Informationweek Influencer
Dave Lewis (@gattaca)
- Twitter Bio:
- security type, #blogger, podcaster, breaker of things, bass player, dad, #infosec #smartgrid, #cloud, defcon goon, creator of (-:|3 emoticon. I love my job.
- Location:
- Canada
- Website:
- http://www.liquidmatrix.org/blog/
Dave Lewis's Selections From the Web
Joseph I. Lieberman, Democrat of Connecticut, is chairman of the Senate Homeland Security and Governmental Affairs Committee. He co-sponsored cybersecurity legislation that was blocked in the Senate this summer.The threat of a cyber attack on our electric grid, water supply system, financial networks, or oil and gas lines is anything but hype. I have been concerned about this threat for years, and the evidence has grown exponentially that sophisticated adversaries could paralyze the nation with targeted cyber attacks on critical networks. Some have even penetrated networks in the oil and natural gas sector. That's only a few keystrokes away
As the overpriced beers flowed and dusk approached in central London pubs surrounding the venue of RSA Europe last week, talk often turned towards the (ISC)2 security certification body.(ISC)2, which administers the widely recognised Certified Information Systems Security Professional (CISSP) qualification, was "a waste of money" and its board of directors "filled with a bunch of out-of-touch boobs" who are unaware of the practical issues in the working life of an infosec professional, we heard.Membership fees for the organisation are $85 a year. But what do the 80,000 (ISC)2 members get in return?A cursory search reveals that the beer-fuelled
A federal judge rejected a Pennsylvania woman's argument that her employer violated a federal anti-hacking statute when it took control of her LinkedIn account after firing her. The court ruled the harms cited by the plaintiff were too speculative to pass muster under the Computer Fraud and Abuse Act (CFAA).Linda Eagle was the head of a company called Edcomm when it was acquired in 2010. But relations soured and Eagle was fired the following year. Eagle had shared her LinkedIn password with another Edcomm employee so that she could help Eagle manage the account. When Eagle was shown the door, her former assistant changed the password on her account,
Newly released malware PlaceRaider sounds like science fiction: It's Android malware designed to build 3-D models of users' apartments for burglars and assassins. But PlaceRaider--developed by a team at Indiana University--is very real. The new malware was built as an academic exercise, and it exposes security flaws that government agencies would love to use. More importantly, it also exposes unintended mobile functionality that large companies like Google could easily monetize.PlaceRaider, which was summarized in a recent arXiv paper, is a piece of “visual malware” which smartphone cameras, accelerometers, and gyroscopes, to reconstruct victims'
FBI agents may not have been the first to rumble the affair between CIA director David Petraeus and his biographer that led to the four-star general's resignation on Friday.Anyone with a copy of the leaked Stratfor databases, a half-decent PC, some political nous and a barrel of luck could have uncovered the fling months ago, it has emerged.Paula Broadwell, the former spy chief's mistress and biographer, was a customer of Stratfor, the private intelligence outfit that was attacked by Anonymous hackers last year. Buried in the megabytes of subsequently leaked information was Broadwell's Yahoo! email address and her hashed Stratfor login password.
In late 2010, Sean Brooks received three e-mails over a span of 30 hours warning that his accounts on LinkedIn, Battle.net, and other popular websites were at risk. He was tempted to dismiss them as hoaxesâuntil he noticed they included specifics that weren't typical of mass-produced phishing scams. The e-mails said that his login credentials for various Gawker websites had been exposed by hackers who rooted the sites' servers, then bragged about it online; if Brooks used the same e-mail and password for other accounts, they would be compromised too.
The warnings Brooks and millions of other people received that December weren't fabrications.
Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free. I currently purchase or influence the purchase of computer security related services and/or applications:*A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured
It appears that we are well on our way to the “Summer of Breach 2012″ as site after site falls and password hashes leak out all over the tubes of the internet.
In a bid to keep track I decided to put up a scorecard of sorts to help keep track. This is the list that I have so far.
Summary: The U.S. Sentencing Commission website has been hacked a second time. A code distributed by Anonymous "Operation Last Resort" turns ussc.gov into a game of Asteroids.The U.S. Sentencing Commission website has been hacked a second time and code distributed by Anonymous "Operation Last Resort" turns ussc.gov into a game of Asteroids. Read more in Anonymous Re-hacks U.S. Sentencing Site. Above is the AntiSec controls for using the keyboard to "fire" at the government webpage.Violet Blue is a Forbes Web Celeb, SF Appeal contributor, a high-profile tech personality and one of Wired's Faces of Innovation.Kick off your day with ZDNet's daily
The mystery malware that recently wreaked havoc on energy sector computers contains an amateur programming error that's not typical of state-sponsored attacks, security researchers said.
The flaw, which was reported in a blog post published on Tuesday by researchers from Russia-based Kaspersky Lab, was found in "Shamoon," a piece of malware that wipes data from infected computers and also prevents them from booting up. It struck computers in at least one organization tied
Upcoming Events
Live Events
- Get practical information on how to develop your organization's mobile commerce application - Mobile Commerce World - Mobile Commerce World
- Learn how to enage customers through mobility - Mobile Commerce World - Mobile Commerce World
- Learn how to best integrate mobile commerce with your current systems -- Mobile Commerce World - Mobile Commerce World
- The E2 Social Business Leaders - E2 Conference Boston - E2 Conference Boston
- Evaluating Emerging Technologies for the Enterprise - E2 Conference Boston
This Week's Issue
Free Print Subscription
SubscribeSpecial Issue
Current Government Issue
- The Government CIO 25: These influential and accomplished government IT leaders are finding ways to be cost efficient and still innovate.
- Rethink Video Surveillance: It's not just about networked cameras anymore. New technology provides analytics, automation, facial recognition, real-time alerts and situational-awareness capabilities.
- Read the Current Issue
Related Whitepapers
Related Reports
