http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Sat, 11 Feb 2012 17:45:38 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/view/23829/senators-to-introduce-compromise-cybersecurity-legislation-with-fisma-revisions/ A bipartisan group of senators who authored cybersecurity legislation last year plan to introduce a compromise cybersecurity bill that will be examined at a hearing next Thursday. Fri, 10 Feb 2012 20:44:00 GMT http://www.infosecurity-magazine.com/view/23829/senators-to-introduce-compromise-cybersecurity-legislation-with-fisma-revisions/ http://www.infosecurity-magazine.com/view/23828/bank-of-america-cops-to-credit-card-data-breach/ Bank of America has informed affected credit card customers that their information may have been compromised by a breach at an unidentified merchant. Fri, 10 Feb 2012 20:19:00 GMT http://www.infosecurity-magazine.com/view/23828/bank-of-america-cops-to-credit-card-data-breach/ http://www.infosecurity-magazine.com/view/23827/texas-jury-strikes-down-claim-of-interactive-web-patents/ A federal jury in Texas has declared invalid patents for interactive web technology claimed by Michael Doyle and his patent holding company Eolas. Fri, 10 Feb 2012 20:00:00 GMT http://www.infosecurity-magazine.com/view/23827/texas-jury-strikes-down-claim-of-interactive-web-patents/ http://www.infosecurity-magazine.com/view/23826/hackers-steal-information-from-apple-supplier-accused-of-poor-working-conditions/ A hacker group calling itself Swagg Security has publicly posted employee and customer login credentials and other personal information stolen from Foxconn, a Taiwanese manufacturer of the Apple iPhone and iPad. Fri, 10 Feb 2012 19:44:00 GMT http://www.infosecurity-magazine.com/view/23826/hackers-steal-information-from-apple-supplier-accused-of-poor-working-conditions/ http://www.infosecurity-magazine.com/view/23825/privacy-group-sues-ftc-over-googles-privacy-changes/ A US federal judge has granted the Electronic Privacy Information Center (EPIC) an accelerated briefing schedule for its lawsuit against the Federal Trade Commission (FTC) over Google’s new privacy policy. Fri, 10 Feb 2012 18:41:00 GMT http://www.infosecurity-magazine.com/view/23825/privacy-group-sues-ftc-over-googles-privacy-changes/ http://www.infosecurity-magazine.com/view/23820/chariots-on-fire-for-white-hat-rally-/ Register now for the security industry’s 4th annual driving challenge in support of Barnardo’s Fri, 10 Feb 2012 12:56:00 GMT http://www.infosecurity-magazine.com/view/23820/chariots-on-fire-for-white-hat-rally-/ http://www.infosecurity-magazine.com/view/23818/uk-attitudes-to-online-safety-and-personal-safety-are-different/ A YouGov survey commissioned by SAS shows that the UK public are likely to trade privacy for security on the streets, but are wary of giving up privacy on the wire. Fri, 10 Feb 2012 12:20:00 GMT http://www.infosecurity-magazine.com/view/23818/uk-attitudes-to-online-safety-and-personal-safety-are-different/ http://www.infosecurity-magazine.com/view/23817/uk-security-skills-are-wholly-inadequate/ Baroness Neville-Jones, the government’s special representative to business on cyber security, and a former security minister, says that the UK lacks adequate cyber security expertise. Fri, 10 Feb 2012 12:13:00 GMT http://www.infosecurity-magazine.com/view/23817/uk-security-skills-are-wholly-inadequate/ http://www.infosecurity-magazine.com/view/23814/google-wallet-vulnerable-to-brute-forcing-the-pin/ Security researcher Joshua Rubin has published details of his research showing a vulnerability in the Google Wallet near field communication payments system for Android. Fri, 10 Feb 2012 11:57:00 GMT http://www.infosecurity-magazine.com/view/23814/google-wallet-vulnerable-to-brute-forcing-the-pin/ http://www.infosecurity-magazine.com/view/23805/google-fixes-20-flaws-with-latest-version-of-chrome-browser/ Google is keeping up its fast-and-furious Chrome development pace with the release of version 17, just two months after version 16 came out and one day after Chrome for Android was introduced. Thu, 09 Feb 2012 18:53:00 GMT http://www.infosecurity-magazine.com/view/23805/google-fixes-20-flaws-with-latest-version-of-chrome-browser/ http://www.infosecurity-magazine.com/view/23804/feds-should-provide-industry-with-cybersecurity-data-and-incentives-experts-testify/ The US communications industry needs better information sharing, tax breaks, and liability protection from the federal government to improve cybersecurity, experts told a House panel on Wednesday. Thu, 09 Feb 2012 16:46:00 GMT http://www.infosecurity-magazine.com/view/23804/feds-should-provide-industry-with-cybersecurity-data-and-incentives-experts-testify/ http://www.infosecurity-magazine.com/view/23803/new-android-malware-bags-millions-in-revenues/ A new piece of Android malware, named Android.Bmaster, has infected hundreds of thousands of devices in China and is able to generate millions of dollars in annual revenues. Thu, 09 Feb 2012 16:16:00 GMT http://www.infosecurity-magazine.com/view/23803/new-android-malware-bags-millions-in-revenues/ http://www.infosecurity-magazine.com/view/23801/odva-publishes-cybersecurity-guidelines-for-industrial-automation-networks/ ODVA, an organization set up to improve