Think Information. Think Security.
 
Picture
The Philippines Goverment has become the latest target in the #antisec operation with a hacker crew known by BashCrew, Congress.gov.ph being hacked and having some data leaked.

Several hacker groups have mounted a fresh batch of cyber attacks against the Philippines, Peruvian, and Colombian governments, all in the name of Anonymous’ ongoing AntiSec campaign.

The attacks were all first revealed on The Hacker News website before subsequently being publicised by Anonymous via one of its Twitter accounts


 
Picture
The magic of the digital medium is rendering us more powerful, but also more dependent on a secure and stable cyberspace.

Human beings have fought over land for millennia, beginning with the first agrarian communities. More recently, in the era of mass conscription and rapid industrialization, nation-states also have fought for people's collective thinking or for access to oil. In the 21st century, groups and institutions will increasingly struggle for control of cyberspace, the digital domain where most human activity is already managed - from music distribution to industrial manufacturing, the electricity grid and individual banking accounts. All this is at risk today.


 
Picture
Just over three years ago, Russia fired the first shot in its war upon Georgia, the first ever combined kinetic and cyber war.  The shot was not fired from the 125 millimeter gun of a T-72 tank, but from the keyboard of a computer.  The impact was a lurid defacement of www.president.gov.ge, Georgian President Mikheil Saakashvili’s website.  Various kinds of cyber attacks continued throughout and beyond the kinetic assault.  Careful analysis by several independent experts revealed the key role played by Russian organized crime—the Kremlin’s cyber war reserve force. These cyber thugs are formidable opponents, but they can be taken down.


 
Picture
Watch out if you get email messages with attachments named like “Financial_Statement.exe” or “Postal_document.exe” – they mean trouble.

During these past few days we’ve seen here at BitDefender millions of spam messages either bundled with malware or containing a dangerous link. In this particular case I chose to present here, cyber-crooks tried to con the users by exploiting the natural and justified concern for their financial situation, serving them unsafe though extremely appealing attachments.

So, all in the name of money deposited in bank accounts and goods delivered via the postal service, there have been circulating e-mails with attached financial statements or postal documents. These are basically two facets of the same piece of malware – a downloader (identified by BitDefender asTrojan.Generic.KDV.280912) masquerading a Microsoft Word icon but bearing an .exe extension.


 
Picture
Eminem fans, be aware this scam and phishing attack.

Earlier today, BitDefender has detected a new spam wave claiming to originate from one of the most visited portals in the country and informing the recipient about rap star Eminem being shot dead in Detroit.

The unsolicited message also contains a link to an alleged “Full story”, but instead, when clicked, takes the user to a malicious file. In order to trick the user into running it, the downloaded file bears a double extension (jpg.exe) and an icon that resembles a thumbnail of Eminem’s picture. If clicked, the executable file installs a backdoor (identified by BitDefender as Trojan.Zapchast.NBF).


 
Picture
Microsoft Windows and Microsoft Office users must take note of these updates. The latest patch will prevent attackers from remotely executing arbitrary codes in your system.

Microsoft fixed 22 bugs with July’s Patch Tuesday update release, which closed security holes in Windows, including a critical flaw in the Bluetooth stack.

Microsoft addressed 22 security vulnerabilities across four security bulletins in July’s Patch Tuesday update. Three of the patches fix issues in the Windows operating system.

The four bulletins patched issues in all versions of the Windows operating system and in Microsoft Visio 2003 Service Pack 3, Microsoft said in its Patch Tuesday advisory, released July 12. Of the patches, only one has been rated “critical.” The remaining three are rated "important," according to Microsoft.


 
Picture
UK counter terrorism forces are gearing up for an expected increase in Al Qaeda-led ‘cyber jihad' and lone terrorist attacks in the future, as the tools and information needed to carry out such attacks become increasingly widespread online, according to a new report.

The Home Office Counter Terrorism Strategy said that, although there has been "no evidence of systematic cyber terrorism" as yet, there has been related terrorist activity since the first recorded incident in 2010.


 
Picture
The PDF vulnerability apparently still lingers in iOS.

Last week Germany's Federal Office for Information Security issued a warning claiming that a security hole in several versions of iOS leaves users vulnerable to malicious code contained in infected PDF files.

The exploit, originally uncovered by a team of hackers at JailbreakMe.com, grants the hacker administration privileges over Apple's devices, giving access to passwords, banking information, email, contact information and even allows for telephone conversation interception... all of which is undetected by the user. So far, the only available patch released to resolve the issue is for jailbroken Apple devices. And so far, there have been no reports of hackers actually taking advantage of this newly-discovered exploit.


 
Picture
Computers components and other electronics imports may increasingly contain malicious software, according to a Congressional cyber-security expert, adding to the growing list of cyber-security threats affecting the U.S. government.

Hackers may be able to inject bad code into components imported from overseas plants, planting tools to help them launch cyber attacks on the U.S., according to Representative Jim Langevin (D., R.I.).

"Corrupting hardware and software is embedded in the supply chain," Langevin said. "We have a real challenge on our hands to better secure the supply chain."


 
Picture
This one is funny or for some, insulting.

AntiSec, a "hacktivism" partnership between Anonymous and former LulzSec members, released over 90,000 emails lifted from Booz Allen Hamilton's servers on Monday. The military contractor stayed quiet for most of the day, only to tweet vaguely in the late afternoon, "As part of @BoozAllen security policy, we generally do not comment on specific threats or actions taken against our systems."

They did not include word on whether they would be offering further response to one of the kind of novel part of the attack: Anonymous included an invoice for hacking the consulting firm: