The 46,000 people reportedly infected by ads on job sites may be only a fraction of the victims of an ambitious, multi-stage attack that's stolen data belonging to several hundred thousand people who posted resumes on Monster.com, a researcher said this weekend.

According to Symantec Security Analyst Amado Hidalgo, a new Trojan horse the company calls Infostealer.Monstres has stolen more than 1.6 million records belonging to several hundred thousand people from the job search service Monster.com. That data is then used to target the Monster.com users with credible phishing mail that plants more malware on their machines.

Read full story

KUALA LUMPUR: The country's information communication technology industry has been given another boost with the launch of four new initiatives to enable Malaysia to compete in the global technology-led environment. 

The initiatives – the Malaysia Animation Creative Content Centre, CyberSecurity Malaysia, KnowledgeGRID Malaysia and eContent Fund Awards – are also expected to help reduce what Prime Minister Datuk Seri Abdullah Ahmad Badawi has described as "digital poverty". 

CyberSecurity Malaysia is the result of the rebranding of the National ICT Security and Emergency Response Centre, to reflect the services and solutions the organisation provides for its clients and the public. 

Read full story

"Hackers" defaced the United Nations Web site early Sunday with messages accusing the U.S. and Israel of killing children. As of late afternoon, some sections, including the area devoted to Secretary General Ban Ki-Moon, remained offline. The attack, spelled out by an Italian software developer on his blog and later reported by the BBC, replaced blurbs of recent speeches by Ban with some rather peaceful messages.

More at Networkedworld

Michael Ouma explains in his article how Kenya’s cyber law, when enacted, could be adopted as a model law for other countries within the East African Community (EAC) — Tanzania, Uganda, Rwanda and Burundi — which are yet to enact such kind of legislation to give regulatory direction for ICT-related transactions.

Already, a process has been initiated under the auspices of United States Agency for International Development (USAID) Washington’s Economic Growth Agriculture and Trade/Information Technology and Energy (EGAT/IT&E) Bureau to guide the process leading to the development of the legislation in Kenya.

Read full article at Eastern Standard

“With Impact, you can model a spear-phishing attack, and find out which users will click on embedded e-mail that fools them with a ‘You’ve won a vacation prize,’” says Will Aguilar, senior product manager.

Among the documents exposed: The Pentagon's entire secret backbone network infrastructure diagram, complete with IP addresses and password change scripts; contractor data on radio frequency manipulation to beat Improvised Explosive Devices (IED) in Iraq; physical terrorism threat assessments for three major U.S cities; information on five separate Department of Defense information security system audits.

More at NetworkedWorld

Steps have finally been taken by Microsoft to protect millions of exposed networks vulnerable to a .Net exploit that was first discovered nine months ago.

Security-Assessment.com reported close to 90 percent of Web sites upon which the company penetration tested in 2006 had "critical to urgent vulnerabilities"

Microsoft's Patch Tuesday release covered vulnerabilities in Microsoft's .Net Framework, Office Excel, Office Publisher, and three for its Windows operating systems.

Visit NetworkedWorld for more. Story copyrighted NetworkedWorld, Inc

TALLINN - Tensions between Estonia and Russia show no signs of declining any time soon and the latest manifestation of ill-will concerns the spring ‘cyber attacks’ on Estonia which are widely believed to have emanated from Russia in the immediate aftermath of the ‘Bronze Soldier’ controversy.

Earlier this week, the Russian embassy in Tallinn said that it has not witheld assistance with regard to an ongoing Estonian probe in to the attacks, but didn’t help because the authorities’ request was not formulated properly.b

Quoting the impenetrable legalese of the Russian Prosecutor General's Office, the embassy said that the existing bilateral legal assistance agreement implies procedural actions prescribed by the laws of both parties and does not envision search actions aimed at establishing the whereabouts of individuals concerning the investigation.

http://www.baltictimes.com/news/articles/18284/

For many countries, the events of the past weeks have been a loud wake-up call. Estonia, one of the most wired nations in Europe, actually survived pretty well. Other countries would have fared worse, NATO specialists reckon.

The International Telecommunication Union, which unites all 191 countries that use the world telephone system, hopes to take the lead in pushing for a global convention against cybercrime. Alexander Ntoko, its expert on cyberwarfare, says the key issue is anonymity: “We are in an industry where there is no control, no rules, no identities—it's the wild west. But for critical applications you have to know who you are dealing with.” NATO experts agree. At a minimum, any international cybercrime convention is likely to oblige internet service providers to co-operate in blocking DDOS attacks coming from their subscribers' computers.

Read full story