http://www.infosecurity-magazine.com/ Copyright Elsevier Ltd Intuitiv Ltd (www.intuitiv.net) Sat, 04 Feb 2012 03:51:56 GMT http://www.infosecurity-magazine.com/ http://www.infosecurity-magazine.com/_common/img/template/infosec-uk/site-logo.gif http://www.infosecurity-magazine.com/view/23679/hackers-could-eavesdrop-on-confidential-chats-via-videoconference-equipment/ Some videoconferencing equipment could enable hackers to eavesdrop on privileged corporate conversations or a boring employee training seminar, according to a security official at Rapid7. Fri, 03 Feb 2012 21:00:00 GMT http://www.infosecurity-magazine.com/view/23679/hackers-could-eavesdrop-on-confidential-chats-via-videoconference-equipment/ http://www.infosecurity-magazine.com/view/23678/google-microsoft-spar-over-new-google-privacy-policy/ Microsoft is a myth maker when it comes to Google’s new privacy policy, the search giant is charging. Fri, 03 Feb 2012 20:45:00 GMT http://www.infosecurity-magazine.com/view/23678/google-microsoft-spar-over-new-google-privacy-policy/ http://www.infosecurity-magazine.com/view/23677/social-security-chief-admits-living-relative-was-listed-on-the-agencys-death-list/ Social Security Commissioner Michael Astrue told a House panel this week that he had a relative and a friend declared “dead” on his agency’s death list, which publishes the names and social security numbers of deceased individuals, even though they were very much alive. Fri, 03 Feb 2012 20:16:00 GMT http://www.infosecurity-magazine.com/view/23677/social-security-chief-admits-living-relative-was-listed-on-the-agencys-death-list/ http://www.infosecurity-magazine.com/view/23676/nist-ponies-up-10-million-for-trusted-online-credential-projects/ The National Institute of Standards and Technology (NIST) is awarding $10 million in funding for trusted online credential pilot projects. Fri, 03 Feb 2012 18:30:00 GMT http://www.infosecurity-magazine.com/view/23676/nist-ponies-up-10-million-for-trusted-online-credential-projects/ http://www.infosecurity-magazine.com/view/23648/number-of-patient-record-data-breaches-nearly-doubled-last-year/ The total number of patient records compromised in the US increased by 97% in 2011 compared with 2010, according to a report released this week by the Redspin consulting firm. Fri, 03 Feb 2012 12:30:00 GMT http://www.infosecurity-magazine.com/view/23648/number-of-patient-record-data-breaches-nearly-doubled-last-year/ http://www.infosecurity-magazine.com/view/23665/security-researchers-break-satellite-phone-encryption/ Academics Benedikt Driessen and Ralf Hund from Ruhr University Bochum have reverse-engineered and cracked the GMR-1 and GMR-2 voice ciphers used by many satellite networks. Fri, 03 Feb 2012 12:27:00 GMT http://www.infosecurity-magazine.com/view/23665/security-researchers-break-satellite-phone-encryption/ http://www.infosecurity-magazine.com/view/23658/eu-publishes-10-myths-about-acta/ Following its signature to the ACTA agreement in Tokyo last week, the EU has published ’10 Myths about ACTA’. It’s purpose is to counter the many criticisms about the Anti-Counterfeiting Trade Agreement, and is part of a current EU campaign to demonstrate that ACTA is misunderstood. Fri, 03 Feb 2012 11:29:00 GMT http://www.infosecurity-magazine.com/view/23658/eu-publishes-10-myths-about-acta/ http://www.infosecurity-magazine.com/view/23656/verisign-repeatedly-hacked-in-2010/ Reuters reports that VeriSign was repeatedly hacked during 2010. The information was discovered among 2000 different quarterly SEC filings being reviewed by Reuters. Fri, 03 Feb 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/23656/verisign-repeatedly-hacked-in-2010/ http://www.infosecurity-magazine.com/view/23647/apple-roars-with-massive-lion-snow-leopard-security-updates/ Apple has released massive security updates for its Lion and Snow Leopard Mac operating systems, fixing 52 vulnerabilities. Thu, 02 Feb 2012 20:57:00 GMT http://www.infosecurity-magazine.com/view/23647/apple-roars-with-massive-lion-snow-leopard-security-updates/ http://www.infosecurity-magazine.com/view/23646/fbi-chief-warns-congress-that-hackers-will-become-greatest-national-security-threat/ The top G-man is warning Congress that hackers will pose a greater danger to US national security than terrorists in the not-too-distant future. Thu, 02 Feb 2012 20:21:00 GMT http://www.infosecurity-magazine.com/view/23646/fbi-chief-warns-congress-that-hackers-will-become-greatest-national-security-threat/ http://www.infosecurity-magazine.com/view/23645/oracle-patches-denialofservice-vulnerability/ Oracle has pushed out a patch for a denial-of-service vulnerability in the Oracle WebLogic Server, Application Server, and iPlanet Web Server due to hash collisions. Thu, 02 Feb 2012 18:52:00 GMT http://www.infosecurity-magazine.com/view/23645/oracle-patches-denialofservice-vulnerability/ http://www.infosecurity-magazine.com/view/23644/house-panel-approves-critical-infrastructure-cybersecurity-bill/ A US House panel has approved legislation that would encourage critical infrastructure companies to adopt cybersecurity best practices and would give the Department of Homeland Security (DHS) responsibility for safeguarding critical infrastructure cybersecurity. Thu, 