Latest News

The information security industry needs to offer more than just security, says Secerno COO The information security industry needs to adapt to cloud computing, not the other way around, says Secerno’s founder and COO, Paul Davie, who talks to Infosecurity about how offering security is no longer enough
30 June 2009 Data leakage webinar coming up Data leakage - one of the IT security hot topics of the moment - is on the agenda of a joint Cyber-Ark/Websense webinar being broadcast live at 3pm today, and available via the Infosecurity web site on a recorded basis after that time.
02 July 2009 New trojan causes problems for Google AdSense advertisers A nasty new trojan that triggers multiple click-throughs on Google AdSense - the pay-per-click sponsored web search service operated by Google - has been discovered by SecureWorks.
02 July 2009 Appliance-based IT security comes of age If you thought appliance-based IT security was old hat, Infosecurity has some news for you - we have an entertaining webinar coming up on July 07 that will detail the benefits that this revitalised technology can now bring to the table.
02 July 2009 ID databases go ahead, despite u-turn on ID cards ID cards will no longer be compulsory, but anyone applying for a British passport will added to the national identity card database, the government disclosed yesterday.
01 July 2009 Cryptography breakthrough paves way to secure cloud services A research student who had a summer job at IBM, has cracked a cryptography problem that has baffled experts for over 30 years. The breakthrough may pave the way to secure cloud computing services.
30 June 2009 Pirate Bay web streaming service - could it be legal? The Pirate Bay - arguably one of the highest profile file-sharing indexing portals in the world - has hit the headlines with plans to launch a video streaming/sharing website ostensibly similar to Russian sites such as Movieberry.com
30 June 2009 Iceman pleads guilty in Carders Market card data theft case Max Butler - aka Max Vision and Iceman - has pleaded guilty to two counts of wire fraud in connection with the theft of almost two million credit and debit card details, as well as an astonishing $86 million of allegedly fraudulent purchases.
30 June 2009 Interoute offers free desktop internet security barometer Interoute, the internet backbone carrier, has released a free 'internet barometer' desktop application that displays the state of the global internet, as well as potential threats to the net's IP-based infrastructure.
29 June 2009 Turning the spotlight on IT’s dirty little secret: Securing the common point of failure in IT risk controls Check out BrookCourt's whitepaper on how the rise of identity and access management has revolutionised how the enterprise defines a key domain of IT risk control.
29 June 2009 Spammers use Michael Jackson's death to harvest email addresses Spammers are using the death of music legend Michael Jackson to harvest unsuspecting computer users' email addresses for future spam campaigns.
26 June 2009 Study shows high vulnerability of social networkers Facebook, LinkedIn, MySpace and Twitter users are more vulnerable to financial loss, identity theft and malware infection than they realise, a survey has revealed.
26 June 2009 Automated Twitter postings pose a severe security risk Twitter has again hit the IT security headlines, this time over the increasing widespread practice of automated retweets - automated repostings - by users of the social networking site/service.
25 June 2009 UK's Cabinet Office publishes UK's first cybersecurity strategy. Launched as part of an update to the National Security Strategy, a newly-launched cybersecurity strategy - the UK's first - seeks to address the growing threat of cybercriminals to both the country and its citizens.
25 June 2009 Google launches Anti-Malvertising.com site Google have launched Anti-Malvertising.com to assist its advertisers in spotting potential providers of malicious advertisements. Finjan, specialising in secure web gateway products and unified web security for the enterprise market,have welcomed this launch.
24 June 2009 Apple charges iPod Touch users for critical patches Owners of iPod Touch handheld computers will have to pay for the critical updates Apple issued last week to correct 46 holes in its software.
24 June 2009 SMEs hit by increasing spear phishing attacks A European-based gang behind sophisticated and targeted phishing attacks on small and medium enterprises has returned after a five-month break, says security firm iDefense.
24 June 2009 Microsoft betas free AV software - but not to Brits As reported previously by Infosecurity, Microsoft has started beta testing of its free anti-virus software, but only to people based in the US, China and Israel.
24 June 2009 Facebook hack steamrollers privacy settings Social networking site Facebook has fixed a potentially major security bug on its social networking portal software on Monday that, for more than two weeks, allowed hackers in the know to bypass user privacy settings on the service.
23 June 2009 ISACA backs power increase for Information Commissioner ISACA, the not-for-profit organisation that seeks to encourage best practice in the IT security industry, has given the `thumbs up' to plans to significantly increase the powers of the Information Commissioner's Office (ICO) later this year.
23 June 2009 Peter Wood to present at FaceTime webinar on Tuesday Infosecurity is pleased to report that Peter Wood, chief of operations with First Base Technologies, the penetration testing specialist, is presenting at the FaceTime-sponsored webinar taking place at 10am on Tuesday of this week.
22 June 2009 Microsoft may beta test new security software this week Reports are circulating that Microsoft is planning to beta test its Morro/Security Essentials software as early as this week.
22 June 2009 Parcelforce customer data revealed Parcelforce customers' names addresses and postcodes were available online after a system related to the company's mail tracker service failed.
22 June 2009 Government ordered to publish reviews of risky IT projects The information commissioner has ordered the opening of confidential files on a wide range of high-risk IT projects, including the ID cards scheme, joined up police intelligence systems and the NHS National Programme for IT (NPfIT).
22 June 2009 ‘Brad Pitt’ more dangerous than ‘Hugh Jackman’ – McAfee rates risky search terms online Searching for ‘Brad Pitt’ is riskier than searching for ‘Hugh Jackman’ according to a McAfee study on the most dangerous search terms online.
19 June 2009 Microsoft wireless keyboard cracking technology revealed Users of Microsoft's Optical 1000 and 2000 keyboards should now take extreme care what data they enter using their wireless keyboards, as Dreamlab has taken the unusual step of publishing a 49 page presentation on how to `sniff' any keystrokes out of the ether.
18 June 2009 Updated: UK Government launches Digital Britain report for broadband and online security The UK Government has published the final version of its Digital Britain report, which sets out goals for supplying up to 2Mb/s universal broadband services by 2012 and digitalising radio by 2015. Significantly for the information security industry, the report also gives powers to Ofcom and ISPs to police the internet for illegal file-sharing
17 June 2009 Companies leap to new web and mobile technologies leaving security behind Companies are embracing new web and mobile technologies such as cloud computing, virtualisation, social networking and mobile communication at a faster rate than their information security strategies are updated.
17 June 2009 London School of Economics: UK Home Office internet surveillance won't work In a briefing published on 17 June, the London School of Economics says that new Home Office internet surveillance proposals for the Interception Modernisation Programme won't work, have poor safeguards, and will be a costly option
17 June 2009 GoldenCashWorld botnet, malware and hacker data exchange portal revealed Security researchers with Finjan have uncovered a highly sophisticated online botnet, malware and hacker exchange network for buying and selling access to infected PCs.
17 June 2009 Microsoft plans to release free security software Microsoft is testing free anti-virus software, but no date has been announced for a public release.
16 June 2009 £200m from digital TV fund earmarked for univesal broadband plan The government could use £200m left over from a fund to pay for the switch from analogue to digital TV broadcasting to help pay for the roll-out of universal broadband.
