| |
Reliance Executive Is Killed in India
Wall Street Journal (04/06/11) Sharma, Amol; Agarwal, Vibhuti
A power company executive in India was killed on Wednesday in a shooting that was committed by leftist militants opposed to industrial development. Manoj Ojha, the general manager of Reliance Power's operations in India's Jharkhand state, was traveling along with other Reliance executives to scout land for a company project in Jharkhand's Chatra district when Maoist rebels opened fire on their convoy. In addition to Ojha, several other Reliance employees were injured in the shooting. Local police are investigating the exact circumstances of the shooting, though one official said that Ojha likely got caught in the crossfire between warring rebel groups. Nevertheless, the shooting came at a time when Maoist rebels in India have become increasingly violent in protecting tribal lands from being encroached on by industry.
Bullying at Work Draws Attention
Pittsburgh Tribune-Review (PA) (04/06/11) Olson, Thomas
Many victims of workplace bullying simply leave their jobs, as no state or federal law currently exists against such bullying. About 35 percent of workers believe they have been bullied at work, according to last year's findings in a Zogby International poll of 4,210 Americans. Zogby International defines bullying as "repeated verbal abuse, threatening conduct, intimidation, or humiliation" when it is done by someone at work. The survey also found that 62 percent of bullies were men and 58 percent of targets were women. Although there is little legal protection against bullying, the issue is still receiving increasing attention, and many companies have adopted anti-bullying programs or policies. HC Advisors LLC, a human resources consulting firm in Sewickley, Pa., sometimes includes bullying material in its company training sessions. Nineteen states have introduced legislation to end workplace bullying, but no laws have been passed.
State Passes Anti-Piracy Law to Help Microsoft
Seattle Times (04/06/11) Chan, Sharon Pian
The Washington state Legislature has approved a bill that would prohibit manufacturers that use pirated software from selling their products in the state. The new legislation was strongly supported by Microsoft, in the hopes that it might prevent pirated versions of its software from being used, particularly in China. Microsoft and other companies will now have the right to file for injunctions in civil court against manufacturers using $20,000 or more in pirated software. Critics of the new law have raised concerns that retailers selling those manufacturers' products can also be sued. Despite these objections, the bill is scheduled to go to the governor for signing. If the governor signs the bill into law, Washington state will become the second state in the nation to ban manufacturers that use pirated software from selling their products. Louisiana was the first.
76 Percent of Energy Utilities Breached in Past Year
InformationWeek (04/06/11) Schwartz, Mathew J.
A new survey reveals that roughly three-quarters of energy companies and utilities experienced at least one data breach in the past 12 months. The average clean-up cost for each breach was $156,000, according to the survey of 291 IT security practitioners at utilities and energy companies conducted by Ponemon Institute and sponsored by Q1 Labs, a security vendor. Seventy-one percent of respondents said that "the management team in their organization does not understand or appreciate the value of IT security." Moreover, only 39 percent of organizations were found to be actively watching for advanced persistent threats, 67 percent were not using "state of the art" technology to stop attacks against SCADA (supervisory control and data acquisition) systems, and 41 percent said their strategy for SCADA security was not proactive. The survey also concluded that the leading threat for energy utilities was not external attackers, but rather inside ones--43 percent of utilities cited "negligent or malicious insiders" as causing the highest number of data breaches. The report also suggested that, "A lack of leadership and absolute control over the security program could be contributing to this threat." Of note is that just 18 percent of utilities said a security leader had overall responsibility for information security, while for 29 percent of organizations, no specific person had overall responsibility.
Apple Store Shootout: Burglary Suspect Killed by Security Guard
Associated Press (04/04/11)
An Apple store in Chula Vista, Calif., was hit by a smash-and-grab burglary on Monday. In a smash-and-grab-burglary, thieves break store windows in order steal laptops, iPads, iPhones, and other devices. The problem has affected Apple stores across the country. Some stores, including stores in San Diego County, have hired private security guards to prevent smash-and-grab burglaries, which have resulted in the theft of thousands of dollars in merchandise. The security guard at the Apple store in Chula Vista was able to confront the burglars as they were carrying out the robbery on Monday. One of the burglars pulled out a gun on the guard, prompting the guard to open fire. The suspects then fled, with some of the robbers getting away in car that then crashed into a light pole, while the others ran away on foot and were found hiding in an apartment complex. The robber who was shot died from a gunshot wound to the head.
