- Federal Agency Demands, Competition Challenge Cloud Vendors – After IBM protested the CIA’s cloud services award to Amazon Web Services, the GAO has found key deficiencies. Apparently, the CIA “failed to evaluate prices comparably under one of the contract’s pricing scenarios[.]” As well, the CIA waived a security requirement, but allegedly only for AWS. Via eCommerce Times, more here.
- Start-up tackles advanced persistent threats on Microsoft, Apple computers – “Start-up CrowdStrike today made available its first product, called Falcon, designed to detect and block stealthy infiltrations of Microsoft Windows or Apple Macintosh-based endpoint machines and servers.” This capability installs sensors on systems that watch for events and behaviors and diagnoses infections due to such. Via ComputerWorld, more here.
- Microsoft says it freed millions of computers from criminal botnet – Microsoft is claiming that the botnet they took down last month was responsible for over $500M from bank accounts worldwide. 2M total computers were “liberated,” with the “vast majority of infected machines in the United States, Europe and Hong Kong.” Via Yahoo News, more here.
- US, Russia to install “cyber-hotline” to prevent accidental cyberwar – “Russia and the US have taken steps to cooperate on cybersecurity—or at least prevent an accidental cyberwar.” This is a key step forward in international cyber relations. We can only hope similar agreements will come in the future between more major international powers. Via Ars Technica, more here.
- How Cyberwarfare and Drones Have Revolutionized Warfare – One incredibly interesting facet of our technological revolution is its impact on warfare. This article examines the future of technologies and how it will shape future warfare. Via NY Times, more here.
Source code for Carberp financial malware is up for sale at a very low price, researchers say - “The source code for the Carberp banking Trojan program is being offered for sale on the underground market at a very affordable price, which could result in additional Carberp-based financial malware being developed in the future, according to researchers from Russian cybercrime investigations firm Group-IB.” This is a real threat, because even if the Trojan has been identified and is in threat registries, there are still many who lack the cyber defensive posture to protect against such threats. Via ComputerWorld, more here.
Definition of ‘critical infrastructure’ falls short – One privacy and data security expert is arguing for a “wider definition of our nation’s critical infrastructure.” She believes that “definition must expand to reflect a world in which network connectivity increases every day.” This includes banking networks and more. She believes one unprotected (but connected) company can endanger many more. Via USA Today, more here.