Hackers takeover Twitter.com for a short time

Followers of any number of celebrities, pundits, sports stars and even the guy or girl next door who headed over to the Twitter website were redirected to a web page for a group calling itself the "Iranian Cyber Army," as hackers hijacked the popular microblogging community's website recently. The attackers apparently were able to redirect Twitter users by stealing the credentials needed to administer the domain name system (DNS) records for Twitter.com, several reports indicated. Twitter acknowledged the incident via a blog posting on its website. "As we tweeted a bit ago, Twitter's DNS records were temporarily compromised tonight but have now been fixed," the post said. Twitter's DNS service is provided by Manchester, New Hampshire-based Dyn. Tom Daly, chief technology officer at Dyn, told the Washington Post that the incident was not the result of a security failure on its services. Daly said it appears someone changed Twitter's DNS records to point visitors to a different Internet address using the proper account credentials assigned to Twitter. It remains still unknown who was responsible or how the user name and password needed to change Twitter's DNS records were intercepted.

U.S. shifts stance and meets with Russia to discuss cyber safety

In the face of growing attacks on government and corporate websites and networks, former rival nations are teaming with the United Nations in secret talks he talks, aimed at finding ways of strengthening internet security and limiting the military use of cyberspace, according to a report in the New York Times. There has been increasing worries by the Obama administration that countries are developing cyber weapons that can be deployed against online targets to disable critical computer networks that control power stations or government departments as well as other threats, which has led to the increased willingness of the U.S. to come to the table to talk about the growing cyber threats. Prior to these talks, the Russians have argued that an international treaty, similar to that used to limit the spread of nuclear and chemical weapons, could also be used to see off the challenges military cyber activity poses to the civilian internet. But the United States has disagreed, saying the virtual world is blurry at best in assessing the potential uses of technology. The United Nations talks will resume in January, and both the U.S. and Russia plan to attend an internet security conference in Germany later in the year.

Ascentive Software statement regarding Automatic Renewal Emails

During the weekend of Dec 11th to Dec 13th, a subscription auto-renewal email was accidentally sent to everyone in the Ascentive email database. This database includes not only current and former customers but also recipients who have received any information from us in the past.

The email, which was only meant for a small number of our subscription users, has caused confusion and distress among a considerable number of people who received this email. Ascentive would like to assure both current and former customers who are not part of the subscription service that their credit card will not be billed at this time and there is no need to contact Ascentive customer support to cancel the renewal.

Ascentive is fully CAN-SPAM compliant and maintains an up-to-date list of opted out e-mail addresses which have been previously sent promotional advertisements and then requested removal from our email list. For anyone who received the email and has previously un-subscribed from our email list, they will not receive any additional promotional emails beyond this matter from Ascentive moving forward.
We offer our apologies for the error and are working to address the technical issue to ensure this does not happen again in the future.

Beware where you surf to keep your PC safe from malware

Surfing the internet is getting riskier for those looking to avoid getting a virus, downloading malware or trying to protect their computer's speed and safety, according to McAfee's third annual Mapping the Mal Web report. Of 27 million websites and 104 top-level domains researched, McAfee found that 1.5 million sites, or 5.8 percent, were risky. That's up from 4.1 percent from the past two years. Domains from the small African nation of Cameroon reached the top spot this year with 36.7 percent of its sites posing a security risk. Because .cm is often a typo for .com, McAfee said, cybercriminals like to use that domain to set up typo-squatted sites to hit you with malware. Even if you type it correctly the .com domain isn't much safer, rocketing from ninth last year to second this year in riskiness, with 32.2 percent of its sites potentially hazardous to PC health. Romania (.ro) was tagged as the riskiest domain for malicious downloads, with 21 percent of its sites delivering payloads of viruses, spyware, and adware. McAfee sees the .info domain as the most spam-filled with 17.2 percent of its sites generating junk mail.

Perimeter E-Security exposes top 10 biggest computer security breaches of 2009

Perimeter E-Security, announced the top 10 biggest cyber information security breaches and blunders of 2009. According to chief technology officer, Kevin Prince, there is a common thread between all of these incidents: they could have been avoided.

"2009 has been a year full of data breaches, compromises and exposures all around cyber-criminality. These incidents could have been prevented by adopting basic security standards and embracing a culture of security," said Prince. "Most companies actually know exactly where they lack security and where their gaps and exposures are."

The list is lead by one of the nation's leading payment processors, with official court proceedings report that 130 million records were compromised, E-Security said.

Following that company were social networking sites such as Twitter, Facebook and MySpace, which have had security breaches ranging from individual accounts being compromised to various phishing and virus issues, with more expected in 2010.

Some of the others making the not-so-desirable list were California University (160,000 records hacked), Virginia Department of Health (hackers demanded $10 million dollars ransom for the return of records) and a man who sent spyware to his girlfriend, who opened the email on her work computer resulting in a data security breach on a major children's hospital network.

Hackers, malware and inappropriate user behavior among threats to federal IT security

So you think your home computer is at risk of cyber attacks, spam, malware and more? Try defending the federal IT infrastructure. CDW Government, Inc. (CDW-G) released its 2009 Federal Cybersecurity Report, which found that across 300 Federal, civilian and Department of Defense agencies, the number and severity of cybersecurity incidents has stayed the same or increased in the last year. Respondents said external sources are the biggest threat overall, with defense agencies indicating state-sponsored cybersecurity-warfare as the most significant external issue. For civilian agencies hackers are among the biggest external challenges, while internal threats such as inappropriate web surfing and loss of computing devices continue to leave agencies vulnerable to cybersecurity threats. "Fundamentally, cybersecurity is not just a technology issue - it is a management and cultural challenge for Federal agencies," said Andy Lausch, vice president of federal sales for CDW-G. He added that Federal IT security professionals need the participation of the employees, managers and senior staff that they support to reduce the threat. The top problem found in the survey was malware (33 percent of respondents), followed by inappropriate network use or activity by employees (25 percent), supervision of authorized, distantly-placed user access (25 percent) and encrypted data (23 percent).