02 Feb 2012 17:13:00 GMT http://www.infosecurity-magazine.com/view/23644/house-panel-approves-critical-infrastructure-cybersecurity-bill/ http://www.infosecurity-magazine.com/view/23638/science-and-technology-committee-publishes-malware-and-cyber-crime-report/ The House of Commons Science and Technology Committee has today published its Malware and Cybercrime report – a recommendation to the UK government on how to tackle online threats. Thu, 02 Feb 2012 11:54:00 GMT http://www.infosecurity-magazine.com/view/23638/science-and-technology-committee-publishes-malware-and-cyber-crime-report/ http://www.infosecurity-magazine.com/view/23625/critical-infrastructure-firms-woefully-short-on-cybersecurity-spending/ US critical infrastructure companies would need to spend nine times more on cybersecurity in order to prevent a surprise digital assault, according to a new report by Bloomberg Government and the Ponemon Institute. Thu, 02 Feb 2012 09:11:00 GMT http://www.infosecurity-magazine.com/view/23625/critical-infrastructure-firms-woefully-short-on-cybersecurity-spending/ http://www.infosecurity-magazine.com/view/23628/new-development-in-posttransaction-banking-fraud/ Trusteer has discovered that ZeuS-variant Ice IX seeks to divert bank-to-customer telephone calls to further obfuscate any fraud. Thu, 02 Feb 2012 08:56:00 GMT http://www.infosecurity-magazine.com/view/23628/new-development-in-posttransaction-banking-fraud/ http://www.infosecurity-magazine.com/view/23626/counterclank-is-not-malware-just-aggressive-adware/ Following Symantec’s weekend claim that up to five million Androids may be infected with Counterclank, other researchers suggest that the code is adware rather than malware. Thu, 02 Feb 2012 08:10:00 GMT http://www.infosecurity-magazine.com/view/23626/counterclank-is-not-malware-just-aggressive-adware/ http://www.infosecurity-magazine.com/view/23623/mozilla-releases-firefox-10-browser-with-nine-security-fixes/ Mozilla has released the latest version of its browser, Firefox 10, with fixes for nine security flaws, including five critical vulnerabilities. Wed, 01 Feb 2012 20:22:00 GMT http://www.infosecurity-magazine.com/view/23623/mozilla-releases-firefox-10-browser-with-nine-security-fixes/ http://www.infosecurity-magazine.com/view/23622/audit-reveals-maryland-inmates-had-access-to-social-security-numbers/ Prison inmates in Maryland had access to social security numbers of patients who received treatment under the state’s Medicaid program, according to a recent state audit. Wed, 01 Feb 2012 19:59:00 GMT http://www.infosecurity-magazine.com/view/23622/audit-reveals-maryland-inmates-had-access-to-social-security-numbers/ http://www.infosecurity-magazine.com/view/23624/proposed-ec-data-protection-rules-help-cloud-adoption/ The proposed new European Union data protection regulation will support the adoption of cloud computing, says European Commission Vice-President Neelie Kroes. Wed, 01 Feb 2012 19:40:00 GMT http://www.infosecurity-magazine.com/view/23624/proposed-ec-data-protection-rules-help-cloud-adoption/ http://www.infosecurity-magazine.com/view/23621/ernst-young-loses-401k-information-of-bank-employees/ Ernst & Young, auditors of Regions Financial Corp., lost personal information on current and former Regions’ employees when a flash drive with the data sent in the mail was stolen. Wed, 01 Feb 2012 19:30:00 GMT http://www.infosecurity-magazine.com/view/23621/ernst-young-loses-401k-information-of-bank-employees/ http://www.infosecurity-magazine.com/view/23620/romanian-authorities-arrest-suspected-tinkode-hacker/ The Romanian authorities announced that they have arrested a man they believe is the TinKode hacker, who is responsible for hacking into US and UK government and military websites. Wed, 01 Feb 2012 19:12:00 GMT http://www.infosecurity-magazine.com/view/23620/romanian-authorities-arrest-suspected-tinkode-hacker/ http://www.infosecurity-magazine.com/view/23609/major-uk-companies-still-not-blocking-porn-namesakes/ The XXX domain suffix was launched last September to provide a voluntary ‘responsible’ home for adult sites; but daily.co.uk has noted that 90% of the UK’s fastest growing companies have not yet protected their brands. Wed, 01 Feb 2012 12:15:00 GMT http://www.infosecurity-magazine.com/view/23609/major-uk-companies-still-not-blocking-porn-namesakes/ http://www.infosecurity-magazine.com/view/23607/new-forrester-report-big-data-risks/ A new Forrester report, the Future Of Data Security And Privacy: Controlling Big Data, seeks to help business understand the risks inherent in Big Data, and how to handle them. Wed, 01 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23607/new-forrester-report-big-data-risks/ http://www.infosecurity-magazine.com/view/23608/resilience-is-the-key-to-security-says-world-economic-forum/ The World Economic Forum has joined the growing body of opinion that sees integrated corporate resilience as more important than isolated information security as the best defense against risk. Wed, 01 Feb 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23608/resilience-is-the-key-to-security-says-world-economic-forum/ http://www.infosecurity-magazine.com/view/23606/update-windows-media-player-vulnerability/ New research from