Subscribe to DFI News
View Sample

DFI News

Snowden's Leaks were Masked by Job Duties

September 19, 2013 11:08 am | by Tom Gjelten, NPR | Comments

More than three months after Edward Snowden revealed details of NSA secret surveillance activities, intelligence officials are still assessing the fallout from the former contractor's disclosures. But they already know how the leaks happened.  


Fatal Crypto Flaw in Goverment Smartcards Makes Forgery a Snap

September 18, 2013 12:25 pm | Comments

Raising troubling questions about the reliability of government-mandated cryptography certifications used around the world, scientists have unearthed flaws in Taiwan's secure digital ID system that allow attackers to impersonate some citizens who rely on it to pay taxes, register cars, and file immigration papers.


FISC Releases Its Reasoning on Metadata Collection

September 18, 2013 11:53 am | by Infosecurity | Comments

The Foreign Intelligence Surveillance Court has published an opinion, written on August 29, 2013, by Judge Claire Eagen, explaining the legal reasoning behind its order authorizing the NSA to collect data on all US telephone calls.     


Online Justin Bieber Fake Jailed over Child Sex Videos

September 18, 2013 11:25 am | by the Guardian | Comments

A pedophile who posed as Justin Bieber on the internet to target and blackmail young girls all over the world has been jailed in a case described as one of the worst the courts have ever seen. The "sadistic exploitation" conducted by Robert Hunter, of Middlesbrough, UK, was so extensive that an international operation through Interpol was sparked.


Suspect NIST Crypto Standard Long Thought to Have a Back Boor

September 18, 2013 10:53 am | by Kevin McCaney, GCN | Comments

While the National Institute of Standards and Technology reopens public review of several of its cryptographic standards, it is “strongly” advising against using one of the standards for elliptic curve cryptography — a standard that cryptographers have long suspected contained a back door, whether it was put there intentionally or not.


Hacker Group Found in China, Linked to Big Cyber Attacks

September 17, 2013 12:01 pm | by Jim Finkle, Reuters | Comments

Computer security experts have discovered a group of highly sophisticated computer hackers operating for hire, a U.S. computer security firm says, and it linked the group to some of the best-known cyber-espionage attacks out of China in recent years.


Too Long Passwords Can DoS Some Servers

September 17, 2013 11:43 am | by Zeljka Zorn, Help Net Security | Comments

The discovery of a vulnerability in popular open source web application framework Django has recently demonstrated that using a long password is not always the best thing to do. Django uses the PBKDF2 algorithm to hash user passwords, making it extremely difficult for brute-force attacks to be executed successfully. Unfortunately, this complexity can also be used as an attack vector.


Brazil Looks to Break from US-centric Internet

September 17, 2013 8:56 am | by Bradley Brooks and Frank Bajak, Associated Press | Comments

Brazil plans to divorce itself from the U.S.-centric Internet over Washington's widespread online spying, a move that many experts fear will be a potentially dangerous first step toward politically fracturing a global network built with minimal interference by governments.


Cyber Gang Attempted Santander Bank Heist with $20 Device

September 16, 2013 4:56 pm | by Infosecurity | Comments

The term “bank heist” may conjure up an Ocean's 11-style strike involving laser alarms and perhaps even a contortionist or two, but the everyday reality is much more mundane. Take, for instance, the alleged plot by 12 men to steal millions from a branch of European bank Santander remotely, using a cheap and readily available keyboard video mouse device.


Belgium Investigates Suspected Cyber Spying by Foreign State

September 16, 2013 12:41 pm | by Philip Blenkinsop, Reuters | Comments

Belgium says it was investigating suspected foreign state espionage against its main telecoms company, which is the top carrier of voice traffic in Africa and the Middle East, and a newspaper pointed the finger at the United States. Federal prosecutors said in a statement that the former state telecoms monopoly Belgacom had filed a complaint in July about the hacking of several servers and computers.


How Law Enforcement Can Watch Tweets in Real-time

September 16, 2013 12:02 pm | by Nate Anderson, Ars Technica | Comments

Recent leaks about the NSA's Internet spy programs have sparked renewed interest in government surveillance, though the leaks touch largely on a single form of such surveillance — the covert one. But so-called "open source intelligence" (OSINT) is also big business — and not just at the national/international level. 


Utica College Unveils Cyber Forensic Center

September 16, 2013 9:28 am | by Victoria Lamanna, Utica College | Comments

Utica College has announced formation of its new Northeast Cyber Forensics Center (NCFC), a laboratory that provides criminal forensic investigation of digital evidence for local, state and federal law enforcement agencies, as well as other private and public sector entities. 


Countering Attacks Hiding in DOS Smokescreens

September 13, 2013 4:14 pm | by Robert Lemos, Dark Reading | Comments

Denial-of-service attacks have long been considered the blunt wooden club of online hazards, a multi-gigabit stream of shock and awe. Yet, increasingly the noisy attacks are being used to hide more subtle infiltrations of a target's network.   


Trucker Pleads Guilty to Koch Cyber Attack

September 13, 2013 3:39 pm | by Roxana Hegeman, Associated Press | Comments

A Wisconsin trucker who joined a cyber attack on Koch Industries has admitted his role in the onslaught organized by the computer hacking group known as "Anonymous" that took the Wichita-based company's website offline for about 15 minutes in February 2011. Eric Rosol, 37, of Black Creek, Wis., pleaded guilty to one misdemeanor count of accessing a protected computer in a deal with prosecutors for reduced charges.


NIST Says Don't Use Our Crypto Algorithm

September 13, 2013 12:41 pm | Comments

Standing accused of NSA interference in its processes, and backdoors in its algorithms, NIST now says our crypto standards and processes are sound — but don't use the elliptic curve algorithm. NIST has not admitted to a backdoor in the algorithm, and its warning against use of the algorithm makes no mention of the NSA.



You may login with either your assigned username or your e-mail address.
The password field is case sensitive.