23 Feb 2015

CIA looks to expand its cyber espionage capabilities

“The proposed shift reflects a determination that the CIA’s approach to conventional espionage is increasingly outmoded amid the exploding use of smartphones, social media and other technologies. U.S. officials said Brennan’s plans call for increased use of cyber capabilities in almost every category of operations — whether identifying foreign officials

Read More
23 Feb 2015

Document Reveals Growth of Cyberwarfare Between the U.S. and Iran

“A newly disclosed National Security Agency document illustrates the striking acceleration of the use of cyberweapons by the United States and Iran against each other, both for spying and sabotage, even as Secretary of State John Kerry and his Iranian counterpart met in Geneva to try to break a stalemate

Read More
20 Feb 2015

The IRS Knows What Computer You Are Using

“The Internal Revenue Service is preparing to give taxpayers and tax preparers new identity-theft protections for filing online returns, partly because ID fraud has cost the U.S. Treasury nearly $6 billion. One counter-fraud measure will capture identifying data from the laptop or PC used to file a return, according to

Read More
20 Feb 2015

Three Months Later, State Department Hasn’t Rooted Out Hackers

“Three months after the State Department confirmed hackers breached its unclassified email system, the government still hasn’t been able to evict them from the department’s network, according to three people familiar with the investigation. Government officials, assisted by outside contractors and the National Security Agency, have repeatedly scanned the network

Read More
19 Feb 2015

Every Cyber Attacker is an Insider

I recently witnessed the CIO of a publicly traded company dismissing the results of a successful red team to the Board of Directors by stating that the “the test wasn’t realistic as the red team had insider access.” The “insider” access in this instance was a network connection with no

Read More
19 Feb 2015

JPMorgan Hires Cyberwarriors to Repel Data Thieves, Foreign Powers

“Convinced that it faces threats from governments in China, Iran, and Russia, and that the U.S. government isn’t doing enough to help, JPMorgan has built a vast security operation and staffed it increasingly with ex-military officers. Soon after joining the bank in early 2014, Cummings helped hire Gregory Rattray—like Cummings,

Read More
19 Feb 2015

Lenovo PCs ship with man-in-the-middle adware that breaks HTTPS connections

“Lenovo is selling computers that come preinstalled with adware that hijacks encrypted Web sessions and may make users vulnerable to HTTPS man-in-the-middle attacks that are trivial for attackers to carry out, security researchers said. The critical threat is present on Lenovo PCs that have adware from a company called Superfish

Read More
19 Feb 2015

Lawmakers Debut Bill to Require Search Warrants for Email Snooping

“House and Senate lawmakers are expected to reintroduce bipartisan legislation on Wednesday that would require law enforcement to obtain a search warrant before accessing the content of private emails.” Source: Lawmakers Debut Bill to Require Search Warrants for Email Snooping – Nextgov.com

Read More
19 Feb 2015

Justice, DHS Quarantine Smartphones Returning from Abroad

“Officials at the departments of Justice and Homeland Security typically expect employees’ smartphones will be bugged when they travel overseas. So, they are experimenting with various ways to neutralize foreign spy gear.” Source: Justice, DHS Quarantine Smartphones Returning from Abroad – Nextgov.com

Read More
18 Feb 2015

America Already Has a Manhattan Project for Developing Cyber Attacks

“On Monday, we finally learned the truth of it. America already has a computer security Manhattan Project. We’ve had it since at least 2001. Like the original, it has been highly classified, spawned huge technological advances in secret, and drawn some of the best minds in the country. We didn’t

Read More