M86 Labs adds further insight on the MIDI exploit first highlighted by Trend Micro last week. Wed, 01 Feb 2012 11:55:00 GMT http://www.infosecurity-magazine.com/view/23606/update-windows-media-player-vulnerability/ http://www.infosecurity-magazine.com/view/23597/dr-strangelove-in-cyberspace-experts-warn-of-cyber-arms-race/ More than half of policy makers and global cybersecurity experts believe that an arms race is taking place in cyberspace, according to a new report by McAfee and the Security and Defence Agenda think tank. Wed, 01 Feb 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/23597/dr-strangelove-in-cyberspace-experts-warn-of-cyber-arms-race/ http://www.infosecurity-magazine.com/view/23595/fbi-may-have-used-spyware-in-making-case-against-megaupload/ The FBI likely employed its CIPAV spyware to eavesdrop on Kim Dotcom and other managers of MegaUpload, according to a report by CNET. Tue, 31 Jan 2012 20:16:00 GMT http://www.infosecurity-magazine.com/view/23595/fbi-may-have-used-spyware-in-making-case-against-megaupload/ http://www.infosecurity-magazine.com/view/23594/aussie-taxpayers-targeted-in-refund-scam/ Scammers are using supposed tax refunds from the Australian Taxation Office as way to scam Australian taxpayers. Tue, 31 Jan 2012 19:35:00 GMT http://www.infosecurity-magazine.com/view/23594/aussie-taxpayers-targeted-in-refund-scam/ http://www.infosecurity-magazine.com/view/23590/fda-secretly-monitored-private-emails-of-whistleblowers-lawsuit-alleges/ The US Food and Drug Administration (FDA) secretly monitored the private emails of staff scientists and doctors who complained to Congress that the agency was approving dangerous medical devices for public use, according to a federal lawsuit filed by the staff members. Tue, 31 Jan 2012 17:27:00 GMT http://www.infosecurity-magazine.com/view/23590/fda-secretly-monitored-private-emails-of-whistleblowers-lawsuit-alleges/ http://www.infosecurity-magazine.com/view/23586/trymedia-breach-exposes-credit-card-numbers-of-12000-digital-game-customers/ Trymedia’s ActiveStore web-based storefront application, which processes digital game purchases made by customers on its partners’ websites, was recently breached, exposing credit card numbers and other personal information of more than 12,000 customers Tue, 31 Jan 2012 16:23:00 GMT http://www.infosecurity-magazine.com/view/23586/trymedia-breach-exposes-credit-card-numbers-of-12000-digital-game-customers/ http://www.infosecurity-magazine.com/view/23571/a-call-for-a-new-standard-in-infosec-training-and-awareness/ A talk at the Information Exploitation Conference at the Home Office’s Security and Policing Exhibition 2012 today addresses the disconnect between user and professional, and calls for a new standard that focuses on training and awareness. Tue, 31 Jan 2012 11:15:00 GMT http://www.infosecurity-magazine.com/view/23571/a-call-for-a-new-standard-in-infosec-training-and-awareness/ http://www.infosecurity-magazine.com/view/23562/ie6-users-no-longer-caught-between-a-rock-and-a-hard-place/ As Microsoft seeks to wean users away from the aging and insecure Internet Explorer 6, companies with IE6 legacy applications are stuck – they can’t upgrade to a newer OS because IE6 is no longer supported; and they still need IE6. Tue, 31 Jan 2012 10:22:00 GMT http://www.infosecurity-magazine.com/view/23562/ie6-users-no-longer-caught-between-a-rock-and-a-hard-place/ http://www.infosecurity-magazine.com/view/23558/75-of-all-new-malware-are-trojans/ PandaLabs’ 2011 report puts facts and figures to what really happened last year: rising malware, cyber-activism, cyberwarfare, increasing mobile malware, more attacks on social networks and the “first large-scale attack on Mac”. Tue, 31 Jan 2012 09:29:00 GMT http://www.infosecurity-magazine.com/view/23558/75-of-all-new-malware-are-trojans/ http://www.infosecurity-magazine.com/view/23552/when-it-comes-to-customer-data-protection-firms-are-phoning-it-in/ Only half of IT professionals believe that their organization made its best effort to protect customer and consumer information, according to a survey by credit reporting firm Experian and the Ponemon Institute. Mon, 30 Jan 2012 18:41:00 GMT http://www.infosecurity-magazine.com/view/23552/when-it-comes-to-customer-data-protection-firms-are-phoning-it-in/ http://www.infosecurity-magazine.com/view/23551/get-your-free-iphone-5-herenot/ The iPhone 5 is expected to hit the market sometime this year, but scammers are looking to give you one for "free" right now. Mon, 30 Jan 2012 17:36:00 GMT http://www.infosecurity-magazine.com/view/23551/get-your-free-iphone-5-herenot/ http://www.infosecurity-magazine.com/view/23548/global-cybersecurity-market-to-reach-61-billion-this-year/ The global cybersecurity market is predicted to reach $61.1 billion in 2012, according to a report by UK-based consultancy Visiongain. Mon, 30 Jan 2012 16:31:00 GMT http://www.infosecurity-magazine.com/view/23548/global-cybersecurity-market-to-reach-61-billion-this-year/ http://www.infosecurity-magazine.com/view/23547/congress-to-ftc-check-into-googles-new-privacy-policy/ Two US representatives are asking the Federal Trade Commission (FTC) to investigate whether Google’s new privacy policy violates the company’s settlement