New 'Mahdi malware' cyber spy attack on Iran disclosed

New 'Mahdi malware' cyber spy attack on Iran disclosed
Los Angeles Times
WASHINGTON -- Security experts have identified a cyber espionage attack that appears to have chiefly targeted computers in Iran that they say differs from previously discovered malwarebelieved to be part of a covert U.S. and Israeli effort to monitor and ...

Step up your cyber warfare experts urge UK government
SlashGear
The UK government needs to step up with more aggressive cyber-attackretaliation, a committee established to develop guidelines for how responses to hack attempts should be handled has insisted. The joint Intelligence and SecurityCommittee argues the ...

SlashGear

UK seeks software writers with Cyber Security Challenge
BBC News
The government has begun a competition to find people to help defend the UK's infrastructure from cyber-attack. It will start as an online treasure hunt but later stages will involve lab-based challenges. The competition has been inspired by the increasing ...

BBC News

UK should go on the offensive in cyber war, say MPs
CSO
July 18, 2012 — Computerworld UK — The UK should go on the attack in the cyber war, rather than just defend, according to MPs on the Intelligence and Security Committee (ISC). This is because the committee believes that the UK's cyber defences are not ...

Mahdi Malware Hits Middle Eastern Targets
InformationWeek (blog)
Two security firms this week disclosed that they're working to eradicate a malware campaign that targets users in several Middle Eastern countries and which has been active for at least eight months. The attackers used malware ... Interestingly, the malware was introduced via a spear-phishing attack that included a fake Microsoft Word document. Opening the attachment would execute the malware, as well as open a copy of a Daily Beast article analyzing Israel's potential electronic warfare capabilities against Iran.

Sorry, Iran. I Didn't Mean to Invade You
Daily Beast
The malware was identified by Russia's Kaspersky Lab and Israeli security firm Seculert. Aviv Raff, the chief technology officer of Seculert, ... Raff said he didn't know who was behind the latest cyber attack, only that the servers controlling Mahdi were based for a month in Iran when the attack was launched in December. After a month, he said, the main servers moved ... In January, Iran announced the formation of a “cyber command” unit of the army to combat cyber warfare. The new virus is far less sophisticated than ...

Daily Beast

Psst, UK software devs: Up for a Cyber Security Challenge?
Register
Future Stuxnet-style attack defenders wanted. By John Leyden • Get more from this author. Posted in Enterprise Security, 18th July 2012 16:02 GMT · Free whitepaper ... Previous Cyber Security Challenge competitions focused on crypto-cracking, penetration testing and malwareforensics – but this is the first competition in the challenge that will test devs' wits on softwaresecurity. The two-year-old public- and private-funded programme is now looking for software and application developers with the security ...

UK should strike first in cyber war, MPs say
Computer Business Review
The Intelligence and Security Committee goes on to highlight the Stuxnet worm as the sort ofcyber attack the UK should aspire to launching. While pointing out that the UK had no involvement in Stuxnet the report said a similar cyber weapon would help in, ...

MPs urge UK Government to become more proactive against cyber attacks
eGov monitor
The UK Government and its agencies must not shy away from aggressive retaliatory cyberstrikes against those who attack the UK's cyber defences, the Parliament's joint Intelligence and Security Committee has said. The Committee welcomed the creation ...

University of Maryland Smith School of Business Launches Cybersecurity ...
MarketWatch (press release)
With private industry and government facing escalating threats to information systems and networks, the University of Maryland's Robert H. Smith School of Business is responding with a new leadership program to develop cyber specialists for C-suite and senior executive positions.... "Threats to cybersecurity are far greater than just technical concerns, impacting economic competitiveness, diplomacy and national security," said Sandor Boyson, Smith research professor and academic co-director of the program.

New malware targeting PCs in Iran: Report
Times of India
TEHRAN: Security experts have identified a cyber espionage attack that apparently targeted computers in Iran, according to a report. According to researchers, the new malware, dubbed as 'Mahdi' differs from previously discovered malware believed to be ...

Electrical Power Grid Vulnerable to Cyber Threats
CIO
Electrical Power Grid Vulnerable to Cyber Threats. Ahead of Senate debate on cybersecuritylegislation, lawmakers focus on threats to electrical system; experts warn of vulnerabilities from lackluster information sharing and new smart grid technologies.