industrial automation processes and security, has issued a set of cybersecurity guidelines for manufacturers and vendors to follow. Thu, 09 Feb 2012 15:30:00 GMT http://www.infosecurity-magazine.com/view/23801/odva-publishes-cybersecurity-guidelines-for-industrial-automation-networks/ http://www.infosecurity-magazine.com/view/23779/bigger-is-not-better-when-it-comes-to-ddos-attacks/ Small-scale targeted distributed denial of service (DDoS) attacks can cause more damage to an organization that large-scale bandwidth-gobbling attacks, concludes a recent report by application security provider Radware. Thu, 09 Feb 2012 12:30:00 GMT http://www.infosecurity-magazine.com/view/23779/bigger-is-not-better-when-it-comes-to-ddos-attacks/ http://www.infosecurity-magazine.com/view/23777/source-code-for-symantecs-pcanywhere-published-after-failed-extortion-attempt/ A hacker associated with an Anonymous affiliate has released source code for Symantec’s pcAnywhere security software onto the Pirate Bay file-sharing website after an apparent attempt to extort $50,000 from the security vendor. Thu, 09 Feb 2012 12:10:00 GMT http://www.infosecurity-magazine.com/view/23777/source-code-for-symantecs-pcanywhere-published-after-failed-extortion-attempt/ http://www.infosecurity-magazine.com/view/23793/cybercrime-another-business-in-the-malspace/ The commercialization of cybercrime continues, with Trusteer describing what it calls ‘Factory Outlets’ for the sale of stolen user credentials. Thu, 09 Feb 2012 11:55:00 GMT http://www.infosecurity-magazine.com/view/23793/cybercrime-another-business-in-the-malspace/ http://www.infosecurity-magazine.com/view/23791/intrusion-upon-seclusion-protected-by-canadian-court/ With ‘privacy’ such an emotive and complex issue, Canadian companies should note that an action for tort (civil action) for ‘intrusion upon seclusion’ has been recognized by the Ontario Appeal Court. Thu, 09 Feb 2012 11:48:00 GMT http://www.infosecurity-magazine.com/view/23791/intrusion-upon-seclusion-protected-by-canadian-court/ http://www.infosecurity-magazine.com/view/23790/service-providers-lack-confidence-in-leas/ Arbor Networks’ 7th annual Worldwide Infrastructure Security Report presents a view of 2011 security through the eyes of the providers: ISPs, hosting companies, and service providers. It focuses on DDoS. Thu, 09 Feb 2012 11:41:00 GMT http://www.infosecurity-magazine.com/view/23790/service-providers-lack-confidence-in-leas/ http://www.infosecurity-magazine.com/view/23776/anonymous-hacks-police-website-in-response-to-occupy-boston-crackdown/ The hacktivist group Anonymous apparently gained control over the Boston Police Department's community policing website in retaliation for the police crackdown on the Occupy Boston protests. Wed, 08 Feb 2012 20:13:00 GMT http://www.infosecurity-magazine.com/view/23776/anonymous-hacks-police-website-in-response-to-occupy-boston-crackdown/ http://www.infosecurity-magazine.com/view/23775/nist-recommends-privatesector-steering-group-for-trusted-identities/ The National Institute of Standards and Technology (NIST) is backing the creation of a privately led steering group to tackle the complex process of creating an online trusted identities environment designed to protect consumers and companies from online fraud and identity theft. Wed, 08 Feb 2012 19:40:00 GMT http://www.infosecurity-magazine.com/view/23775/nist-recommends-privatesector-steering-group-for-trusted-identities/ http://www.infosecurity-magazine.com/view/23774/cybersecurity-hiring-declined-in-fourth-quarter-after-record-third-quarter/ The volume of cybersecurity job ads declined in the fourth quarter in the US, compared to a four-year high in the third-quarter of 2011, according to a survey by WANTED Analytics. Wed, 08 Feb 2012 19:14:00 GMT http://www.infosecurity-magazine.com/view/23774/cybersecurity-hiring-declined-in-fourth-quarter-after-record-third-quarter/ http://www.infosecurity-magazine.com/view/23764/copyrighting-pornography-are-unsecured-wifi-owners-to-blame/ Two US lawsuits, both involving producers of adult content, raise interesting questions: is the owner of an unsecured WiFi responsible for all downloaded material, and can you copyright pornography? Wed, 08 Feb 2012 12:43:00 GMT http://www.infosecurity-magazine.com/view/23764/copyrighting-pornography-are-unsecured-wifi-owners-to-blame/ http://www.infosecurity-magazine.com/view/23763/2011-review-cni-targetted-spam-down-botnets-up-/ Malicious spam grows, Blackhole dominates and critical national infrastructures are targeted, says M86 in its latest report. Wed, 08 Feb 2012 12:35:00 GMT http://www.infosecurity-magazine.com/view/23763/2011-review-cni-targetted-spam-down-botnets-up-/ http://www.infosecurity-magazine.com/view/23760/disaster-recovery-is-health-industrys-biggest-headache/ A survey by BridgeHead Software shows disaster recovery (DR) is increasingly prioritized for investment by IT professionals within the health industry. Wed, 08 Feb 2012 12:23:00 GMT http://www.infosecurity-magazine.com/view/23760/disaster-recovery-is-health-industrys-biggest-headache/ http://www.infosecurity-magazine.com/view/23746/food-and-beverage-industry-has-unsavory-history-of-data-breaches/ The food and beverage industry is the top target