16 June 2009 PBX hacking moves into the professional domain as arrests stack up PBX hacking - the act of cracking into a company PBX and selling long distance/international telephone time to third parties at a discount - is alive and well, despite several years of being out of the news.
15 June 2009 Learn about document security LockLizard investigates the best approaches to document security depending on what clients want to achieve, in its white paper Document Security - a Guide to Securing Your Documents.
15 June 2009 DDoS attacks on Belarusian media – is cyber warfare escalating? There has been a surge in distributed denial of service (DDoS) attacks against media sites in Belarus, something that could signal an escalation in cyber warfare in the region.
15 June 2009 Symantec and McAfee under fire for auto-renewing subscriptions The perils of giving companies your payment card details and failing to realise the likelihood of those details being used when subscription renewal times comes around have raised their ugly head again, with Symantec and McAfee being ordered to pay $375,000 each to the New York Attorney General to resolve complaints about the issue from customers.
12 June 2009 PC infections on the rise due to botnets Research from IT security vendor McAfee suggests that PC infections are on the rise once again, largely as a result of botnet operators rebuilding their swarms of infected machines in the wake of the recent McColo ISP shutdown.
12 June 2009 More analyis on the ATM phantom withdrawal court case ruling Hard on the heels of last week's long-awaited ruling on the first ATM phantom withdrawal case to pass through the courts, Alistair Kelman, a barrister and presenter on Infosecurity's webinar programme, has posted an interesting report and analysis on his website.
11 June 2009 Learn about securing high-privilege system access management British security and risk management specialist, Brookcourt Solutions, looks at how to secure high-privilege system access management in the white paper Turning the Spotlight on IT’s Dirty Little Secret: Securing the Common Point of Failure in IT Risk Controls.
11 June 2009 Large majority unable to spot phishing sites An overwhelming majority (88%) of UK web users are unable to identify phishing online, according to a study commissioned by internet infrastructure services provider VeriSign.
11 June 2009 Apple releases Safari 4.0 to counter security flaws Apple Computer has released v 4.0 of its increasingly popular Safari web browser for Windows and Mac OSX-based computers. The release counters the recent security flaws reported in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and webKit
10 June 2009 Majority break information security policies – survey The majority of employees admit to serious non-compliant workplace behaviour when it comes to information security, according to a study from the Ponemon Institute and sponsored by Californian secure flash drive provider IronKey.
10 June 2009 UK IT managers unaware of Web 2.0 security threats As part of its Web2.0@Work™ global research project, security specialist Websense Security Labs has found that many organisations in the UK are ill equipped to protect themselves from Web 2.0 threats.
10 June 2009 Underground strikes cause information security risks to soar Information security risks, as a consequence of the London Underground strikes, include the transfer of documents to personal computers via USBs, emailing confidential company information to externally hosted email accounts, and exchanging data and information via online file sharing facilities or communication tools such as instant messenger.
10 June 2009 Learn about information security and USB devices Lumension looks at the information security risks with USB devices – and how to overcome them – in its latest white paper Portable Panic: Evolution of USB Insecurity.
09 June 2009 Indian authorities taking no chances with cybercafe users The anonymity of cybercafe users in India is being severely curtailed, in a bid to stamp out illegal, fraudulent and terrorist usage of this popular method of gaining internet access.
08 June 2009 Three quarters of companies think they are vulnerable to hacking Seventy three percent of IT professionals admit their software applications are vulnerable to hackers in a survey conducted by application security specialists Fortify Software at this year’s Infosecurity Europe in London.
08 June 2009 Judge rules in favour of bank in first UK phantom ATM withdrawal case A judge has ruled in favour a UK bank after a customer took the bank to court regarding eight ATM withdrawals that he claimed he did not make.
05 June 2009 Infosecurity experts hard to get despite economic downturn Hiring managers are struggling to fill infosecurity positions due to a mismatch between salary expectations and skill levels, and current demand, information security education and certification organisation (ISC)2 has found it its latest jobs survey.
05 June 2009 (ISC)2 offers live online CISSP review seminar Florida-based information security education and certification provider (ISC)2 has introduced Live OnLine Official (ISC)2 CISSP CBK Review Seminar, said to be the first online certified information systems security professional (CISSP) learning courses with live instructions.
04 June 2009 Aussie bank customers hit by advanced phishing techniques Customers of the Commonwealth Bank in Australia are being targeted by a new breed of phishers, who seem intent on scamming them out of their e-banking and payment card details.
03 June 2009 Unencrypted laptop with 109 000 records on pension schemes members stolen An unencrypted laptop containing details on 109 000 pension schemes members with UK pension funds service provider, The Pensions Trust, has been stolen from a third-party office in Marlow, Buckinghamshire.
03 June 2009 Prepare for end of Office 2000 security updates Users of Office 2000 should start preparing for Microsoft’s withdrawal of its security update service for Office 2000 from 14 July this year, warns California-based security software provider Fortify Software.
03 June 2009 Guide to handling personal data launched by BCS and ISAF The British Computer Society (BCS) has linked up with the Information Security Awareness Forum (ISAF) to launch a professional code of best practice when handling personal data.
02 June 2009 Obama: Cyber-czar to be hand-picked President Obama finally announced the results of Melissa Hathaway's 60-day cybersecurity review on Friday, and unveiled plans to hand pick a senior official responsible for cybersecurity policy.
01 June 2009 Booby-trapped DirectX files now being used by hackers Microsoft has warned about hackers starting to use DirectX-enabled files to give them remote access to users' PCs across the internet.
01 June 2009 3ami extends the audit envelope to support memory sticks Technology start-up 3Ami has enhanced its Monitoring and Audit Security (MAS) software to support USB and similar memory sticks.
01 June 2009 ENISA evaluates network resilience of MPLS, IPv6 and DNSSEC The European Network and Information Security Agency (ENISA) has released two reports on how and if Multi Protocol Label Switching (MPLS), Internet Protocol version 6 (IPv6) and Domain Name System Security Extensions (DNSSEC) could improve the resilience of communication networks.
01 June 2009 Twitter worm steals user details A worm on Twitter is tricking users into giving up their user details at the same time as redirecting victims to a dating website where the aggregate number of views result in affiliate revenue.
01 June 2009 Google indexes details on thousands of credit and debit cardholders Police in Victoria, Australia are investigating a potentially major security incident in which the stolen personal details of thousands of credit and debit card holders from Australia, Germany and the UK were posted to a blogging site and auto-indexed into the Google search engine.
29 May 2009 RAF data loss included sensitive vetting data The Ministry of Defence (MoD) has omitted information that the theft of hard drives in September 2008 with data on RAF personnel also included highly sensitive RAF vetting records.
27 May 2009 Panda Security offers beta of Global Protection 2010 Panda Security has uploaded the first beta test of its next-generation IT security suite, Global Protection 2010, to its website.
27 May 2009 Jericho Forum links with Cloud Security Alliance Hard on the heels of unveiling Cloud Cube, its four-dimensional best practice model for cloud computing security in April, security industry association the Jericho Forum has linked with the Cloud Security Alliance (CSA), a not-for-profit vendor group.
27 May 2009 Adobe follows Microsoft down path of regular security updates After a number of security problems with its software that required patching, Adobe has apparently decided it is time for regular security updates.
