Hackers attacked Computers with the help of Google researcher’s report
An article from HackersNewsBullentin.com:
Two Months ago, a bug in windows disclosed by a Google Researcher Tavis Ormandy, who came under fire at the time for publicizing the flaw without going to the software company first.
Now Microsoft said the hackers have attacked some of the computers by that bug which was disclosed by that Google Researcher two months ago.
Microsoft released an advisory on Tuesday, they said:
Hackers had launched “targeted attacks,” a term generally used by security experts to refer to cyberattacks on corporate or government targets, with espionage and sabotage as the motive.
Google security engineer Tavis Ormandy’s disclosure in May was controversial because he posted technical information on the web that described the bug in the Windows operating system, which some experts said could help malicious hackers launch attacks, before Microsoft had released software to fix it.
Read more on their site here.
Don’t get hacked on vacation
Most of us want to stay connected on vacation. That can make travelers an easy target for hackers, says Karin Caifa.
The 22nd USENIX Security Symposium in Washington, D.C. on August 14 thru 16
The 22nd USENIX Security Symposium will be held in Washington, D.C. on August 14–16, 2013. Speaking will be White House Sr. Director for Cybersecurity, the former Chief Technologist at U.S. Federal Trade Commission and the Google Chrome Security Team.
The Symposium will span three days, with a technical program including:
• Wednesday Keynote Address by Edward W. Felten, Director, Center for Information Technology Policy, and Professor of Computer Science and Public Affairs, Princeton University; former Chief Technologist, U.S. Federal Trade Commission: “Dr. Felten Goes To Washington: Lessons from 18 Months in Government”
• Thursday Keynote Address by Andy Ozment, Senior Director for Cybersecurity, White House: “The White House’s Priorities for Cybersecurity”
• Thursday Invited Talk by Jim Adler, former VP Data Systems & Chief Privacy Officer, Intelius; currently VP Products at big data (stealth) startup: “Confessions of a “recovering” Data Broker: Responsible Innovation in the Age of Big Data, Big Brother, and the Coming Skynet Terminators.
• Friday Invited Talk by Chris Evans, Google Chrome Security Team: Learn about their different approach and structure to traditional security teams. They will freely share details in the hope that progressive organizations will be interested in adopting some of the same tactics.
Read more on Examiner.com’s website here.
Doing More Than Paying Risk Management Lip Service
A posting from Dark Reading in there risk management section: While the majority of CISOs may profess a commitment to managing security based on risk management principles, the truth about how they execute on those principles may be a lot more imperfect. The unfortunate reality, say experts, is that many organizations simply pay risk management lip service, but aren’t really making security decisions based on risk management metrics.
“It’s easy to commit to concepts, but execution depends on something more concrete,” says Tim Erlin, director of IT risk and security strategy for Tripwire. “While the idea of managing information security in alignment with business risks is attractive, there’s not a lot of guidance or best practice information to inform execution.”
Android Phone Numbers Leaked By Facebook App
An interesting article from information week: Facebook has fixed a bug in its Android app, following reports that the app was inadvertently leaking users’ phone numbers to the social network.
The “privacy leak” was spotted by Symantec, which said that the latest version of Norton Mobile Security, which includes a new Mobile Insight tool that dynamically assesses Android apps for potential security or privacy violations, had flagged Facebook’s Android app.
“The first time you launch the Facebook application, even before logging in, your phone number will be sent over the Internet to Facebook servers,” according to a Symantec blog post. “You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen.
Snowden is now considered liable for the Biggest Leak in US
An interesting article about Snowden by HackersNewsBulletin.com:
Edward Snowden, former CIA employee and System Administrator at ‘Booz Allen Hamilton’ is now considered liable for the biggest leak in the US history; Snowden is staying the Moscow Airport since the US government revoked his passport.
Snowden has already requested asylum for 21 countries, where most were influenced by the US government to refuse his request.
Ecuador embassy in UK, where the WikiLeaks founder Julian Assange is staying and helping Snowden to escape the US government hunt, found a Microphone spying on employees. Though pictures of the microphone indicate it’s not high-tech as ones used by the secret services nor satellite based to perform long range transmissions.
Snowden has requested asylum to 6 new countries, but the difference this time is that the names of these countries were not revealed. Venezuela’s president Maduro said today during independence ceremony yesterday “I have decided to offer humanitarian asylum to the young American, Edward Snowden, so that in the fatherland of (Simon) Bolivar and (Hugo) Chavez, he can come and live away from the imperial North American persecution”