British Stuxnet could have unintended fallout, government admits
ZDNet (blog)
Stuxnet and other state-developed malware could hit unintended targets, the government has acknowledged, as MPs urge the UK to build its own attack software. Malware The risk of UK government-developed malware getting into the wild is ... Pre-emptive strikes. MPs on the influential security committee also recommended that British intelligence and defence agencies should use hacking and other cyber-techniques to misdirect enemy countries. For example, in a military conflict, the UK should destroy data, ...

Cyber Security Challenge Hunts For Flaw Finders
TechWeekEurope UK
“The challenge is that cyber security investments – and cybersecurityconsciousness have not kept pace with either the sophistication of embedded technology nor the shrewdness and tenacity of attackers. And in spite of energy being perhaps the most ...

TechWeekEurope UK

Iran target to an another cyber espionage campaign
National Turk English
Security experts have found out an ongoing cyber espionage campaign that targets Iran and other countries in the Middle East. The latest cyber attack made a big splash since it uses communications tools written in Persian. Tehran / NationalTurk – Russian ...

National Turk English

Persian-Language Cyber Attacks on Iran Dubbed 'Muslim Messiah'
Arutz Sheva
An Israeli security firm says an ongoing cyber attack aimed mainly at Iran uses Persian language communications and is named after Mahdi, the “Muslim Messiah.” Seculert, based in Israel, and Russia's Kaspersky Lab said on Tuesday that they identified ...

Arutz Sheva

Drones, sub-hunting planes to attack cyber-Chinese army
Register
The war games are also believed to feature information warfare scenarios, given that China is suspected of developing advanced capabilities in this area to disrupt and control its opponents before a shot has been fired. The exercise is the second stage of ...

OVERNIGHT TECH: Reid may reveal cyber bill timing Wednesday
The Hill (blog)
Many have doubted that the cybersecurity bill will ever reach the floor, but Reid weighing in on timing will help clear up that murkiness. Lieberman has said the Senate will begin consideration of his bill by the end ... Collins: 'Premature' to say whether cyber bill will include Whitehouse-Kyl framework: Sen. Susan Collins (R-Maine) said it's too early to say whether elements of Sens. ...Lieberman, Collins press regulator on electric grid security. Bingaman to push for expanded oversight of power grid in cybersecurity bill ...

Question: Should federal cybersecurity standards be voluntary?
Alaska Dispatch
Behind closed doors, national security hawks appear to be ramping up pressure on Congress to push through tough cyber legislation. In May, amid a period of heightened US tension with Iran, Chairman of the Joint Chiefs of Staff Martin Dempsey opted not to ...

UK launches software-focused cyber security challenge
Computer Business Review
Although a number of other cyber security challenges run each year the organisers of this one claim it is different as it emphasises secure software as the key, while many others focus on network-level security. However attacks like Stuxnet have shown the need to tighten up software and application ... "They must identify vulnerabilities in command software systems and work to anticipate security breaches to avoid attack." "For too long, software that underpins business and much of our most vital critical national ...

Software developers needed for Cyber Security Challenge
DeveloperTech
There is an evident lookout for a wide variety of software and security-centric developers. Last month, Jonathan Evans, head of MI5, claimed that one company in London had lost £800 million as part of a cyber attack and that MI5 was fighting an “astonishing” ...

New ME-focused cyber-spying attack uncovered
ITP.net
Security researchers from Kaspersky Lab and Seculert have announced details of another cyber-espionage attack that is targeting victims in the Middle East. The 'Madi' Trojan, originally discovered by Seculert, was found to be spying on as many as 800 ...

ITP.net

Fighting Cyber-Threats
Baseline
Security is an increasing priority at organizations worldwide, and it's no longer confined to the server room walls. Instead, managing security and privacy involves everyone at your organization. But as threat levels rise and more viruses attack your systems, are ...

