Programmer exploits Windows vulnerability in cloud-based services, 10 yrs later, DHS still plagued with cybersecurity, critical infrastructure problems and more

September 13, 2013
No Comment


DHSHere are the top cyber news and stories of the day.

  • Programmer exploits Windows vulnerability in cloud-based services – “Windows data volumes (meaning virtual machine hard-drives) in public clouds such as Amazon Web Services can be copied and have their access credentials modified, allowing a hacker to glean insights into the data, a programmer has reported.” Via IDG, more here.
  • Medical identity theft affects 1.84 million U.S. victims – “Medical identity theft is a national healthcare issue with life-threatening and hefty financial consequences. According to the 2013 Survey on Medical Identity Theft conducted by Ponemon Institute, medical identity theft and “family fraud” are on the rise; with the number of victims affected by medical identity theft up nearly 20 percent within the last year.” Medical fraud does not only cause countless lost dollars, but can potentially endanger lives. Via Help Net Security, more here.
  • 10 yrs later, DHS still plagued with cybersecurity, critical infrastructure problems – ‘Today marks 12 years after the 9/11 terrorist attacks; it’s been a decade since 22 government agencies were combined into the Department of Homeland Security in response to those attacks. “DHS has spent more than $35 billion on homeland security grants, but cannot measure whether we are safer from terrorist attacks,” according to Republican Senator Tom Coburn. This morning, the U.S. Senate Homeland Security and Governmental Affairs Committee held a hearing about “The Department of Homeland Security at 10 Years: Examining Challenges and Achievements and Addressing Emerging Threats.”‘ Via ComputerWorld, more here.
  • Dropbox takes a peek at files – ‘Dropbox takes a peek at some kinds of uploaded files. That’s normal, the web storage service says. The disclosure comes after a test of the service found that several “.doc” files were opened after being uploaded to Dropbox.’ This is not the first issue that Dropbox has had with file security and “peeking.” It appears that you should not use the service for anything that might even mildly be construed as secure. Via ComputerWorld, more here.
  • Hacker steals data of 2mn Vodafone Germany customers – ‘Mobile phone operator Vodafone Germany said Thursday a hacker had stolen the personal data of two million customers, and that a suspect had been identified. “This attack could only be carried out with high criminal intent and insider knowledge and was launched deep inside the IT infrastructure of the company,” Vodafone Deutschland said.’ Via BreitBart, more here.
  • Cyberspies attack key South Korean institutions, North Korean hackers suspected – “South Korean organizations that conduct research on international affairs, national security and Korean unification are under siege from cyberspies whose attack may have its origins in North Korea.” Via ComputerWorld, more here.
  • Government, industry come together on shared services – “Federal agencies have been tasked with doing more with less. And so in a tough budget climate, the administration is looking to departments and agencies to establish more shared services to cut costs and reduce duplication.” This is one of OMB CIO Steven Van Roekel’s pet projects, and can really affect the way money is spend in the federal government on IT. The value of shared services should be evident in just a few short years. Via FedScoop, more here.