Infosecurity News

Theft of Michaels' customer card numbers extends nationwide

The theft of credit and debit card numbers from PIN-pad tampering at Michaels stores in the Chicago area extends nationwide, the company admitted this week.

Canadian government is vulnerable to WikiLeaks-type data breach, report warns

The Canadian government is vulnerable to a security breach similar to the US government’s WikiLeaks snafu that resulted in the leak of hundreds of thousands of sensitive documents, concluded an internal government report.

FTC considers action against Apple for iPhone location tracking

The Federal Trade Commission (FTC) is considering taking action against Apple following revelations that Apple collected geo-location data from iPhone users.

Alarm bells sound on Microsoft acquisition of Skype

Microsoft's acquisition of Skype for $8.5 billion has not gone down well in some quarters, with some experts questioning the wisdom of allowing the Redmond giant access to such a massive unified communications service.

US TV station highlights major flaw in Visa/Mastercard/Amex RFID technology

Consumer reports researchers on a US TV station have uncovered a potentially serious security flaw in the RFID systems used on credit and debit cards such as Mastercard Paypass and Visa Paywave.

Jericho Forum unveils best practice identity commandments

The Jericho Forum has taken the wraps off a set of best practice identity principles - enshrined in a set of commandments - which seek to lay down the ground rules for IT security professionals when dealing with the complex world of digital identities.

Facebook flaws leaks millions of data elements to third parties claims researcher

The reputation of the apparent cybercriminal's playground that is Facebook took another battering this week after a Symantec researcher revealed that as many as 100,000 Facebook applications are leaking data to third parties.

41% of IT professionals using mobile data without protection

Research just published claims to show that 41% of IT professionals are using mobile devices to store data without encryption or other forms of protection. The research, from Origin Storage, also found that 19% of organisations had suffered a data breach as a result of a portable device going walkabout.

Organizations not equipped to prevent DDoS attacks, DNS failures

Many organizations are not equipped to prevent and respond to web infrastructure failures caused by distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, according to research commissioned by VeriSign.

Security firm drives steamroller through Chrome, Windows 7 security

A French IT security firm – Vupen – has severely cracked Google's Chrome browser by bypassing the its integrated `sandbox' security features, as well as Windows 7's equally integrated anti-exploit systems.

WebGL opens browser to attacks that can disable computer

A researcher at the Context Information Security consulting firm has identified a number of serious vulnerabilities in the new WebGL 3D graphics standard enabled by default in Firefox 4 and Google Chrome browsers, and as an option in the Apple Safari browser.

FERC wants more power to protect electric grid from cyber attacks

FERC wants more power to protect electric grid from cyber attacks

The Federal Energy Regulatory Commission (FERC) is looking to expand its authority to protect the electrical grid against cyber attacks.

What’s Hot on Infosecurity Magazine?