26 May 2009 ISF infosecurity standards incorporated into Acuity’s software The Information Security Forum (ISF) and London-based services and software provider, Acuity Risk Management, have signed an intellectual property (IP) licensing agreement to integrate ISF’s Standard of Good Practice for Information Security into Acuity’s STREAM risk and compliance management software.
22 May 2009 Survey shows information security awareness is high, yet compliance is low SAI Global’s Benchmarking Survey 2008 finds that 95% of employees believe information security is important, but that there is a lack of knowledge and training surrounding how to identify and report incidents.
21 May 2009 £3.9 million bank credit error highlights need for code auditing A succession of errors - at the programme code development level and human error when inputting the data - are reported to have resulted in a New Zealand couple being credited with NZ$10 million (£3.9 million) rather than a much smaller sum as the proceeds of a bank credit line.
21 May 2009 McAfee acquires Solidcore for whitelisting technology McAfee will acquire Solidcore Systems, a whitelisting specialist, in a US$33m deal which will allow McAfee to integrate Solidcore's technology into its blacklisting malware detection and prevention products, as well as to bolster its high-end corporate IT security offerings.
20 May 2009 PGP founder talks about VOIP security at ITWeb Phil Zimmerman, the founder of PGP - and inventor of the Pretty Good Privacy technology after which the firm is named - will be speaking about voice over internet protocol (VOIP) security at the ITWeb Security Summit in Johannesburg, South Africa next week.
20 May 2009 Gumblar malware attack sweeps web A modified attack that alters Google searches is taking the web by storm according to security researchers, who have identified more malware domains being used in the attack.
20 May 2009 Learn about how to protect against data-stealing malware Data-stealing malware that can evade current security systems could cause serious harm to an enterprise. Trend Micro’s eBook ‘Outthink the Threat’ offers information on data-stealing malware and how to fight it.
19 May 2009 Gateshead College opens digital forensics lab Gateshead College in the UK has opened a digital forensics lab for the training of information security staff to combat cybercrime such as digital fraud.
18 May 2009 Thirty-two MoD PCs went walkabout in first 131 days of 2009 Statistics from the UK's Ministry of Defence show that a total of 28 laptops and four desktop PCs have been lost or stolen in the period of January 1 to May 11 this year.
17 May 2009 Paypal registration page vulnerabilities revealed Methodman, a so-called 'grey hat' hacker specialising in discovering cross-site scripting (XSS) flaws, claims to have uncovered a number of XSS security flaws in various Paypal registration pages.
15 May 2009 Unlimited online backup from F-Secure An unlimited online backup solution, which works automatically in the background, has been launched by Finnish IT security service provider F-Secure.
15 May 2009 Who should police illegal internet file-sharing? A row has broken out between a coalition representing creative industries in the UK and internet service providers (ISPs) over who and how the internet should be policed for illegal file-sharing.
14 May 2009 Software piracy on the rise Worldwide software piracy is on the rise, according to a study by the Business Software Alliance and analyst firm IDC.
13 May 2009 Australian two-factor payment card authentication technology on beta test A two-factor authentication system - complete with keypad and display - has been successfully integrated into a plastic payment card by Melbourne-based EMUE and is being trialled by MBNA in the UK
13 May 2009 Internet attacks expected around 2010 FIFA World Cup Symantec warns against an “extensive number of attacks over the internet” expected to hit around the 2010 FIFA World Cup in football.
12 May 2009 Forrester questions the security of cloud computing With the economic downturn, cloud computing is seen as a way to improve operational efficiency, reduce headcounts and help with the bottom line, but according to the report from Massachusetts-based Forrester Research on cloud computing, organisations should not jump on the ‘cloud wagon’ before considering security and privacy concerns.
12 May 2009 Estonia now firmly on the FBI cybercrime map The importance of Estonia, one of the most Internet-connected and e-trading nations on earth, has ramped up a notch or two with the FBI, which has announced plans to station a cybercrime expert and his/her team in the country later this year.
12 May 2009 Governments must cooperate on cyber security – report Governments around the world must work together to address the issue of cyber security, according to a report from Deloitte.
11 May 2009 Learn about how to protect data, assets and IP With an increasingly complex legislative and regulatory landscape, ensuring compliance can be difficult. Overtis Systems’ white paper ‘Realising Compliance’ shows how its integrated protection solution VigilancePro™2 can make the task easier.
11 May 2009 Swine flu challenges information security The recent outbreak of swine flu has thrown up a number of topics related to information security ranging from secure sharing of data between health professionals, to spam / phishing and issues around remote working.
11 May 2009 Finjan reports Iframes attack on Indian government website The secure web gateway solutions provider Finjan has reported that a major Indian government website - which averages around three hits per minute (source: Alexa) - has been hit by an Iframes injection exploit.
10 May 2009 BT investigation into eBay hard drives reveals US air defence launch secrets The latest annual BT investigation into the sale of second-hand hard drives on the internet has turned up trumps, with researchers buying a hard drive on the internet auction website eBay, containing the launch procedures for a US military air defence system.
08 May 2009 Web 2.0 sites prime hacker target says report Web 2.0-driven websites are now a premier target for hackers, amounting to 21% of all reported hacking incidents, according to an IT security report from the Secure Enterprise 2.0 Forum.
08 May 2009 Information security technology not enough Information security technology is of little use if employees unwittingly give up log-in details, passwords and other sensitive information to hackers using social engineering.
08 May 2009 Fake search engines used to divert users to malware infected websites Hackers are starting to create fake search engine sites to divert hapless internet users to malware infected websites, says PandaLabs, the research operation of Panda Security.
07 May 2009 ID cards roll-out starts in Manchester – security industry concerned The UK Home Office has announced that Manchester City will see the first ID cards in the controversial £5bn UK national identity card scheme this year.
07 May 2009 Parabon's grid technology simulates DDoS site attacks Parabon Computation has launched a new service that simulates a distributed denial of service (DDoS) attack on a company Web site.
06 May 2009 Global Security Challenge Competition open for entries The fourth annual Global Security Challenge Competition where security entrepreneurs compete for up to US$500 000 in cash grants, is open for entries until 15 June 2009.
06 May 2009 RSA: Splunk’s sales benefit from economic downturn Splunk, the vendor who calls itself “the google for data centres” are seeing an increase in sales due to the high crime that comes hand in hand with an economic downturn.
06 May 2009 Palo Alto networks formally launches in the UK After several years of offering its products via a few specialist systems integrators in the UK, California's Palo Alto Networks has established a formal presence in the country.
05 May 2009 Conficker and Facebook / Twitter attacks dominate Q1 email threats The Conficker worm and attackers’ social engineering techniques exploiting users on Facebook, Myspace and Twitter, dominated the email threats in the first quarter (Q1) of 2009, according to identity-based unified threat management (UTM) solutions provider Cyberoam and its Israeli messaging and web security partner Commtouch.
05 May 2009 German Police arrest Bavarian cracking group Police in Bavaria have arrested 11 people suspected of being members of the Hacksector cracking group, which maintains a dark hats forum of the same name on the Internet.
01 May 2009 Infosecurity Europe: firms get access to military grade forensics It's not often that firms supplying specialist network forensics technology to US government agencies are allowed to supply their systems software to civilian companies, especially outside of the United States, but Utah-based Solera Networks has achieved this.
