3 Tips to Help Manage Privacy on Facebook
|
||||
|
|
||||
|
||||
|
||||
|
||||
|
Los Angeles Gets ‘Cyber Intrusion Command Center’
LOS ANGELES __ Los Angeles Mayor Eric Garcetti, citing warnings by President Barack Obama and National Intelligence Director James Clapper about the threat of attacks on computer networks, on Wednesday announced the creation of the city’s first “Cyber Intrusion Command Center.”
The command center, which will be operated with the assistance of the FBI and Secret Service, will be staffed by cyber-security experts who will scan the city’s computer networks for threats and quickly respond to breaches, according to the mayor’s office.
“I’m creating this Cyber Intrusion Command Center so that we have a single, focused team responsible for implementing enhanced security standards across city departments and serving as a rapid reaction force to cyber-attacks,” Garcetti said in a written statement.
“Cybersecurity means protecting the basic services at the core of city government, and it means protecting our critical infrastructure like our port and airport, which we know are top targets,” he said.
The mayor’s directive also calls on all departments in America’s second-largest city to establish liaisons with the command center and report computer threats and “significant cyber-related events” to its staff.
Protecting the city
In his executive directive ordering creation of the command center, Garcetti pointed to a February order by Obama in which the president called cyber threats one of the most serious economic and national security challenges facing the country.
He also noted that Clapper, in testifying before Congress in March and April, warned of state and non state actors “using cyber techniques and capabilities to achieve strategic objectives by gathering sensitive information from public and private sector entities.”
Clapper, head of the National Security Agency, has been in the spotlight again this week as he defends his beleaguered organization in front of Congress over reports that the NSA collected data on millions of phone calls in Europe.
The hearing took place as Congress considers new legislative proposals that could limit the NSA’s more expansive electronic intelligence collection programs, details of which have been leaked by former contractor Edward Snowden.
But Garcetti press deputy Vicki Curry said the Cyber Intrusion Command Center was geared toward more mundane Internet threats.
“We’re more concerned about city operations. Our traffic systems, our street services,” she said, adding that officials were also worried about identity theft involving city employees or hackers who might compromise systems.
Copyright 2013 Thomson Reuters.
Sucuri Premium WordPress Plugin Gets New Features
New Features. Better WordPress Security!
New features:
- WordPress last login – Get visibility into the last login for each user. Quickly learn where it came from including date, time and IP address. It’s very powerful when you need to audit a site and see how it was compromised.
- Post-hack options – If your site has been hacked, this option allows you to change all users passwords, reset keys, and take the basic steps to prevent more issues.
- More Hardening – We added more hardening options to help secure your site.
- Event Notifications – Email alerts will hit your inbox when something happens like a file change, password reset, or even failed login attempts.
- Auto-updates – You no longer have to update manually with the new build, it’ll auto-update and allow you to update via the dashboard
|
Note: The Sucuri WordPress plugin is currently included in all monitoring and cleanup service accounts, at no additional charge. The plugin will be launched as stand alone paid commercial product in the near future. Sucuri customers actively using the plugin when the change occurs will be grandfathered, and will not be required to pay for the download.
If you’re not a Sucuri customer, you can sign up at http://sucuri.net/signup to get started today. Alternatively you can try our free WordPress plugin in the WordPress Plugin Repository.
Nessus HTML5 UI 2.0 is Now Available
Tenable is pleased to announce the Nessus® HTML5 User Interface (UI) 2.0. The new UI provides policy creation wizards to quickly configure accurate and complete scans, and introduces usability improvements that make scan scheduling, processing, and analysis easy and efficient. The new UI is available when Nessus, Nessus Perimeter Service™, and Nessus Home users log into their scanners.
The Nessus HTML5 UI 2.0 provides the following benefits:
- Policy creation wizards: Eight new policy creation wizards prompt for the information needed to quickly and easily find specific vulnerabilities in select systems and applications. This helps users quickly configure accurate and complete Nessus scans.
- Redesigned UI: The new UI makes it simple to find and filter vulnerability scan results, quickly see the status of running scans, and easily manage large amounts of scan data. In addition, the new UI’s responsive design scales to fit the screen size of any device.
- Folders to store scan results
- Sort hosts by compliance
- One-click metadata access
For more information on the Nessus HTML5 UI 2.0, view the following brief videos or read the blog post. Additional information can be found in the Nessus 5.2 HTML5 User Guide.
- Video: Nessus Policy Creation Wizards
- Video: Nessus Scheduling & Folders
Nessus or Perimeter Service customers who have questions on the Nessus HTML5 UI 2.0 may contact Tenable Support. Nessus Home users may consult the Tenable Discussions Forum.
Jennifer Collis
Product Marketing Manager
Tenable Network Security
No password is safe from new breed of cracking software
Chances are you need to change your password. No matter how long it is.
Over the weekend, the free password cracking and recovery tool oclHashcat-plus released a new version, 0.15, that can handle passwords up to 55 characters. It works by guessing a lot of common letter combinations. A lot. Really really fast.
Other long-string password-crackers exist, such as Hashcat and oclHashcat-lite, though they take a great deal more time to cycle through. This improvement runs at 8 million guesses per second while also allowing users to cut down the number of guesses required by shaping their attacks based on the password-construction protocol followed by a company or group.
A combination of increasing awareness of official scrutiny, such as the NSA leaks, growing instances of hacking of all kinds and leaked password lists, has inspired users to radically lengthen their passwords and use passphrases instead.
As Dan Goodin noted in Ars Technica, “Crackers have responded by expanding the dictionaries they maintain to include phrases and word combinations found in the Bible, common literature, and in online discussions.”
Hackers target President Obama’s social media tools
The political activist hackers of the Syrian Electronic Army are at it again, targeting one of the highest-profile users of social media in the world: President Obama. But SEA’s claims of commandeering his Twitter account aren’t quite accurate.
For a few hours, posts on the President’s Facebook and Twitter accounts directed users to YouTube videos uploaded by SEA, and to the SEA website itself. The hackers also posted an image of a Gmail inbox belonging to an employee of Organizing for Action, an official promotional website for President Obama’s various political initiatives.
On the face of it, this looks like a very serious hack of the President’s accounts — but in fact, neither of those accounts was actually compromised, an OFA official told the Associated Press. Like its other high-profile attacks over the last year (The New York Times, Washington Post, and Guardian, among others), SEA’s technique was deceptively unsophisticated.
Instead of coding a special virus or decrypting critical communications, the SEA in all cases manages to get hold of the username and password of someone related to the website or account in question, and simply logs in with their credentials.
Read the rest here.
