Cybersecurity News

With the fifth annual Pwn2Own hacking contest underway this week at the 2011 CanSecWest conference in Vancouver, professional hackers took to reaping the monetary rewards of breaking into smartphones, web browsers and operating systems.

With $125,000 in total prize money up for grabs, Apple Safari 5 and Microsoft Internet Explorer 8 were the first browsers to shutter to the exploits of the researchers in the contest.

Meanwhile, Computerworld reports that the Pwn2Own hackers skipped out on Google’s $20,000 reward for cracking the web browser Chrome on day one of the challenge. Remaining untouched in the contest, Computerworld reports that this will be Chrome’s third consecutive year of success at Pwn2Own.

But just as easily as the professional hackers assembled at CanSecWest this week to benefit tech giants and their consumers, the US Computer Emergency Response Team (US-CERT) is warning of another group of computer exploiters that may be planning to take advantage of a serious situation.

With the news continuing to trickle in on the devastating earthquake and tsunami in Japan, US-CERT this morning released a report to caution Internet users of the potential vulnerabilities on the web surrounding the event.

According to the report, “US-CERT would like to warn users of potential email scams, fake antivirus and phishing attacks regarding the Japan earthquake and the tsunami disasters. Email scams may contain links or attachments which may direct users to phishing or malware-laden websites. Fake antivirus attacks may come in the form of pop-ups which flash security warnings and ask the user for credit card information. Phishing emails and websites requesting donations for bogus or charitable organizations commonly appear after these types of natural disasters.”

Be advised, Cybersecurity News readers.  And to all of my followers in Japan, I wish you safety and support during this difficult time.

Additional cybersecurity news headlines follow:

Pentagon seeks $500M to beat cyber threats (The Hill)

US probes hacker threat over WikiLeaks soldier (AFP)

Tech industry backs bipartisan bill to make R&D tax credit permanent (The Hill)

DHS seeks private-sector cybersecurity expert (InformationWeek)

White House blasted for delay in cyber plan (National Journal)

Senator presses Sec Napolitano on cybersecurity bill (FierceGovIT)

NIST raises cybersecurity to a holistic level (Federal News Radio)

CIA website disruption may have been work of a prankster (National Journal)

Industry opposes federal role in private cybersecurity (The Hill)

Trade groups push cybersecurity carrots, not sticks (InformationWeek)

Navy adds cybersecurity academy requirements (InformationWeek)

Administration excoriated for delay in proposing cyber plan (NextGov)

US Treasury Department official in panel session on cybersecurity (Bloomberg)

Breach notification and national security (BankInfoSecurity)

INTERNATIONAL ISSUES:

S. Korea accuses N. Korea over communications attack (AFP)

UK helps Australia’s cyber-spy unit get to work (ZDNet)

The Iran Stuxnet affair (Middle East Online)

UK Government Office of Cyber Security mired in confusion warn MPs (ComputerWorld)

EU’s ENISA publishes botnet study (eSecurity Planet)

INDUSTRY NEWS:

Pwn2Own: What the contest tells us about browser security (PCWorld)

HBGary: Hacker vs. hacker (BusinessWeek)

Accuvant creates federal unit to increase cyber sales (Washington Technology)