for cybercriminals for the second year in a row, according to the 2012 Global Security Report by Trustwave SpiderLabs. Tue, 07 Feb 2012 21:44:00 GMT http://www.infosecurity-magazine.com/view/23746/food-and-beverage-industry-has-unsavory-history-of-data-breaches/ http://www.infosecurity-magazine.com/view/23745/quickbooks-scam-leads-victims-down-a-blackhole/ Spammers are targeting QuickBooks users in a tax-related scam that links to a BlackHole exploit kit. Tue, 07 Feb 2012 21:00:00 GMT http://www.infosecurity-magazine.com/view/23745/quickbooks-scam-leads-victims-down-a-blackhole/ http://www.infosecurity-magazine.com/view/23744/south-korean-researchers-warn-of-stepped-up-cyberattacks-from-the-north/ South Korean researchers are warning that a number of political events this year could trigger an increase in cyberattacks from North Korea. Tue, 07 Feb 2012 20:31:00 GMT http://www.infosecurity-magazine.com/view/23744/south-korean-researchers-warn-of-stepped-up-cyberattacks-from-the-north/ http://www.infosecurity-magazine.com/view/23743/australias-central-bank-to-bolster-its-ddos-attack-protection/ Australia’s central bank is seeking help from information security providers to beef up its protection against distributed denial of service (DDoS) attacks. Tue, 07 Feb 2012 20:00:00 GMT http://www.infosecurity-magazine.com/view/23743/australias-central-bank-to-bolster-its-ddos-attack-protection/ http://www.infosecurity-magazine.com/view/23742/icscert-warns-critical-infrastructure-companies-about-brute-force-attacks/ The US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is warning critical infrastructure companies about brute force attacks against industrial control systems with secure shell (SSH) command-line access. Tue, 07 Feb 2012 19:34:00 GMT http://www.infosecurity-magazine.com/view/23742/icscert-warns-critical-infrastructure-companies-about-brute-force-attacks/ http://www.infosecurity-magazine.com/view/23738/safer-internet-day-2012-schools-and-isc2-professionals-work-together-to-educate-children-/ Parents are unaware of behavioural pitfalls that lead to their children's tiredness in lessons, exposure to abusive and predatory behaviour, and poor habits as they grow up. Tue, 07 Feb 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/23738/safer-internet-day-2012-schools-and-isc2-professionals-work-together-to-educate-children-/ http://www.infosecurity-magazine.com/view/23723/adobe-flash-sandbox-comes-to-firefox-on-windows/ Adobe has announced the release of a beta version of a Protected Mode (sandboxed) Flash Player for Firefox running on Windows Vista and Windows 7. Tue, 07 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23723/adobe-flash-sandbox-comes-to-firefox-on-windows/ http://www.infosecurity-magazine.com/view/23725/eu-hints-on-planned-strategy-for-internet-security-hp-comments/ On January 30 Neelie Kroes, European Commissioner responsible for the Digital Agenda, gave a speech on ‘Public-private cooperation in cyber-security.’ She gave three clues on what can be expected in the “European Strategy for Internet Security, due later this year.” Tue, 07 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23725/eu-hints-on-planned-strategy-for-internet-security-hp-comments/ http://www.infosecurity-magazine.com/view/23720/teampoison-hacktivists-deface-daily-mail-recipe-page/ The Daily Mail, one of the UK’s leading newspapers, and generally considered to be politically right of center, has had its website defaced by the Teampoison hacking group. Tue, 07 Feb 2012 11:30:00 GMT http://www.infosecurity-magazine.com/view/23720/teampoison-hacktivists-deface-daily-mail-recipe-page/ http://www.infosecurity-magazine.com/view/23730/uk-to-take-part-in-weekend-protests-against-acta/ Protests against the controversial Anti-Counterfeiting Agreement (ACTA) have been organized across Europe, with most set to take place on February 11. Tue, 07 Feb 2012 10:45:00 GMT http://www.infosecurity-magazine.com/view/23730/uk-to-take-part-in-weekend-protests-against-acta/ http://www.infosecurity-magazine.com/view/23708/canadian-bureaucrat-caught-snooping-into-injured-workers-records/ A Canadian provincial commission is admitting that an employee gained “inappropriate access” to workers’ compensation records of injured employees. Tue, 07 Feb 2012 10:28:00 GMT http://www.infosecurity-magazine.com/view/23708/canadian-bureaucrat-caught-snooping-into-injured-workers-records/ http://www.infosecurity-magazine.com/view/23707/rooting-out-rootkits-security-software-wont-help-says-symantec/ Rootkits are on the rise and traditional security software will not protect you, warns a Symantec white paper. Tue, 07 Feb 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/23707/rooting-out-rootkits-security-software-wont-help-says-symantec/ http://www.infosecurity-magazine.com/view/23706/google-unveils-service-to-bounce-malware-from-the-android-market/ In response to Android’s growing reputation of being a “malware cesspool”, Google has unveiled the Bouncer automated application scanning service to root out malware on the Android Market. Mon, 06 Feb 2012 20:18:00 GMT http://www.infosecurity-magazine.com/view/23706/google-unveils-service-to-bounce-malware-from-the-android-market/ http://www.infosecurity-magazine.com/view/23705/insecure-email-the-culprit-of-hacked-fbiscotland-yard-call/ The Anonymous hacktivist group was apparently able to listen in on a conference call between the FBI and Scotland Yard by hacking into a participant’s email account and obtaining the conference call number and access code, according to security analysts. Mon, 06 Feb 2012 17:26:00 GMT http://www.infosecurity-magazine.com/view/23705/insecure-email-the-culprit-of-hacked-fbiscotland-yard-call/ http://www.infosecurity-magazine.com/view/23701/wipe-out-motorola-fails-to-erase-personal-data-from-refurbished-tablets/ Motorola Mobility is admitting that some refurbished Xoom Wi-Fi tablets were resold with the original owner’s personal information still on the devices. Mon, 06 Feb 2012 16:43:00 GMT http://www.infosecurity-magazine.com/view/23701/wipe-out-motorola-fails-to-erase-personal-data-from-refurbished-tablets/ http://www.infosecurity-magazine.com/view/23699/darpa-seeks-to-beef-up-embedded-computer-system-security/ The Defense Advanced Research Projects Agency (DARPA), the Pentagon’s high-tech research arm, is funding research to beef up security of embedded computer systems, which run everything from critical infrastructure components to medical devices. Mon, 06 Feb 2012 15:41:00 GMT http://www.infosecurity-magazine.com/view/23699/darpa-seeks-to-beef-up-embedded-computer-system-security/ http://www.infosecurity-magazine.com/view/23692/eu-regulation-decouples-privacy-from-data-protection/ In two recent posts, data protection legal training company Amberhawk discusses some of the key new developments from the EU Data Protection Regulation. Mon, 06 Feb 2012 11:36:00 GMT http://www.infosecurity-magazine.com/view/23692/eu-regulation-decouples-privacy-from-data-protection/ http://www.infosecurity-magazine.com/view/23688/more-breaches-caused-by-staff-than-hackers/ The 2012 data protection survey undertaken by the Irish Computer Society (ICS) shows that a higher number of data breaches are the result of internal failures and lack of awareness than are the result of external theft. Mon, 06 Feb 2012 10:35:00 GMT http://www.infosecurity-magazine.com/view/23688/more-breaches-caused-by-staff-than-hackers/ http://www.infosecurity-magazine.com/view/23686/adobe-addresses-pdf-security-problem/ Hackers target the most widely used file formats; and there is none more widely used than PDF. A new paper from Adobe discusses the problems and solutions to PDF security. Mon, 06 Feb 2012 09:53:00 GMT http://www.infosecurity-magazine.com/view/23686/adobe-addresses-pdf-security-problem/ http://www.infosecurity-magazine.com/view/23679/hackers-could-eavesdrop-on-confidential-chats-via-videoconference-equipment/ Some videoconferencing equipment could enable hackers to eavesdrop on privileged corporate conversations or a boring employee training seminar, according to a security official at Rapid7. Fri, 03 Feb 2012 21:00:00 GMT http://www.infosecurity-magazine.com/view/23679/hackers-could-eavesdrop-on-confidential-chats-via-videoconference-equipment/ http://www.infosecurity-magazine.com/view/23678/google-microsoft-spar-over-new-google-privacy-policy/ Microsoft is a myth maker when it comes to Google’s new privacy policy, the search giant is charging. Fri, 03 Feb 2012 20:45:00 GMT http://www.infosecurity-magazine.com/view/23678/google-microsoft-spar-over-new-google-privacy-policy/ http://www.infosecurity-magazine.com/view/23677/social-security-chief-admits-living-relative-was-listed-on-the-agencys-death-list/ Social Security Commissioner Michael Astrue told a House panel this week that he had a relative and a friend declared “dead” on his agency’s death list, which publishes the names and social security numbers of deceased individuals, even though they were very much alive. Fri, 03 Feb 2012 20:16:00 GMT http://www.infosecurity-magazine.com/view/23677/social-security-chief-admits-living-relative-was-listed-on-the-agencys-death-list/ http://www.infosecurity-magazine.com/view/23676/nist-ponies-up-10-million-for-trusted-online-credential-projects/ The National Institute of Standards and Technology (NIST) is awarding $10 million in funding for trusted online credential pilot projects. Fri, 03 Feb 2012 18:30:00 GMT http://www.infosecurity-magazine.com/view/23676/nist-ponies-up-10-million-for-trusted-online-credential-projects/ http://www.infosecurity-magazine.com/view/23648/number-of-patient-record-data-breaches-nearly-doubled-last-year/ The total number of patient records compromised in the US increased by 97% in 2011 compared with 2010, according to a report released this week by the Redspin consulting firm. Fri, 03 Feb 2012 12:30:00 GMT http://www.infosecurity-magazine.com/view/23648/number-of-patient-record-data-breaches-nearly-doubled-last-year/ http://www.infosecurity-magazine.com/view/23665/security-researchers-break-satellite-phone-encryption/ Academics Benedikt Driessen and Ralf Hund from Ruhr University Bochum have reverse-engineered and cracked the GMR-1 and GMR-2 voice ciphers used by many satellite networks. Fri, 03 Feb 2012 12:27:00 GMT http://www.infosecurity-magazine.com/view/23665/security-researchers-break-satellite-phone-encryption/ http://www.infosecurity-magazine.com/view/23658/eu-publishes-10-myths-about-acta/ Following its