01 May 2009 Infosecurity Europe: PGP announce release of Command Line for IBM power systems at ‘mature’ industry exhibition Encryption specialists PGP announced the release of their PGP Command Line for IBM Power systems at Infosecurity Europe 2009.
01 May 2009 Infosecurity Europe: Police central e-crime unit can’t afford to tackle e-crime At the Infosecurity Europe show, London, on 30 April 2009, in a session titled ‘The dynamics of e-crime’, an audience member - an employee of the police central e-crime unit (PCeu) within the Metropolitan police service – interrupted the panel to declare that police are not ignoring the increasing problem of e-crime, but are under-funded and thus unable to tackle it effectively.
01 May 2009 Infosecurity Europe: Employee awareness of security is “dangerously immature” says (ISC)2’s Colley John Colley, managing director of (ISC)2 EMEA lamented the lack of security is company culture in his talk ‘Are we getting the basics right’ at Infosecurity Europe this year.
30 April 2009 Infosecurity Europe: Serious structural internet security flaw revealed Peter Wood, chief of operations with First Base Technologies, the penetration testing specialist, and a member of the ISACA conference committee, has uncovered a structural security flaw with the internet that is not easily fixable.
29 April 2009 Infosecurity Europe: Mobile-originated spam set to be a major problem The issue of spam is a major concern for vendors and attendees at the show. And, while internet service providers (ISPs) are doing their bit in shutting down the accounts of spammers in real time, it`s only the fixed line ISPs that have this luxury.
29 April 2009 Infosecurity Europe: Infosec professionals still hold value, even in downturn, say (ISC)2 A recent survey released at Infosecurity Europe by (ISC)2 suggests that security professionals are holding their value even in the economic downturn.
29 April 2009 Infosecurity Europe: Webroot survey finds concern over Web 2.0 collaboration A survey commissioned by security provider Webroot found that half of the information security professionals questioned intend to put plans for collaboration on hold due to concerns over security.
29 April 2009 Infosecurity Europe: Business social networkers can “learn a lot from kids” Chris Boyd, director of malware research at FaceTime Security Labs, warned against the dangers of social networking at the talk ‘Social networking pirates: Batten down the hatches, Cap’n Jack is coming’ at Infosecurity Europe.
29 April 2009 GrIDsure announces authentication for Microsoft IAG GrIDsure, the pictorial-based authentication technology specialist, has launched an application for Microsoft's Intelligent Application Gateway.
28 April 2009 Infosecurity Europe show opens with security cafes and expert forums The Infosecurity Europe show opens for a three-day run in London today, with two features that are new for 2009 - security cafes and expert forums.
28 April 2009 Infosecurity Europe: Lord Erroll calls for greater punishment for cybercrime Lord Erroll stole the limelight, and the audience’s attention on the ‘Who got caught out the last 12 months’ keynote panel at the Infosecurity Europe show in London, 28 April 2009, by calling for greater penalties and repercussions for cybercrime.
28 April 2009 Infosecurity Europe: President Obama's Blackberry revealed The guys on the Blackberry stand at the Infosecurity Europe show weren't willing to talk specifically about it, but it looks like the White House has taken delivery of a custom Blackberry smartphone for President Obama.
28 April 2009 Infosecurity Europe: Rt Hon David Blunkett MP supports biometric passports The Right Honourable David Blunkett, MP, the former Home Secretary, has eschewed his original support in the 1990s for national ID cards in favour of biometric passports.
28 April 2009 Infosecurity Europe: “It’s the people, stupid,” who should police the worldwide internet At ‘Who should police the global internet – Who is ultimately responsible?’, a keynote speech at Infosecurity Europe, the Rt Hon. Alun Michael MP highlighted the importance of ‘all people’ helping to fight crime, while detective superintendent Charlie McMurdie of the police central e-crime unit (PCeU), called for volunteers to assist in e-crime prevention.
28 April 2009 Tony Blair's hacked Facebook profile contains a serious message Politics aside, the recent hack of Tony Blair’s Faith Foundation Facebook page reveals a serious problem with the application used in the page’s creation, says application vulnerability specialist, Fortify Software.
27 April 2009 A new generation security architecture revealed Join Infosecurity magazine and Check Point software technologies in a webinar discussing `software blades,' a new architecture that allows companies to select from a library of over 20 software-driven systems to create a tailored security gateway for specific environments.
27 April 2009 Trend Micro extends security envelope around Playstation consoles You might not think it, but junior's Playstation Portal (PSP) and Playstation 3 games consoles are capable of compromising the security of a home (and office) IT network resources.
27 April 2009 RSA: Recession will hit small information security companies hard say experts Despite the need for security being exaggerated in an economic downturn, smaller IT security companies will suffer, says Dave Hansen, Corporate SVP &GM Security Business Unit at CA, speaking to Infosecurity at the RSA conference in San Francisco.
27 April 2009 Privacy International slams ICO ruling on Google Street View Privacy International has slammed the Information Commissioner's Office (ICO) ruling that Google Street View does not contravene the Data Protection Act.
24 April 2009 Tufin Technologies launches open API security initiative Tufin Technologies has announced a policy and security network API (application programming interface) initiative and has enlisted the support of several IT security vendors for the program.
23 April 2009 SmoothWall unveils low-cost secure web gateway appliance SmoothWall has taken the wraps off a new rack-mounted web filtering appliance that uses the company's Guardian web filtering technology.
23 April 2009 Infosecurity webinar predictions become reality Predictions made by Professor Peter Sommer, a leading IT forensics specialist, in a Check Point-sponsored Infosecurity webinar earlier this week, have become reality with the release of a report at a conference in Prague.
23 April 2009 RSA: Lumension and Microsoft ink whitelisting deal Endpoint security company Lumension teamed up with Microsoft at the RSA show to launch a software whitelisting service. The move, which sees the companies sharing information about legitimate software applications, lends increasing credence to the idea that blacklisting malicious software by signature is becoming less tenable as the number of malware variants increases.
22 April 2009 Finjan uncovers one of world's largest botnets Finjan has uncovered what appears to be one of the largest bot networks controlled by a single cybercrime gang, with 1.9 million infected zombie computers forming the swarm.
22 April 2009 RSA: Symantec CEO Enrique Salem calls for automated information security In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape.
22 April 2009 AVG launches free LinkScanner web security application AVG, the producers of one of the most popular free anti-virus applications, is now offering a free URL checking utility.
21 April 2009 RSA: NSA director Lieutenant Alexander asks RSA conference to work with NSA to secure nation Director of NSA, Lieutenant General Keith B Alexander, congratulated the information security industry on its excellent work in his keynote address to RSA conference attendees in San Francisco on 21 April 2009.
21 April 2009 E-mail authentication needs to be taken seriously - OTA Research from the Online Trust Alliance (OTA) claims to show that companies need to take email authentication a lot more seriously than they presently do, as well as implement the technology on much more widespread basis.
20 April 2009 Learn about smartphone security with one of the industry's leading IT security experts Infosecurity is proud to announce that Professor Peter Sommer, a leading forensic and IT security specialist, will be participating in the Check Point Software Technologies-sponsored webinar, which takes place at 2:30pm UK time (3:30 CET) on Tuesday, April 21.
