Citadel Information Group

  • Home
  • About Us
    • About Citadel
    • Who We Are
    • When To Call Citadel
  • Services
    • Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community
    • Citadel’s Information Peace of Mind ® Program
    • Assessments and Reviews
    • Information Security Policies and Standards
    • Secure The Human
    • Phishing Defense Training
    • CCPA and Defendable Security Procedures and Practices
    • Privacy: Information Inventory / Data Mapping
    • Security Management of the IT Network / Infrastructure
    • Incident Response / Business Continuity
    • Secure Application Development — Learn By Doing
    • Litigation Support
    • Keynotes
    • Client Success Stories
  • Blog
  • Resources
    • Information Security Library
      • Citadel Guides
      • Awareness Posters
      • For Boards and the C Suite
      • Cybersecurity Law
      • Cybersecurity Surveys
      • HIPAA HITECH
      • Insurance and Risk Management
      • National Cybersecurity
      • Online Bank Security
      • Payment Card Industry Data Security Standard
      • Personal Cybersecurity
      • Securing the IT Network
      • Helpful Links
    • Blogs
      • Cybersecurity Blogs
      • Leadership and Culture Change Blogs
  • Contact
You are here: Home / Cybersecurity News of the Week / Cyber Security News of the Week, April 5, 2015

April 5, 2015 by Stan Stahl Ph.D.

Cyber Security News of the Week, April 5, 2015

Securing the Village

ISSA-LA Seventh Annual Information Security Summit at the Los Angeles Convention Center.

The Summit on June 4, 2015.

  • Keynotes from Bruce Schneier and Dave Kennedy
  • Summit Tracks include Security Management. AppSec. Digital Forensics. Emerging Issues and Technology.
  • Special Forums: The Executive Forum for Board, C-Suite and Trusted Advisors. Healthcare Privacy and Security Forum. CISO Executive Forum.

Summit Training on June 5, 2015.

  • IT Security Management Bootcamp for IT Professionals with Ed Pagett and Mikhael Felker
  • Secure Coding Boot Camp with Jim Manico
  • Build Your Own Cyber Range with Kevin Cardwell

Special Vendor Sponsorship Opportunities.

Register now to take advantage of special Summit pricing.

Cyber Attack

GitHub may have been targeted by Chinese hackers in DDoS attack: Code management platform GitHub has been fending off a distributed denial of service (DDoS) attack since last Thursday. Security experts say the attack may have originated in China, reports The Wall Street Journal. TheNextWeb, March 30, 2015

Financial Cyber Security

‘Revolution’ Crimeware & EMV Replay Attacks: In October 2014, KrebsOnSecurity examined a novel “replay” attack that sought to exploit implementation weaknesses at U.S. financial institutions that were in the process of transitioning to more secure chip-based credit and debit cards. Today’s post looks at one service offered in the cybercrime underground to help thieves perpetrate this type of fraud. KrebsOnSecurity, April 1, 2015

2014 UK ONLINE BANKING FRAUD HIT $89M: Online banking fraud in the U.K. continues to be on the rise, and at a sharp rate, according to a new report from the Financial Fraud Action UK (FFA). PYMNTS.com, March 30, 2015

Identity Theft

Sign Up at irs.gov Before Crooks Do It For You: If you’re an American and haven’t yet created an account at irs.gov, you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process. KrebsOnSecurity, March 30, 2015

Cyber Warning

​Puush calls for password change after malware hit: Users of the Puush screenshot-sharing platform are being told to change any passwords stored on their PCs or browsers after the service was hit by malware. ZDNet, March 30, 2015

Cyber Security Management

Sustainable Cybersecurity: The environmental situation facing many nations in the mid-to-late 20th century was bleak. Industrial waste caused the Cuyahoga River in Cleveland to catch fire in 1969. The Rhine River was long one of the most polluted waterways in Europe, similarly catching fire in 1986. School children in Japan were dying from Mercury poisoning. Problems associated with drought and desertification were already underway in China; a process that has only quickened in the early 21st century. Into this world stepped seminal figures including the marine biologist Rachel Carson whose 1962 book, Silent Spring, documented the effects of widespread pesticide use in the United States and is credited with jumpstarting the modern environmental movement. Much like that time, the 21st century cybersecurity landscape is littered with failed attempts to manage the various facets of cyber attacks, from cybercrime and espionage, to nascent threats introduced below including cyber war and terrorism. But we are still waiting for our cyber Silent Spring. HuffingtonPost, April 2, 2015

Security crashes the boardroom party: Given the recent spate of headline-grabbing data breaches, CIOs need to be prepared to answer a lot of board questions about risk. CIO, March 30, 2015

Citigroup Report Chides Law Firms for Silence on Hackings: Every month it seems another American company reports being a victim of a hacking that results in the theft of internal or customer information. But the legal profession almost never publicly discloses a breach. The New York Times, March 26, 2015

Security Rises to a CEO-Level Priority: The State of the CIO research shows that cybersecurity and enterprise risk are zooming up the charts as high-profile topics on the CIO and CEO agendas, says CIO Publisher Adam Dennison. CIO, February 19, 2015

Cyber Security Management – Cyber Defense

Firefox 37 supports easier encryption option than HTTPS: The latest version of Firefox has a new security feature that aims to put a band-aid over unencrypted website connections. Firefox 37 rolled out earlier this week with support for opportunistic encryption, or OE. You can consider OE sort of halfway point between no encryption (known as clear text) and full HTTPS encryption that’s simpler to implement. PCWorld, April 2, 2015

Google says it cut Android malware in half in 2014: Google has been cracking down on Android malware, and according to a new Android State of the Union report, it’s starting to see real progress in the fight against harmful software. The new report says that the global rate of harmful software installs fell by 50 percent over the course of 2014. By Google’s accounting, only 1 percent of Android devices had a harmful application installed in 2014, and for when devices only installed applications from the Google Play store, that number fell to .15 percent. TheVerge, April 2, 2015

National Cyber Security

New Obama Order Allows Sanctions Against Foreign Hackers: IN AN EFFORT to deter and punish hackers and cyberspies who have until now been outside the reach of U.S. law enforcement, President Barack Obama signed an executive order today allowing the government to levy economic sanctions against individuals overseas who engage in destructive cyberattacks or commercial espionage. Wired, March 30, 2015

Critical Infrastructure

Hackers attack the energy industry with malware designed for snooping: A malware attack against oil and gas companies aims to get sensitive corporate information, according to software security firm Symantec. Fortune, March 31, 2015

Cyber Misc

Smart home hacking is easier than you think: Scary stories of hacking Internet of Things devices are emerging, but how realistic is the threat? NetworkWorld, April 2, 2015

Like Google, Mozilla set to punish Chinese agency for certificate debacle: The Mozilla Foundation plans to reject new digital certificates issued by the China Internet Network Information Center (CNNIC) in its products, but will continue to trust certificates that already exist. PCWorld, April 2, 2015

Google fixed a vulnerability that allowed any YouTube user to delete any video: Everybody makes mistakes. Google caught a big one before it was too late. The tech giant fixed a giant vulnerability in YouTube that allowed any user to delete any video from the site by making the right request to the right URL. And yes, that really means any clip on YouTube—from viral-pop music videos to internet legends like “Charlie bit my finger.” Quartz, April 2, 2015

Secrecy on the Set: Hollywood Embraces Digital Security: SAN FRANCISCO — For years, Lulu Zezza has played one of the toughest roles in Hollywood. Ms. Zezza, who has managed physical production on movies like “The Reader” and “Nine,” also oversees the digital security of everything that goes into the making of a film on set, including budgets, casting, shooting schedules and scripts. The New York Times, March 30, 2015

Inquiry of Silk Road Website Spurred Agents’ Own Illegal Acts, Officials Say: On the so-called dark web, drug dealing and other illicit sales have thrived in recent years, the authorities have said, through hidden websites like Silk Road and hard-to-trace digital currencies like Bitcoins. The New York Times, March 30, 2015

Filed Under: Cybersecurity News of the Week

Call us for a free confidential consultation:
323-428-0441

Get our newsletter

A weekly report of critical security updates and the latest cybersecurity news delivered to your inbox from Secure The Village.

Sign Up

Categories

Get in touch

323 428 0441
info@citadel-information.com

Citadel Information Group
Citadel on Linkedin
SecureTheVillage on Linkedin

About Us

Citadel Information Group is a full service integrated information security management / governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information. Learn more.

Key Resources

  • The Citadel Way to Information Security Management
  • Creating a Cybersecurity Aware Culture
  • Secure Application Development: The CISO’s Role – a webinar with WhiteHat Security
  • Information Security Library

Copyright © 2018 by Citadel Information Group  All Rights Reserved | Privacy Policy