Legal & Security

14 April 2014

US government warns of Heartbleed bug danger BBC News

The US government has warned that it believes hackers are trying to make use of the Heartbleed bug.

Read full article

Online business and security: A flaw in popular internet-security software could have serious consequences for all sorts of business The Economist

The Heartbleed bug sounds like a nasty coronary condition. But it is in fact a software flaw that has left up to two-thirds of the world's websites vulnerable to attack by hackers. "This is potentially the most dangerous bug that we have seen for a long, long time," says James Beeson, the chief information security officer of GE Capital Americas, an arm of GE. Since its existence was revealed on April 7th by researchers at Codenomicon, a security outfit, and Google, countless companies around the world that rely on the internet for part or all of their business have been scrambling to fix the flaw.

Read full article

13 April 2014

Half a million widely trusted websites vulnerable to Heartbleed bug Netcraft

A serious overrun vulnerability in the OpenSSL cryptographic library affects around 17% of SSL web servers which use certificates issued by trusted certificate authorities. Already commonly known as the Heartbleed bug, a missing bounds check in the handling of the TLS heartbeat extension can allow remote attackers to view up to 64 kilobytes of memory on an affected server. This could allow attackers to retrieve private keys and ultimately decrypt the server's encrypted traffic or even impersonate the server.

Read full article

Heartbleed Bug: What Can You Do? Krebs On Security

In the wake of widespread media coverage of the Internet security debacle known as the Heartbleed bug, many readers are understandably anxious to know what they can do to protect themselves. Here's a short primer.

Read full article

11 April 2014

Security Flaw Could Reach Beyond Websites to Digital Devices, Experts Say New York Times

When the Heartbleed bug was disclosed on Monday, the attention focused on the fallout for major Internet companies like Yahoo and Amazon. But security experts said the potential for harm could extend much further, to the guts of the Internet and the many devices that connect to it.

Read full article

'Heartbleed' computer bug threat spreads to firewalls and beyond Reuters

Hackers could crack email systems, security firewalls and possibly mobile phones through the "Heartbleed" computer bug, according to security experts who warned on Thursday that the risks extended beyond just Internet Web servers.

Read full article

Heartbleed bug creates confusion on internet BBC News

Computers vulnerable to the Heartbleed bug are actively being targeted online, say security experts.

Read full article

10 April 2014

Which sites have patched the Heartbleed bug CNET

The Heartbleed bug is serious. Disclosed less than two days ago, the Heartbleed bug has sent sites and services across the Internet into patch mode.

Read full article

More Than A Half-Million Servers Exposed To Heartbleed Flaw Dark Reading

The newly exposed Heartbleed bug plaguing some 17 percent of SSL-secured websites as well as various VPN products has caused a massive case of Internet heartburn over the past 48 hours as companies rushed to confirm their exposure and lock down their SSL/TLS software. But just how bad is it?

Read full article

Q. and A. on Heartbleed: A Flaw Missed by the Masses New York Times

This week, security researchers publicized a significant security flaw, named Heartbleed, which could expose the personal information that people plug into websites, like passwords and credit card numbers.

Read full article

09 April 2014

'Heartbleed' bug puts encryption at risk for hundreds of thousands of servers The Guardian

Hundreds of thousands of web and email servers worldwide have a software flaw that lets attackers steal the cryptographic keys used to secure online commerce and web connections, experts say.

Read full article

New Era of 'Mega Breaches' Signals Bigger Payouts and Shifting Behavior for Cybercriminals Symantec

After lurking in the shadows for the first ten months of 2013, cybercriminals unleashed the most damaging series of cyberattacks in history. Symantec's Internet Security Threat Report (ISTR), Volume 19, shows a significant shift in cybercriminal behavior, revealing the bad guys are plotting for months before pulling off huge heists - instead of executing quick hits with smaller rewards.

Read full article

08 April 2014

Hackers Lurking in Vents and Soda Machines New York Times

They came in through the Chinese takeout menu. Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in the business's vast computer network.

Read full article

07 April 2014

U.S. Tries Candor to Assure China on Cyberattacks New York Times

In the months before Defense Secretary Chuck Hagel's arrival in Beijing on Monday, the Obama administration quietly held an extraordinary briefing for the Chinese military leadership on a subject officials have rarely discussed in public: the Pentagon's emerging doctrine for defending against cyberattacks against the United States -- and for using its cybertechnology against adversaries, including the Chinese.

Read full article

06 April 2014

Tech Start-Ups Are Targets of Ransom Cyberattacks New York Times

Scott Heiferman and Gary Burns had less than four minutes to decide whether to pay up or go down.

Read full article

04 April 2014

Cyberespionage, Not Cyber Terror, is the Major Threat, Former NSA Director Says Threat Post

The list of threats on the Internet is long and getting longer each day. Cybercrime, nation-state attackers, cyber espionage and hacktivists all threaten the security and stability of the network and its users in one way or another. But the one threat that some experts have warned about for years and has never emerged is cyber terrorism, a former top U.S. intelligence official said.

Read full article

02 April 2014

WiFi routers could be exploited for huge internet attacks in UK – study The Guardian

As many as 24m routers across the world can be used by cybercriminals to launch massive attacks on internet infrastructure, while simultaneously disrupting home connections and costing communications companies dearly.

Read full article

30 March 2014

Google: 80% of news organisations are targeted by state hackers The Guardian

More than four-fifths of the world's top media organisations, including the Guardian, have been the target of likely state sponsored hacking attacks, according to research from two Google security engineers.

Read full article

Google says government requests 'up 120%' in four years BBC News

Google has said the number of requests it has had from governments to share information about its users has gone up by 120% in the past four years.

Read full article

25 March 2014

Cybercrime could be 'next black swan event': Australian regulator Computerworld

Australian Securities and Investment Commission chairperson Greg Medcraft has used the ASIC Annual Forum to issue a warning about the potential for poor information security to destabilise financial markets.

Read full article

21 March 2014

NZ Supreme Court Denies Kim Dotcom Access to U.S. Evidence TorrentFreak

Kim Dotcom and his alleged Megaupload co-conspirators have been denied access to the evidence gathered by U.S. authorities against them. Megaupload's legal team argued that this information is essential to mount a solid defense, but the Supreme Court ruled that full disclosure is not required under New Zealand law.

Read full article

19 March 2014

Revealed: the UK MoD's secret cyberwarfare programme The Guardian

The Ministry of Defence is developing a secret, multimillion-pound research programme into the future of cyberwarfare, including how emerging technologies such as social media and psychological techniques can be harnessed by the military to influence people's beliefs.

Read full article

18 March 2014

Banks to be hit with Microsoft costs for running outdated ATMs Reuters

Banks around the world, consumed with meeting more stringent capital regulations, will miss a deadline to upgrade outdated software for ATMs and face additional costs to Microsoft to keep them secure.

Read full article

14 March 2014

Are Russia and Ukraine on the Verge of an All-Out Cyberwar? Mother Jones

For the past week, reports of physical violence have been rolling out of Ukraine: Russian troops storming a base in Crimea, officers beating journalists, and violent brawls at rallies. But as tensions escalate, another part of the conflict appears to be playing out in a cloudier realm: cyberspace.

Read full article

12 March 2014

Italian police investigate Skype use for 'porno blackmail' PC World

Italian police in Genoa have opened an investigation into the use of Skype to trap victims into online sexual indiscretions, which are recorded and used as a pretext for extortion.

Read full article

Registrar Solutions