2008 Perspective - hot stories and list of lists.
- Most Popular Sites Were Hacked in '08 - eWeek, Jan 22, 2009
- More Cyber Security Regulations Recommended - Washington Post, Dec 8, 2008
- Cisco: Cyber Attacks Are Growing More Sophisticated, Targeted, TMCnet, Dec 15, 2008 - more: “Cisco Annual Security Report” for 2008
- US Homeland Security Still Without Cybercrisis Plan, CNET News, Dec 19, 2008
- Top Five Cyber Security Stories - Information Security Magazine, Dec 29, 2008
1. SQL injection attacks
2. Hannaford Brothers supermarket breach
3. Dan Kaminsky and DNS dangers
4. Microsoft Vista adoption issues
5. Slowing the spam surge
Also noted:
- Linux Kernel attack code worries security experts
- Microsoft addresses XSS in Internet Explorer
- New attacks reveal fundamental problems with TCP i.e. sockstress
- Microsoft releases Out of Cycle Windows patch to stop worm attack - Top Ten SCADA Security Stories of 2008 - Digital Bond
1. Vulnerabilities now being discovered by non-control system companies e.g. Core
2. Process Control System Forum (PCSF) demise
3. FERC throws NERC under the bus / Congress warms to regulation
4. Published control system exploit code in form of metasploit module - yikes
5. Blue Ribbon CSIC cyber security recommendations for Obama
6. Very active SCADASEC list started
7. Control System vulnerabilities as “Candy To The Press”
8. Bandolier Security Audit Files audit hundreds of configuration elements.
9. CIA FUD quote from Tom Donahue from CIA
10. Water Sector roadmap progress.
2009 Predictions - more hot stories and list of lists.
- Cyber security issues take center stage in 2009, Control Engineering, IL - Jan 5, 2009
- Cyber Crime: The 2009 Mega Threat- CSO Magazine, Dec 16, 2008
- Combating Cyber Crime: Global Network Operates 24/7, FBI, Jan 14, 2009- “sophistication of our adversaries is growing”
- Hackers to exploit economic downturn in 2009 - VNUNet.com, UK - Jan 20, 2009
- McAfee publishes 2009 threat predictions IT Examiner, India - Jan 21, 2009
- Spam still causing IT headache: reports Computer Business Review, UK - Jan 22, 2009
- Security Expert: Fight Cyber-Crime Through Procurement, Government Technology, CA - Jan 30, 2009
- Top 9 security predictions for 2009, ZDNet Australia, Jan 5, 2009
1. More bang for the buck: Security consolidation and then some
2. Information security lockdown e.g. mandatory PCI application firewalls
3. Web 2.0 vulnerabilities multiply
4. Bigger pipes, faster speed: Letting in the good, bad and ugly
5. The next biggest threat to mobile security: 3G
6. More cash to flow in the digital underground
7. Let the games begin – more cyber mayhem in the gaming world
8. Premeditated, targeted attacks on the rise
9. Law enforcement unite online - SANS Technology Institute: 2009 Security Predictions – Jan 21, 2009
Broad mix of contributions: more control system issues, compromise of large PCI compliant company (fulfilled), etc
No comments:
Post a Comment