ClearSky Cyberdefense Forum

Hackers have posted source code for Symantec’s pcAnywhere software online after an attempt to extort money from the company fell through.

The extortion try is chronicled in a chain of emails that began in January and culminated with a $50,000 offer to hacker YamaTough in exchange for the code. Everything was not as it seemed, however, according to the company: The hacker was actually communicating with law enforcement.
Link to the emails :http://pastebin.com/GJEKf1T9

http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/232600404/hackers-post-symantec-source-code-after-failed-extortion-attempt.html

Terrorists combining a cyber attack with physical violence are the biggest security threat facing the 2012 Olympics, a digital forensics expert told CNBC.

http://www.cnbc.com/id/46278420

SAN FRANCISCO (Reuters) – VeriSign Inc, the company in charge of delivering people safely to more than half the world’s websites, has been hacked repeatedly by outsiders who stole undisclosed information from the leading Internet infrastructure company.

The previously unreported breaches occurred in 2010 at the Reston, Virginia-based company, which is ultimately responsible for the integrity of Web addresses ending in .com, .net and .gov.

http://www.huffingtonpost.com/2012/02/02/verisign-hack_n_1249275.html

Military experts gathered in London this week to discuss the growing threat of cyber-attacks to international security.

The US is aiming to recruit 10,000 “cyberwarriors” to try to combat the problem, which poses risks to everything from power grids and water supplies to businesses and individuals.

http://www.bbc.co.uk/news/technology-16754276

The assumption that the US has the technological know-how to cripple a competing nation has always been just that: as assumption. In a recent sit-down interview, however, a former spy chief confirmed that America has already waged cyber attacks.

http://rt.com/usa/news/us-attacks-cyber-war-615/

Hackers,executed an attack on a Northwest rail company’s computers that disrupted railway signals for two days in December, according to a government memo recapping outreach with the transportation sector during the emergency.

On Dec. 1, train service on the unnamed railroad “was slowed for a short while” and rail schedules were delayed about 15 minutes after the interference, stated a Transportation Security Administration summary of a Dec. 20 meeting about the episode obtained by Nextgov. The following day, shortly before rush hour, a “second event occurred” that did not affect schedules, TSA officials added. The agency is responsible for protecting all U.S. transportation systems, not just airports.

http://www.nextgov.com/nextgov/ng_20120123_3491.php?oref=topstory

The National Security Agency (NSA) has released SE Android, a security-enhanced version of Android, which provides and enforces stricter access-control policies than those found in the popular mobile operating system by default.

SE Android is based on NSA’s previous research into mandatory access controls that gave birth to the Security-Enhanced Linux project back in 2000. SE Linux is a collection of Linux kernel security modules and other tools that provide a flexible mechanism for restricting what resources users or applications can access.

http://www.computerworld.com/s/article/9223487/NSA_releases_security_enhanced_version_of_Android

2012-01-19 (China Military News cited from armytimes.com and by Andrew Tilghman) — A Chinese-based cyber attack is targeting the Defense Department’s Common Access Cards with technology that could steal information from military networks while troops and civilians work at their desks, researchers say.

http://www.china-defense-mashup.com/chinese-cyber-attack-targets-us-dod-common-access-card.html

A new benchmarking study of 19 of the world’s 20 leading economies found that the United Kingdom and the United States lead Group of 20 (G20) countries in their ability to withstand cyber attacks and to deploy the digital infrastructure necessary for a productive and secure economy. The index also found that several major economies—Argentina, Indonesia, Russia and Saudi Arabia—do not have cybersecurity plans and do not appear to be developing them.

The index is at www.cyberhub.com.

The Cyber Power Index, developed by the Economist Intelligence Unit and sponsored by Booz Allen Hamilton, measures both the success of digital adoption and cyber security, and the degree to which the economic and regulatory environment in G20 nations promote national cyber power.

WEF report: Cyber-attack risk to global stability is real

http://www.theregister.co.uk/2012/01/12/world_economic_forum_risks/

The report:

http://www3.weforum.org/docs/WEF_GlobalRisks_Report_2012.pdf