'Madi' malware acts like Flame virus, targets Middle East
VentureBeat
A new piece of malware called Madi is spreading in the Middle East, and it has a number of the same characteristics as the Flame virus — known to be a major step in cyber-espionage. The year-old malware comes in ... In one of these cases, the Word document showed an article titled, “Israel's Secret Iran Attack Plan: Electronic Warfare” by The Daily Beast. Another attachment ... Flame was discovered by Kaspersky Lab, a Russian security analyst firm that is also working with Seculert on Madi. Flame, on the other ...

VentureBeat

BLOG: The Olympics Cyber Security Threat - Are You Ready?
IBTimes.co.uk
The British Government and the security services are braced for millions of "cyber security incidents" and a special security unit has been set up to monitor for this activity. But the word isn't getting out there. ... Attack #1: Data theft. How have hackers hurt public organizations in the past? They exposed credit card information, published embarrassing communications, email addresses and so on. For-profit hackers will try to make money while hacktivists will use breached data for humiliation. Attack #2: Denial of service.

IBTimes.co.uk

Western Media Seeking to Play Down Iran's Cyber Capability by New Virus Story
Fars News Agency
Russia-based Kaspersky Lab and Seculert, an Israeli security firm has alleged that it has discovered the malware, saying it has found targeting more than 800 victims in Iran and elsewhere in the Middle East since last December. The Israeli.... Then, it would be natural for a simplistic mind to come to the conclusion that themalware is an Iranian product and a reprisal for the US and Israeli attack but is just a low level effort due to the low level of knowledge of the Iranians in cyber war and electronics. Although you can ...

Fars News Agency

UK Cyber Security Challenge zeroes in on software developers
ComputerWeekly.com
Last month, MI5 chief Jonathan Evans said the intelligence agency was fighting astonishing levels of cyber-attacks on UK government and industry, claiming that one London company lost £800m in revenue as a result of such an attack. The competition, designed as a series of ... Neil Cassidy, practice lead, cyber defence at QinetiQ said: "Cyber criminals are increasingly developing the capabilities to manipulate the software used to control key security systems.” Attacks like Stuxnet highlight the fundamental impact ...

VP Binay: Cyberwarfare is an urgent national security concern
GMA News
Cyber-warfare, including cybercrime and technological threats, should be considered a pressing national security concern, Philippine Vice President Jejomar Binay told an international cybersecurity conference in Tokyo Wednesday. Speaking at the Secure ...

Cyber-Attacks New Disaster Threat for South Carolina
By admin
Scott called a cyber-attack “inevitable” but said South Carolina can help. He said technology such as that developed at the Space and Naval Warfare Systems Command, which has a facility in the area, can help the nation deal with cyber ...
Claims Journal » News

Used for Cyber Attack ...
By Greg Scoblete
Daily Beast Article on Cyber Attacks in Iran Used for Cyber Attack Against Iran. Posted by Greg Scoblete at 7:56 ... The article in question detailed efforts by the U.S. and Israel to wage "electronic warfare" on Iran. According to virus researchers, ...
RealClearWorld - The Compass Blog

Story about virus used to launch a new one in Iran | PrairiePundit
By Merv
The last thing I expected when I woke up this morning was to spend the day launching a globalcyber attack. ... Named Mahdi—after a messianic figure in Islam—the malware is delivered via email attachments, either a PowerPoint presentation of religious-themed photographs or a Word document with a fascinating article about Israel's secret plan to launch electronic warfare against Iran. ... The malware was identified by Russia's Kaspersky Lab and Israeli security firm Seculert.
PrairiePundit

Full Translation of the Dutch Defense Cyber Strategy
By mrkoot
In defending against such a large-scale attack, cooperation bet ween various parties in necessary, including with the victim organization itself, the National Cyber Security Center (NCSC), the intelligence services, law enforcement and possibly ...
Matthijs R. Koot's notebook

Protect Your Small Business From Cyber Attacks | SMALL ...
By Amanda
Learn how to protect you business from cyber attacks during this Twitter chat. ... Starting at 4pm ET, Anita Campbell will be joined by two security experts from Symantec for an hour long discussion. Together they will explore how you can protect your business from cybercriminals. The number ... What is a targeted attack and how it differs from other cyber threats; Why small businesses are being targeted (so you know what criminals are after!) How Mac users are being targeted – using ...
SMALL BUSINESS CEO

