Archive for September, 2014

China clears iPhone 6 for sale only after security tweaks

From: GoodGearGuide

A Chinese regulator has claimed it found security flaws in Apple’s iOS software that could steal user’s data

Michael Kan (IDG News Service)

China has effectively cleared the iPhone 6 for sale in the country, granting the product a license, but not before a government regulator demanded Apple make some security changes in the iOS operating system to fix suspected flaws in the software.

China’s Ministry of Industry and Information Technology (MIIT) recently granted the iPhone 6 a network access license, the government regulator said in an online posting on Tuesday, following weeks of speculation about the delay in the approval.

UK government demands suppliers meet cyber security standards

From: Supply Management

Gurjit Degun

Suppliers bidding for government contracts that require handling sensitive and personal information will need to comply with cyber security controls from 1 October.

The government has developed Cyber Essentials – a set of controls to offer a “sound foundation of basic cyber hygiene measures which can significantly reduce a company’s vulnerability”.

There are two levels of assurance available to satisfy the requirement – Cyber Essentials and Cyber Essentials Plus. Organisations assessed as successful in meeting the scheme’s requirements are awarded a certificate and are able to display the appropriate Cyber Essentials or Cyber Essentials Plus badge on their marketing material.

FDIC’s Gruenberg : Cyber-Threat Defenses Require A ‘Shift In Thinking’

From: PYMNTS.com

New technologies often bring with them new vulnerabilities, and in this period of rapid innovation, banks’ need to manage the associated operational risks is the most urgent, a top U.S. banking official advised this week.

Speaking before the American Banker Regulatory Symposium in Arlington, Va., Martin J. Gruenberg, chairman of the Federal Deposit Insurance Corp. (FDIC), noted in his prepared remarks the growing importance cybersecurity is playing in risk management.

U.S. security contractor ran sports betting site that exposed federal email addresses

From: The Washington Times

By Jim McElhatton

A federal contractor that helps support the government’s sprawling background check operations for years hosted an NCAA tournament wagering website on one of its corporate servers, which has resulted in the public disclosure of hundreds of names and the personal, corporate and government email addresses of participants.

The company, NT Concepts, wouldn’t say whether it intended for the information to be made public after The Washington Times raised questions about why a wagering website was public and hosted under a company domain.

Read Complete Article

The MS-ISAC Story: More Than a Decade of Growing Membership and Influence

From: Government Technology

by

As cyber leaders from across federal, state, local and tribal governments prepare to gather for another annual meeting, the future of government cybersecurity in our local communities now hangs in the balance. The scale of cyberattacks, the cost of data breaches and the significant ramifications to our nation have never been greater. Cyber challenges have almost reached a boiling point. Meanwhile, the Multi-State Information Sharing & Analysis Center (MS-ISAC) has grown in their global capabilities and cyberdefense sophistication. World-class information security coordination is now available. How can your government become more engaged?

V3 Security Summit: Botnet barbarians will breach businesses’ perimeters

From: V3.co.uk

by

For years botnet empires have plagued businesses and governments. As noted by director of cyber security solutions of Palo Alto Networks Alex Raistrick during an interview with V3, this is because botnets have the potential to cause lasting damage to their victims and are being used by criminals in a number of ways.

“As one of the most sophisticated types of modern malware, botnets are an immense cyber security concern to governments, enterprises and individuals. Financial botnets, like the Zeus botnet, have been responsible for attacks involving millions of dollars stolen directly from multiple enterprises over very short periods of time,” he said.

Today’s Security Hacks Are After More Than Bank Info

From: CIO

Customers cringe every time they hear about a bank, retail or healthcare hack that puts personal or financial data at risk. Today’s hackers are after much more that credit card numbers, though — and most firms are powerless to stop them.

By

The beat goes on. In recent weeks, both JP Morgan Chase and Home Depot have been identified as the latest victims of large-scale cyberattacks.

Region to spend $1b on information security this year

From: gulfnews.com

Network security equipment and security services are expected to account for 75 per cent of enterprise spend this year

By Sarah Algethami, Staff Reporter

DUBAI: Spend on information security in the Middle East and North Africa (Mena) is forecast to reach $1 billion this year, up 8 per cent compared to 2013, according to Gartner, an information technology research and advisory firm.

“In terms of overall spending, we’re looking at just under $1.2 billion [Dh4.4 billion] in the next few years,” said Eric Paulak, managing vice-president of infrastructure protection at Gartner, an information technology research and advisory firm. He was speaking at the Gartner Security and Risk Management Summit in Dubai on Monday.

General outlines plans for Army Cyber Command

From: Online Athens

By Wesley Brown Morris News Service

AUGUSTA, Ga. — The commanding general of the Army Cyber Command said this week that his team expects to break ground next year on a defense network at Fort Gordon that will work with private technology firms, and the federal departments of justice and homeland security.

Speaking before a crowd of more than 500 people at TechNet Augusta’s second annual military conference on Tuesday, Lt. Gen. Edward Cardon provided the first public details on how the Army Cyber Command will function at Fort Gordon.

Read Complete Article

Islamic State jihadists planning encryption-protected ‘cyber caliphate’ so they can carry out hacking attacks on West

From: MailOnline (UK)

  • Islamic State boasting of its plans to create a sophisticated cyber army
  • Plans to use ‘cyber caliphate’ to launch attacks on banks and governments
  • British hacker once jailed for cyber attack on PM thought to be involved
  • Comes as President Obama announces air strikes will extend into Syria

By Corey Charlton for MailOnline

Islamic State militants are planning the creation of a ‘cyber caliphate’ protected by their own encryption software – from behind which they will launch massive hacking attacks on the U.S. and the West.