Security firms uncover 'sophisticated' Regin spyware

BBC Reported this important security threat.
An "extremely complex" and "stealthy" spying program has been stealing data from ISPs, energy companies, airlines and research-and-development labs, a security company has said.
With a "degree of technical competence rarely seen", Regin had probably taken years to develop, Symantec said.
And a nation state may have written it to serve its spying agencies' needs.
The program had been used in "systematic spying campaigns" over the past six years, Symantec said.
Regin slowly infiltrated its targets, taking care at each stage to hide its tracks, the company said.

Read more: Security firms uncover 'sophisticated' Regin spyware

Security Needs Evolve as Computing Leaves the Office

NYTimes Bits Blog reported from SAN FRANCISCO — Five years ago, people still spoke of cloud adoption as if they had a choice.

But at company after company, cloud computing facilities miles away have replaced computer rooms down the office hall, and what once seemed like a choice now looks like an inevitability.

Businesses are turning to the cloud — that nebulous term that describes computing and applications run remotely over the Internet — to handle their data and computing faster and cheaper, relying on providers like Amazon, Google, SoftLayer, Rackspace and others.

And many of the companies' employees are turning to consumer cloud services, like Google Docs and Dropbox accounts, to readily access files — work and personal ones — wherever they are, including at home or at the neighborhood Starbucks.

Read more: Security Needs Evolve as Computing Leaves the Office

NSA Said to Exploit Heartbleed Bug for Intelligence for Years

NSA Desktop

Bloomberg Rerported:

The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.

The agency’s reported decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts. The NSA, after declining to comment on the report, subsequently denied that it was aware of Heartbleed until the vulnerability was made public by a private security report earlier this month.

“Reports that NSA or any other part of the government were aware of the so-called Heartbleed vulnerability before 2014 are wrong,” according to an e-mailed statement from the Office of the Director of National Intelligence.

Read more: NSA Said to Exploit Heartbleed Bug for Intelligence for Years

Members Login

Please enter your name and email to get our free newsletter
Vendors and Technologies