17 April 2009 Tory MP Green will not be charged Tory MP Damian Green, who was arrested as part of an inquiry over Home Office leaks, will not face charges.
16 April 2009 Skype - not as secure as you might think Although VOIP afficionadoes are wont to promote the encrypted nature of Skype Internet telephony calls, it's now becoming accepted that the use of a compressed data mode within Skype opens the gates to pattern recognition and slow, but steady, text-based decoding of the voice transmissions as a result.
15 April 2009 Check Point completes Nokia's security appliance business It's been a complicated take-over, apparently, but Check Point Software Technologies has at last completed the acquisition of Nokia's security appliances business which was announced last year.
15 April 2009 Symantec report observes surge in malicious code for 2008 Security provider, Symantec, found that malicious code activity continued to grow at a record pace throughout 2008, with the most prominent target being confidential information, according to the Symantec Internet Security Threat Report Volume XIV.
15 April 2009 Marshal8e6 acquires Avinti - poised to enter cloud computing Email and web security vendor Marshal8e6 has acquired Avinti, a behavioural analysis specialist, for an undisclosed sum.
15 April 2009 Black Hat briefings start on Thursday The organisers of the main Black Hat security conference - which takes place at the Moevenpick City Centre hotel in Amsterdam's Piet Heinkade this Thursday and Friday - have announced that presenters will reveal no less than six high profile vulnerabilities at the event.
14 April 2009 Microsoft security report pools data from Windows users everywhere In what some people might term as a case of Big Brother on steroids - or an in-depth anonymous analysis - depending on your viewpoint, Microsoft has published the latest version of its six monthly security intelligence report.
09 April 2009 SafeNet report decline in mobile safety Although almost half of UK business workers are required to access sensitive company data on a daily basis, one in three organisations lack the required mobile security, according to information security specialist SafeNet.
08 April 2009 Phishers await bite from credit crunch email An opportunist scam is seeing phishers use recession fears as bait, warns the Foreign and Commonwealth Office (FCO).
08 April 2009 It's been a Hard Day's Night for Paul McCartney's web site The operators of Paul McCartney's web site were caught with their electronic pants down this week after the portal was found to be serving up malware.
08 April 2009 Infosecurity gets twittered up Infosecurity magazine are now on Twitter. Please ‘follow’ us to receive our latest news, views and industry comments.
08 April 2009 Samsung appoints Wick Hill as IT security distributor Samsung, a name better known for its PC and mobile phone offerings, has signed veteran value-added distributor Wick Hill to handle its IT security products in the UK.
07 April 2009 Conficker methodology appears in updated Neeris worm Even though version D of the Conficker worm failed to cause havoc - as was widely predicted - on April 1, the worm's methodology continues to cause problems in the shape of an updated version of the Neeris worm.
07 April 2009 Hispasec enhances free online malware analysis service Hispasec Sistemas, one of Spanish-speaking world's rising IT security stars, has enhanced its online malware analysis service to accept programmes of up to 10 megabytes, as well as supporting an impressive 23 languages via its on-screen interface
07 April 2009 IBM warns over four percent Conficker infection rate After scanning around two million PCs, IBM's ISS security division says that around four percent of the PCs it scanned were infected by the Conficker worm.
03 April 2009 US cybercrimes soar by 33% in 2008 Cybercrimes in the United States hit record numbers last year, according to a report from the Internet Crime Complaint Centre (IC3), a partnership between the FBI and the National White Collar Crime Centre.
02 April 2009 “Truly depressing”: GFI laments lack of insight into current IT needs from UK SMEs Small to medium enterprises (SMEs) are underestimating the security danger posed by their employees, especially in light of the current recession, according to network security software developer, GFI.
31 March 2009 Arbor Networks warns on MIME sniffing-based phishing attacks Hiding data within digital pictures - known as steganography in security circles - has been known about for years, but now it appears the darkware community have taken the technology concept one step further and are hiding HTML and Java code calls within images when sending out phishing emails.
30 March 2009 TelTech intros pay-as-you-use lie detector phone service TelTech has launched what appears to be the industry's first pay-as-you-use telephone voice analysis (lie detection) service.
26 March 2009 One quarter of British databases ‘almost certainly’ illegal A report published this week condemns the growing number of databases in Britain holding information from health and education to welfare, law enforcement and tax.
25 March 2009 Pirate Bay develops anonymous VPN user protection Pirate Bay, the file-sharing index portal that has been the subject of several legal skirmishes in recent years, is about to fly into another storm of controversy following the development of what appears to be an anonymous VPN for its registered users.
25 March 2009 Symantec admits card data probably leaked from India In a response to a BBC investigation into the leaking of payment card data from Indian call centres, Symantec's Indian operation has admitted that card data on three of its customers may have been leaked from its call centre contractor in India.
25 March 2009 CanSecWest: lasers and electronic sniffing take over from Van Eck If you're an IT security professional with a long memory, you'll recall a BBC TV demonstration of the Van Eck phenomenon - the process of eavesdropping on a CRT monitor at a distance of several metres using low-cost electronics in the mid-1980s following the publishing of a paper on the subject.
23 March 2009 Grey Goose 2 ties Kremlin more closely to Georgia cyber-attacks The follow-up to the Grey Goose cyberwar document has more closely linked Russia to the cyberwar against Georgia. The Kremlin's FSB tried to cloak its operations by mimicking the activities of loosely-connected criminal group the Russian Business Network, claims the explosive report, released today.
20 March 2009 Mobiles put four out of five commuters at risk of ID theft A survey of commuters by data protection company, Credant Technologies, has reported that 80% of mobile phone users store information on their devices that could be used to steal their identities.
19 March 2009 Russians hack Diebold ATM software The act of ATM Card skimming and shoulder surfing - used by criminals the world over to create cloned cards from users of bank cash machines - has entered a new dimension.
19 March 2009 Internet Explorer, Firefox and Safari hacked within hours This year's CanSecWest, held in Vancouver, British Columbia, opened on Wednesday, with the main focus of the cracking contest being on mobile phones.
19 March 2009 McKinnon attracts support of Terry Waite and Sting Supporters for Gary McKinnon can now include former captive Terry Waite and singer Sting amongst their numbers.
17 March 2009 Bogus bomb, somewhere near you Security labs have discovered a variant of malicious spam that is engineered to report an exploded bomb within the recipient’s vicinity.
17 March 2009 EU Data Retention Directive slammed by PGP Corporation This month sees the European Union Data Retention Directive coming into force. The new law, which is expected to be fortified by UK- specific legislation, requires that ISPs store IP interactions by their customers for up to a year.
17 March 2009 Egress launches low-cost secure data transfer service Egress Software Technologies has moved its secure data transfer services into the online software-as-a-service market, adopting pay-as-you-go plus subscription models for the services at the same time.
16 March 2009 BBC creates a botnet of 22 000 PCs in investigation The BBC has drawn criticism for an investigation that involved its researchers creating a botnet swarm of around 22 000 infected PCs.
12 March 2009 IT security vendors and Australian police embroiled in technology spat An interesting technology row is quietly brewing in Australia that, if unresolved, could have repercussions elsewhere in the world.
