Identity theft continues to keep Metro's Electronic Crimes Unit busy |
- Identity theft continues to keep Metro's Electronic Crimes Unit busy
- Hackers at Pwn2Own to compete for $100K in prizes
- Cyberattack simulation highlights vulnerabilities
- Proposal Would Hold Software Developers Accountable For Security Bugs
- Military To Tighten Vendor Cybersecurity Policies
- Hackers Steal $150,000 from Mich. Insurance Firm
- Cyclist Floyd Landis accused of hacking into doping lab
| Identity theft continues to keep Metro's Electronic Crimes Unit busy Posted: InfoSec News: Identity theft continues to keep Metro's Electronic Crimes Unit busy: http://www.lasvegassun.com/news/2010/feb/15/identify-theft-continues-keep-metros-electronic-cr/ By Abigail Goldman Las Vegas Sun Feb. 15, 2010 The fraud took 48 hours from start to finish - a credit card that was swiped at a high-end fashion retailer in Las Vegas one day was [...] |
| Hackers at Pwn2Own to compete for $100K in prizes Posted: InfoSec News: Hackers at Pwn2Own to compete for $100K in prizes: http://www.computerworld.com/s/article/9157098/Hackers_at_Pwn2Own_to_compete_for_100K_in_prizes?taxonomyId=17 By Gregg Keizer Computerworld February 16, 2010 A hacking contest next month will award cash prizes of $15,000 to anyone who can break into an iPhone, BlackBerry Bold, Droid or Nokia [...] |
| Cyberattack simulation highlights vulnerabilities Posted: InfoSec News: Cyberattack simulation highlights vulnerabilities: http://fcw.com/articles/2010/02/16/web-cybershockwave.aspx By Ben Bain FCW.com Feb 16, 2010 Imagine that a widely downloaded, malicious smart phone application has triggered a national security crisis and brought the country's telecommunications and electronic infrastructure to a standstill. [...] |
| Proposal Would Hold Software Developers Accountable For Security Bugs Posted: InfoSec News: Proposal Would Hold Software Developers Accountable For Security Bugs: http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=222900574 By Kelly Jackson Higgins DarkReading Feb 16, 2010 SANS' newly released Top 25 list of common programming flaws came with a little legal muscle, too, with representatives from SANs, Mitre, the U.S. Department of Homeland Security, the National Security Agency, and other organizations pushing for custom software developers to be held liable for insecure code they write. Experts from more than 30 U.S. and international organizations, including OWASP, Microsoft, Apple, EMC, Oracle, McAfee, and Symantec, contributed to the CWE/SANS Top 25 list, and procurement experts from the organizations are recommending standard contract language for procurements that would ensure buyers aren't held liable for software that contains security flaws. "Wherever a commercial entity or government agency asks someone to write software for them, there is now a way they can begin to make the suppliers of that software accountable for [security] problems," says Alan Paller, director of research for the SANS Institute. Paller says the contract language would be based in part on a draft in the works by the State of New York (PDF) that refers to the SANS Top 25 and would make the state's custom-software vendors contractually bound to provide apps that are free of those bugs. Paller says although there is "no formal agreement on the language" among the group at this point, it's focused on the section of New York's proposed contract language that reads: "the Vendor shall, at a minimum, conduct a threat assessment and analysis of vulnerability information, including the current list of SANS 25 Most Dangerous Programming Errors; provide the Purchaser with a written report as soon as possible after a vulnerability, threat, or risk has been identified." He says some final tweaking of the language would ideally add a warranty for correcting secure-coding errors "at vendor expense." [...] |
| Military To Tighten Vendor Cybersecurity Policies Posted: InfoSec News: Military To Tighten Vendor Cybersecurity Policies: http://www.informationweek.com/news/government/security/showArticle.jhtml?articleID=222900539 By J. Nicholas Hoover InformationWeek February 16, 2010 The Department of Defense has signaled its intention to develop new policies requiring its vendors to meet increased standards for [...] |
| Hackers Steal $150,000 from Mich. Insurance Firm Posted: InfoSec News: Hackers Steal $150,000 from Mich. Insurance Firm: http://www.krebsonsecurity.com/2010/02/hackers-steal-150000-from-mich-insurance-firm/ By Brian Krebs Krebs on Security February 16th, 2010 An insurance firm in Michigan lost nearly $150,000 this month as a result of a single computer virus infection. Port Austin, Mich. [...] |
| Cyclist Floyd Landis accused of hacking into doping lab Posted: InfoSec News: Cyclist Floyd Landis accused of hacking into doping lab: http://www.theregister.co.uk/2010/02/16/landis_anti_doping_hack_charges/ By John Leyden The Register 16th February 2010 French authorities have issued an arrest warrant against US cyclist Floyd Landis over allegations he hacked into an anti-doping lab computer. [...] |
| You are subscribed to email updates from [ISN] InfoSec News Mailing List To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment