Not satisfied with the court's decision that it has to turn over account details of three of its users to the US Department of Justice, three Twitter users have filed a motion to overthrow the decision made by US Magistrate Judge Theresa Carroll Buchanan of the Eastern District of Virginia on March 11.
WikiLeaks founder and director Julian Assange is to extradited to Sweden so that he might be questioned regarding to and possibly charged with sexual assault and rape, decreed today the British judge presiding over the extradition hearing.
A few days ago, the Internet group Anonymous downed security firm HBGary's website and breached its networks, downloading a serious amount of confidential information (e-mails, malware data, financial data, PBX systems) belonging to the enterprise and publishing some of it.
Surges in SEO poisoning will yield record-breaking malware outbreaks for businesses in 2011 according to TriGeo.\r\n\r\n\r\nIn addition to SEO poisoning attacks in 2011, companies should expect to see:\r\n\r\nAttackers increasingly targeting vulnerabilities in mobile devices – specifically the iPhone and the iPad. The consumerization of IT continues to present a significant risk to businesses.\r\n\r\nAs new, popular mobile devices are introduced into the workplace, look for hackers to uncover new mobile device vulnerabilities that lead to increased data breaches.\r\n\r\nData breaches at schools and hospitals yield record-breaking financial losses in 2011. According to the Identity Theft Resource Center, educational and medical institutions accounted for more than a third of all data breaches in 2010, as well as some of the largest breaches of the year, including two at the University of Hawaii (nearly 100,000 records exposed), and AvMed Health Plans (1.2 million records breached).\r\n\r\nAdditionally, the healthcare industry was hit with a Ponemon Institute study concluding that data breaches were costing the field more than $6 billion per year. Look for this trend to continue to escalate in 2011.\r\n\r\nMore gray-hat hacks in 2011. WikiLeaks has evoked mixed responses from supporters and critics. Expect to see more gray-hat hackers using their technical capabilities as a cyber soapbox that exposes potential risks and vulnerabilities.\r\n\r\nMore scrutiny for SaaS security. Software-as-a-Service providers will focus less on improving availability and more on security. SaaS will continue to increase in popularity, and as a result, auditors will need to see a clear audit trail of SaaS application activity from end-users.\r\n\r\nLook for tighter integration between SaaS applications and internal monitoring and security technologies.\r\n\r\n“Results for popular searches on global events in 2010 like the disaster in the Gulf of Mexico, the World Cup and the launch of the new iPhone were flooded with hacker-developed websites infested with malware,” said Michelle Dickman, president and CEO of TriGeo Network Security.\r\n\r\n“Employees are a huge vulnerability to organizations.
Security news during the last months of 2010 have been dominated by WikiLeaks and the politically motivated online attacks carried out by its opponents and supporters.\r\n\r\nMikko Hypponen, Chief Research Officer at F-Secure, says, \"There is nothing new in the type of DDoS attacks that were used to target companies like Mastercard, Visa and Paypal, which had dissociated themselves from WikiLeaks. But today DDoS attacks have become so easy to carry out that almost anyone can participate.\"\r\n\r\n\r\nThe most significant malware development of the year – and perhaps of the whole decade – has been the highly sophisticated Stuxnet worm.\r\n\r\nMikko Hypponen says, \"Stuxnet can attack factory systems and alter automation processes, therefore making cyber sabotage a reality by causing actual real-world damage. And unfortunately it\'s likely that we will see Stuxnet copycats in the future.\"\r\n\r\nBest year for arresting cybercriminals\r\n\r\n2010 has been the best year ever in terms of the number of people arrested and convicted for committing online crimes. For example, the FBI revealed in October that it had arrested more than 90 suspected members of an international cyber crime ring, accused of stealing about $70million from bank accounts in the United States.\r\n\r\nMore arrests were also made in the UK and the Ukraine, from where the operation was directed. The criminals had gained access to people’s online banking details by sending infected spam messages. According to the FBI, the arrests were part of “one of the largest cyber criminal cases we have ever investigated”.\r\n \r\nAn interesting case involving spytools installed on mobile phones was reported by The Register in July, in which Romanian authorities had arrested 50 people accused of using off-the-shelf software to monitor the mobile phone communications of their spouses, competitors and others.\r\n\r\nThe Romanian Directorate for Investigating Organized Crime and Terrorism also arrested Dan Nicolae Oproiu, a 30-year-old IT specialist who allegedly sold the spyware for handsets running the iPhone, Blackberry, Symbian, and Windows Mobile operating systems, according to The Register.\r\n \r\nWindows XP still the major target\r\n\r\nThe Windows 7 operating system has been lauded as a safer operating system than its predecessor Window Vista. Despite overtaking Vista in terms of market share this year, Windows 7 is still far behind Windows XP, which remains by far the most popular operating system and the biggest target for malware writers.\r\n \r\nThe security implications of using outdated operating systems have been demonstrated by reports that the oil spill in the Gulf of Mexico could in part have been caused by the failure of computers that were still using Windows NT 4 from 1996. Mikko Hypponen says, \"It is irresponsible that a billion dollar oil drilling operation did not bother to keep its computers up-to-date and as secure as possible.\"\r\n \r\nMobile security developments\r\n\r\nThe number of mobile malware has not increased dramatically in 2010 but this year saw some developments that may give pointers to future trends. For example, a trojanized version of the Windows Mobile game 3D Anti-terrorist action was uploaded to several Windows Mobile freeware download sites.\r\n\r\nInfected phones made secret calls to expensive premium rate numbers, resulting in big phone bills for the victims.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.