11 March 2009 Google Docs leaks out private data The security rating of cloud computing has taken a battering with news that users of Google's online word processing service - Google Docs - may have shared their data with unauthorised users.
10 March 2009 Major e-music site hit by hackers Spotify, an advertising-driven e-music site launched in 2006 and with more than a million users across Europe, has suffered a data breach involving the personal details of around 10 000 members.
06 March 2009 (ISC)2 SecureLondon event highlights the importance of getting the basics right Training, education and awareness topped the list of ‘basics’ for information security management in a panel debate held at (ISC)2’s SecureLondon Security Leadership Seminar on Tuesday. The full –day conference, focussed on content security, illustrated that the human factor is becoming a key information security concern in a data-centric world.
05 March 2009 Aladdin announces web 2.0 security enhancement Aladdin Knowledge Systems has enhanced its eSafe security software to support granular control of advanced web 2.0 websites such as Facebook and LinkedIn.
05 March 2009 Quocirca explains content security in the age of mass storage Bob Tarzey, service director with Quocirca, the business research analysis firm and a regular contributor to Infosecurity's Webinar series, has written a feature on the issues relating to content security and how they relate to the modern world of mass storage.
04 March 2009 New version of L0phtCrack to be unveiled next week Seasoned penetration testers and security experts will recall that L0phtCrack, a seriously heavy-duty password testing utility, was quietly withdrawn by Symantec in 2006, after the IT security vendor reportedly became worried about export regulations of the high-tech software from the United States.
03 March 2009 Messagelabs says spam soars, then subsides during February MessageLabs, the email security service provider, reports that February was an unusual month for spam, with levels rising to 79.5% of all email messages in the early part of the month, before falling back to below average levels.
02 March 2009 Google: crack our native client and win $8,192 (£6,000) Google is challenging the cracking community to rip apart its ActiveX alternative called Google Native Client.
02 March 2009 John Lewis monitors moves on CCTV John Lewis Partnership may in future link movement analysis software to in-store CCTV cameras, according to the employee-owned store chain’s head of business protection.
28 February 2009 Council staff breach security of National ID database The Department of Work and Pensions (DWP) have admitted that 33 public sector workers across 30 local authorities have accessed the Customer Information System (CIS) “without business justification”.
26 February 2009 Update: DPP has insufficient evidence to prosecute McKinnon in UK Karen Todner, solicitor for NASA hacker Gary McKinnon has issued a statement disclosing that the Office of the Director of Public Prosecutions (DPP) “do not consider that they have sufficient evidence before them to prosecute Mr McKinnon in the United Kingdom.”
26 February 2009 CansecWest's Pwn2Own cracking contest goes twin-track The three-day Pwn2Own cracking contest - which kicks off on March 18 at the CanSecWest security conference in Vancouver - is always a popular headliner, mainly because of its healthy reward for great system and software hacks.
26 February 2009 Microsoft working on secure web browser Microsoft's research operation has published a paper detailing a security-enabled web browser application code-named Gazelle.
25 February 2009 Check Point to revolutionise network security At Check Point Experience in Paris this week, Gil Shwed, co-founder and chief executive of Check Point, announced the company’s intention to fundamentally alter network security with the launch of a software blade architecture.
25 February 2009 Six out of ten employees steal company data A study of US workers has revealed that six out of every ten employees surveyed stole company data upon leaving their job in the last year.
24 February 2009 European Union to investigate internet telephony eavesdropping Against a backdrop of the increasing use of internet telephony (aka voice over IP) by criminals as a way of avoiding wiretaps, the European Union has thrown its weight behind research into how to monitor internet telephony calls on a cost-effective basis.
23 February 2009 Obama orders review of cyber security following FAA hack President Obama has requested a 60-day review of the ‘plans, programmes and activities’ in place to combat hacking in federal computer systems, following the recent breach at the Federal Aviation Administration (FAA) when 48 file systems were accessed.
20 February 2009 Parliamentary forum to discuss Police Central e-crime Unit Monday 23 February will see the annual parliamentary forum on e-crime, where the subject of the Police Central e-crime Unit (PCeU) is expected to spark some strong views, following events at last year’s forum.
19 February 2009 Black Hat researchers blow hole in Intel BIOS security The Black Hat security event taking place in Washington this week brought its usual array of hacker methodology revelations, but Intel watchers will have sat up straight after hearing how researchers have effectively blown a hole in the firm's trusted execution technology.
19 February 2009 Facebook backs down on owning rights to users' info Facebook has backed down from a controversial change in its terms which gave it rights to its users' information.
18 February 2009 Trend Micro moves IT security onto routers Trend Micro, which claims to be the 'number three' IT security software vendor worldwide, has unveiled a new family of applications designed to run on networking routers, rather than computers.
18 February 2009 Kaspersky site hack expands to BitDefender and F-Secure Romanian hackers are reported to be targeting the web sites of several IT security vendors.
17 February 2009 First arrests in Heartland Payment Systems data breach The first arrests in connection with the recently disclosed breach at Heartland Payment Systems have been made in Florida.
16 February 2009 Malicious URLs arrive on Digg Web portal The ingenuity of malware distributors has reached new levels - of depths - depending on your point of view.
12 February 2009 UK government agencies changing approach to data security Amidst all the reports of data breaches and intrusions in recent months comes a spot of good news, namely that a report from BeCrypt claims to show that UK government agencies are adopting a positive attitude to data security.
11 February 2009 ITsec vendors rally to support Safer Internet Day Microsoft and several IT security firms have rallied to support the EU-sponsored Safer Internet Day, which is being backed by pledges from 17 social networking and web 2.0 portals.
10 February 2009 Adobe/Forrester research reveals web 2.0 not so pervasive A major European study commissioned by Adobe and carried out by Forrester Research shows that `knowledge workers' within European organisations are far less keen on collaborating with each other using Web 2.0 and other advanced internet technologies than was previously thought.
10 February 2009 Sunbelt working on next-gen anti-virus technology Sunbelt Software claims to have developed a new anti-virus technology called `file emulation' in its battle against malware.
09 February 2009 Online hotel fraud scamming 71 000 travellers a month FraudTip, a Web security portal, claims that an internet scam is defrauding around 71 000 travellers every month by the simple expedient of routing internet users to fraudulent versions of popular booking sites.
09 February 2009 Fortinet highlight rise in malware The Threatscape report from UTM solution provider, Fortinet, detailing trends in vulnerabilities and malware in the first month of 2009, revealed the rise of the buffer overflow exploit to Microsoft Security Bulletin MS08-067, as well as a swell in online gaming malware.
09 February 2009 Hackers hit the road In a fresh case of social engineering, ever-resourceful hackers in the US have found a new way to direct unsuspecting users into downloading a virus, through fake parking tickets.
09 February 2009 FaceTime eliminates URL filtering fees as v2.0 gateway released FaceTime Communications has celebrated the release of v2.0 of its Unified Security Gateway (USG) appliance by waiving the fees for URL filtering on new purchases.
05 February 2009 PGP research highlights crippling data breach losses Research just released by crypto specialist PGP Corporation claims to show that the average cost of a data breach soared by 28% during 2008, with typical costs weighing in at an astonishing £1.7 million per incident.
