| 
"Data Breaches Up Almost 50 Percent, Affecting Records of 35.7 Million People"
Washington Post (01/06/09) P. D2 ; Krebs, Brian The number of data breaches rose almost 50 percent in 2008 compared to the year before, compromising the personal records of at least 35.7 million Americans, says the Identity Theft Resource Center (ITRC). ITRC says that 656 breaches were reported last year, versus 446 in 2007. Approximately 37 percent of the breaches targeted businesses, while the segment of breaches attributed to data theft from current and former employees rose from 7 percent in 2007 to close to 16 percent in 2008. "This may be reflective of the economy, or the fact that there are more organized crime rings going after company information using insiders," says ITRC's Linda Foley. She says that many businesses fail to disclose data breaches even though 45 states have rules that consumers must be alerted of any loss or theft of private records. Nearly 42 percent of organizations that reported a data breach or loss last year did not reveal the number of consumer records that might have been compromised. About 14 percent of the data breaches were blamed on computer hacking and data-stealing software. Human error caused the most data breaches, ITRC says, such as lost or stolen computers and removable electronic devices or the accidental exposure of consumer data.
(go to web site) "Gunmen Attack TV Offices in Mexico"
Washington Post (01/08/09) P. A9 ; Booth, William The Televisa network news offices in Monterrey, Mexico, were attacked on Jan. 6 in a commando-type assault by gunmen who fired on the building's front doors and threw a hand grenade into the parking lot close to a reporter and her cameraman. Nobody was injured during the attack, which took place at 8:40 p.m. in the profitable manufacturing city, which numerous executives regard as one of the safer Mexican cities. The attackers drove a red Pontiac with Texas license plates. They left a message often utilized by legal enforcers for drug-trafficking cartels and organized crime that stated: "Stop reporting only about us, also report about the narco-officials. This is a warning." The vehicle, believed to be stolen, was later discovered abandoned with a .40-caliber handgun and a ski mask in it. The incident was the latest in a string of attacks on journalists in Mexico, where drug cartels have been fighting one another and law enforcement in a bloody campaign for control of billion-dollar smuggling routes to the American drug market. University of Texas at El Paso professor Howard Campbell, a drug-trafficking expert, said he believes that the drug cartels are no longer interested in killing their enemies and the cops, but are instead trying to control whole regions of Mexico.
(go to web site) "Gunmen Raid Sri Lanka TV Station"
BBC News (01/06/09) More than 12 gunmen armed with grenades stormed into the studios of Sri Lanka's largest private TV broadcaster early Tuesday morning, holding guards at gunpoint and destroying equipment. The attack, which occurred near Colombo, came on the heels of criticism of the broadcaster's coverage of recent army gains against Tamil Tiger rebels. Some in the state media said the broadcaster's coverage was focused too heavily on a Tamil Tiger suicide attack that followed the fall of the rebel capital of Kilinochchi last Friday. Sri Lanka's president has promised a full investigation into the attack. The incident is just the latest in a string of attacks against the independent media in Sri Lanka. According to Amnesty International, at least 10 media employees have been killed in Sri Lanka since 2006.
(go to web site) "Kidnappings in Mexico Send Shivers Across Border"
New York Times (01/05/09) ; Dillon, Sam Mexican President Felipe Calderon's war against drug lords has resulted in a spike in violence throughout the country, even in heartland states like Michoacan, Jalisco, and Zacatecas that were once immune to the criminal violence that plagues northern border cities such as Tijuana. Much of the increased crime consists of kidnappings of Mexicans with children or spouses in the United States. Business owners have also been targeted. For example, dozens of gunmen kidnapped grocery wholesaler Abel Marquez Haro from his warehouse in Zacatecas on Nov. 10 and held him hostage for 30 hours. The kidnappers demanded $500,000 in exchange for Marquez's release, but settled for a smaller ransom that his family agreed to pay. When Marquez's son delivered the money, the elder Marquez was freed but the son was captured and held for ransom. The family agreed to pay another ransom in order to secure the release of the son, Marquez said. The increase in kidnappings in Zacatecas and other Mexican states has scared residents so badly that they are fleeing their homes and moving to other areas. Marquez said he is trying to sell his business and move to a safer city in Mexico, while a friend who witnessed his kidnapping has moved to California to live with his brother.
(go to web site) "Storekeepers Tell of Terror"
San Francisco Chronicle (01/09/09) P. A12 ; Jones, Carolyn More than 300 businesses in downtown Oakland, Calif., were damaged Wednesday night by rioters protesting the fatal shooting of an unarmed black man by a Bay Area Rapid Transit (BART) police officer on New Year's Day. Among the businesses that suffered damage was a McDonald's restaurant that had three of its windows smashed by rioters during the dinner rush on Wednesday night. The upscale restaurant Flora also had its windows broken by rioters. Rioters also tried to break through a locked door at the restaurant. In the wake of the riots, some store owners spent the night at their shops on Wednesday night to protect their businesses from looters. By Thursday morning, many business owners in the area had boarded up their stores. Oakland city officials have said that they plan to help affected business owners recoup some of their losses from the riots.
