[HITB-Announce] HITB2010 SIGNINT Sessions |
- [HITB-Announce] HITB2010 SIGNINT Sessions
- Pentagon's cybersecurity plans have a Cold War chill
- Researcher Creates Clearinghouse Of 14 Million Hacked Passwords
- Secunia Weekly Summary - Issue: 2010-34
- China policy could force foreign security firms out
- Iranian Government Runs Public Warez Server
| [HITB-Announce] HITB2010 SIGNINT Sessions Posted: InfoSec News: [HITB-Announce] HITB2010 SIGNINT Sessions: Forwarded from: Hafez Kamal <aphesz (at) hackinthebox.org> Hack In The Box is proud to announce, a brand new lightning session called HITB SIGINT (Signal Intelligence/Interrupt)! HITB SIGINT sessions are designed to provide a quick 15 minute overview for material and [...] |
| Pentagon's cybersecurity plans have a Cold War chill Posted: InfoSec News: Pentagon's cybersecurity plans have a Cold War chill: http://www.washingtonpost.com/wp-dyn/content/article/2010/08/25/AR2010082505962.html By David Ignatius The Washington Post August 26, 2010 With little fanfare, the Pentagon is putting the finishing touches on a new strategy that will treat cyberspace as a domain of potential warfare Even though it deals with a distinctly 21st-century problem, the strategy has echoes of the Cold War: America's closest allies would be drawn into an early-warning network of collective cybersecurity; private industry would be mobilized in a kind of civil defense against attackers; and military commanders would be given authority to respond automatically to electronic invaders. In place of "massive retaliation" against attackers whose country of origin may be unclear, the strategy proposes an alternative concept of deterrence based on making America's infrastructure robust and redundant enough to survive any attack. The Department of Homeland Security would oversee this hardening of infrastructure, with help from the National Security Agency. William J. Lynn III, the deputy secretary of defense, explained the new approach, known as "Cyberstrategy 3.0" within the Pentagon, in an interview this week and in an article that appears in the new issue of Foreign Affairs. The formal policy should be completed by December, he said; meanwhile, the Pentagon's new "Cyber Command" will have responsibility for "active defense" starting Oct. 1. [...] |
| Researcher Creates Clearinghouse Of 14 Million Hacked Passwords Posted: InfoSec News: Researcher Creates Clearinghouse Of 14 Million Hacked Passwords: http://blogs.forbes.com/andygreenberg/2010/08/26/researcher-creates-clearinghouse-of-14-million-hacked-passwords/ By Andy Greenberg The Firewall Forbes.com August 26, 2010 The "Wall of Sheep" has become a cherished tradition at the annual Defcon hacker conference in Las Vegas: Anyone foolish enough to use the local wireless network at the hotel will likely have his or her username and password stolen, and later see those vital digital details projected onto a screen for thousands of attendees to see. Now Canadian researcher Ron Bowes has created a sort of Wall of Sheep for the entire Internet. By simply collecting all the publicly-spilled repositories of users' passwords from recent hacking incidents, he's created a clearinghouse for stolen passwords on his Web site - 14,488,929 distinct passwords to be exact, collected from 32,943,045 users. Bowes didn't steal these passwords, and they're not associated with usernames, an extra piece of data that would make listing them far more dangerous. All but 250,000 or so became public after the breach of RockYou.com, a social networking applications site penetrated by cybercriminals using an SQL-injection. Another 180,000 were spilled when the bulletin board software site phpbb was hacked using a vulnerability in one of the site's plugins. 37,000 more were stolen from MySpace using phishing techniques. Bowes, a consultant with Dash9 security and a developer for security scanning tool NMap, says he collected the passwords to help researchers figure out how users choose passwords and make the authentication process more secure. The site he’s assembled is a wiki, so anyone can update it with new breached password lists. "Since I created it, I've had exceptionally good feedback from researchers around the world.," Bowes wrote in his blog. " As far as I know, it’s the best collection of breached passwords anywhere." [...] |
| Secunia Weekly Summary - Issue: 2010-34 Posted: InfoSec News: Secunia Weekly Summary - Issue: 2010-34: ======================================================================== The Secunia Weekly Advisory Summary 2010-08-19 - 2010-08-26 This week: 76 advisories [...] |
| China policy could force foreign security firms out Posted: InfoSec News: China policy could force foreign security firms out: http://www.computerworld.com/s/article/9182218/China_policy_could_force_foreign_security_firms_out By Robert McMillan IDG News Service August 26, 2010 China is stepping up efforts to keep the security systems that protect its critical infrastructure in the hands of local firms, and that could [...] |
| Iranian Government Runs Public Warez Server Posted: InfoSec News: Iranian Government Runs Public Warez Server: http://torrentfreak.com/iranian-government-runs-public-warez-server-100824/ By Ernesto torrentfreak.com August 24, 2010 The Iranian Research Organization for Science and Technology is directly connected to the Iranian Government. Aside from evaluating and advising [...] |
| You are subscribed to email updates from [ISN] InfoSec News Mailing List To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment