http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Tue, 22 May 2012 18:49:50 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/view/25920/supreme-court-to-review-aclu-challenge-to-warrantless-wiretapping/ The US Supreme Court has agreed to consider whether the American Civil Liberties Union (ACLU) and other groups have standing in challenging the constitutionality of the US government’s warrantless wiretapping of overseas phone calls and emails. Tue, 22 May 2012 15:20:00 GMT http://www.infosecurity-magazine.com/view/25920/supreme-court-to-review-aclu-challenge-to-warrantless-wiretapping/ http://www.infosecurity-magazine.com/view/25918/diablo-iii-gaming-accounts-hacked-servers-taken-offline/ Blizzard Entertainment’s newly launched Diablo III video game was hacked within a few days of its launch, and servers in Europe were taken offline for four hours on Sunday. Tue, 22 May 2012 14:50:00 GMT http://www.infosecurity-magazine.com/view/25918/diablo-iii-gaming-accounts-hacked-servers-taken-offline/ http://www.infosecurity-magazine.com/view/25917/senator-warns-cybersecurity-act-has-same-privacy-problems-as-cispa/ Sen. Ron Wyden (D-Ore.) has come out against the Democratically sponsored Cybersecurity Act, comparing it to the controversial Cyber Intelligence Sharing and Protection Act (CISPA) in terms of privacy concerns. Tue, 22 May 2012 14:23:00 GMT http://www.infosecurity-magazine.com/view/25917/senator-warns-cybersecurity-act-has-same-privacy-problems-as-cispa/ http://www.infosecurity-magazine.com/view/25916/bomb-threat-halts-construction-of-nsa-topsecret-cybersecurity-center/ A bomb threat halted construction of the National Security Agency's top-secret cybersecurity intelligence center being built at Camp Williams, Utah. Tue, 22 May 2012 13:52:00 GMT http://www.infosecurity-magazine.com/view/25916/bomb-threat-halts-construction-of-nsa-topsecret-cybersecurity-center/ http://www.infosecurity-magazine.com/view/25913/you-dont-need-to-be-hacked-if-you-give-away-your-credentials/ GFI Software highlights the problems of users’ carelessness with their credentials: who needs hacking skills when log-on details are just handed over? Tue, 22 May 2012 11:37:00 GMT http://www.infosecurity-magazine.com/view/25913/you-dont-need-to-be-hacked-if-you-give-away-your-credentials/ http://www.infosecurity-magazine.com/view/25911/a-new-solution-for-authenticating-byod/ New start-up SaaSID today launches a product at CloudForce London that seeks to solve a pressing and growing problem: the authentication of personal devices to the cloud. Tue, 22 May 2012 11:23:00 GMT http://www.infosecurity-magazine.com/view/25911/a-new-solution-for-authenticating-byod/ http://www.infosecurity-magazine.com/view/25901/new-hmrc-refund-phishing-scam-detected/ Every year our tax details are evaluated by HMRC. Every year, a lucky few get tax refunds; and every year, at that time, the scammers come out to take advantage. Tue, 22 May 2012 10:22:00 GMT http://www.infosecurity-magazine.com/view/25901/new-hmrc-refund-phishing-scam-detected/ http://www.infosecurity-magazine.com/view/25897/amtso-has-credibility-gap-for-antivirus-testing-standards/ The Anti-Malware Testing Standards Organization (AMTSO) has a credibility problem that needs to be addressed for the organization to have an impact on the anti-virus software testing communities, observed David Harley, ESET senior research fellow. Tue, 22 May 2012 04:00:00 GMT http://www.infosecurity-magazine.com/view/25897/amtso-has-credibility-gap-for-antivirus-testing-standards/ http://www.infosecurity-magazine.com/view/25896/supreme-court-refuses-to-reduce-675000-file-sharing-fine/ The US Supreme Court has let stand a $675,000 file sharing verdict levied by a jury against Joel Tenenbaum for downloading songs and making them available on a peer-to-peer network while a student at Boston University. Mon, 21 May 2012 16:36:00 GMT http://www.infosecurity-magazine.com/view/25896/supreme-court-refuses-to-reduce-675000-file-sharing-fine/ http://www.infosecurity-magazine.com/view/25894/umaine-server-breach-exposes-thousands-of-social-security-credit-card-numbers/ The University of Maine has admitted to a server breach that may have exposed personal information, including social security and credit card numbers, on around 3,825 individuals. Mon, 21 May 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/25894/umaine-server-breach-exposes-thousands-of-social-security-credit-card-numbers/ http://www.infosecurity-magazine.com/view/25892/sensitive-data-on-british-army-snipers-end-up-in-trunk-of-used-car/ Sensitive information about British Army snipers was found in the trunk of a used car, according to press reports. Mon, 21 May 2012 15:37:00 GMT http://www.infosecurity-magazine.com/view/25892/sensitive-data-on-british-army-snipers-end-up-in-trunk-of-used-car/ http://www.infosecurity-magazine.com/view/25891/indian-cert-handled-over-13000-cybersecurity-incidents-in-2011/ The Indian Computer Emergency Response Team (CERT-In) handled 13,301 cybersecurity incidents in 2011, up from 10,315 incidents in 2010 and 8,266 incidents in 2009. Mon, 21 May 2012 15:16:00 GMT http://www.infosecurity-magazine.com/view/25891/indian-cert-handled-over-13000-cybersecurity-incidents-in-2011/ http://www.infosecurity-magazine.com/view/25890/uk-government-is-likely-to-miss-its-own-cloud-targets/ G-Cloud is the government strategy to reduce IT expenditure by increasing