Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters

My piece on what Deep Panda looks like in action: Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters: Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the U.S. government’s Office of Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep […]

Reuters: Beyond the Breach

My piece on disruption in the cybersecurity space. Too many companies and ideas to mention in Reuter-space, but it’s a start.  Thanks to Ian Geohegan, as ever, for his editing touch.   Beyond the breach: cyberattacks force a defense strategy re-think | Reuters (Reuters) – A barrage of damaging cyberattacks is shaking up the security […]

Phishy Facebook Emails

Facebook phishes are getting better. Compare this one: and this: Notice how the key bit, supposedly defining that it’s a legit email, is successfully and convincingly faked: The only difference that stands out is the domain: facebookembody.com. Although Google classified it as spam they didn’t warn that it would go to a website that contains […]

Whaling in Singapore?

Singapore appears to be the source of a virus cleverly designed to hoodwink U.S. executives by appearing to be an emailed subpoena which mentions them by name, as well as their title. The SANS Storm Center said three days ago that We’ve gotten a few reports that some CEOs have received what purports to be […]

Backed Up? Or Cracked Up?

There’s quite a commotion online about a program called g-archiver that promises to back up your Gmail account, but in the process apparently harvests all users’ Gmail usernames and passwords, and mails them to a separate Gmail account. This is indeed scary, although it’s possible that the person behind it wasn’t collecting the passwords for […]

Phishing For a Scapegoat

It’s somewhat scary that more than 10 employees of a laboratory that works on security issues (including phishing) could fall for a phishing attack. The Oak Ridge National Laboratory, or ORNL, managed for the U.S. Department of Energy by UT-Battelle, works on science and technology involved in energy production and national security. In late October […]

Hi, I’m Sheila from Phishers ‘R’ Us

It amuses me that banks talk about security but rarely apply it in a consistent enough way to save people like you and me from getting scammed. Take what just happened to me this morning: My bank rings me up (the number is a private number so doesn’t show up on my screen, but that […]

The Source of the Malware Scourge

Despite appearances, the U.S. is still the most popular place for the bad guys to place their malware code. StopBadware.org has listed those Internet Service Providers that wittingly or unwittingly host “badware” — an umbrella term for any kind of software that insidiously installs itself on your computer. What’s interesting is that while there is […]

Loose Bits, Nov 28 2006

From my PR intray, some surprisingly interesting little odds and ends: LocalCooling is a 100% Free power management tool from Uniblue Labs that allows users to optimize their energy savings in minutes and as a result reduce Greenhouse Gas emissions. The software “automatically optimizes your PC’s power consumption by using a more effective power save […]