Skip the navigation

Cyberwarfare Topic Center

Cyberwarfare news, in-depth articles and more

Cyberwarfare News

Tor Project working to fix weakness that can unmask users

Developers of Tor software believe they've identified a weakness that was scheduled to be revealed at the Black Hat security conference next month that could be used to de-anonymize Tor users.
Read more...

Black Hat presentation on TOR suddenly cancelled

A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month.

AirMagnet Wi-Fi security tool takes aim at drones

In its quest to help enterprises seek out and neutralize all threats to their Wi-Fi networks, AirMagnet is now looking to the skies.

EFF releases Chrome, Firefox plugin to block third-party tracking

The Electronic Frontier Foundation, a digital privacy rights group, has released a downloadable plugin for Chrome and Firefox designed to stop third parties from tracking people's Web browsing.

Google sets up a cybercrime-busting task force -- Project Zero

Google has set up an internal task force that will work to expose the activities and techniques of malicious Internet wrongdoers, aiming to cut down on the number of targeted cyberattacks.

New banking malware 'Kronos' advertised on underground forums

A new Trojan program designed to steal log-in credentials and other financial information from online banking websites is being advertised to cybercriminal groups on the underground market.

The Gameover Trojan program is back

Cybercriminals are trying to create a new botnet based on what is likely a modification of Gameover Zeus, a sophisticated Trojan program whose command-and-control infrastructure was taken over by law enforcement agencies at the beginning of June.

China calls the iPhone and iOS 7 threats to national security

China's state-run TV is telling iPhone owners that the device is a threat to national security because it tracks their movements.

New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on

The Department of Homeland Security mistakenly released details on an experiment in which a 27-ton generator was destroyed via a cyberattack.

Senate Intelligence Committee okays cybersecurity bill

The U.S. Senate Intelligence Committee approved Tuesday a cybersecurity bill that would pave the way for sharing of information between government and the private sector on security threats.

Cyberwarfare In Depth

No money, no problem: Building a security awareness program on a shoestring budget

Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.

Inside the Changing Role of the CISO

With a number of high-profile security breaches making headlines of late, organizations are increasingly realizing they must beef up their security teams or risk catastrophe. Matt Comyns, global co-head of the Cybersecurity practice at Russell Reynolds Associates, an executive leadership and search firm, sat down with CIO.com to discuss the changing role of the Chief Information Security Officer (CISO), the global cybersecurity landscape and why finding and retaining elite security talent is critical.

How to protect yourself against privileged user abuse

The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE). This type of malicious behavior by "privileged users" who have been given broad access to the company's computer assets has captured the attention of CIOs across the country.

Early user of VMware NSX net virtualization tool extols fine grain controls

Canadian airline company WestJet is one of the earliest customers of VMware's NSX network virtualization tools, which initially reached for the tech to address a security issue. Network World Editor in Chief John Dix recently sat down with WestJet technologist Richard Sillito to learn what the company is learning about network virtualization and its broader NSX plans.

Securing the virtual world

Catbird Networks Director of Product Management, Malcolm Reike, talks about how virtualization changes the security game with Network World Editor in Chief John Dix.

A security awareness success story

The problem with Security Awareness programs is that it is hard to prove their successes. As with all security countermeasures, success is usually that nothing happens. Ideally, success also means that there is a report of the attempted attack, however that is rarely the case. With technical countermeasures however, logs are usually maintained that allow people to point to all of the prevented attacks.

The best password managers for PCs, Macs, and mobile devices

Thanks to high-profile computer security scares such as the Heartbleed vulnerability and the Target data breach , and to the allegations leveled at the government and cloud providers by Edward Snowden, more of us Internet users are wising up about the security of our information. One of the smarter moves we can make to protect ourselves is to use a password manager. It's one of the easiest too.

Why Open Source Software Isn't as Secure as You Think

The security of open source software relies on the community spotting errors -- but Heartbleed and other recent events suggest that that's not happening.

The CSO's failure to lead

Talk to any information security professional over the past decade about a number of their greatest perceived challenges when it comes to doing their job. More often than not you'll hear about how their organization's business leadership didn't provide them the support and space they need to secure their organizations properly. One way you'll hear this is when it comes to the lack of budget. Another way you'll often hear this expressed, is as security "doesn't get a seat at the table."

The Next Heartbleed: 5 Security Vulnerabilities to Watch

By and large, the major websites hit by Heartbleed have recovered. So have the bad guys, who are undoubtedly plotting their next move. Here, security experts offer their take on five large-scale, Heartbleed-level vulnerabilities for which CIOs should prepare.