05 February 2009 Blind hacker fulfils Sneakers movie role 17 years on Movies have a funny habit of becoming reality and the 1992 hacker movie Sneakers, starring Robert Redford, is no exception.
04 February 2009 Ukrainian ISP servers shut down UkrTeleGroup, an infamous internet service provider in the Ukraine, has had its primary IP connection "depeered" by FiberNet, the Miami-based uplink provider.
04 February 2009 Google falls victim to human error On Saturday, Google users were warned that all their search results were potentially harmful, due a widespread result of human error.
03 February 2009 Companies their own worst enemy says IBM X-Force report The annual report from IBM's X-Force security operation shows what many IT managers have suspected for some time, namely that Web application vulnerabilities represent the major risk for most organisations.
03 February 2009 Child protection database will be accessible to 390 000 staff. The controversial child protection database, to house the contact details for all under 18 year olds in England, is to be accessible to 390 000 staff, according to ministers.
30 January 2009 Cisco moves into security and unified communications Cisco continued its diversification away from its mainstream networking roots this week with the release of a range of security, storage and unified communications offerings for small businesses.
30 January 2009 Panda Security research shows high incidence of malicious email Research just released by Panda Security claims that just 8.6 per cent of email that reached companies last year was non-malicious.
30 January 2009 ISACA unveils new IT security business model ISACA, the Information Systems Audit and Control Association, has developed a new business model for IT security.
29 January 2009 Hackers run up £120 000 phone bill for Canadian law firm If you've had a high company phone bill recently, spare a thought for Martin & Hillyer, a law firm in Burlington, Ontario.
29 January 2009 Obama Administration publishes agenda for cybersecurity The newly-appointed Obama administration has wasted no time in fulfilling one of its mainstay election promises by publishing an agenda for cybersecurity.
27 January 2009 Despite all the warnings, IT users still not using encryption Research just published by crypto specialist Steganos has revealed that - despite all the well-publicised data losses in the last few years - technology users have still not embraced encryption to protect their personal information.
27 January 2009 Monster slain by hackers Careers website Monster.com and USAjobs.gov, the careers site for the US federal government, have been targeted by hackers, who have harvested user information including IDs, passwords and addresses.
26 January 2009 Infosecurity magazine work with Tories on infosec policy The UK government should be demonstrating best practice when it comes to information security, said Eleanor Laing, MP, in a meeting with Infosecurity magazine on Monday 22nd January.
26 January 2009 Update: McKinnon Wins Permission for Judicial Review 'NASA hacker' Gary McKinnon has won permission from the High Court to apply for a judicial review against his extradition to the United States.
23 January 2009 £10 000 bounty placed on DDoS hackers Overclockers.co.uk (OCUK), an online computer hardware reseller firm, have announced they are placing a bounty of £10 000 on the heads of hackers behind a Distributed Denial of Service (DDoS) attack on their web site earlier in the month.
23 January 2009 Germany's train IT resources offline due to UPS failure Here's a lesson in IT contingency planning, courtesy of Deutsche Bahn, the German railway network company, whose IT systems - including station indicator boards, electronic ticketing, self-service counter tickets and Internet pages - all went off line on January 14 due to single UPS failing.
23 January 2009 US-CERT warns Microsoft Windows autorun off advice is flawed The US Computer Emergency Readiness Team (US-CERT) has warned Microsoft's advice on how to turn off the autorun option within Windows is not effective.
22 January 2009 Kaspersky claims pole position on Windows 7 Anti-Virus Kaspersky Lab claims to be first out of the gate with a test edition of its AntiVirus software for the Windows 7 platform.
21 January 2009 Government aligns with IISP The UK government’s Infosec Training Paths and Competencies (ITPC) scheme is to transfer to the Institute of Information Security Professionals (IISP) with effect from 1 April 2009.
21 January 2009 Heartland card payment system breach bigger than TJX? Reports are coming in that a New Jersey-based payment processor's IT systems have been compromised in what experts are calling the biggest payment card data breach ever.
21 January 2009 Organisations unaware of in-house virtual architecture Two-thirds of firms in the UK are reportedly unable to identify exactly what virtual resources are in active use on their IT systems, according to a study just released.
20 January 2009 Downadup worm hits million-plus PCs in 24 hours Finnish IT security vendor F-Secure reports that a worm that exploits a months-old Windows flaw has infected more than 1.1 million PCs in space of 24 hours.
16 January 2009 Extradition looms as the ‘fires of Hell’ burn for Gary McKinnon At the time of writing, the NASA hacker Gary McKinnon, who reportedly perpetrated the biggest military hack on record, was awaiting a decision from the Crown Prosecution Service on whether a recent signed confession, along with his diagnosis with Asperger’s syndrome, would help him to avoid extradition to the US and a potential 70 year prison sentence.
16 January 2009 Israeli-Hamas battle escalates to botnets The ongoing conflict between Israel and Hamas in the Middle East has escalated beyond a spat of hacker Web site attacks plus defacements and into the realms of botware.
14 January 2009 It’s hammer-time for discarded computers says Which? Magazine Which? Computing magazine has encouraged the smashing of computer hard drives after buying eight second-hand hard drives from eBay and finding confidential information on each.
09 January 2009 Trust trumps price for online consumers Amid the build-up to Christmas, a survey commissioned by VeriSign finds that 85 percent of online shoppers maintain that trust in a site is the most important issue when online shopping.
16 December 2008 Lumension survey predicts ITsec trends for 2009 End of year research commissioned by enterprise endpoint security specialist Lumension has found that outsourcing is likely to be a major IT security talking point in 2009.
12 December 2008 Hidden Rootkit/DOS-launching flaw discovered in Vista A potentially serious flaw has been discovered in Windows Vista that can allow rootkits to be hidden or denial-of-service attacks to be executed from deep within the operating system.
24 November 2008 Infosecurity work with Tory MPs to develop data security working group Infosecurity magazine were honoured to receive an invitation from MPs Eleanor Laing and Nick Herbert to visit the Houses of Parliament this week, to discuss the Conservative party’s data security agenda.
13 November 2008 Information Security awards recognise honour excellence, leadership, and vision Executive Alliance, provider of premium leadership recognition forums worldwide, has announced the winners of the Information Security Executive (ISE) and Project of the Year United Kingdom and Ireland Awards for 2008.
24 October 2008 Security flaw exposed in Google Chrome Fresh after Google’s tenth birthday, the entrepreneurial company is facing reports that its new browser, Chrome, contains a security flaw, just a day after its release in beta.
05 September 2008 Top Secret Iraq and al-Qaeda documents left on train Top-secret documents, containing information on al-Qaeda and Iraq, were found on the seat of a commuter train, according to BBC news reports released today.
12 June 2008 Government meets with cynicism after revealing plans for ‘giant database’ The government faces sceptisicm after revealing plans to implement a huge database storing citizens’ phone and web records.
23 May 2008 Facebook photos exposed A security lapse on Facebook has made large libraries of private photographs, including one of Paris Hilton, available for all users to access. Exploiting a recent upgrade to the networking site’s privacy settings, a Canadian hacker was able to view pictures that were intended as private.
26 March 2008 ‘Highly confidential’ Home Office laptop sold on eBay Police are investigating a possible Home Office security breach after the discovery of an encrypted laptop containing a scrambled disc with the words ‘Home Office, highly confidential’ written on it. The laptop was found in a computer shop near Bolton, after a customer had taken it in for repair. The laptop was said to have been brought on eBay.