Rio Shooter Kills at Least 12 Young Students
Wall Street Journal (04/08/11) Fick, Jeff; Lyons, John
A 23-year-old man armed with two .38-caliber revolvers walked into his former elementary school in Rio de Janeiro on Thursday and opened fire, killing at least 12 students. The incident, which has been described as one of the worst school shootings ever to take place in Brazil, began as classes were starting at the Tasso da Silveira public school at around 8 a.m. The shooter, Wellington Menezes de Oliveira, tricked security guards into letting him into the building by telling them that he was there to give a presentation to students as part of the observance of the school's 40th anniversary. After speaking briefly with a teacher who recognized him from his time at the school, Oliveira walked into one of the classrooms and opened fire. Police eventually arrived on the scene and encountered Oliveira as he was leaving a classroom. A police officer shot Oliveira in the abdomen after the gunman pointed his weapon at him. After falling into a stairwell, Oliveira shot and killed himself. Investigators are still trying to determine a motive for the shooting.
Alert Code Colors to Change Soon, Facebook, Twitter to Anchor Security Alerts
International Business Times (04/08/11) Sadanand, Tejal
The Department of Homeland Security is considering implementing a system in which terror alerts would be passed on to the public via social networking sites such as Facebook and Twitter. Under the draft plan for the system, the sharing of intelligence among federal, state, and local governments would need to be improved before an official alert is issued. In addition, a serious threat would require a Homeland Security official to convene a meeting of a counterterrorism advisory board before sending out an alert. Jeff Moss, the organizer of the Defcon hacking conference and a recent appointee to the counterterrorism advisory board, said that the system would be beneficial because it would allow end users to receive alerts directly from the government, knowing that they have not been changed. Meanwhile, DHS is planning to revise its color-coded alert system in less than a month. The revisions will replace the five colored-coded alerts with two color codes representing either an elevated or an imminent risk of a terrorist attack. The changes come amid criticism that the current five color codes do not help citizens know what kinds of actions to take in response to a terrorist threat. Moss said that additional changes need to be made to the system in addition to removing some of the color codes, including making the alerts more localized.
Al Qaeda Makes Afghan Comeback
Wall Street Journal (04/06/11) Rosenberg, Matthew; Barnes, Julian E.
There are signs that al-Qaida is slowly returning to some parts of Afghanistan. Over the last six to eight months, al-Qaida has established training camps, hideouts, and operations in various places in northeastern Afghanistan near the Pakistani border. Among the Afghan provinces that al-Qaida has returned to is Nangarhar province, which is home to the major city of Jalalabad as well as an important ground route from neighboring Pakistan. Al-Qaida camps and gathering spots have also been seen in Afghanistan's Kunar province and in some remote parts of Nuristan province. However, it remains unclear exactly how many al-Qaida fighters are currently in the country. Al-Qaida is believed to be returning to Afghanistan because U.S. troops began pulling out of northeastern Afghanistan about a year and a half ago, since the region was seen as not being strategically important. But now the U.S. and its coalition partners are launching quick raids into valleys that have been infiltrated by al-Qaida, as well as secret raids by Special Operations Forces. Some officials are downplaying the return of al-Qaida to Afghanistan, saying that the group cannot yet use the region as a base to launch attacks overseas. In addition, some officials point out that it may be good that al-Qaida is beginning to move back into Afghanistan from Pakistan, since U.S. forces have more freedom to attack them in Afghanistan.
U.S. Reverses on 9/11 Trials
Wall Street Journal (04/05/11) Perez, Evan
Attorney General Eric Holder announced Monday that Khalid Sheikh Mohammed and four other men accused of plotting the September 11, 2001 terrorist attacks will be tried by military tribunals at Guantanamo Bay, not by civilian courts in the U.S. In announcing the decision, Holder said that the administration had been prepared to bring its case against Mohammed and his alleged co-conspirators in federal court but was prevented from doing so by Congress, which voted last December to prohibit suspected terrorists from being brought to the U.S. mainland for any purpose. Nevertheless, Holder said he had full faith in the military commissions, though he added that it remains to be seen whether defendants can formally plead guilty and be sentenced to death under the rules governing military tribunals. Holder also noted that the trial against Mohammed, Walid bin Attash, Ramzi bin al Shibh, Ali Abdul Aziz Ali, and Mustafa al Hawsawi needs to begin as soon as possible, as it has been nearly 10 years since the September 11 attacks. The administration's decision has been praised by Republicans such as House Homeland Security Committee Chairman Rep. Peter King of New York, who said that it was a vindication of President Bush's detention policies. However, Senate Judiciary Committee Chairman Sen. Patrick Leahy (D-Vt.) criticized the move, saying that military commissions do not have the long record of successfully convicting terrorists that federal courts have.
GOP Asks for Troops to Remain at Border
Washington Times (04/03/11) Dinan, Stephen
House Republicans have written a letter to President Obama asking him to extend the mission of the 1,200 National Guard troops that are deployed along the U.S.-Mexico border beyond June 30, when it is currently scheduled to end. In their letter, the 10 G.O.P. members of the House Homeland Security Committee said that the National Guard troops should remain on the border until the Border Patrol agents who will replace them have been fully hired and trained. The lawmakers also asked the president to allow the National Guard troops to perform more duties besides assisting surveillance and intelligence operations. However, federal officials have been hesitant to allow the troops to patrol the border out of fear that it would be seen as a sign that the border was becoming more and more militarized. Meanwhile, Homeland Security Secretary Janet Napolitano said at a recent event that the presence of the National Guard along the border shows that the Obama administration is committed to immigration enforcement. She added that the U.S.-Mexico border is increasingly secure, and that suggestions to the contrary are untrue.