use of the cloud. It calls for 50% of new spending to be used on cloud services by 2015 – but a new report from VMWare suggests such targets will likely be missed by the public sector. Mon, 21 May 2012 13:45:00 GMT http://www.infosecurity-magazine.com/view/25890/uk-government-is-likely-to-miss-its-own-cloud-targets/ http://www.infosecurity-magazine.com/view/25889/new-absinthe-20-apple-jailbreak-expected-this-week/ The tethered jailbreak for iOS 5.1, Redsn0w, still works on iOS 5.1.1. This week, probably on 25 May, a new untethered jailbreak is likely to be announced at the Hack-in-the-Box conference. Mon, 21 May 2012 12:52:00 GMT http://www.infosecurity-magazine.com/view/25889/new-absinthe-20-apple-jailbreak-expected-this-week/ http://www.infosecurity-magazine.com/view/25884/teliasonera-sells-black-boxes-to-dictators/ While the UK awaits details on how the proposed Communications Bill will force service providers to monitor internet and phone metadata, Sweden’s TeliaSonera shows how it could be done by selling black boxes to authoritarian states. Mon, 21 May 2012 11:24:00 GMT http://www.infosecurity-magazine.com/view/25884/teliasonera-sells-black-boxes-to-dictators/ http://www.infosecurity-magazine.com/view/25883/opfake-malware-being-disguised-in-android-games/ Symantec researchers recently discovered several dummy sites being used to peddle the Android.Opfake malware, which is being disguised as games such as Temple Run and Cut the Rope. Fri, 18 May 2012 19:55:00 GMT http://www.infosecurity-magazine.com/view/25883/opfake-malware-being-disguised-in-android-games/ http://www.infosecurity-magazine.com/view/25882/chinas-zte-admits-to-backdoor-in-mobile-phone-model/ China mobile phone maker ZTE admitted that one of its mobile phone models sold in the US contains a backdoor that could enable someone to take control of the device. Fri, 18 May 2012 19:25:00 GMT http://www.infosecurity-magazine.com/view/25882/chinas-zte-admits-to-backdoor-in-mobile-phone-model/ http://www.infosecurity-magazine.com/view/25880/us-lawmakers-applaud-twitters-decision-to-implement-do-not-track-policy/ A number of US lawmakers are applauding Twitter’s decision this week to implement a Do Not Track (DNT) policy. Fri, 18 May 2012 16:51:00 GMT http://www.infosecurity-magazine.com/view/25880/us-lawmakers-applaud-twitters-decision-to-implement-do-not-track-policy/ http://www.infosecurity-magazine.com/view/25879/dhs-warns-about-patient-data-risk-from-wireless-medical-devices/ The Department of Homeland Security (DHS) is warning healthcare organizations about the security threat posed to patient data and networks by insecure wireless medical devices (MDs) and mobile communication devices. Fri, 18 May 2012 16:14:00 GMT http://www.infosecurity-magazine.com/view/25879/dhs-warns-about-patient-data-risk-from-wireless-medical-devices/ http://www.infosecurity-magazine.com/view/25878/americans-aussies-sign-accord-to-expand-cybersecurity-cooperation/ The US and Australian governments have signed a cybersecurity agreement that will enable greater cooperation on combating cyber threats. Fri, 18 May 2012 15:51:00 GMT http://www.infosecurity-magazine.com/view/25878/americans-aussies-sign-accord-to-expand-cybersecurity-cooperation/ http://www.infosecurity-magazine.com/view/25872/understanding-the-legal-problems-with-dpa/ We have known for many years that the EU is not happy with the UK’s implementation of the Data Protection Directive – what we haven’t known is why. This may now change thanks to the persistence of Amberhawk Training Ltd. Fri, 18 May 2012 12:42:00 GMT http://www.infosecurity-magazine.com/view/25872/understanding-the-legal-problems-with-dpa/ http://www.infosecurity-magazine.com/view/25871/who-attacked-wikileaks-and-the-pirate-bay/ This week both the The Pirate Bay and WikiLeaks have been ‘taken down’ by sustained DDoS attacks: TPB for over 24 hours, and Wikileaks for 72. What isn’t known is who is behind the attacks. Fri, 18 May 2012 12:29:00 GMT http://www.infosecurity-magazine.com/view/25871/who-attacked-wikileaks-and-the-pirate-bay/ http://www.infosecurity-magazine.com/view/25870/byod-threatens-job-security-at-hp/ BYOD isn’t simply a security issue – it’s a job issue. Sales of multi-function smartphones and tablets are reducing demand for traditional PCs; and this is hitting Hewlett Packard. Fri, 18 May 2012 12:12:00 GMT http://www.infosecurity-magazine.com/view/25870/byod-threatens-job-security-at-hp/ http://www.infosecurity-magazine.com/view/25860/pci-explains-how-merchants-can-securely-accept-mobile-payments/ The PCI Security Standards Council (PCI SSC) released a fact sheet this week outlining how merchants can securely accept payments using mobile devices such as smartphones or tablets. Thu, 17 May 2012 21:23:00 GMT http://www.infosecurity-magazine.com/view/25860/pci-explains-how-merchants-can-securely-accept-mobile-payments/ http://www.infosecurity-magazine.com/view/25858/the-white-hat-rally-one-olympic-race-not-to-miss-/ The UK Information Security community lines up to raise money for Barnardo’s in a 3 day tour across the Country. Thu, 17 May 2012 15:33:00 GMT http://www.infosecurity-magazine.com/view/25858/the-white-hat-rally-one-olympic-race-not-to-miss-/ http://www.infosecurity-magazine.com/view/25857/white-house-cybersecurity-czar-to-step-down/ Howard Schmidt, the White House’s cybersecurity coordinator, said he will be stepping down from his post at the