RSS Alerts

Share

More services

Related Links

Related Stories

  • iPhone banking trojan creates botnet from Apple devices
    A third piece of iPhone malware has appeared, pushing the envelope further than ever before by creating a botnet of infected devices and acting as a banking trojan.
  • Twitter company files leaked in Cloud Computing security failure
    Twitter has once again been hit by a lapse of security, this time with a hacker posting a set of internal company documents from the Twitter site and service, lifted from the GoogleApps online data sharing and collaboration system.
  • New Data Integrity Attacks on the Block
    While the information security world has had its attention fixed on data loss prevention since the TJX breach in early 2007, it has failed to acknowledge the rising issue of data integrity attacks. Sarb Sembhi investigates a threat that he predicts will soon take the industry by storm.
  • Forrester questions the security of cloud computing
    With the economic downturn, cloud computing is seen as a way to improve operational efficiency, reduce headcounts and help with the bottom line, but according to the report from Massachusetts-based Forrester Research on cloud computing, organisations should not jump on the ‘cloud wagon’ before considering security and privacy concerns.
  • Heartland Discovers Card Heist
    Payment processing company Heartland Payment Systems was red-faced last week after the disclosure of a data breach that took place in 2008.

Top 5 Stories

News

Weekly brief, December 21, 2009

21 December 2009

Infosecurity rounds up the week's information security news.

The SAFE Web Act is working, according to a report from the Federal Trade Commission. The Act allows the FTC to work across borders with foreign law enforcement agencies.

TJX hacker Albert Gonzalez was working with Russian accomplices to carry out his crimes. The information was revealed in a digital document that had been incorrectly redacted, allowing others to read the information. Gonzalez was also involved in the Heartland Payment Systems data breach, for which Heartland has just agreed to pay American Express $3.6 million in damages.

Malware peddlers are now using Google's frequently-altered front-page graphic to direct victims to their wares. They are using search engine optimization techniques to get poisoned results into the set delivered when victims click on the graphic. Visitors to the search engine giant's graphic commemorating the inventor of the language Esperanto received pages half-filled with poisoned results, said reports.

The poisoned Google results were touting rogue anti-virus malware. Rogue AV vendors have grown better than ever at copying the user interfaces offered by legitimate products, according to an analysis by Kaspersky researchers.

The Cloud Security Alliance unveiled the latest version of its cloud security guidance, just as Sun Microsystems announced a collection of cloud security products. These include the Cloud Safety Box, which enables administrators to encrypt and split content stored in the cloud, and its Security Enhanced Virtual Machine Images, which ship with security features such as non-executable stacks enabled by default.

SRI International has published a report on the Ikee.B iPhone botnet that provides extensive detail on its inner workings.

Twitter's website was temporarily redirected to a site operated by Iranian hackers, after its DNS records were compromised.

Pennsylvania State University warned that up to 261 social security numbers may have been compromised after one of its computers was infected with malware.

This article is featured in:
Internet and Network Security • Malware and Hardware Security • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012