(go to web site) 
"Militants in Southern Lebanon Fire Rockets Into Israel"
Wall Street Journal (01/08/09) ; Coker, Margaret; Fassihi, Farnaz; Solomon, Jay Several rockets were fired from southern Lebanon into northern Israel on Jan. 8, opening up the possibility of a second front in Israel's military operation in Gaza. Israeli police reported that three to five medium-range rockets landed in northern Israel, wounding two people. The Israeli army responded by firing artillery shells at the place where the rockets were launched from, though no injuries were reported. The rocket attacks have raised concern that Hezbollah could be joining Hamas in the fight against Israel. Hezbollah previously fought a 34-day war against Israel in 2006 and has been an outspoken critic of the military operation in Gaza. If these rocket attacks continue, it could force Israel to open up a second front. Israeli officials are discussing a cease-fire plan with Egyptian and French officials and have agreed to a three-hour cease-fire every other day to allow humanitarian aid to be distributed to people in Gaza. Israeli Prime Minister Ehud Olmert said that his government will not agree to a cease-fire unless it includes a complete stop to rocket attacks by Hamas and a plan to prevent Hamas from obtaining more weapons.
(go to web site) "Mumbai Evidence Given to Pakistan"
BBC News (01/05/09) India has announced that it has given Pakistan a dossier containing evidence that links Pakistani "elements" to the terrorist attacks in Mumbai, which killed more than 170 people. The dossier includes the interrogation of the only gunman who survived the attack, as well as details of phone conversations between the attackers and information about the weapons used in the attack. Indian Foreign Minister Pranab Mukherjee said Pakistan needs to act on the evidence and bring those who were involved in the attacks to justice. India has demanded that Pakistan hand over the suspects it says were involved in the attacks and dismantle Lashkar-e-Taiba, the Pakistan-based militant group that New Delhi has blamed for the attacks. For its part, the Pakistani government has said that it has received the dossier and that it is reviewing the evidence.
(go to web site) "Pakistan Agencies Aided Mumbai Attack, Singh Says"
Bloomberg (01/06/09) ; Pradhan, Bibhudatta; Rupert, James In his remarks to chief ministers of India's states at a meeting on counter-terrorism on Tuesday, Indian Prime Minister Manmohan Singh said that it is clear that "official agencies" in Pakistan supported the militants who were involved in the terrorist attacks on Mumbai in November. "There is enough evidence to show that, given the sophistication and military precision of the attack it must have had the support of some official agencies in Pakistan," Singh said. According to Ajai Sahni, the executive director of the Institute for Conflict Management, a New Delhi-based research group, Singh's remarks at the meeting are the most explicit accusation of Pakistani official agencies' involvement in the Mumbai terrorist attacks. However, Singh's accusation was not the first that charged Pakistani government agencies with being involved in terrorist activities. Indian and American officials, as well as independent Pakistani analysts, have said that Pakistan's Inter-Services Intelligence Directorate provided Lashkar-e-Taiba--the group that has been blamed for the attacks on Mumbai--with weapons and logistical help for previous attacks on India in the 1990s.
(go to web site) "Report: CIA Strike in Pakistan Killed Suspect in African Bombings"
MonstersandCritics.com (01/09/09) U.S. counter-terrorism officials have reported that four top al-Qaida operatives were killed in a missile strike launched by an unmanned CIA drone near the Pakistan-Afghanistan border on Jan. 1. Among those killed was Usama al-Kini, who was believed to have been the main planner for the bombings of two U.S. embassies in Africa in 1998 and the attack on the Marriott hotel in Islamabad last September. One of al-Kini's lieutenants, Sheikh Ahmed Salim Swedan, was also killed in the attack. Both men were on the United States' list of most-wanted terrorism suspects.
(go to web site) "U.N. Council Calls for Cease-Fire in Gaza"
Wall Street Journal (01/09/09) ; Levinson, Charles; Solomon, Jay The U.N. Security Council approved a resolution supporting an immediate cease-fire in Gaza. The resolution was passed by a vote of 14-0, with the United States abstaining. The U.S. previously blocked the draft resolution for more than a week due to concerns that it did not do enough to prevent Hamas from rearming itself. Prior to the vote, the U.S., U.K., and France all reached an agreement with Arab governments on the text of the resolution, which now calls on U.N. member nations to take action to "prevent illicit trafficking in arms and ammunition and to ensure the sustained reopening of border crossings." Israeli and Palestinian officials are set to arrive in Egypt this weekend for peace talks. The U.N. also announced that it would temporarily suspend food-aid deliveries to the Gaza Strip due to dangerous conditions.
