News

• Systems manager arrested for hacking former employer's network

  A 41-year-old man was arrested for allegedly disrupting his former employer's network after he was passed over for promotions, leading him to quit his job and take revenge, the U.S. Federal Bureau of Investigation said.

• Dutch bill seeks to give law enforcement hacking powers

  The Dutch government today presented a draft bill that aims to give law enforcement the power to hack into computer systems -- including those located in foreign countires -- to do research, gather and copy evidence or block access to certain data.

• Amazon looks to move security appliances to the cloud, says CISO

  Amazon Web Services (AWS) is looking to expand its security offerings with hosted intrusion protection appliances and more extensive encryption features, as it looks to increase the level of protection users can get in its cloud.

• Pirate Bay co-founder charged with hacking IBM mainframes, stealing money

  Pirate Bay co-founder Gottfrid Svartholm Warg was charged with hacking the IBM mainframe of Logica, a Swedish IT firm that provided tax services to the Swedish government, and the IBM mainframe of the Swedish Nordea bank, according to the Swedish public prosecutor.

• Hackers could start abusing electric car chargers to cripple the grid, researcher says

  Hackers could use vulnerable charging stations to prevent the charging of electric vehicles in a certain area, or possibly even use the vulnerabilities to cripple parts of the electricity grid, a security researcher said during the Hack in the Box conference in Amsterdam on Thursday.

• Browser-hijacking malware talks to attackers using SPF email validation protocol

  A new Trojan program that displays rogue advertisements during browsing sessions uses a DNS-based email validation protocol called the Sender Policy Framework (SPF) in order to receive instructions from attackers without being detected, according to security researchers from Symantec.

• 6Scan launches free website vulnerability and malware scanning service

  6Scan, a Web security startup based in Tel Aviv, Israel, launched a new service on Tuesday that can scan websites for security issues, like vulnerabilities and malware infections, and allows their owners to automatically fix the identified problems.

• Lack of abuse detection allows cloud computing instances to be used like botnets, study says

  Some cloud providers fail to detect and block malicious traffic originating from their networks, which provides cybercriminals with an opportunity to launch attacks in a botnet-like fashion, according to a report from Australian security consultancy firm Stratsec.

• Stonesoft identifies new ways to evade intrusion detection systems

  Finnish security firm Stonesoft claims to have developed 163 new attack methods that can evade network intrusion detection and prevention systems (IDPS) over multiple communication protocols including IPv4, IPv6, TCP and HTTP.

• Sourcefire takes intrusion prevention to masses with IPSx

  Open-source security company Sourcefire has announced an entry-level Intrusion Prevention System (IPS) it claims will democratize a technology that is still seen as being exclusively for large companies with experienced security teams, rather than small and medium-size enterprises.

• Is SAP afraid of a Stuxnet-style attack?

  Enterprise software provider SAP is stepping up its security stance as its once-isolated systems become increasingly connected to the Internet, posing new risks as hackers diversify their targets.

• Idappcom seeks to displace penetration testers

  A U.K. company is seeking to displace penetration testing companies with an appliance and software that can frequently test whether security devices are catching bad network traffic and exploits.