end of May after two and half years in the position. Thu, 17 May 2012 15:11:00 GMT http://www.infosecurity-magazine.com/view/25857/white-house-cybersecurity-czar-to-step-down/ http://www.infosecurity-magazine.com/view/25855/google-doles-out-16500-in-bug-bounties-with-chrome-19-release/ Google has shipped its Chrome 19 browser with 20 security fixes, including eight designated “high” severity, and doled out $16,500 in bug bounties. Thu, 17 May 2012 14:42:00 GMT http://www.infosecurity-magazine.com/view/25855/google-doles-out-16500-in-bug-bounties-with-chrome-19-release/ http://www.infosecurity-magazine.com/view/25853/uk-council-objects-to-ico-fine-for-data-loss-resulting-from-burglary/ A UK council is objecting to a 70,000-pound fine levied by the Information Commissioner’s Office (ICO) for losing sensitive data as the result of a theft at an employee’s home. Thu, 17 May 2012 14:00:00 GMT http://www.infosecurity-magazine.com/view/25853/uk-council-objects-to-ico-fine-for-data-loss-resulting-from-burglary/ http://www.infosecurity-magazine.com/view/25852/us-firms-team-with-german-institute-on-cybersecurity-center/ US high-tech firms have teamed with German research institute Fraunhofer FOKUS to open a cybersecurity research center in Berlin. Thu, 17 May 2012 13:45:00 GMT http://www.infosecurity-magazine.com/view/25852/us-firms-team-with-german-institute-on-cybersecurity-center/ http://www.infosecurity-magazine.com/view/25846/25-civil-servants-reprimanded-weekly-for-data-breach/ Government databases are full of highly prized and highly sensitive personal information. The upcoming Communications Bill will generate one of the very largest databases. The government says it will not include personal information. Thu, 17 May 2012 11:33:00 GMT http://www.infosecurity-magazine.com/view/25846/25-civil-servants-reprimanded-weekly-for-data-breach/ http://www.infosecurity-magazine.com/view/25844/vulnerability-found-in-mobile-spy-spyware-app/ Mobile Spy is covert spyware designed to allow parents to monitor their children’s smartphones, employers to catch time-wasters, and partners to detect cheating spouses. But vulnerabilities mean the covertly spied-upon can become the covert spy. Thu, 17 May 2012 11:24:00 GMT http://www.infosecurity-magazine.com/view/25844/vulnerability-found-in-mobile-spy-spyware-app/ http://www.infosecurity-magazine.com/view/25843/governments-make-a-grab-for-the-internet/ Although the internet is officially governed by a bottom-up multi-stakeholder non-governmental model, many governments around the world believe it leaves the US with too much control; and they want things to change. Thu, 17 May 2012 10:48:00 GMT http://www.infosecurity-magazine.com/view/25843/governments-make-a-grab-for-the-internet/ http://www.infosecurity-magazine.com/view/25827/onethird-of-firms-suffered-critical-information-theft-in-past-two-years/ More than one-third of organizations surveyed reported suffering at least one breach in the last 24 months that resulted in critical information being stolen, according to a survey conducted by IANS and sponsored by network security firm Fidelis Security Systems. Wed, 16 May 2012 19:23:00 GMT http://www.infosecurity-magazine.com/view/25827/onethird-of-firms-suffered-critical-information-theft-in-past-two-years/ http://www.infosecurity-magazine.com/view/25823/apple-belatedly-fixes-flashbackrelated-issues-in-leopard/ Apple has issued two security fixes for Mac OS X 10.5 Leopard that targets holes exploited by the Flashback malware. Wed, 16 May 2012 16:10:00 GMT http://www.infosecurity-magazine.com/view/25823/apple-belatedly-fixes-flashbackrelated-issues-in-leopard/ http://www.infosecurity-magazine.com/view/25819/mcafee-uncovers-pinterest-scamming-toolkits/ US security firm McAfee recently uncovered several ready-to-use toolkits that enable hackers to redirect unsuspecting Pinterest users to malicious websites with only a couple lines of code. Wed, 16 May 2012 15:45:00 GMT http://www.infosecurity-magazine.com/view/25819/mcafee-uncovers-pinterest-scamming-toolkits/ http://www.infosecurity-magazine.com/view/25818/online-travel-industry-is-most-vulnerable-to-email-attack/ The online travel industry is the most vulnerable to email attack, according to a newly launched email trust index by email security firm Agari. Wed, 16 May 2012 15:20:00 GMT http://www.infosecurity-magazine.com/view/25818/online-travel-industry-is-most-vulnerable-to-email-attack/ http://www.infosecurity-magazine.com/view/25814/utah-governor-fires-states-technology-director-over-medical-data-breach/ Utah Governor Gary Herbert has fired the director of the state’s Department of Technology Services (DTS) over a breach that exposed healthcare records of 780,000 Utah Medicaid recipients. Wed, 16 May 2012 14:42:00 GMT http://www.infosecurity-magazine.com/view/25814/utah-governor-fires-states-technology-director-over-medical-data-breach/ http://www.infosecurity-magazine.com/view/25806/canadas-interception-bill-c30-dead-in-the-water/ For all intents and purposes, the bill is dead; it appears that Public Safety Minister Vic Toews’ plans to ease police tracking of those who use the web for criminal purposes has been shelved. Wed, 16 May 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/25806/canadas-interception-bill-c30-dead-in-the-water/ http://www.infosecurity-magazine.com/view/25805/new-ios-jailbreak-expected-next-week/ This year’s Hack-in-the-Box