(go to web site) 
"CheckFree Warns 5 Million Customers After Hack"
IDG News Service (01/06/09) ; McMillan, Robert CheckFree and some of the banks that use its services are notifying more than 5 million customers about a Dec. 2 attack in which cybercriminals tried to steal passwords from their victims' computers. The attack began when hackers sent phishing emails to CheckFree that apparently tricked employees into divulging the company's password with its domain registrar. The attackers then used the password to log into CheckFree's account with the registrar and change the DNS settings for its Web sites. This allowed attackers to reroute the customers who visited CheckFree's Web sites during a nearly 10-hour period on Dec. 2 to a Ukrainian Web server that used malware to try and install a password-stealing program on their computers. CheckFree's parent company, Fiserv, says roughly 160,000 consumers were exposed to the Ukrainian site, though only those who did not have antivirus software and were using an old version of Adobe Acrobat were infected. But since the company lost control over its Web domains, it does not know exactly who was affected, which means that it must warn a much larger number of consumers. The attack could have been much worse considering the fact that CheckFree processes bill payments for more than half of all U.S. banks, says Gartner analyst Avivah Litan.
(go to web site) "Corporate Networks Warned Over Outbreak of Downadup Worm"
SC Magazine (UK) (01/08/09) The network security firm F-Secure is partnering with affected companies and organizations to stop the proliferation of Downadup, or Conficker, a vast web of network worms that is difficult to extricate from a corporate network, especially when infected from within. The worm uses several avenues of attack, including guessing network passcodes, loading onto USB memory sticks, and even vulnerability patches. Once Downadup is on a network, it prevents users from accessing their accounts by entering incorrect passwords, thus triggering the automatic lock-out security feature. Once the worm has gained entry, it embeds itself into a machine's startup functions and modifies Access Rights to the settings of the worm so that the user cannot edit or remove them. Downadup then downloads different manifestations of itself from a long list of algorithm-generated Web sites that are essentially too numerous to track and contain all at once. The security firm recommends obtaining disinfection instructions from the network's antivirus provider and limiting USB usage.
(go to web site) "Encryption Top IT Security Initiative in 2009"
Network World (01/05/09) ; Messmer, Ellen IT budgets for 2009 are expanding in order to accommodate new encryption technologies and maintain current security technologies, according to a new Forrester Research study of 942 IT managers. The study found that personnel and security maintenance account for more than 50 percent of IT security budgets overall. The study found that for every $5 spent on IT security, at least $1 will be set aside for security outsourcing, while another 18.5 percent will go toward new and emerging security solutions. Full-disk encryption is the most popular security technology to be rolled out in 2009, followed by file-level encryption, desktop data-leak prevention, and network-based data-leak prevention. Respondents to the survey also expressed interest in the deployment of identity and access management platforms such as activities monitoring and individual sign-on.
(go to web site) "NIST Spells Out Security Requirements for Wireless Access"
Government Computer News (01/05/09) ; Jackson, William "Recommendations for EAP Methods Used in Wireless Network Access Authentication," the latest publication draft from the National Institute of Standards and Technology, addresses the security issues associated with using mobile devices to access sensitive government data. The public will have a period to comment on the institute's suggested security protocols for authentication methods found in the Extensible Authentication Protocols (EAP). The publication lists a handful of preconditions for accessing EAP on government servers, including secure setup of generation, storage, and management of credentials and passcodes before using EAP; secure connections to correlating networks being accessed, as EAP does not account for unsecured wired and wireless connections; and authentication of each secure server to ensure that it can verify the accuracy, authorization, and authenticity of all users and platforms engaged in the process.
(go to web site) "Twitter Has Security Meltdown"
InformationWeek (01/05/09) ; Claburn, Thomas A security breach at the microblogging site Twitter has resulted in a number of high-profile Twitter accounts--including accounts belonging to President-elect Barack Obama, CNN's Rick Sanchez, and Britney Spears--being compromised. According to Twitter, these accounts and 30 others were breached by an individual who hacked into the support software the site's employees use to help users perform tasks such as changing the email address associated with their account. The individual then used the hijacked accounts to send fraudulent messages and spam. Twitter has since taken the support tools offline, and has said that it will not put them back until they are safe to use. The site is urging its users to reset their passwords and verify that the email address stored in Twitter's account setting area is correct. In addition, there has also been a phishing attack aimed at Twitter users. In this attack, which was first reported Jan. 3, victims received a direct message from one of their Twitter followers telling them to visit certain sites, which look like Twitter's logon page but are actually fraudulent sites that steal the victim's account information.
(go to web site) Abstracts Copyright © 2009 Information, Inc. Bethesda, MD | 
No comments:
Post a Comment