IT Security


DNSChanger servers shut down, Internet survives

Federal agencies were mostly cleared of the malware but for others who lost Internet access, some ISPs softened the blow by redirecting their DNS queries to internal help pages.

Patch Tuesday could address XML zero-day flaw

Microsoft will issue nine bulletins in its July 10 security patch release, three of them rated critical. One could be for a vulnerability in XML Core Services that is being actively exploited.

BYOD security: Are agencies doomed to a permanent game of catch-up?

Cybersecurity pros are running to keep up with emerging threats to mobile devices, yet most observers fear government and industry will always lag behind.

Where’s my Internet? ISPs ready for DNSChanger calls.

Despite months of warnings and offers of help, hundreds of thousands of people still have not cleaned up DNSChanger infections and stand to lose Internet access July 9.

Sykipot variant, exploiting Microsoft vulnerability, targets aerospace industry

The information-stealing Trojan attacks the recently discovered flaw in XML Core Services, as well as Flash Player, and might be coming from China.

Android's rite of passage: Now it has a botnet

A spam-sending botnet that operates on Android devices could be the first of its kind, says a Microsoft researcher who discovered it

Twitter OKs most government requests for user account info

Twitter's transparency report shows it complies with most government requests for user account information, but sometimes the government has to use some legal muscle.

Don’t get raided by a SWAT team; secure your wireless hub

There are risks to setting up an unsecured wireless hub, apparently including police attacking your home.

Microsoft names 2 alleged leaders of Zeus botnet rings

The company's Digital Crimes Unit, which disabled the botnets after raids in March, will turn over its case to the FBI.

McCain’s retooled Secure IT act still a privacy threat, critics say

The controversial bill has been amended to protect civil liberties, but fails to win over critics who see it as an expansion of military authority and a threat to personal privacy.

Hundreds of thousands at risk as DNSChanger deadline looms

More than 300,000 IP addresses, nearly 70,000 of them in the U.S., are being directed to servers that will go offline July 9. Computers at two federal agencies are still infected.

New twist on Zeus/SpyEye used in massive global fraud scheme

A phishing-spread campaign targets banks and the wealthy, and has attempted to steal anywhere from $78 million to $2 billion this year, security researchers say.

Following the 'kill chain' to fend off cyberattacks

Lockheed Martin's approach is to identify the steps a hacker would need to take to gain access and then prepare for each of them.

Stuxnet shut down by its own kill switch

Code inside the cyber weapon turned off its replication routines June 24, apparently as its creators intended.

Sandia's cyber 'coffee shop' promotes security collaboration

The Cybersecurity Technologies Research Laboratory provide a more open but still secure environment for sharing ideas among government, industry and academia.