that BYOD itself is fuelling a rise in mobile malware although the relatively unprotected nature of many of the devices uncovered by Goode would tend to suggest some connection.

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Phishing incidents on the rise in India

NEW DELHI, INDIA: Over 380 phishing incidents have been reported in the January-October 2011 period and 508 in 2010 to the Indian Computer Emergency Response Team (CERT-In), the government said Friday.

View full post on cyber crime hacking — Yahoo! News Search Results

View full post on National Cyber Security

Video: Incidents in Mo. show changing criminal society

By PoliceOne Staff

INDEPENDENCE, Mo. — Police say two videos released Friday are evidence of a changing criminal culture in which instead of fleeing police, violators engage.

The first video shows Lonnie Moore, 41, exit a vehicle and fire on an officer, who shoots through the cruiser’s windows and wounds Moore. According to The Examiner, Independence police made the traffic stop in 2010 after encountering a vehicle that looked like one involved in a bank robbery. Once the initial shots were exchanged, Moore reenters the video frame and prolongs the gunfight — ammunition running dry — before taking his own life.

The second incident began with a call of an abandoned vehicle in 2009. As an officer investigated the car, Nicholas Waller, who reportedly carjacked a pizza delivery person, approached and fired, causing a second officer to return fire. Video is captured from that officer’s patrol car — seen striking Waller, who survived and was sent to jail.

Neither incident resulted in injuries for the officers, but Police Capt. John Cato said they illustrate what officers are seeing on the streets with increasing regularity.

“Most of the time, the perpetrators are trying to get away,” he said, “but we’re seeing more instances when they’re bringing the fight toward officers. They’re becoming very aggressive.”

View full post on PoliceOne Daily News

View full post on National Cyber Security

2011 in Review: Top 5 videos of vehicle incidents

By PoliceOne Staff Some truly bizarre incidents can take place in vehicles, as the case of the Ohio woman who sprayed deputies with breast milk in June demonstrates — glaringly. Other clips show an officer struck by a stolen car get up and chase the driver, a suspect escape out the window of a patrol car, and a nice PIT maneuver.

Officer sent flying by stolen car, chases driver

A UK police officer goes flying after a stolen BMW plows into him, then gets up and chases the driver.

Ohio deputies sprayed with breast milk

Stephanie Robinette, 30, locked herself in a car and sprayed breast milk on the car and the deputies trying to coax her out of the vehicle.

Handcuffed prisoner jumps from cruiser

A prisoner in Utah was being driven in a cruiser when he asked to have the window rolled down, saying he was ill.

SC trooper’s car engulfed in flames during chase

Miraculously, the trooper escaped without any major injuries.

PIT Success

A Trenton, Ga. patrol car stops a suspect’s truck to end a pursuit. Nicely executed.

View full post on PoliceOne Daily News

View full post on National Cyber Security

SSL certificates under fire as hacking incidents pile up

A year ago nobody could have cared less about certificate authorities (CAs), a dull but critical part of Internet that makes it possible for web servers to authenticate themselves to other computers, including ordinary browsers, using SSL. But every year has its ‘threat nobody saw coming’ and in 2011 it has turned out to be SSL certificates pilfered on an almost industrial scale from companies that claimed to be in the business of issuing them securely.

From March onwards, a growing list of companies have had to admit that they have suffered serious attacks on their certificate infrastructure, leaving big cracks showing in a technology the Internet can’t really function without. In an uneasy and ill-defined way, the multi-billion dollar Secure Sockets Layer industry no longer seems to be the cosy security blanket everyone assumed it was.

The latest company to ratchet uncertainty has been a Dutch company KPN which this week has admitted (unhelpfully in Dutch rather than English) that something appears to have gone awry with a server used for purchasing of SSL certificates.

‘Awry’ in this case means that the server was compromised as long ago as 2007 to host DDoS attack tools, which has nothing directly to do with issuing bogus certificates except that who would trust an SSL security company that lets hackers ‘pwn’ its servers to do anything? With past certificates issued by it now in theoretical doubt at least, the company has suspended issuing any new ones while it investigates what actually happened.

So what is an SSL certificate?

It’s tempting to explain the self-effacing chunks of encrypted data that make up certificates in purely technological terms but first and foremost SSL (or ‘https’ to browser users) is an industry worth tens of billions of dollars to the hundreds of companies around the world that are allowed to generate and sell them to website owners.