signature to the ACTA agreement in Tokyo last week, the EU has published ’10 Myths about ACTA’. It’s purpose is to counter the many criticisms about the Anti-Counterfeiting Trade Agreement, and is part of a current EU campaign to demonstrate that ACTA is misunderstood. Fri, 03 Feb 2012 11:29:00 GMT http://www.infosecurity-magazine.com/view/23658/eu-publishes-10-myths-about-acta/ http://www.infosecurity-magazine.com/view/23656/verisign-repeatedly-hacked-in-2010/ Reuters reports that VeriSign was repeatedly hacked during 2010. The information was discovered among 2000 different quarterly SEC filings being reviewed by Reuters. Fri, 03 Feb 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/23656/verisign-repeatedly-hacked-in-2010/ http://www.infosecurity-magazine.com/view/23647/apple-roars-with-massive-lion-snow-leopard-security-updates/ Apple has released massive security updates for its Lion and Snow Leopard Mac operating systems, fixing 52 vulnerabilities. Thu, 02 Feb 2012 20:57:00 GMT http://www.infosecurity-magazine.com/view/23647/apple-roars-with-massive-lion-snow-leopard-security-updates/ http://www.infosecurity-magazine.com/view/23646/fbi-chief-warns-congress-that-hackers-will-become-greatest-national-security-threat/ The top G-man is warning Congress that hackers will pose a greater danger to US national security than terrorists in the not-too-distant future. Thu, 02 Feb 2012 20:21:00 GMT http://www.infosecurity-magazine.com/view/23646/fbi-chief-warns-congress-that-hackers-will-become-greatest-national-security-threat/ http://www.infosecurity-magazine.com/view/23645/oracle-patches-denialofservice-vulnerability/ Oracle has pushed out a patch for a denial-of-service vulnerability in the Oracle WebLogic Server, Application Server, and iPlanet Web Server due to hash collisions. Thu, 02 Feb 2012 18:52:00 GMT http://www.infosecurity-magazine.com/view/23645/oracle-patches-denialofservice-vulnerability/ http://www.infosecurity-magazine.com/view/23644/house-panel-approves-critical-infrastructure-cybersecurity-bill/ A US House panel has approved legislation that would encourage critical infrastructure companies to adopt cybersecurity best practices and would give the Department of Homeland Security (DHS) responsibility for safeguarding critical infrastructure cybersecurity. Thu, 02 Feb 2012 17:13:00 GMT http://www.infosecurity-magazine.com/view/23644/house-panel-approves-critical-infrastructure-cybersecurity-bill/ http://www.infosecurity-magazine.com/view/23638/science-and-technology-committee-publishes-malware-and-cyber-crime-report/ The House of Commons Science and Technology Committee has today published its Malware and Cybercrime report – a recommendation to the UK government on how to tackle online threats. Thu, 02 Feb 2012 11:54:00 GMT http://www.infosecurity-magazine.com/view/23638/science-and-technology-committee-publishes-malware-and-cyber-crime-report/ http://www.infosecurity-magazine.com/view/23625/critical-infrastructure-firms-woefully-short-on-cybersecurity-spending/ US critical infrastructure companies would need to spend nine times more on cybersecurity in order to prevent a surprise digital assault, according to a new report by Bloomberg Government and the Ponemon Institute. Thu, 02 Feb 2012 09:11:00 GMT http://www.infosecurity-magazine.com/view/23625/critical-infrastructure-firms-woefully-short-on-cybersecurity-spending/ http://www.infosecurity-magazine.com/view/23628/new-development-in-posttransaction-banking-fraud/ Trusteer has discovered that ZeuS-variant Ice IX seeks to divert bank-to-customer telephone calls to further obfuscate any fraud. Thu, 02 Feb 2012 08:56:00 GMT http://www.infosecurity-magazine.com/view/23628/new-development-in-posttransaction-banking-fraud/ http://www.infosecurity-magazine.com/view/23626/counterclank-is-not-malware-just-aggressive-adware/ Following Symantec’s weekend claim that up to five million Androids may be infected with Counterclank, other researchers suggest that the code is adware rather than malware. Thu, 02 Feb 2012 08:10:00 GMT http://www.infosecurity-magazine.com/view/23626/counterclank-is-not-malware-just-aggressive-adware/ http://www.infosecurity-magazine.com/view/23623/mozilla-releases-firefox-10-browser-with-nine-security-fixes/ Mozilla has released the latest version of its browser, Firefox 10, with fixes for nine security flaws, including five critical vulnerabilities. Wed, 01 Feb 2012 20:22:00 GMT http://www.infosecurity-magazine.com/view/23623/mozilla-releases-firefox-10-browser-with-nine-security-fixes/ http://www.infosecurity-magazine.com/view/23622/audit-reveals-maryland-inmates-had-access-to-social-security-numbers/ Prison inmates in Maryland had access to social security numbers of patients who received treatment under the state’s Medicaid program, according to a recent state audit. Wed, 01 Feb 2012 19:59:00 GMT http://www.infosecurity-magazine.com/view/23622/audit-reveals-maryland-inmates-had-access-to-social-security-numbers/ http://www.infosecurity-magazine.com/view/23624/proposed-ec-data-protection-rules-help-cloud-adoption/ The proposed new European Union data protection regulation will support the adoption of cloud computing, says European Commission Vice-President Neelie Kroes. Wed, 01 Feb 2012 