The "Energetic Bear," a.k.a. "Dragonfly," hacking campaign targets U.S. and Western European energy firms. While the hackers appear to be backed by Russia, the purpose of their attacks remains unclear.
Microsoft launched a botnet-focused takedown effort that didn't just block small-scale campaigns tied to two pieces of malware, but also resulted in an estimated 4 million legitimate site names being disrupted.
Many IT security practitioners see their work as a game, one in which they try to outsmart attackers, says Eric van Ommeren, co-author of the just-published book, Staying Ahead in the Cyber Security Game:
What Matters Now.
A class action suit against breached restaurant chain P.F. Chang's China Bistro is unlikely to succeed, some security experts say, because proving consumer losses linked to specific merchant data breaches is difficult.
To protect their privacy, organizations should get their IT security staffs involved in vendor-requested audits conducted to verify software licensing agreement compliance, says Gartner Research Director Victoria Barber.
Leading this week's industry news roundup, Verizon offers Smart Credential, a new service to help businesses manage risk by using a single credential in both the physical and virtual worlds, while Corero announces SecureWatch Analytics.
Using big data to fight fraud is a challenge for most organizations. Andreas Baumhof of ThreatMetrix explains how context-based authentication combines fraud and security to leverage the use of big data.