Enclave Security "A Leader in Data Protection Services"

• Home
• Auditing
• Services
• Blogs
• Resources
• About Us

Subscribe to This Feed

Recent Posts

• Malware hosted on Google Code project site: Cyber Security Highlights September 3rd
• BadB now charged in RBS WorldPay ATM case: Cyber Security Highlights Sept 2, 2010
• HP holds Navy network Hostage for $3.3 billion: Cyber Security Highlights
• Nuclear plants prepare for cyber attacks: Cyber Security Highlights August 31, 2010
• iPad spam: Cyber Security Highlights August 27th

Categories

• 20 Critical Controls
• 44th Presidency Cybersecurity efforts
• Advanced Persistent Threat
• Assurance
• Audit
• Background Checks
• CISA
• Cyber Warfare
• Cybercrime
• Data Leakage Protection (DLP)
• DHS Infrastructure Reports
• Encryption
• Free Audit Checklists
• Health Information Technology
• Information Security Awareness
• Legal & Privacy
• Malware
• Medical Identity Theft
• Microsoft Windows
• Policy
• Progressive Reforms
• SANS Institute
• Secure Development Lifecycle (SDL)
• Sharpen the Saw
• Social Engineering
• Tools
• Training
• Web 2.0
• Writing Secure Code

Attend an Event

Enclave on Twitter

« IT Security Highlights March 9 2010 | Main | IT Security Highlights March 11 2010 »

IT Security Highlights March 10 2010

By Kelli Tarala | March 10, 2010

Ford Motor rolls out new security features to prevent car-hacking
Ford Motor will debut vehicles with built-in WiFi — along with enhanced security features to prevent data breaches via its new cars. Ford has offered the Sync technology service it co-developed with Microsoft in most of its Ford, Lincoln, and Mercury vehicles since 2008. The WiFi network is set by default to WiFi Protected Access 2 (WPA2) encryption for secured access to the wireless network. It also will provide anti-malware protection for the MyFordTouch system.

Full Story:
http://www.darkreading.com/vulnerability_management/

Thrill Ride- The Cyber ‘wilderness of mirrors’
Within the European Union and NATO, security professionals have been circulating dire warnings to colleagues regarding the growing cyber espionage threat from China. In recent months, the Chinese have appeared to more aggressively target NATO, EU, and US networks in an effort to steal intelligence secrets. With the anonymity and easy access provided by cyberspace, espionage work is increasingly moving towards utilizing the cyber domain to steal secrets. Cyberspace has become the new “wilderness of mirrors.”

Full Story:
http://www.thenewnewinternet.com/2010/03/08/buckle-in-for-the-cyber-hall-of-mirrors/

Interest in primetime TV shows has a favorite lure for cyber criminals
The Academy Awards and the upcoming premieres of new television shows are being targeted in search engine optimization attacks. Security firm Sophos said that malware writers had loaded web pages with keywords relating to the Awards in order to achieve higher placement in search results. Users visiting what they believe to be news sites about the awards are then subjected to an anti-virus scam that attempts to trick them into purchasing fake security software.

Full Story:
http://www.v3.co.uk/v3/news/2259130/web-malware-scams-prime

Vodafone ships Magic Android smartphones with Malware
Vodafone has been blamed for shipping Mariposa botnet malware and other malware on HTC Magic Android smartphones it supplied. Vodafone acknowledged the problem but said that the incident was an isolated and local problem, which came to light because the customer affected works for Spanish anti-virus firm Panda Security. The same mobile phone was also infected by Confiker and a Lineage password-stealing code, according to Panda.

Full Story:
http://www.theregister.co.uk/2010/03/09/vodafone_mariposa/

Intel investigating fake processor shipments
The company is looking into claims that a shipment of 300 fake Core i7-920 processors had been sent to respected parts seller Newegg from a partner. “Newegg is currently conducting a thorough investigation surrounding recent shipments of questionable Intel Core i7-920 CPUs purchased from Newegg.com,” said the company in a statement.

Full Story:
http://www.v3.co.uk/v3/news/2259135/intel-investigating-fake

Serious Apache vulnerability disclosed
A vulnerability in Apache’s HTTP web server that enables the attacker to gain remote access to the server and total control of a database, has been discovered by a researcher and consultant with Sense of Security Labs. The bug is localized in the Apache’s core “mod_isapi” module, and can be exploited to give access and system privileges to the attacker, which means that data can be manipulated, deleted or stolen.

Full Story:
http://www.net-security.org/secworld.php?id=8988

Ubisoft hit by a DDoS attack over the weekend
The fierce attack left some customers unable to play its games for much of March 7th and appears to be a protest at controversial new DRM controls. The introduction of Ubisoft’s Online Services Platform technology last month means it’s impossible to play a game or save progress while playing a game if an internet connection is lost.  This means customers have to be online in order to play its latest PC games such as Assassin’s Creed II and Silent Hunter 5.

Full Story:
http://www.theregister.co.uk/2010/03/08/ubisoft_anti_drm_hack_attack/

Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_031010.pdf

Topics: DHS Infrastructure Reports |

Comments are closed.