last year over its short-lived Buzz social networking site. Mon, 30 Jan 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/23547/congress-to-ftc-check-into-googles-new-privacy-policy/ http://www.infosecurity-magazine.com/view/23544/gday-mate-australia-new-zealand-shake-hands-on-cybersecurity/ Australia and New Zealand signed an agreement on Sunday that expands their cooperation on cybersecurity. Mon, 30 Jan 2012 15:24:00 GMT http://www.infosecurity-magazine.com/view/23544/gday-mate-australia-new-zealand-shake-hands-on-cybersecurity/ http://www.infosecurity-magazine.com/view/23528/apts-hacktivists-have-organizations-in-their-crosshairs/ Advanced persistent threats (APTs) and hacktivists will continue to plague organizations in 2012, warns Mary Landesman, market intelligence manager at Cisco. Mon, 30 Jan 2012 12:00:00 GMT http://www.infosecurity-magazine.com/view/23528/apts-hacktivists-have-organizations-in-their-crosshairs/ http://www.infosecurity-magazine.com/view/23541/spam-and-phishing-are-growing-problems-dmarc-has-the-answer/ DMARC is the technical working group of 15 leading email services and technology providers working on a standard to fight ‘deceptive’ emails such as spam and phishing. Mon, 30 Jan 2012 11:26:00 GMT http://www.infosecurity-magazine.com/view/23541/spam-and-phishing-are-growing-problems-dmarc-has-the-answer/ http://www.infosecurity-magazine.com/view/23538/cso-interchange-cloud-concerns-are-largely-propaganda/ Last week’s CSO Interchange roundtable centered on “Barriers to Cloud Adoption”, with talks on identity issues from Jericho Forum’s Paul Simmonds and SSL from security researcher Moxie Marlinspike. Mon, 30 Jan 2012 10:37:00 GMT http://www.infosecurity-magazine.com/view/23538/cso-interchange-cloud-concerns-are-largely-propaganda/ http://www.infosecurity-magazine.com/view/23530/up-to-five-million-androids-infected-with-counterclank/ Symantec describes an Android trojan delivered as malware attached to downloaded game apps. Sun, 29 Jan 2012 14:58:00 GMT http://www.infosecurity-magazine.com/view/23530/up-to-five-million-androids-infected-with-counterclank/ http://www.infosecurity-magazine.com/view/23529/im-not-behind-kelihos-botnet-claims-sabelnikov/ Andrey Sabelnikov, named in Microsoft court papers as controller of the Kelihos botnet, declares his innocence in a LiveJournal post. Sun, 29 Jan 2012 10:33:00 GMT http://www.infosecurity-magazine.com/view/23529/im-not-behind-kelihos-botnet-claims-sabelnikov/ http://www.infosecurity-magazine.com/view/23527/warining-issued-for-exploit-of-patched-flaw-in-windows-media-player/ Trend Micro researchers are warning that a recently patched flaw in Windows Media Player is being used by remote hackers to launch malware. Fri, 27 Jan 2012 18:58:00 GMT http://www.infosecurity-magazine.com/view/23527/warining-issued-for-exploit-of-patched-flaw-in-windows-media-player/ http://www.infosecurity-magazine.com/view/23526/legal-think-tank-raises-red-flag-about-privacy-in-cybersecurity-legislation/ The US Congress must include strong privacy protections in any cybersecurity legislation it adopts, a constitutional watchdog group warned in a report released Friday. Fri, 27 Jan 2012 18:26:00 GMT http://www.infosecurity-magazine.com/view/23526/legal-think-tank-raises-red-flag-about-privacy-in-cybersecurity-legislation/ http://www.infosecurity-magazine.com/view/23520/outhoover-hoover-fbi-wants-massive-datamining-capability-for-social-media/ The FBI is asking industry for help in developing a far-reaching data-mining application that can gather and analyze intelligence from social media sites. Fri, 27 Jan 2012 16:18:00 GMT http://www.infosecurity-magazine.com/view/23520/outhoover-hoover-fbi-wants-massive-datamining-capability-for-social-media/ http://www.infosecurity-magazine.com/view/23522/businesses-should-disable-pcanywhere-says-symantec/ Security firm Symantec has warned businesses to stop using its pcAnywhere software until security patches are issued. Fri, 27 Jan 2012 16:00:00 GMT http://www.infosecurity-magazine.com/view/23522/businesses-should-disable-pcanywhere-says-symantec/ http://www.infosecurity-magazine.com/view/23519/south-african-ministry-to-send-longdelayed-cybersecurity-policy-to-cabinet/ The South African Department of Communication plans to submit the long-overdue National Cybersecurity Policy Framework for South Africa to the nation's cabinet for approval in March. Fri, 27 Jan 2012 15:36:00 GMT http://www.infosecurity-magazine.com/view/23519/south-african-ministry-to-send-longdelayed-cybersecurity-policy-to-cabinet/ http://www.infosecurity-magazine.com/view/23504/firms-question-proposed-eu-data-protection-notification-deadline-fines/ UK companies are not reacting well to the tight data breach notification deadline and hefty fines being proposed in the revision to the EU Data Protection Directive unveiled this week. Fri, 27 Jan 2012 14:00:00 GMT http://www.infosecurity-magazine.com/view/23504/firms-question-proposed-eu-data-protection-notification-deadline-fines/ http://www.infosecurity-magazine.com/view/23500/googles-revised-privacy-policy-not-sitting-well-with-some/ Google announced earlier this week that it would revise its privacy policy and terms of use, consolidating 60 privacy policies