Netherlands security conference takes place next week at the Okura Hotel in Amsterdam, and will be the first ever week-long HITB event. A new iOS jailbreak is expected. Wed, 16 May 2012 11:55:00 GMT http://www.infosecurity-magazine.com/view/25805/new-ios-jailbreak-expected-next-week/ http://www.infosecurity-magazine.com/view/25803/uk-companies-are-cyber-selfconfident/ A new study by BAE Systems Detica shows that British business is pessimistic about security in general, but strangely confident about its own. Wed, 16 May 2012 11:49:00 GMT http://www.infosecurity-magazine.com/view/25803/uk-companies-are-cyber-selfconfident/ http://www.infosecurity-magazine.com/view/25788/firms-fear-customer-frustration-brand-damage-from-ddos-attacks/ Three-quarters of IT professionals surveyed cited the impact on customer experience and brand as their greatest fears about distributed denial of service (DDoS) attacks, according to a survey sponsored by internet analysis firm Neustar. Tue, 15 May 2012 16:36:00 GMT http://www.infosecurity-magazine.com/view/25788/firms-fear-customer-frustration-brand-damage-from-ddos-attacks/ http://www.infosecurity-magazine.com/view/25777/internet-crime-costs-consumers-close-to-half-a-billion-dollars-says-ic3/ Losses from internet crime reported to the Internet Crime Complaint Center (IC3) totaled $485.3 million in 2011 and the number of complaints increased 3.4% last year compared to 2010. Tue, 15 May 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/25777/internet-crime-costs-consumers-close-to-half-a-billion-dollars-says-ic3/ http://www.infosecurity-magazine.com/view/25784/adobe-caves-to-pressure-and-decides-to-offer-free-security-fixes/ Adobe has decided to provide free security updates for the CS5 versions of Illustrator, Photoshop, and Flash Professional after receiving flak for only offering the fixes through paid upgrades to CS6. Tue, 15 May 2012 15:35:00 GMT http://www.infosecurity-magazine.com/view/25784/adobe-caves-to-pressure-and-decides-to-offer-free-security-fixes/ http://www.infosecurity-magazine.com/view/25761/rolling-thunder-banks-cybercriminals-wage-war-of-escalation/ Banks and cybercriminals are engaged in a “war of escalation”, warned Peter Tapling, Authentify president and chief executive officer. Tue, 15 May 2012 15:30:00 GMT http://www.infosecurity-magazine.com/view/25761/rolling-thunder-banks-cybercriminals-wage-war-of-escalation/ http://www.infosecurity-magazine.com/view/25783/cloud-security-alliance-isaca-want-industry-input-on-cloud-maturity/ The Cloud Security Alliance (CSA) and ISACA have teamed for the first time on an industry survey examining cloud market maturity. Tue, 15 May 2012 15:21:00 GMT http://www.infosecurity-magazine.com/view/25783/cloud-security-alliance-isaca-want-industry-input-on-cloud-maturity/ http://www.infosecurity-magazine.com/view/25782/mcafee-intel-team-on-reference-implementation-to-secure-power-grid/ At a time when cyberthreats to critical infrastructure are growing, McAfee and Intel have teamed to create a “reference implementation” for the energy sector that integrates a number of McAfee security products for substations and network operations centers with Intel processors and hardware-based security and management technologies. Tue, 15 May 2012 14:57:00 GMT http://www.infosecurity-magazine.com/view/25782/mcafee-intel-team-on-reference-implementation-to-secure-power-grid/ http://www.infosecurity-magazine.com/view/25752/facebook-clarifies-privacy-policy-in-response-to-regulatory-probes/ Following probes by US and European regulators, Facebook is proposing changes to its privacy policy to be more explicit about how it handles members’ information. Tue, 15 May 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/25752/facebook-clarifies-privacy-policy-in-response-to-regulatory-probes/ http://www.infosecurity-magazine.com/view/25767/the-danger-in-service-operators-censorship-filters/ Yesterday we reported that the German Pirate Party had been ‘accidentally’ blocked by an automatic content filtering system used by many German schools. And yesterday the Open Rights Group and the LSE Media Policy Unit published a new report: Mobile Internet censorship: What’s happening and what we can do about it. Tue, 15 May 2012 10:17:00 GMT http://www.infosecurity-magazine.com/view/25767/the-danger-in-service-operators-censorship-filters/ http://www.infosecurity-magazine.com/view/25764/security-is-driving-cloud-adoption/ In its 2012 Disaster Preparedness survey, Symantec finds a link between the three great movers of contemporary computing: virtualization, cloud computing and mobility. That link, surprisingly, is security – or more specifically, it is the need for adequate disaster recovery capabilities. Tue, 15 May 2012 09:52:00 GMT http://www.infosecurity-magazine.com/view/25764/security-is-driving-cloud-adoption/ http://www.infosecurity-magazine.com/view/25762/how-safe-is-your-icloud-data/ Last month, Ars Technica asked the question, ‘Can Apple give police a key to your encrypted iPhone data?’ It concluded that it probably could not for the data on the device; but probably could for data stored in iCloud. Now the question has less relevance, with the latest version of ElcomSoft’s EPPB and the increasing use of iCloud. Tue, 15 May 2012 08:57:00 GMT http://www.infosecurity-magazine.com/view/25762/how-safe-is-your-icloud-data/ http://www.infosecurity-magazine.com/view/25757/us-appeals-court-denies-foia-request-for-info-on-google-aurora-attack/ A US federal appeals court has upheld a lower court ruling that the National Security Agency (NSA) can invoke the Glomar (neither confirm nor deny) response in denying a Freedom of Information Act (FOIA) request by the Electronic Privacy Information Center (EPIC) for documents regarding the 2010 Aurora attack on Google. Mon, 14 May 2012 21:22:00 GMT http://www.infosecurity-magazine.com/view/25757/us-appeals-court-denies-foia-request-for-info-on-google-aurora-attack/ http://www.infosecurity-magazine.com/view/25753/icscert-warns-about-critical-flaw-in-movicon-industrial-control-system/ The US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is waning about a critical vulnerability in Progea’s Movicon 11, an industrial control product that manages critical infrastructure systems. Mon, 14 May 2012 20:39:00 GMT http://www.infosecurity-magazine.com/view/25753/icscert-warns-about-critical-flaw-in-movicon-industrial-control-system/ http://www.infosecurity-magazine.com/view/25751/south-carolina-county-takes-nine-month-to-notify-thousands-of-data-breach-victims/ Officials with York County, South Carolina, took nine months to notify close to 17,000 job applicants and vendors that their social security numbers were exposed by an intrusion into a web application server. Mon, 14 May 2012 19:18:00 GMT http://www.infosecurity-magazine.com/view/25751/south-carolina-county-takes-nine-month-to-notify-thousands-of-data-breach-victims/ http://www.infosecurity-magazine.com/view/25745/the-blackberry-project-how-easily-do-we-sell-our-privacy/ The Singularity Hub, ‘a community for those excited about the future’, has taken another look at the Blackberry Project and concludes that the younger generation is embracing a new view of privacy. Mon, 14 May 2012 11:38:00 GMT http://www.infosecurity-magazine.com/view/25745/the-blackberry-project-how-easily-do-we-sell-our-privacy/ http://www.infosecurity-magazine.com/view/25743/the-german-pirate-party-fights-censorship-but-is-it-being-censored/ While the Pirate Party wins seats in the German North Rhine-Westphalia state elections, a "shitstorm" about automated filtering starts to brew. Mon, 14 May 2012 11:24:00 GMT http://www.infosecurity-magazine.com/view/25743/the-german-pirate-party-fights-censorship-but-is-it-being-censored/ http://www.infosecurity-magazine.com/view/25740/mozillas-objection-to-ieonly-windows-on-arm-a-major-row-in-the-making/ Windows is not Apple’s iOS, says Mozilla's top lawyer after the organization complained that Firefox and other browsers would be excluded from Windows RT running on ARM systems. Mon, 14 May 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/25740/mozillas-objection-to-ieonly-windows-on-arm-a-major-row-in-the-making/ http://www.infosecurity-magazine.com/view/25736/information-security-professionals-baulk-at-putting-sensitive-data-in-cloud/ Despite the apparent enthusiasm around cloud computing, a survey of information security professionals by Wisegate revealed that more than half believe the cloud is too risky and only suitable for commodity applications like CRM or e-mail. Fri, 11 May 2012 20:00:00 GMT http://www.infosecurity-magazine.com/view/25736/information-security-professionals-baulk-at-putting-sensitive-data-in-cloud/ http://www.infosecurity-magazine.com/view/25735/apple-fixes-39-security-holes-with-lion-and-safari-updates/ Apple has fixed 35 security holes in a range of applications with the release of OS X Lion 10.7.4, as well as four flaws in the Safari web browser. Fri, 11 May 2012 16:50:00 GMT http://www.infosecurity-magazine.com/view/25735/apple-fixes-39-security-holes-with-lion-and-safari-updates/ http://www.infosecurity-magazine.com/view/25734/ddosvidaniya-anonymous-takes-kremlin-offline/ The Russian branch of hacker group Anonymous is claiming credit for shutting down the websites of the Kremlin and Russian President Vladimir Putin using distributed denial-of-service (DDoS) attacks. Fri, 11 May 2012 15:58:00 GMT http://www.infosecurity-magazine.com/view/25734/ddosvidaniya-anonymous-takes-kremlin-offline/ http://www.infosecurity-magazine.com/view/25730/icann-reopens-new-domain-application-process-after-software-glitch/ The Internet Corporation for Assigned Names and Numbers (ICANN) said it plans to reopen the application process for new generic top-level domains (gTLDs) on May 22 after a software glitch that may have compromised applicant confidentiality forced the group to stop accepting applications. Fri, 11 May 2012 15:24:00 GMT http://www.infosecurity-magazine.com/view/25730/icann-reopens-new-domain-application-process-after-software-glitch/ http://www.infosecurity-magazine.com/view/25729/pentagon-makes-cyber-intelligence-sharing-program-permanent/ The Pentagon is making permanent the Defense Industrial Base (DBI) Cyber Pilot program that involves sharing cyber intelligence with the US defense industry. Fri, 11 May 2012 14:45:00 GMT http://www.infosecurity-magazine.com/view/25729/pentagon-makes-cyber-intelligence-sharing-program-permanent/ http://www.infosecurity-magazine.com/view/25719/pirate-bay-defends-virgin-media-while-founder-peter-sunde-faces-jail/ It is with some irony that The Pirate Bay (TPB) came to the defense of Virgin Media (TalkTalk was also disrupted) after the ISP’s website was taken down by Anonymous. Fri, 11 May 2012 12:30:00 GMT