Steve Ragan

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.

Recent articles by Steve Ragan

Banking Trojan Bypasses Mobile Security with Sophisticated Attack

Researchers have observed a new strategy being deployed by the Tatanga Trojan, which uses multiple attack methods in a single scheme. The attack mixes traditional social engineering with browser hijacking in an attempt to fool the victim into legitimately approving wire transfers.
Anonymous Hacks U.S. Bureau of Justice Statistics Server

In an effort to spread information, associates of Anonymous targeted the U.S. Bureau of Justice Statistics’ website on Monday, compromising nearly 2GB of data before the server was taken offline.
U.S. Nuclear Regulatory Commission Chairman Resigns

Gregory Jaczko has been criticized by his peers on the U.S. Nuclear Regulatory Commission, lawmakers, and the agency’s inspector general, for his confrontational management style.
Cyber Criminals Latch On To Facebook IPO

No matter what the case may be, cyber criminals will most certainly latch on to the attention that Facebook is earning and use it for their own nefarious gain.
Yahoo Strengthens Mail Filters After Attempted JavaScript Attack

Trend Micro detected several emails being used in targeted attacks that contained JavaScript in the “From” field. The code was attempting to launch a DOM-based XSS attack, which would presumably yield access to the victim’s account to the attacker.
Chicago Police and NATO Websites Hit by DDoS Attacks

While Chicago police battled and bloodied anti-NATO protestors on Sunday, the police department’s website and that of NATO’s fell under attack. Based on the public comments, two separate groups were responsible for the attacks.
NASA Investigating Possible SSL Compromise

A spokesperson from NASA has told SecurityWeek that they’re investigating claims made by a group of Iranian hackers earlier this week.
DDoS Attacks Target Pirate Bay and Wikileaks

The Pirate Bay (TPB) and Wikileaks have been under the pressure of a sustained DDoS attack from unknown sources this week.
Digital Economy Destabilized by a Lack of Trust in Use of Personal Data

World Economic Forum Report suggests that organizations that collect, sell, and trade personal data need to develop an effective set of "trade rules" to ensure the appropriate flow of personal data.
America's First Cyber Czar Howard Schmidt Set to Retire

Howard Schmidt, after just over 2 years of government service, said that he would retire the end of the month in order to spend more time with his family and to entertain teaching opportunities in the cyber field.
ICS-CERT Issues Warning After Full Disclosure of SCADA Flaws

ICS-CERT has issued an advisory after a researcher exposed four separate flaws within Pro-face Pro-server, a popular data management server that offers real-time reporting of automated manufacturing and production environments.
Report Analyzes Concerns, Business Impact of DDoS Attacks

Speaking to 1,000 IT professionals, from a wide range of industries (banking, retail, telecom, etc.), NeuStar asked about their perceptions on the overall business impact of a DDoS attack.
Users Warned of Malware After Ads Reported on Wikipedia Site

Wikimedia, the foundation responsible for information hub Wikipedia, is warning users that if they see ads on the encyclopedia’s webpage, their system might be infected with malware.
Utah's IT Boss Resigns After Massive Data Breach and Policy Failure

Stephen Fletcher, the executive director of Utah’s Dept. of Technology Services (DTS), has resigned following the aftermath of a massive data breach earlier this year that exposed nearly one million people
Espionage Campaign Targets Foreign Policy Domains

The attackers hijacked several websites related to matters of government and foreign policy, and used them to deliver malicious payloads to visitors by leveraging unpatched software flaws.
McAfee and Intel to Protect Critical Infrastructure

As seen in other layered approaches from McAfee, the solution or “joint implementation” that has been developed to help protect the energy infrastructure relies heavily on their ePolicy Orchestrator. However, this time Intel is kicking-in some additional juice with its vPro hardware-based security technology and AMT.
Zeus Variant Targeting Facebook, Google, and Yahoo

Researchers at Trusteer have discovered a variant of Zeus with a P2P component that is targeting high profile sites such as Facebook, Google, Hotmail, and Yahoo in order to compromise debit and credit card data.
Alleged Stratfor Hacker Pleads Not Guilty in Manhattan Court

Jeremy Hammond, former LulzSec member and alleged mastermind of the Stratfor hack, pled not guilty on Monday during a brief hearing at the US District Court in Manhattan, the Associated Press reported on Monday.
Russia’s Pirate Pay Promises to Plunder BitTorrent Protocol

A start-up in Russia, backed by Microsoft, says they have developed technology that can stop BitTorrent-based filesharing. The Pirate Pay came into existence due to the growth of copyright infringement in Russia, and the mounting international pressure to stop it.
China's ZTE Ships Smartphone with Backdoor to MetroPCS (Updated)

ZTE, a handset manufacturer in China, has shipped Android smartphones to the U.S. with a fully enabled backdoor. The news of the backdoor came by way of an anonymous post to Pastebin, but was later confirmed by other researchers.
Adobe to Customers Exposed by Vulnerability: Pay to Upgrade or Remain at Risk

Earlier this week, Adobe posted a security bulletin for Photoshop 12 (Creative Suite 5), detailing vulnerabilities that impact both the Windows and Mac versions of the imaging software. But in order to address the security flaw, users will need to upgrade and pay for a new version of the software.
Department of Defense Expands Information Sharing Initiative

The U.S. Department of Defense, working alongside the U.S. Department of Homeland Security, announced on Friday that they would expand the availability of the cybersecurity information assurance program launched last year.
U.S. Army Wants Keylogging Software to Help Prevent a Second Cablegate

After suffering a massive amount of embarrassment over the leak of classified and sensitive diplomatic cables - allegedly at the hands of an insider - the Army wants to use keylogging software with additional abilities, to prevent another Cablegate scale data breach.
On Soviet Internet, Anonymous Targets Putin

They call it OpDefiance (or Operation Defiance), and on Wednesday Anonymous pushed forward in their continual acts of defiance by targeting the website of Russia’s on-again-off-again president, Vladimr Putin.
Social Media: Still A Popular Hunting Ground for Cyber Criminals

Here at SecurityWeek, we ran a test to see if we could see this bot in action. After mentioning Pinterest in a message, we were spammed with a link to a survey offering a gift card. To collect, we needed to complete several forms and refer people to do the same.

SECURITYWEEK NETWORK:

Security Experts:

Steve Ragan

Recent articles by Steve Ragan

Subscribe to SecurityWeek

Popular Topics

Security Community

Stay Intouch

About SecurityWeek