across multiple products into one mega-policy. Sounds like a good idea, right? Not so fast. Fri, 27 Jan 2012 13:30:00 GMT http://www.infosecurity-magazine.com/view/23500/googles-revised-privacy-policy-not-sitting-well-with-some/ http://www.infosecurity-magazine.com/view/23517/technical-controls-not-enough-to-ensure-real-cyber-security/ A new report from the Information Security Forum (ISF) proposes the evolution from simple data defense to cyber resilience. Fri, 27 Jan 2012 13:14:00 GMT http://www.infosecurity-magazine.com/view/23517/technical-controls-not-enough-to-ensure-real-cyber-security/ http://www.infosecurity-magazine.com/view/23507/users-not-checking-the-security-of-public-wifi/ New figures from a YouGov survey shows a discrepancy in security awareness between use of public WiFi and home WiFi in the UK, supposedly putting more than £2 billion at risk. Fri, 27 Jan 2012 08:28:00 GMT http://www.infosecurity-magazine.com/view/23507/users-not-checking-the-security-of-public-wifi/ http://www.infosecurity-magazine.com/view/23506/is-carberp-poised-for-global-expansion/ New research from anti-malware company ESET shows how easy it is to tailor Carberp to attack new and different targets. Fri, 27 Jan 2012 07:00:00 GMT http://www.infosecurity-magazine.com/view/23506/is-carberp-poised-for-global-expansion/ http://www.infosecurity-magazine.com/view/23505/eu-and-uk-sign-the-acta-agreement/ The EU and 22 of its member states, including the UK but excluding Germany, the Netherlands, Estonia, Cyprus and Slovakia, have signed the ACTA agreement. Digital rights groups are urging a SOPA-like campaign in protest. Fri, 27 Jan 2012 05:54:00 GMT http://www.infosecurity-magazine.com/view/23505/eu-and-uk-sign-the-acta-agreement/ http://www.infosecurity-magazine.com/view/23499/malware-user-error-frighten-people-on-the-internet-says-sophos/ More than two-thirds of those surveyed by Sophos believe that malware is on the rise, and 61% feel user error is the biggest threat on the internet. Thu, 26 Jan 2012 19:40:00 GMT http://www.infosecurity-magazine.com/view/23499/malware-user-error-frighten-people-on-the-internet-says-sophos/ http://www.infosecurity-magazine.com/view/23497/standards-group-releases-2012-data-protection-and-breach-guide/ The Online Trust Alliance (OTA), an industry standards group, released this week its 2012 Data Protection and Breach Guide, which includes a review of 2011 data breaches and recommendations for businesses to prevent breaches and manage incidents. Thu, 26 Jan 2012 18:19:00 GMT http://www.infosecurity-magazine.com/view/23497/standards-group-releases-2012-data-protection-and-breach-guide/ http://www.infosecurity-magazine.com/view/23498/o2-apologizes-for-security-breach/ Mobile operator O2 has apologized for a technical problem that resulted in subscribers' phone numbers being included in header information sent to websites they visited. Thu, 26 Jan 2012 18:15:00 GMT http://www.infosecurity-magazine.com/view/23498/o2-apologizes-for-security-breach/ http://www.infosecurity-magazine.com/view/23496/haste-makes-waste-energy-departments-smart-grid-review-leaves-cybersecurity-in-the-lurch/ The US Department of Energy’s (DOE) accelerated approach for approving funding of smart grid projects led to inadequate review of cybersecurity plans, warned the DOE’s Inspector General (IG). Thu, 26 Jan 2012 18:00:00 GMT http://www.infosecurity-magazine.com/view/23496/haste-makes-waste-energy-departments-smart-grid-review-leaves-cybersecurity-in-the-lurch/ http://www.infosecurity-magazine.com/view/23487/attitudes-and-perceptions-in-mobile-security/ January 28 is the US is Data Privacy Day (it’s also the European Data Protection Day). To mark the event, a new report on users’ attitudes toward and understanding of mobile security issues has been published. Thu, 26 Jan 2012 15:15:00 GMT http://www.infosecurity-magazine.com/view/23487/attitudes-and-perceptions-in-mobile-security/ http://www.infosecurity-magazine.com/view/23492/ec-publishes-proposed-data-protection-reforms/ European Justice Commissioner, Viviane Reding, has unveiled the new European data privacy framework that includes a new regulation and a new directive. Thu, 26 Jan 2012 15:00:00 GMT http://www.infosecurity-magazine.com/view/23492/ec-publishes-proposed-data-protection-reforms/ http://www.infosecurity-magazine.com/view/23480/hackers-ramping-up-their-firepower-says-study/ Hackers have increased their firepower by 30% when they go after websites, according to Imperva’s second Web Application Attack Report (WAAR). Thu, 26 Jan 2012 11:14:00 GMT http://www.infosecurity-magazine.com/view/23480/hackers-ramping-up-their-firepower-says-study/ http://www.infosecurity-magazine.com/view/23479/google-squashes-security-bugs-in-chrome-pays-over-6000-in-bounties/ Google has plugged a number of serious vulnerabilities in its Chrome browser and paid out $6,133.70 in bug bounties. Thu, 26 Jan 2012 09:57:00 GMT http://www.infosecurity-magazine.com/view/23479/google-squashes-security-bugs-in-chrome-pays-over-6000-in-bounties/ http://www.infosecurity-magazine.com/view/23477/pacific-northwest-train-signals-disrupted-by-hacker-says-tsa/ Hackers, possibly from abroad, attacked a Pacific Northwest railway company’s computer system, disrupting