Chemical Facility Security News: Information Sharing
By PJCoyle
Scenario: A cyber-attack on a small-town water-treatment plant control system causes a chlorine vent valve to fail-open. This is a proof-of-concept attack that an eco-terrorist group is planning on using on a larger water system where the ...
Chemical Facility Security News

Cyber Village People | Haft of the Spear
By Mike
Cyber Village People. July 18, 2012. By Mike. It takes all kinds to make the world go 'round…or a village to raise a firewall, or something like that. Yet when it comes to the training, equiping and deploying a government workforce for things-cyber, why, why can't we stop stepping on our tricks? There is almost ... Putting both sides in a room to battle over a specific security problem is like deciding who bats first; one hand over the other till someone clearly comes out on top. 'If you did X, ...
Haft of the Spear

Malware Code that infects any OS came from Security Tool ...
By D. Dieterle
CYBER ARMS – Computer Security. Cyber War ... Last week, Security researchers at F-Secure have analyzed a new malware that targets Macs, Linux and Windows machines. The code ...Java applet attack source code is open to everyone.
CYBER ARMS - Computer Security

Mahdi campaign, ongoing cyber-espionage in the ... - Security Affairs
By paganinip
Cyber-Spying. Again another great investigation of the excellent team of Kaspersky lab and its partner Seculert firm has discovered an ongoing campaign to conduct a large scale infiltration of computer systems in the Middle East area. ... The attack is based on two well known techniques to deliver the malicious payloads, the huge quantity of data collected reveals the real targets of the operation in Middle Eastern, such as government agencies, critical infrastructure engineering firms ...
Security Affairs

Senate Pushes Cyber Next Week, Privacy Multistakeholder Moves ...
By David LeDuc
... Cyber Next Week. In discussions with other Senators, Sen. Majority Leader Harry Reid (D-NV) has continued to voice his intention to bring cybersecurity legislation to the floor next week. ... Of course, this isn't the first time that Reid has sought to bring Cyber security to the floor, so if sufficient support doesn't materialize, it's still possible that the Senate adjourns for August recess having not moved forward on this critical issues. DOC to Publish Outcomes from Privacy Multistakeholder, ...
SIIA Digital Discourse

Daily Kos: Torture without Walls: CCR Web Attack
By rss@dailykos.com (oqwitcherwoofn)
The Center for Constitutional Rights (CCR), which I'm hereby designating as an official cause for "Torture without Walls", was subject to a major web outage due to cyber attack. CCR does a range of ... Consider if one or more of these tags fits your diary: Civil Rights, community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, media, Meta, National Security, Science, Transportation, or White House. If your diary is specific ...
Torture

Cybersecurity chief urges action by Congress - Yahoo! Finance
WASHINGTON (AP) — The head of the Pentagon's Cyber Command on Monday called for swift action in Congress to sort out roles, standards and authorities for ...
finance.yahoo.com/.../cybersecurity-chief-urges-action-congre...

Middle East energy projects under cyber attack - Arabian Oil And Gas
Kaspersky reveals Madi - new cyber-espionage campaign in Middle East.
www.arabianoilandgas.com/article-10479-middle-east-energy-...

Cybersecurity Legislation: Solution or Distraction?
After three years of debate and intense horse-trading, four major pieces of cybersecuritylegislation have collided on Capitol Hill. Each claims to provide ...
www.nationaldefensemagazine.org/.../CybersecurityLegislatio...

UMD and Sourcefire Announce New Cybersecurity Partnership
The University of Maryland (UMD) and Sourcefire, Inc. (Sourcefire) today announced a new partnership to establish collaborative activities in cybersecurity .
www.cyber.umd.edu/news/news_story.php?id=6630

gAtO's Twitter Weekly 2012-07-07 | USCyberLabs
#infosec #security #cyberwar #cybersecurity #IT #scada #hacking #; Diplomacy ' burdens'cyber attack responses, admits NATO http://t.co/JP4FiXdc via #gAtO ?
uscyberlabs.com/blog/2012/.../gatos-twitter-weekly-2012-07-0...



cyber security - Google News

cyber warfare - Google News

cyber defense - Google News

US-CERT Cyber Security Tips

Cyber War News

Alive in the Cloud

expri.com