19:40:00 GMT http://www.infosecurity-magazine.com/view/23624/proposed-ec-data-protection-rules-help-cloud-adoption/ http://www.infosecurity-magazine.com/view/23621/ernst-young-loses-401k-information-of-bank-employees/ Ernst & Young, auditors of Regions Financial Corp., lost personal information on current and former Regions’ employees when a flash drive with the data sent in the mail was stolen. Wed, 01 Feb 2012 19:30:00 GMT http://www.infosecurity-magazine.com/view/23621/ernst-young-loses-401k-information-of-bank-employees/ http://www.infosecurity-magazine.com/view/23620/romanian-authorities-arrest-suspected-tinkode-hacker/ The Romanian authorities announced that they have arrested a man they believe is the TinKode hacker, who is responsible for hacking into US and UK government and military websites. Wed, 01 Feb 2012 19:12:00 GMT http://www.infosecurity-magazine.com/view/23620/romanian-authorities-arrest-suspected-tinkode-hacker/ http://www.infosecurity-magazine.com/view/23609/major-uk-companies-still-not-blocking-porn-namesakes/ The XXX domain suffix was launched last September to provide a voluntary ‘responsible’ home for adult sites; but daily.co.uk has noted that 90% of the UK’s fastest growing companies have not yet protected their brands. Wed, 01 Feb 2012 12:15:00 GMT http://www.infosecurity-magazine.com/view/23609/major-uk-companies-still-not-blocking-porn-namesakes/ http://www.infosecurity-magazine.com/view/23607/new-forrester-report-big-data-risks/ A new Forrester report, the Future Of Data Security And Privacy: Controlling Big Data, seeks to help business understand the risks inherent in Big Data, and how to handle them. Wed, 01 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23607/new-forrester-report-big-data-risks/ http://www.infosecurity-magazine.com/view/23608/resilience-is-the-key-to-security-says-world-economic-forum/ The World Economic Forum has joined the growing body of opinion that sees integrated corporate resilience as more important than isolated information security as the best defense against risk. Wed, 01 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23608/resilience-is-the-key-to-security-says-world-economic-forum/ http://www.infosecurity-magazine.com/view/23606/update-windows-media-player-vulnerability/ New research from M86 Labs adds further insight on the MIDI exploit first highlighted by Trend Micro last week. Wed, 01 Feb 2012 11:55:00 GMT http://www.infosecurity-magazine.com/view/23606/update-windows-media-player-vulnerability/ http://www.infosecurity-magazine.com/view/23597/dr-strangelove-in-cyberspace-experts-warn-of-cyber-arms-race/ More than half of policy makers and global cybersecurity experts believe that an arms race is taking place in cyberspace, according to a new report by McAfee and the Security and Defence Agenda think tank. Wed, 01 Feb 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/23597/dr-strangelove-in-cyberspace-experts-warn-of-cyber-arms-race/ http://www.infosecurity-magazine.com/view/23595/fbi-may-have-used-spyware-in-making-case-against-megaupload/ The FBI likely employed its CIPAV spyware to eavesdrop on Kim Dotcom and other managers of MegaUpload, according to a report by CNET. Tue, 31 Jan 2012 20:16:00 GMT http://www.infosecurity-magazine.com/view/23595/fbi-may-have-used-spyware-in-making-case-against-megaupload/ http://www.infosecurity-magazine.com/view/23594/aussie-taxpayers-targeted-in-refund-scam/ Scammers are using supposed tax refunds from the Australian Taxation Office as way to scam Australian taxpayers. Tue, 31 Jan 2012 19:35:00 GMT http://www.infosecurity-magazine.com/view/23594/aussie-taxpayers-targeted-in-refund-scam/ http://www.infosecurity-magazine.com/view/23590/fda-secretly-monitored-private-emails-of-whistleblowers-lawsuit-alleges/ The US Food and Drug Administration (FDA) secretly monitored the private emails of staff scientists and doctors who complained to Congress that the agency was approving dangerous medical devices for public use, according to a federal lawsuit filed by the staff members. Tue, 31 Jan 2012 17:27:00 GMT http://www.infosecurity-magazine.com/view/23590/fda-secretly-monitored-private-emails-of-whistleblowers-lawsuit-alleges/ http://www.infosecurity-magazine.com/view/23586/trymedia-breach-exposes-credit-card-numbers-of-12000-digital-game-customers/ Trymedia’s ActiveStore web-based storefront application, which processes digital game purchases made by customers on its partners’ websites, was recently breached, exposing credit card numbers and other personal information of more than 12,000 customers Tue, 31 Jan 2012 16:23:00 GMT http://www.infosecurity-magazine.com/view/23586/trymedia-breach-exposes-credit-card-numbers-of-12000-digital-game-customers/ http://www.infosecurity-magazine.com/view/23571/a-call-for-a-new-standard-in-infosec-training-and-awareness/ A talk at the Information Exploitation Conference at the Home Office’s Security and Policing Exhibition 2012 today addresses the disconnect between user and professional, and calls for a new standard that focuses on training and awareness. Tue, 31 Jan 2012 11:15:00 GMT http://www.infosecurity-magazine.com/view/23571/a-call-for-a-new-standard-in-infosec-training-and-awareness/ http://www.infosecurity-magazine.com/view/23562/ie6-users-no-longer-caught-between-a-rock-and-a-hard-place/ As Microsoft seeks to wean users away from the aging and insecure Internet Explorer 6, companies with IE6 legacy applications are stuck – they can’t upgrade to a newer OS because IE6 is no longer supported; and they still need IE6. Tue, 31 Jan 2012 10:22:00 GMT http://www.infosecurity-magazine.com/view/23562/ie6-users-no-longer-caught-between-a-rock-and-a-hard-place/ http://www.infosecurity-magazine.com/view/23558/75-of-all-new-malware-are-trojans/ PandaLabs’ 2011 report puts facts and figures to what really happened last year: rising malware, cyber-activism, cyberwarfare, increasing mobile malware, more attacks on social networks and the “first large-scale attack on Mac”. Tue, 31 Jan 2012 09:29:00 GMT http://www.infosecurity-magazine.com/view/23558/75-of-all-new-malware-are-trojans/ http://www.infosecurity-magazine.com/view/23552/when-it-comes-to-customer-data-protection-firms-are-phoning-it-in/ Only half of IT professionals believe that their organization made its best effort to protect customer and consumer information, according to a survey by credit reporting firm Experian and the Ponemon Institute. Mon, 30 Jan 2012 18:41:00 GMT http://www.infosecurity-magazine.com/view/23552/when-it-comes-to-customer-data-protection-firms-are-phoning-it-in/ http://www.infosecurity-magazine.com/view/23551/get-your-free-iphone-5-herenot/ The iPhone 5 is expected to hit the market sometime this year, but scammers are looking to give you one for "free" right now. Mon, 30 Jan 2012 17:36:00 GMT http://www.infosecurity-magazine.com/view/23551/get-your-free-iphone-5-herenot/ http://www.infosecurity-magazine.com/view/23548/global-cybersecurity-market-to-reach-61-billion-this-year/ The global cybersecurity market is predicted to reach $61.1 billion in 2012, according to a report by UK-based consultancy Visiongain. Mon, 30 Jan 2012 16:31:00 GMT http://www.infosecurity-magazine.com/view/23548/global-cybersecurity-market-to-reach-61-billion-this-year/ http://www.infosecurity-magazine.com/view/23547/congress-to-ftc-check-into-googles-new-privacy-policy/ Two US representatives are asking the Federal Trade Commission (FTC) to investigate whether Google’s new privacy policy violates the company’s settlement last year over its short-lived Buzz social networking site. Mon, 30 Jan 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/23547/congress-to-ftc-check-into-googles-new-privacy-policy/ http://www.infosecurity-magazine.com/view/23544/gday-mate-australia-new-zealand-shake-hands-on-cybersecurity/ Australia and New Zealand signed an agreement on Sunday that expands their cooperation on cybersecurity. Mon, 30 Jan 2012 15:24:00 GMT http://www.infosecurity-magazine.com/view/23544/gday-mate-australia-new-zealand-shake-hands-on-cybersecurity/ http://www.infosecurity-magazine.com/view/23528/apts-hacktivists-have-organizations-in-their-crosshairs/ Advanced persistent threats (APTs) and hacktivists will continue to plague organizations in 2012, warns Mary Landesman, market intelligence manager at Cisco. Mon, 30 Jan 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23528/apts-hacktivists-have-organizations-in-their-crosshairs/ http://www.infosecurity-magazine.com/view/23541/spam-and-phishing-are-growing-problems-dmarc-has-the-answer/ DMARC is the technical working group of 15 leading email services and technology providers working on a standard to fight ‘deceptive’ emails such as spam and phishing. Mon, 30 Jan 2012 11:26:00 GMT http://www.infosecurity-magazine.com/view/23541/spam-and-phishing-are-growing-problems-dmarc-has-the-answer/ http://www.infosecurity-magazine.com/view/23538/cso-interchange-cloud-concerns-are-largely-propaganda/ Last week’s CSO Interchange roundtable centered on “Barriers to Cloud Adoption”, with talks on identity issues from Jericho Forum’s Paul Simmonds and SSL from security researcher Moxie Marlinspike. Mon, 30 Jan 2012 10:37:00 GMT http://www.infosecurity-magazine.com/view/23538/cso-interchange-cloud-concerns-are-largely-propaganda/ http://www.infosecurity-magazine.com/view/23530/up-to-five-million-androids-infected-with-counterclank/ Symantec describes an Android trojan delivered as malware attached to downloaded game apps. Sun, 29 Jan 2012 14:58:00 GMT http://www.infosecurity-magazine.com/view/23530/up-to-five-million-androids-infected-with-counterclank/ http://www.infosecurity-magazine.com/view/23529/im-not-behind-kelihos-botnet-claims-sabelnikov/ Andrey Sabelnikov, named in Microsoft court papers as controller of the Kelihos botnet, declares his innocence in a LiveJournal post. Sun, 29 Jan 2012 10:33:00 GMT http://www.infosecurity-magazine.com/view/23529/im-not-behind-kelihos-botnet-claims-sabelnikov/ http://www.infosecurity-magazine.com/view/23527/warining-issued-for-exploit-of-patched-flaw-in-windows-media-player/ Trend Micro researchers are warning that a recently patched flaw in Windows Media Player is being used by remote hackers to launch malware. Fri, 27 Jan 2012 18:58:00 GMT http://www.infosecurity-magazine.com/view/23527/warining-issued-for-exploit-of-patched-flaw-in-windows-media-player/ http://www.infosecurity-magazine.com/view/23526/legal-think-tank-raises-red-flag-about-privacy-in-cybersecurity-legislation/ The US Congress must include strong privacy protections in any cybersecurity legislation it adopts, a constitutional watchdog group warned in a report released Friday. Fri, 27 Jan 2012 18:26:00 GMT http://www.infosecurity-magazine.com/view/23526/legal-think-tank-raises-red-flag-about-privacy-in-cybersecurity-legislation/ http://www.infosecurity-magazine.com/view/23520/outhoover-hoover-fbi-wants-massive-datamining-capability-for-social-media/ The FBI is asking industry for help in developing a far-reaching data-mining application that can gather and analyze intelligence from social media sites. Fri, 27 Jan 2012 16:18:00 GMT http://www.infosecurity-magazine.com/view/23520/outhoover-hoover-fbi-wants-massive-datamining-capability-for-social-media/ http://www.infosecurity-magazine.com/view/23522/businesses-should-disable-pcanywhere-says-symantec/ Security firm Symantec has warned businesses to stop using its pcAnywhere software until security patches are issued. Fri, 27 Jan 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/23522/businesses-should-disable-pcanywhere-says-symantec/ http://www.infosecurity-magazine.com/view/23519/south-african-ministry-to-send-longdelayed-cybersecurity-policy-to-cabinet/ The South African Department of Communication plans to submit the long-overdue National Cybersecurity Policy Framework for South Africa to the nation's cabinet for approval in March. Fri, 27 Jan 2012 15:36:00 GMT http://www.infosecurity-magazine.com/view/23519/south-african-ministry-to-send-longdelayed-cybersecurity-policy-to-cabinet/ http://www.infosecurity-magazine.com/view/23504/firms-question-proposed-eu-data-protection-notification-deadline-fines/ UK companies are not reacting well to the tight data breach notification deadline and hefty fines being proposed in the revision to the EU Data Protection Directive unveiled this week. Fri, 27 Jan 2012 14:00:00 GMT http://www.infosecurity-magazine.com/view/23504/firms-question-proposed-eu-data-protection-notification-deadline-fines/ http://www.infosecurity-magazine.com/view/23500/googles-revised-privacy-policy-not-sitting-well-with-some/ Google announced earlier this week that it would revise its privacy policy and terms of use, consolidating 60 privacy policies across multiple products into one mega-policy. Sounds like a good idea, right? Not so fast. Fri, 27 Jan 2012 13:30:00 GMT http://www.infosecurity-magazine.com/view/23500/googles-revised-privacy-policy-not-sitting-well-with-some/ http://www.infosecurity-magazine.com/view/23517/technical-controls-not-enough-to-ensure-real-cyber-security/ A new report from the Information Security Forum (ISF) proposes the evolution from simple data defense to cyber resilience. Fri, 27 Jan 2012 13:14:00 GMT http://www.infosecurity-magazine.com/view/23517/technical-controls-not-enough-to-ensure-real-cyber-security/ http://www.infosecurity-magazine.com/view/23507/users-not-checking-the-security-of-public-wifi/ New figures from a YouGov survey shows a discrepancy in security awareness between use of public WiFi and home WiFi in the UK, supposedly putting more than £2 billion at risk. Fri, 27 Jan 2012 08:28:00 GMT http://www.infosecurity-magazine.com/view/23507/users-not-checking-the-security-of-public-wifi/ http://www.infosecurity-magazine.com/view/23506/is-carberp-poised-for-global-expansion/ New research from anti-malware company ESET shows how easy it is to tailor Carberp to attack new and different targets. Fri, 27 Jan 2012 07:00:00 GMT http://www.infosecurity-magazine.com/view/23506/is-carberp-poised-for-global-expansion/ http://www.infosecurity-magazine.com/view/23505/eu-and-uk-sign-the-acta-agreement/ The EU and 22 of its member states, including the UK but excluding Germany, the Netherlands, Estonia, Cyprus and Slovakia, have signed the ACTA agreement. Digital rights groups are urging a SOPA-like campaign in protest. Fri, 27 Jan 2012 05:54:00 GMT http://www.infosecurity-magazine.com/view/23505/eu-and-uk-sign-the-acta-agreement/ http://www.infosecurity-magazine.com/view/23499/malware-user-error-frighten-people-on-the-internet-says-sophos/ More than two-thirds of those surveyed by Sophos believe that malware is on the rise, and 61% feel user error is the biggest threat on the internet. Thu, 26 Jan 2012 19:40:00 GMT http://www.infosecurity-magazine.com/view/23499/malware-user-error-frighten-people-on-the-internet-says-sophos/ http://www.infosecurity-magazine.com/view/23497/standards-group-releases-2012-data-protection-and-breach-guide/ The Online Trust Alliance (OTA), an industry standards group, released this week its 2012 Data Protection and Breach Guide, which includes a review of 2011 data breaches and recommendations for businesses to prevent breaches and manage incidents. Thu, 26 Jan 2012 18:19:00 GMT http://www.infosecurity-magazine.com/view/23497/standards-group-releases-2012-data-protection-and-breach-guide/ http://www.infosecurity-magazine.com/view/23498/o2-apologizes-for-security-breach/ Mobile operator O2 has apologized for a technical problem that resulted in subscribers' phone numbers being included in header information sent to websites they visited. Thu, 26 Jan 2012 18:15:00 GMT http://www.infosecurity-magazine.com/view/23498/o2-apologizes-for-security-breach/