28 February 2008 PCI-DSS failure could hit brands, gaming firms told The potential damage to a brand justifies the high cost of Payment Card Industry Data Security Standard (PCI-DSS) security compliance work, a major payment card operator told a gambling conference.
29 January 2008 Doctors encourage patients to opt-out after NHS data losses A letter for patients to use to opt-out of the English NHS’s nascent central database of medical records, written by doctors and medical privacy campaigners, has reached more than 200 000 downloads. Meanwhile, nine NHS trusts have admitted data breaches, in the wake of HM Revenue and Customs’ loss of 25 million people’s data.
04 January 2008 Better job prospects for infosecurity staff, says SANS Infosecurity professionals will see improved job opportunities in 2008, according to the SANS Institute. The US-based organisation believes that as senior executives in government realise that their systems have already been compromised, and that they do not control those systems, they will react by creating new jobs.
02 January 2008 Big phish-hunters make small tank vulnerable PhishTank, a mass-participation website used to track phishing sites, is susceptible to voting fraud by criminals, according to researchers at Cambridge University’s Computer Laboratory.
21 December 2007 Government to toughen Data Protection Act New sanctions will be added to the UK’s Data Protection Act for serious breaches, the chancellor Alistair Darling told parliament on 17 December.
19 December 2007 Norwich Union Life fined £1.26m The UK’s Financial Services Authority has fined life assurance company Norwich Union Life £1.26 million ($2.54m, €1.77m) for “not having effective systems and controls in place to protect customers' confidential information and manage its financial crime risks” (statement).
17 December 2007 Banks voice approval of phone biometrics Several banks are adopting voice biometric technology, while BT is preparing to offer an internal service commercially, according to exhibitors at the first European Voice Biometrics Conference, held in London on 28 and 29 November.
06 December 2007 UK government loses data on 25m Britons The UK government has lost personal data on every child in the country, as well as national insurance numbers and bank account details of parents and carers claiming child benefit, on two password-protected CDs sent through an internal mail service.
20 November 2007 ICO asks UK to criminalise severe data breaches The UK information commissioner’s office (ICO) has asked the government to make serious breaches of the Data Protection Act a criminal offence, rather than attracting fines as at present.
14 November 2007 Flawless ID doesn’t exist, says e-commerce specialist Passwords are not enough to keep criminals out, Sanjay Bavisi, president of the International Council of Electronic Commerce Consultants (the EC-Council), told a session on 5 November at the CSI 2007 conference in Washington DC.
07 November 2007 BT Counterpane’s Bruce Schneier talks to Eleanor Dallaway about why he hasn’t been fired yet Bruce Schneier has increased BT’s press mentions in the North American press by 21% since the UK telecom giant’s acquisition of his firm Counterpane one year ago. BT insists that the acquisition ran smoothly and that the two companies are working well together, and Bruce tells us that the Counterpane people are happy. But it seems there are a few creases in the BT Counterpane story that still need to be ironed out – Bruce’s job title being the first.
02 November 2007 RSA Europe 2007: Kiwis felt ID cards wouldn’t fly New Zealand has rejected physical identity cards, central databases and data matching in creating its national identity scheme, one of the scheme’s architects told the RSA Europe conference in London on 24 October.
25 October 2007 RSA Europe 2007: Personalities required for team-building When building an information security team, it is just as important to recruit on the basis of personality as it is to find someone with the right technical qualifications, according to Peter Berlich, a director of (ISC)2.
25 October 2007 Biometrics 2007: Joining up data would speed border checks Biometrics at borders could be reduced and better focused, allowing faster transit for trusted passengers, according to speakers at Biometrics 2007.
22 October 2007 Biometrics 2007: Biometrics help security trump privacy New biometric technologies and plans for increased surveillance are jeopardising society’s right to liberty and privacy, argued David Murakami Wood, managing editor of Surveillance & Society, at the Biometrics 2007 conference on Friday 19 October.
22 October 2007 Biometrics 2007: Fingerprints fail to tackle football ‘hooligans’ A fingerprint recognition system failed to prevent black-listed fans from entering football grounds and was easily fooled by simple spoofing techniques, according to a trial by Dutch research organisation TNO.
19 October 2007 ISSE weighs privacy against internet security Finding the right balance between internet security and privacy is becoming increasingly hard when addressing cyber terrorism, experts at last week’s annual ISSE conference argued.
04 October 2007 Spend less on IT security, says Gartner Organisations should aim to spend less of their IT budgets on security, Gartner vice-president John Pescatore told the analyst firm’s London IT Security Summit on 17 September.
18 September 2007 Biometrics move from banking to borders Biometrics has changed in several significant ways over the last decade, according to a prominent expert in the field.
24 August 2007 UK should introduce data breach notification law, say Lords The UK should make banks liable for online fraud and follow US states in forcing organisations to notify victims of information leaks, according to a wide-ranging report published on 10 August by the House of Lords science and technology select committee.
10 August 2007 Flood-zone security suppliers confident of business continuity Users of IT security products should see no gaps in service resulting from floods in Britain, despite the location of several vendors in some of the worst-affected towns.
23 July 2007 Google buys Postini to sell infosecurity as a service Google is buying its way into the infosecurity market, through purchasing security service provider Postini for $625 million (£310m, EUR458m) in cash, it said on 9 July.
10 July 2007 Infosec ignorance is a barrier to security in America's Cup This year, the Victory Challenge team introduced security into their game plan as they challenged the Swiss defender Alinghi, in the 32nd America’s Cup.
25 June 2007 New web threats gain momentum Eighty per cent of infected websites have been compromised by a third-party hacker, according to the latest threat statistics from Sophos.
21 June 2007 Renault Formula 1 deploy IRM to protect car designs At the British Grand Prix in 2006, over four gigabytes of data was created over the weekend, including 150 documents containing car designs, technical specifications and other important testing and race data. Under pressure to keep their sensitive information secure, the Renault Formula 1 team chose Oracle content management (formerly Stellent) to manage, share and secure critical documents and information across the organisation, remotely and trackside.
20 June 2007 Lloyds TSB turns fraud-detection software on staff Lloyds TSB has purchased pattern-recognition software from US vendor Actimize for detecting employee fraud within its retail banking operation. Use of such software is already common in financial services for spotting fraud in external transactions, such as credit card spending.
08 June 2007 Nato aids Estonia in denial of service fight Governments will need to defend their nations from cyber-attacks as well as physical attacks, after the Baltic state of Estonia suffered from several weeks of denial of service attacks on its web-sites, following its relocation of a Soviet-era war memorial.
29 May 2007 Nato aids Estonia in denial of service fight Governments will need to defend their nations from cyber-attacks as well as physical attacks, after the Baltic state of Estonia suffered from several weeks of denial of service attacks on its web-sites, following its relocation of a Soviet-era war memorial.
29 May 2007 One gang corners the market in phish One gang is responsible for more than half of all attempted phishing for the likes of online banking log-in details, and has found ways to extend the lives of its web-sites, according to researchers at Cambridge University.
17 May 2007

Latest News

Members' Login

Not a member?