http://www.infosecurity-magazine.com/view/25719/pirate-bay-defends-virgin-media-while-founder-peter-sunde-faces-jail/ http://www.infosecurity-magazine.com/view/25710/beyondtrust-acquires-vulnerability-management-company-eeye-digital-security/ BeyondTrust, a company that provides privilege delegation and authorization systems with its PowerBroker suite of products, has acquired eEye Digital Security, developer of the Blink and Retina vulnerability management tools. Fri, 11 May 2012 09:35:00 GMT http://www.infosecurity-magazine.com/view/25710/beyondtrust-acquires-vulnerability-management-company-eeye-digital-security/ http://www.infosecurity-magazine.com/view/25708/member-and-spokesperson-for-teamp0ison-arrested-in-newcastle/ A 17-year old has been arrested in Newcastle by the Police Central eCrime Unit (PCeU) and local Northumbrian Police officers for alleged offenses under the Computer Misuse Act. Fri, 11 May 2012 09:22:00 GMT http://www.infosecurity-magazine.com/view/25708/member-and-spokesperson-for-teamp0ison-arrested-in-newcastle/ http://www.infosecurity-magazine.com/view/25705/drowning-in-data-security-professionals-look-to-metrics-for-a-lifeline/ Security professionals are experiencing an information overload and want better metrics to analyze the data so they can take action, according to a survey conducted by Dimensional Research on behalf of RedSeal Networks. Thu, 10 May 2012 22:14:00 GMT http://www.infosecurity-magazine.com/view/25705/drowning-in-data-security-professionals-look-to-metrics-for-a-lifeline/ http://www.infosecurity-magazine.com/view/25704/kstate-receives-air-force-contract-to-examine-network-moving-target-defense/ Kansas State University (KSU) has received a five-year, $1 million US Air Force (USAF) contract to study "moving target" defense for networks. Thu, 10 May 2012 21:20:00 GMT http://www.infosecurity-magazine.com/view/25704/kstate-receives-air-force-contract-to-examine-network-moving-target-defense/ http://www.infosecurity-magazine.com/view/25700/rockefeller-opposes-dropping-cybersecurity-mandates-from-senate-bill/ Sen. Jay Rockefeller (D-W.Va.), one of the sponsors of the Cybersecurity Act (S 2105), is refusing to drop mandatory cybersecurity standards for critical infrastructure companies as part of an effort to attract more Republican support for the measure. Thu, 10 May 2012 16:47:00 GMT http://www.infosecurity-magazine.com/view/25700/rockefeller-opposes-dropping-cybersecurity-mandates-from-senate-bill/ http://www.infosecurity-magazine.com/view/25697/warning-issued-about-dnschanger-malware-and-possible-loss-of-internet-access/ The US Department of Homeland Security (DHS) is warning US-based internet users to check their computers for infection by the DNSChanger malware before the FBI knocks them offline in July. Thu, 10 May 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/25697/warning-issued-about-dnschanger-malware-and-possible-loss-of-internet-access/ http://www.infosecurity-magazine.com/view/25693/cybersecurity-tops-terrorism-as-us-publics-security-priority/ The US public is more concerned about cybersecurity than terrorism, according to a survey by IT firm Unisys. Thu, 10 May 2012 15:00:00 GMT http://www.infosecurity-magazine.com/view/25693/cybersecurity-tops-terrorism-as-us-publics-security-priority/ http://www.infosecurity-magazine.com/view/25689/unc-charlotte-exposes-350000-social-security-numbers-of-students-staff-and-faculty/ The University of North Carolina (UNC) at Charlotte has admitted that financial account numbers and 350,000 social security numbers of students, staff, and faculty were exposed to the internet, in some cases for more than a decade. Thu, 10 May 2012 14:29:00 GMT http://www.infosecurity-magazine.com/view/25689/unc-charlotte-exposes-350000-social-security-numbers-of-students-staff-and-faculty/ http://www.infosecurity-magazine.com/view/25688/winners-and-losers-in-european-card-fraud/ FICO has produced an interactive map of Europe, showing the evolving European fraud landscape between 2006 and 2011. Thu, 10 May 2012 14:00:00 GMT http://www.infosecurity-magazine.com/view/25688/winners-and-losers-in-european-card-fraud/ http://www.infosecurity-magazine.com/view/25685/digininja-analyzes-the-twitter-hack-and-offers-password-advice-to-web-services/ Yesterday we reported that 55,000 Twitter accounts have been leaked on Pastebin. Security researchers Anders Nilsson and Robin Wood have separately analyzed the dump. Thu, 10 May 2012 11:53:00 GMT http://www.infosecurity-magazine.com/view/25685/digininja-analyzes-the-twitter-hack-and-offers-password-advice-to-web-services/ http://www.infosecurity-magazine.com/view/25680/queens-speech-announces-measures-to-access-vital-communications-data/ As expected, the Queen’s Speech yesterday announced the intention of the UK Government to bring forward (during the current parliamentary session) measures to allow law enforcement and intelligence agencies access to ‘vital communications data’. Thu, 10 May 2012 08:49:00 GMT http://www.infosecurity-magazine.com/view/25680/queens-speech-announces-measures-to-access-vital-communications-data/ http://www.infosecurity-magazine.com/view/25678/ftc-requires-myspace-to-undergo-audits-for-privacy-policy-violations/ The US Federal Trade Commission (FTC) is requiring Myspace to submit to biennial privacy audits for the next 20 years as part of a settlement of charges that the company misrepresented its protection of users’ personal information. Wed, 