railway signals in December, according to the US Transportation Security Administration (TSA). Wed, 25 Jan 2012 17:00:00 GMT http://www.infosecurity-magazine.com/view/23477/pacific-northwest-train-signals-disrupted-by-hacker-says-tsa/ http://www.infosecurity-magazine.com/view/23478/o2-investigates-security-risk-allegation/ UK mobile operator O2 is investigating claims it is putting customer security at risk by sending their phone numbers as header information to websites they visit. Wed, 25 Jan 2012 16:30:00 GMT http://www.infosecurity-magazine.com/view/23478/o2-investigates-security-risk-allegation/ http://www.infosecurity-magazine.com/view/23476/nist-issues-guidelines-for-public-cloud-computing-security/ The National Institute of Standards and Technology (NIST) has issued its first set of guidelines for managing security and privacy issues in the public cloud. Wed, 25 Jan 2012 16:13:00 GMT http://www.infosecurity-magazine.com/view/23476/nist-issues-guidelines-for-public-cloud-computing-security/ http://www.infosecurity-magazine.com/view/23474/it-security-budgets-are-expected-to-increase-this-year/ More than half of organizations expect to increase their information security spending in 2012, some by 8% of more, according to a survey by the Enterprise Strategy Group (ESG). Wed, 25 Jan 2012 15:55:00 GMT http://www.infosecurity-magazine.com/view/23474/it-security-budgets-are-expected-to-increase-this-year/ http://www.infosecurity-magazine.com/view/23475/google-privacy-rewrite-raises-data-protection-concerns/ Google plans to consolidate and simplify over 70 privacy documents covering its different products into a single privacy policy, allowing it to combine users' personal information across its products and services. Wed, 25 Jan 2012 15:45:00 GMT http://www.infosecurity-magazine.com/view/23475/google-privacy-rewrite-raises-data-protection-concerns/ http://www.infosecurity-magazine.com/view/23467/carberp-targets-french-broadband-service/ Carberp, increasingly the malware of choice for online banking fraud, has been found targeting French broadband customers. Wed, 25 Jan 2012 12:29:00 GMT http://www.infosecurity-magazine.com/view/23467/carberp-targets-french-broadband-service/ http://www.infosecurity-magazine.com/view/23465/viruses-and-worms-are-evolving-into-frankenmalware/ Viruses infect executables. Worms are executables. So viruses can, and are, infecting worms. The result, claims anti-virus company BitDefender, is a new category of threat: Frankenmalware. Wed, 25 Jan 2012 11:36:00 GMT http://www.infosecurity-magazine.com/view/23465/viruses-and-worms-are-evolving-into-frankenmalware/ http://www.infosecurity-magazine.com/view/23463/use-of-google-docs-is-illegal-in-norway/ The Open Digital Policy Organization reports that the Norwegian Data Inspectorate has effectively declared use of Google Apps in Norway to be illegal. Wed, 25 Jan 2012 11:00:00 GMT http://www.infosecurity-magazine.com/view/23463/use-of-google-docs-is-illegal-in-norway/ http://www.infosecurity-magazine.com/view/23449/oneclick-fraud-migrates-to-mobile-apps/ One-click fraud targeting smartphones, which was first discovered in Japan last year, has evolved this year into using mobile applications, warns Symantec researchers. Wed, 25 Jan 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/23449/oneclick-fraud-migrates-to-mobile-apps/ http://www.infosecurity-magazine.com/view/23448/supreme-court-rules-against-warrantless-gps-tracking/ The US Supreme Court has ruled that placing GPS tracking devices on a vehicle without a warrant is an unlawful search and seizure. Tue, 24 Jan 2012 20:49:00 GMT http://www.infosecurity-magazine.com/view/23448/supreme-court-rules-against-warrantless-gps-tracking/ http://www.infosecurity-magazine.com/view/23444/anti-acta-hacktivists-attack-polish-government-sites/ Hactivists have attacked Polish government websites in protest at its intention to sign up to the international Anti-Counterfeiting Trade Agreement (ACTA) Tue, 24 Jan 2012 20:00:00 GMT http://www.infosecurity-magazine.com/view/23444/anti-acta-hacktivists-attack-polish-government-sites/ http://www.infosecurity-magazine.com/view/23436/new-york-utilities-disclose-thirdparty-unauthorized-access-to-customer-data/ Two New York power companies, which have 1.8 million customers, have disclosed that customers' personal information, including social security numbers, dates of birth, and financial account data, may have been compromised by third-party unauthorized access. Tue, 24 Jan 2012 17:54:00 GMT http://www.infosecurity-magazine.com/view/23436/new-york-utilities-disclose-thirdparty-unauthorized-access-to-customer-data/ http://www.infosecurity-magazine.com/view/23438/megaupload-founder-awaiting-extradition/ Megaupload.com founder Kim Dotcom is awaiting extradition to the US after the country requested New Zealand authorities detain him, pending a formal extradition request. Tue, 24 Jan 2012 17:30:00 GMT http://www.infosecurity-magazine.com/view/23438/megaupload-founder-awaiting-extradition/ http://www.infosecurity-magazine.com/view/23435/twitter-acquires-malware-security-firm-dasient/ Microblogging site Twitter has acquired Dasient, a Sunnyvale, Calif.