Simple Arithmetic for Faster, More Secure Websites
AlphaGalileo (04/07/11)
Researchers from the University of Military Education and the Polytechnic Institute of Kiev have developed an approach to logins involving the concept of zero knowledge identification, which is based on a set of mathematical functions known as one-way Boolean operators. The researchers say the approach could be hundreds of thousands of times faster than conventional encryption-decryption logins and will reduce the overall computing requirements on the provider side of the system as well as make logins more secure. "The efficiency of information security algorithms is defined based on two factors: the level of security and the amount of computational resources required for the implementation of the security functions," says the University of Military Education's Nikolaos Bardis. The system give users a special function that produces an extremely large number of different results for all of its possible inputs. A set of inputs that produce a common result is selected to be the user's passwords. The advantage of the system is that an illicit user will have to try all possible password combinations before reaching the correct one. "The proposed scheme has potential use in any system where malicious users have incentives to gain illegal access and perform actions they are not entitled to," says the University of Military Education's Nikolaos Doukas.
Security Scare for M&S Customers
London Evening Standard (04/07/11) Urwin, Rosamund
Online customers of the British retailer Marks & Spencer's could be impacted by the recent data security breach at the Dallas-based online marketing firm Epsilon. In that breach, which could affect millions of consumers and could be one of the largest data thefts in history, hackers accessed a database containing the personal information of customers of Epsilon's clients, including Marks & Spencer's. In an e-mail to its customers on Wednesday, Marks & Spencer's said that the hackers who broke into Epsilon's systems could use consumers' names and addresses--which were stored in the database--to send them spam messages. The company added that the hackers did not steal any financial information. However, some of the companies that have been affected by the breach have said that hackers could try to access consumers' bank account information. Other companies that have been affected by the breach include JPMorgan Chase, Citigroup, TiVo, and Marriott International.
Experts Warn of Increase in Zeus Attacks as Source Code Spreads
V3.co.uk (04/06/11) Thomson, Iain
The source code for the Zeus malware is proliferating and a new onslaught of attacks is expected soon according to Trusteer researchers. March reports indicated that the writer of the Zeus malware had put the source code for the software up for sale for $100,000. However, Trusteer has observed multiple sellers offering the code, and there are reports that it also is surfacing on file-sharing sites as a password-protected download. Trusteer CEO Mickey Boodaei says the leaking source code was rolled into a single automated toolkit, which is the source of all the variants now popping up. "Now the source code is leaking we'll see more toolkits based around Zeus," he says. Boodaei notes that, as the new toolkits start surfacing, their users will release a swarm of new Zeus variants that will need to be identified and thwarted. However, he also is concerned that some criminals will save their kits for highly targeted, small-scale attacks that are harder to find and impede.
Banks Warn of E-mail Breach
Associated Press (04/05/11) Svensson, Peter
JPMorgan Chase, Citigroup, Capital One, and other well-known financial and retail companies all say hackers may have learned their customers' e-mail addresses as a result of a security breach at a Dallas company called Epsilon that manages e-mail communications. The companies are warning their customers to expect fraudulent e-mail messages attempting to coax account log-in information from them. The e-mail addresses may be used to target spam, or to retrieve log-in information using a phony page and then use it to access a real account. According to David Jevans, chairman and founder of the nonprofit Anti-Phishing Working Group, criminals are moving away from indiscriminate phishing toward more intelligent attacks known as "spear phishing," and this data breach could facilitate the method.
Study Reveals Complacency Among Users of Mobile Devices on Security
Cellular-News (04/03/11) Mansfield, Ian
Most smartphone users are unaware of the latent security and privacy risks that are close at hand if they store confidential data in their devices, according to an AVG study. The study substantiates AVG's concerns that consumers are indifferent to the myriad security risks associated with the storage and transmission of sensitive personal data on iPhones, Blackberrys, and Android devices. According to the survey, 89 percent of respondents were unaware that smartphone applications can send confidential payment data such as credit card numbers without the user's knowledge or permission. Moreover, 91 percent of respondents were unaware that financial applications for smartphones can be compromised by specialized malware designed to steal credit card numbers and online banking credentials, yet 29 percent report already keeping credit and debit card information on their handsets, and 35 percent report storing confidential work-related files as well. Other smartphone security risks include geotracking based on location specs embedded onto image files, the transmission of confidential payment information without the user's knowledge or consent, and unauthorized premium-service orders on the monthly bill.
Abstracts Copyright © 2011 Information, Inc. Bethesda, MD |
No comments:
Post a Comment