09 May 2012 21:31:00 GMT http://www.infosecurity-magazine.com/view/25678/ftc-requires-myspace-to-undergo-audits-for-privacy-policy-violations/ http://www.infosecurity-magazine.com/view/25674/adobe-ships-patches-for-13-critical-flaws-in-various-products/ Adobe has shipped 13 patches to plug critical security holes in Shockwave, Flash Professional, Photoshop, and Illustrator that could enable an attacker to take control of a vulnerable system. Wed, 09 May 2012 16:50:00 GMT http://www.infosecurity-magazine.com/view/25674/adobe-ships-patches-for-13-critical-flaws-in-various-products/ http://www.infosecurity-magazine.com/view/25673/research-uncovers-irc-bot-malware-for-android/ McAfee Labs researchers have uncovered Android malware that acts as an internet rely channel (IRC) bot. Wed, 09 May 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/25673/research-uncovers-irc-bot-malware-for-android/ http://www.infosecurity-magazine.com/view/25671/fbi-warns-globe-trotters-about-malware-lurking-in-hotel-room-connections/ The FBI is warning individuals who travel abroad that cybercriminals are installing malware through bogus software updates when users connect to the internet in their hotel rooms. Wed, 09 May 2012 15:28:00 GMT http://www.infosecurity-magazine.com/view/25671/fbi-warns-globe-trotters-about-malware-lurking-in-hotel-room-connections/ http://www.infosecurity-magazine.com/view/25662/net-neutrality-becomes-law-in-the-netherlands/ The net neutrality provisions approved by the Dutch Parliament last June as part of its implementation of the European telecommunications package became law yesterday. Wed, 09 May 2012 12:16:00 GMT http://www.infosecurity-magazine.com/view/25662/net-neutrality-becomes-law-in-the-netherlands/ http://www.infosecurity-magazine.com/view/25660/false-facebook-account-leads-to-principals-resignation/ Louise Losos, principal of Clayton High School, Missouri, has resigned following accusations that she created a false persona on Facebook and befriended hundreds of her own students. Wed, 09 May 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/25660/false-facebook-account-leads-to-principals-resignation/ http://www.infosecurity-magazine.com/view/25659/twitter-fights-two-information-security-battles-/ Twitter is in the unenviable position of being ‘attacked’ on all sides: while it tries to fight a subpoena demanding the account details of Occupy protestor Malcolm Harris, hackers release thousands of user logon details on Pastebin. Wed, 09 May 2012 10:23:00 GMT http://www.infosecurity-magazine.com/view/25659/twitter-fights-two-information-security-battles-/ http://www.infosecurity-magazine.com/view/25656/bestinclass-firms-provide-secure-remote-mobile-access-to-their-networks/ A full 94% of “best-in-class” companies provide secure remote mobile access to their corporate network, according to a report by the Aberdeen Group. Tue, 08 May 2012 21:35:00 GMT http://www.infosecurity-magazine.com/view/25656/bestinclass-firms-provide-secure-remote-mobile-access-to-their-networks/ http://www.infosecurity-magazine.com/view/25655/natural-gas-pipelines-targeted-by-cyber-attack/ A spear-phishing campaign aimed at US natural gas pipeline companies has been underway since December of last year, according to the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). Tue, 08 May 2012 19:38:00 GMT http://www.infosecurity-magazine.com/view/25655/natural-gas-pipelines-targeted-by-cyber-attack/ http://www.infosecurity-magazine.com/view/25654/us-chinese-defense-officials-agree-to-work-together-on-cybersecurity/ US and Chinese defense officials have agreed to cooperate on cybersecurity, despite recent charges that China has been behind cyberespionage involving US companies. Tue, 08 May 2012 18:51:00 GMT http://www.infosecurity-magazine.com/view/25654/us-chinese-defense-officials-agree-to-work-together-on-cybersecurity/ http://www.infosecurity-magazine.com/view/25653/researchers-develop-smartphone-app-that-steals-prepaid-phone-credits/ Researchers at the American University of Beirut (AUB) said they have developed a smartphone application that is able to transfer prepaid phone credits without the user’s authorization or knowledge. Tue, 08 May 2012 17:23:00 GMT http://www.infosecurity-magazine.com/view/25653/researchers-develop-smartphone-app-that-steals-prepaid-phone-credits/ http://www.infosecurity-magazine.com/view/25647/apple-plugs-three-security-holes-with-ios-51-update/ Apple has released iOS 5.1.1, an update to its mobile operating system, with three security fixes. Tue, 08 May 2012 15:33:00 GMT http://www.infosecurity-magazine.com/view/25647/apple-plugs-three-security-holes-with-ios-51-update/ http://www.infosecurity-magazine.com/view/25641/analysis-shows-social-networks-increasingly-used-to-spread-malware/ In its latest monthly analysis of the most prevalent malware, GFI describes how social networks remain the most popular breeding ground for infections. Tue, 08 May 2012 11:50:00 GMT http://www.infosecurity-magazine.com/view/25641/analysis-shows-social-networks-increasingly-used-to-spread-malware/ http://www.infosecurity-magazine.com/view/25633/good-on-ya-mozilla-says-sophos-about-firefox/ Firefox is developing a new feature called ‘click-to-play’ designed to provide additional protection for web browsing – but not everyone thinks this is necessarily useful. Tue, 08 May 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/25633/good-on-ya-mozilla-says-sophos-about-firefox/ http://www.infosecurity-magazine.com/view/25631/syrian-activists-targeted-with-rats/ There have been several recent examples of Syrian activists being tricked into downloading and installing remote access tools (RATs) that secretly hand control of their computers to a third party. Tue, 08 May 2012 10:50:00 GMT http://www.infosecurity-magazine.com/view/25631/syrian-activists-targeted-with-rats/ http://www.infosecurity-magazine.com/view/25621/cybersecurity-is-chief-worry-of-federal-chief-information-officers/ Cybersecurity is the top concern of US federal chief information officers (CIOs), according to a survey conducted by high-tech trade group TechAmerica and accounting firm Grant Thornton. Mon, 07 May 2012 22:00:00 GMT http://www.infosecurity-magazine.com/view/25621/cybersecurity-is-chief-worry-of-federal-chief-information-officers/ http://www.infosecurity-magazine.com/view/25620/may-day-may-day-microsoft-scrambles-to-plug-critical-holes/ Microsoft plans to ship in May seven security bulletins, including three critical bulletins to plug remote code execution holes in Microsoft Windows, Office, .NET Framework, and Silverlight. Mon, 07 May 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/25620/may-day-may-day-microsoft-scrambles-to-plug-critical-holes/ http://www.infosecurity-magazine.com/view/25619/encryption-passwords-exposed-by-apples-lion-os-x-update/ Apple exposed encryption passwords of FileVault users in its Lion OS X 10.7 security update, says researcher. Mon, 07 May 2012 16:36:00 GMT http://www.infosecurity-magazine.com/view/25619/encryption-passwords-exposed-by-apples-lion-os-x-update/ http://www.infosecurity-magazine.com/view/25618/senate-democrats-revise-cybersecurity-bill-to-get-republican-support/ Democrats in the US Senate are revamping their cybersecurity legislation to make it more palatable for Republicans. Mon, 07 May 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/25618/senate-democrats-revise-cybersecurity-bill-to-get-republican-support/ http://www.infosecurity-magazine.com/view/25617/south-african-isps-team-with-australian-colleagues-on-cybersecurity-code/ South Africa’s Internet Service Providers’ Association (ISPA) has teamed with Australia’s Internet Industry Association to develop a new voluntary industry code of practice to improve cybersecurity for end users. Mon, 07 May 2012 15:21:00 GMT http://www.infosecurity-magazine.com/view/25617/south-african-isps-team-with-australian-colleagues-on-cybersecurity-code/ http://www.infosecurity-magazine.com/view/25616/pandalabs-malware-report-and-the-balance-between-law-enforcement-and-user/ Almost one-in-four computers in the UK is infected – and the UK is one of the least infected countries in the world, says the new PandaLabs report released today. Mon, 07 May 2012 11:05:00 GMT http://www.infosecurity-magazine.com/view/25616/pandalabs-malware-report-and-the-balance-between-law-enforcement-and-user/ http://www.infosecurity-magazine.com/view/25614/malware-march-madness-college-basketball-wasnt-the-only-thing-on-the-agenda/ March saw a “dramatic” spike in web malware, according to Zscaler ThreatLabZ's State of the Web report for the first quarter of 2012. Mon, 07 May 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/25614/malware-march-madness-college-basketball-wasnt-the-only-thing-on-the-agenda/ http://www.infosecurity-magazine.com/view/25610/adobe-ships-emergency-fix-for-critical-flash-player-exploit/ Adobe has issued an emergency patch to plug a critical hole in Flash Player that is being exploited in the wild against Internet Explorer (IE) users. Fri, 04 May 2012 20:54:00 GMT http://www.infosecurity-magazine.com/view/25610/adobe-ships-emergency-fix-for-critical-flash-player-exploit/ http://www.infosecurity-magazine.com/view/25607/federal-prosecutors-charge-irish-british-suspects-in-stratfor-breach/ US federal prosecutors in Manhattan have charged four Irish and British men for helping with the breach of the US security analysis firm Stratfor last year. Fri, 04 May 2012 20:00:00 GMT http://www.infosecurity-magazine.com/view/25607/federal-prosecutors-charge-irish-british-suspects-in-stratfor-breach/ http://www.infosecurity-magazine.com/view/25609/us-to-legislate-protecting-facebook-passwords-from-employers/ Congress is planning legislation that will protect Facebook passwords from prying employers. Fri, 04 May 2012 19:32:00 GMT http://www.infosecurity-magazine.com/view/25609/us-to-legislate-protecting-facebook-passwords-from-employers/ http://www.infosecurity-magazine.com/view/25608/acta-effectively-dead-admits-eu-digital-agenda-commissioner/ The controversial Anti-Counterfeiting Agreement (ACTA), is effectively dead, the European Commissioner for the Digital Agenda has admitted. Fri, 04 May 2012 17:39:00 GMT http://www.infosecurity-magazine.com/view/25608/acta-effectively-dead-admits-eu-digital-agenda-commissioner/ http://www.infosecurity-magazine.com/view/25604/feds-drop-the-ball-on-statelevel-cybersecurity-investments/ Despite the US federal government identifying cybersecurity as a critical national preparedness goal, federal grant-funded investments in state cybersecurity capabilities have been “minimal”, according to the Federal Emergency Management Agency (FEMA). Fri, 04 May 2012 17:30:00 GMT http://www.infosecurity-magazine.com/view/25604/feds-drop-the-ball-on-statelevel-cybersecurity-investments/