-based provider of spam and malware protection services, for an undisclosed sum. Tue, 24 Jan 2012 17:25:00 GMT http://www.infosecurity-magazine.com/view/23435/twitter-acquires-malware-security-firm-dasient/ http://www.infosecurity-magazine.com/view/23432/former-cia-officer-charged-with-leaking-classified-information/ The Department of Justice (DoJ) has charged John Kiriakou, a former CIA officer, with leaking classified information to journalists. Tue, 24 Jan 2012 16:49:00 GMT http://www.infosecurity-magazine.com/view/23432/former-cia-officer-charged-with-leaking-classified-information/ http://www.infosecurity-magazine.com/view/23429/zappos-faces-classaction-lawsuit-on-behalf-of-24-million-customers/ A Zappos’ customer has filed a class-action lawsuit against parent company Amazon.com for the recent data breach that exposed personal information on 24 million customers. Tue, 24 Jan 2012 13:55:00 GMT http://www.infosecurity-magazine.com/view/23429/zappos-faces-classaction-lawsuit-on-behalf-of-24-million-customers/ http://www.infosecurity-magazine.com/view/23426/megaupload-typosquatting-exposed/ The MegaUpload take-down is one of the hottest stories on the net, involving the FBI, illegal file-sharing, hackers’ revenge, the specter of SOPA and more. But don’t be too curious... Tue, 24 Jan 2012 12:29:00 GMT http://www.infosecurity-magazine.com/view/23426/megaupload-typosquatting-exposed/ http://www.infosecurity-magazine.com/view/23423/cybersource-releases-its-8th-annual-uk-fraud-report/ CyberSource, a payment management company working in e-commerce and providing a fraud management system to e-commerce merchants, has published its latest report: UK Online Fraud Report 2012. Tue, 24 Jan 2012 11:50:00 GMT http://www.infosecurity-magazine.com/view/23423/cybersource-releases-its-8th-annual-uk-fraud-report/ http://www.infosecurity-magazine.com/view/23410/eu-official-to-propose-data-protection-overhaul-this-week/ EU Justice Commissioner Viviane Reding is proposing this week a comprehensive reform of the EU Data Protection Directive, including a requirement that all companies notify national authorities and customers within 24 hours of a breach of personal information. Tue, 24 Jan 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/23410/eu-official-to-propose-data-protection-overhaul-this-week/ http://www.infosecurity-magazine.com/view/23409/scammers-offer-free-500-amazon-gift-card-on-facebook/ Facebook scammers are offering a “free” $500 Amazon.com gift card as part of a premium rate mobile phone service and affiliate marketing site scheme. Tue, 24 Jan 2012 09:45:00 GMT http://www.infosecurity-magazine.com/view/23409/scammers-offer-free-500-amazon-gift-card-on-facebook/ http://www.infosecurity-magazine.com/view/23408/australian-regulator-uncovers-hack-of-online-stockbroking-firms/ The Australian Securities and Investment Commission (ASIC) is warning traders about recent hacks of online stockbrokers. Tue, 24 Jan 2012 09:15:00 GMT http://www.infosecurity-magazine.com/view/23408/australian-regulator-uncovers-hack-of-online-stockbroking-firms/ http://www.infosecurity-magazine.com/view/23407/india-to-establish-new-national-cybersecurity-board/ India is setting up a new regulator for cybersecurity and telecom to be called the National Telecom Network Security Coordination Board. Tue, 24 Jan 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/23407/india-to-establish-new-national-cybersecurity-board/ http://www.infosecurity-magazine.com/view/23414/microsoft-names-the-man-behind-the-kelihos-botnet/ Last September, Microsoft and Kaspersky Labs took down the Kelihos botnet. While Kaspersky now has control of the botnet, in a court filing in Virginia, Microsoft yesterday named Andrey Sabelnikov as the owner and operator of Kelihos. Tue, 24 Jan 2012 09:00:00 GMT http://www.infosecurity-magazine.com/view/23414/microsoft-names-the-man-behind-the-kelihos-botnet/ http://www.infosecurity-magazine.com/view/23394/research-shows-companies-prioritize-social-distractions-over-security/ New research from Trend Micro suggests that business hasn’t got the right balance between preventing distraction and ensuring security in the face of growing consumerization. Mon, 23 Jan 2012 11:53:00 GMT http://www.infosecurity-magazine.com/view/23394/research-shows-companies-prioritize-social-distractions-over-security/ http://www.infosecurity-magazine.com/view/23391/jailbreak-for-iphone-4s-released/ Dev-Team and Chronic Dev-Team have released Absinthe, an untethered (doesn’t need to be booted from a computer) jailbreak for the Apple iPhone 4s and iPad 2. Mon, 23 Jan 2012 10:59:00 GMT http://www.infosecurity-magazine.com/view/23391/jailbreak-for-iphone-4s-released/ http://www.infosecurity-magazine.com/view/23387/jericho-forum-intensifies-push-for-open-approach-to-internet-identities/ The Jericho Forum, a worldwide independent grouping of CISOs, academics and government institutions within the Open Group, is concerned that all future identity projects should avoid the ‘Big Brother approach’ illustrated by the UK approach to national ID cards. Mon, 23 Jan 2012 10:37:00 GMT http://www.infosecurity-magazine.com/view/23387/jericho-forum-intensifies-push-for-open-approach-to-internet-identities/ http://www.infosecurity-magazine.com/view/23374/through-the-glass-box-ibm-improves-web-app-security-testing/ IBM has developed “glass box” technology that uses static (white box) and dynamic (black box) testing methods to locate vulnerabilities in web applications. Fri, 20 Jan 2012 20:51:00 GMT http://www.infosecurity-magazine.com/view/23374/through-the-glass-box-ibm-improves-web-app-security-testing/ http://www.infosecurity-magazine.com/view/23373/spyapproved-secure-version-of-android-released/ The US National Security Agency (NSA) has released a secure version of Google’s Android platform, dubbed secure enhanced (SE) Android, which is based on an application-level permissions model. Fri, 20 Jan 2012 19:45:00 GMT http://www.infosecurity-magazine.com/view/23373/spyapproved-secure-version-of-android-released/ http://www.infosecurity-magazine.com/view/23372/oracles-database-patching-process-not-prophetic-say-analysts/ Analysts are again criticizing Oracle's patching process, noting that only two vulnerabilities were patched in the popular Database product out of a total of 78 patches released this week. Fri, 20 Jan 2012 17:21:00 GMT http://www.infosecurity-magazine.com/view/23372/oracles-database-patching-process-not-prophetic-say-analysts/ http://www.infosecurity-magazine.com/view/23371/anonymous-launches-attack-in-response-to-fbis-megaupload-takedown/ The ever-present hacktivist group Anonymous is claiming that it took down the websites of the US Department of Justice (DoJ), the FBI, the Motion Picture Association of America, and other organizations in protest to US law enforcement's shutting down of the Megaupload file sharing site. Fri, 20 Jan 2012 16:20:00 GMT http://www.infosecurity-magazine.com/view/23371/anonymous-launches-attack-in-response-to-fbis-megaupload-takedown/ http://www.infosecurity-magazine.com/view/23370/former-us-national-security-officials-urge-senate-to-pass-cybersecurity-bill/ Former US national security officials from the Clinton, Bush, and Obama administrations are pushing the Senate for passage of comprehensive cybersecurity legislation. Fri, 20 Jan 2012 15:19:00 GMT http://www.infosecurity-magazine.com/view/23370/former-us-national-security-officials-urge-senate-to-pass-cybersecurity-bill/ http://www.infosecurity-magazine.com/view/23358/law-society-tougher-than-the-ico-on-andrew-crossley/ Andrew Crossley was the solicitor behind the ACS:Law scandal. His firm sent out some 20,000 speculative letters to ‘illegal file sharers’ demanding payment of £500 in reparation to his rightsholder clients (in this case MediaCAT, which represented the individual copyright owners). Fri, 20 Jan 2012 10:00:00 GMT http://www.infosecurity-magazine.com/view/23358/law-society-tougher-than-the-ico-on-andrew-crossley/ http://www.infosecurity-magazine.com/view/23356/mixed-but-depressing-findings-in-european-corporate-governance-recruitment/ Barclay Simpson’s 2012 Corporate Governance Market Report shows generally declining confidence in the internal audit, compliance, risk, and legal recruitment markets, with information security alone bucking the trend. Fri, 20 Jan 2012 09:54:00 GMT http://www.infosecurity-magazine.com/view/23356/mixed-but-depressing-findings-in-european-corporate-governance-recruitment/ http://www.infosecurity-magazine.com/view/23353/ransomware-pretending-to-be-law-enforcement/ Recent months have seen the arrival of a new type of ransomware based on a legal threat from supposed law enforcement agencies. Fri, 20 Jan 2012 09:27:00 GMT http://www.infosecurity-magazine.com/view/23353/ransomware-pretending-to-be-law-enforcement/ http://www.infosecurity-magazine.com/view/23350/mobile-devices-in-the-workplace-cause-more-security-breaches-say-firms/ Close to three-quarters of businesses believe mobile devices have caused an increase in security incidents, according to a survey sponsored by IT security firm Check Point Software Technologies. Fri, 20 Jan 2012 09:04:00 GMT http://www.infosecurity-magazine.com/view/23350/mobile-devices-in-the-workplace-cause-more-security-breaches-say-firms/ http://www.infosecurity-magazine.com/view/23348/dhs-teams-with-dod-on-cybersecurity-project-with-industry/ The US Department of Homeland Security (DHS) is working with the Department of Defense (DoD) on a pilot project to share cybersecurity threat information with industry. Thu, 19 Jan 2012 21:13:00 GMT http://www.infosecurity-magazine.com/view/23348/dhs-teams-with-dod-on-cybersecurity-project-with-industry/ http://www.infosecurity-magazine.com/view/23347/internet-protests-rattle-cages-on-capitol-hill/ Wednesday's online protests by Wikipedia, Google, Reddit.com, and many other websites in response to anti-piracy legislation being considered by Congress has caused support for SOPA and PIPA to crumble among some lawmakers. Thu, 19 Jan 2012 20:19:00 GMT http://www.infosecurity-magazine.com/view/23347/internet-protests-rattle-cages-on-capitol-hill/ http://www.infosecurity-magazine.com/view/23343/us-authorities-extradite-suspected-russian-cybercriminal/ The US has extradited from Switzerland Vladimir Zdorovenin, a Russian citizen accused of running an elaborate cyber-based credit card scam, authorities announced. Thu, 19 Jan 2012 18:23:00 GMT http://www.infosecurity-magazine.com/view/23343/us-authorities-extradite-suspected-russian-cybercriminal/