Infosecurity News

  1. Google ships Chrome 18 with nine security fixes

    Google has issued yet another version of Chrome, number 18 if you are still counting, which fixes nine security flaws and beefs up graphics.

  2. Blackhole: the 1-day exploit kit

    ESET has reported on the latest version of the Blackhole exploit kit, noting that it has been updated to include a recent Java vulnerability.

  3. Our expert is better than your expert, says Hotfile to Warner Bros

    Hotfile is being sued by Warner Bros (and others) – the MPAA – for copyright infringement; Hotfile is countersuing for bogus copyright infringement claims.

  4. Yahoo commits to honoring Do-Not-Track

    Do-Not-Track (DNT) is the evolving standard that will provide internet users with greater control over their privacy on the internet. “Yahoo websites worldwide will comply with visitors’ Do-Not-Track preferences starting later this year,” said the company on Wednesday.

  5. Mediyes trojan underscores need for proper key management

    The discovery of the Mediyes trojan using a valid digital signature has raised concerns about the need for proper key management, noted John Grimm with Thales e-Security.

  6. Weaponized MS Word files targeting Macs

    Weaponized Word files targeting Macs have been identified by AlienVault Labs, which says the malware is coming from the same Chinese group that has been targeting the Tibetan government and nongovernmental organizations.

  7. Close to half of SpyEye banking trojan domains located in US

    Close to half of the domains and hosts for the SpyEye banking trojan are located in the US, according to research by South Korea’s AhnLab.

  8. ESingles provides detailed denial of website hack

    ESingles, the parent company of MilitarySingles.com, has issued a detailed denial of the claim that it was hacked by Lulzsec Reborn.

  9. Seven flaws fixed in Opera web browser with 11.62 update

    Opera has plugged a total of seven vulnerabilities in its web browser with its update to version 11.62.

  10. Government needs to work with academia to head off cybersecurity gaps early

    Government should work more closely with academia to address cyber vulnerabilities at an early stage of technology development, rather than waiting until flaws are discovered once the products hit the market. This argument was made by Stephen Flynn, codirector of Northeastern University’s George J. Kostas Research Institute for Homeland Security.

  11. Adobe patches two critical holes in Flash Player, adds automatic update option

    Adobe has patched two critical vulnerabilities and added a background security updater for Windows in its Flash Player 11.2 release.

  12. Top national security official pins RSA breach on China

    The US government has evidence that Chinese hackers were responsible for the breach of RSA last year that compromised the company’s “underlying software” and required the replacement of hundreds of SecurID tokens, a top national security official told Congress this week.

  13. Kelihos.B, son of Kelihos (and father of Kelihos.C) taken down

    While Microsoft has been busy taking down Zeus botnets, its earlier partner in anti-crime, Kaspersky Labs, has been engaged in taking down Kelihos.B; the direct linear descendant of the original Kelihos.

  14. A new European Cybercrime Center

    The EU’s long awaited new Cybercrime Center was announced on Wednesday. It will be housed within Europol in the The Hague and will have a budget of just over €3m.

  15. Beware: Draw Something Twitter scam

    Just like jokes, the old scams are the best scams. They only become old because they work; and the surprising thing is that they continue to work despite all the warnings from researchers like Graham Cluley.

  16. Millions of internet users trust weak passwords, research reveals

    Online passwords are so insecure that 1% can be cracked within 10 guesses, according to a researcher at Cambridge University.

  17. Carders Market leader pleads guilty to ID theft/fraud scheme

    Chris Aragon, one of the leaders of the ID theft and fraud forum known as the Carders Market, has pled guilty to stealing thousands of personal identities and counterfeiting credit cards to buy high-end goods that were resold on eBay and craigslist.

  18. FTC reaches settlement on charges over RockYou breach

    The US Federal Trade Commission (FTC) has reached a settlement with the social gaming site RockYou over charges it failed to protect the privacy of its users, enabling hackers to access personal information on 32 million users in 2009.

  19. Keeping the customer satisfied: cybercriminals focus on service

    Cybercriminals are shifting to a business model known as malware-as-a-service (MaaS), where authors of exploit kits offer extra services to customers in addition to the exploit kit itself. It was just one of the observations in Verisign’s '2012 iDefense Cyber Threats and Trends' report.

  20. Digital Crime: Fourth great era of organized crime

    Organized digital crime is growing – but we still know little about the structure of organized digital crime groups. A new report from BAE Detica Systems and the John Grieve Centre for Policing and Security at London Metropolitan University seeks to change this.

Why not watch?

  1. Navigating the Evolving Cybersecurity Compliance Landscape in 2024

  2. Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

  3. Is MFA Enough? Strategies for Next-Level Identity Security in 2024

  4. Learn from the NHS - Proactive Password Security for Improved Cybersecurity

What’s hot on Infosecurity Magazine?