The most important part of the digital hierarchy are the large, heavily-audited companies (Verisign, GoDaddy and Comodo for instance) called Certificate Authorities (CAs) that issue root certificates, which are also sold on by a network of reselling intermediaries, including companies such as KPN and Digicert Malaysia, another outfit recently blacklisted by Microsoft and Mozilla.

Someone trying to hack these companies, or their resellers, is really trying to do something fairly simple. If they can get inside the system it might be possible to issue forged certificates for large Internet brands that can be used to undermine the server-to-client security link essential for financial transactions and secure communications such as email.

Normally this system works without computer users being aware it even exists, with root certificate public keys being quietly sifted by browsers against a list of accepted authorities (you can see which in a browser’s security settings tab), with warnings usually issued only when encountering one that is out of date.

With doubts now growing, the key to understanding the significance of a breach incident is working out which bit of the infrastructure has been compromised. A problem at a reseller means that this company probably has no business model; a serious hack at a root certificate authority could end up undermining the whole industry.

There hasn’t yet been a major breach at a root provider but it’s been a close-run thing at times.

Trouble began with a compromise of US company Comodo, a root certificate authority, on 15 March. In an attack later claimed by Iranian hacker protagonist ‘Comodohacker’, a compromised partner account was used to issue bogus certificates for a clutch of big-name domains, including,,,, and Anyone logging into web pages secured using these certificates would have been allowing the attackers to eavesdrop on their traffic at will as long as the DNS resolution system had also been tinkered with.

This sounds bad but it would have been much worse had Comodo itself been hacked without the involvement of an intermediary. The unpleasant atmosphere that has hung around the incident remained the company’s status as a root authority and the fact that the compromise turned out to have been used in documented attacks.

In late summer came the potentially more serious compromise of Dutch Vasco subsidiary DigiNotar, another company with root status, also blamed on the same Iranian ‘Comodohacker’ source, in which hundreds of bogus certificates were put into circulation. The disaster was so great that with its status revoked the company went out of business only weeks later.

Not content with this show of strength, Comodohacker made similar claims about pulling a similar trick at Belgian company GlobalSign, by which time the industry was becoming a bad joke.

Some have rather dismissed the attacks on certificate authorities as the work of a single possibly state-backed attacker with a political motive, but events have clearly shown up serious weaknesses in the SSL certificate system that have, it turns out, been an anxiety in the security industry for years.

The structure of the industry has expanded rapidly in the last decade on the back of easy profits, with trust being passed around from company to company without much care for the risks being created.

Even when it becomes clear that certificates issued by an authority have been compromised, there is no easy way to patch the hole. Browsers can and do revoke certificates from specific companies as long as they are minor players or resellers but doing the same for a root authority such as Comodo would cause chaos if a master key was involved. Tens of thousands of companies will have purchased certificates from that authority legitimately and would find themselves suddenly ‘untrusted’.

Some have proposed salvation in DNSSEC, basically an extra security layer built into the system by which DNS requests are resolved to underlying IP addresses using an authentication mechanism. That would make it difficult for sites using forged SSL certificate to redirect users to wherever they choose. This probably won’t work. If attackers have enough state backing to interfere with the DNS system itself, adding another layer won’t on its own make much difference.

In the absence of a quick fix, and with browser makers getting less and less patient in the face of breaches, vendors will ironically try and push bigger and tougher Extended Validation SSL Certificates. The innovation here is simply that issuing a certificate requires a greater number of checks, including personal validation. The idea of EV SSL has been around for years but has never taken off because of its unpleasant expense.

What will probably happen is that CAs all over the world circle wagons, tighten up their infrastructure and the problem will appear to recede for a while, as security problems have a habit of doing. Alternatively, the next big attack could spell serious trouble. Is there a plan B? The world might have to find out the hard way.

Article source:

View full post on National Cyber Security

Gergory Evans

Page 1 of 212»

My Twitter

  • RT @GregoryDEvans: Tackling School Climate, Student Behavior as a Route to Improvement – Education Week #security #…
    about 2 hours ago
  • RT @NCSbyHTCS: Cyber Security News Today is out! @gregorydevans #hacker
    about 4 hours ago
  • RT @GregoryDEvans: Suspected Russian hackers Fancy Bears targeting Mac OSX with ‘Komplex’ Trojan…
    about 5 hours ago
  • RT @GregoryDEvans: Suspected Russian hackers Fancy Bears targeting Mac OSX with ‘Komplex’ Trojan…
    about 5 hours ago
  • RT @GregoryDEvans: 15 Second Password Hack, Mr. Robot Style – Hak5 2101
    about 6 hours ago By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans