Infosecurity News

Crystal ball time: Top 2013 risks include cyber war, cloud and BYOD

As the year draws inexorably to a close, it’s only fair and natural that we, as an industry, peer into the future to see what could await us in the New Year. The latest to tackle such prognostication is the Information Security Forum (ISF), which has ID’d the top five security threats businesses will face in 2013.

UK, European politicians pledge support to online child sex abuse hotline

More than 50 politicians from England, Wales, Scotland, Northern Ireland and continental Europe have signed up to fight online child sexual abuse with the Internet Watch Foundation.

91% of APT attacks start with a spear-phishing email...

...and 94% of the emails carry a malicious attachment – usually in ZIP, XLS or RTF format. These are the findings of new research published today.

AV ‘provides insufficient protection’ claims new report

The rate of detection for new viruses, claims a new report that tested 80 of them and is about to be published, is zero.

LulzSec hacker Hammond faces 30 years

At a bail hearing last week, Chief U.S. District Judge Loretta Preska denied bail and warned LulzSec’s Hammond that he faces a custodial sentence of 30 years.

Critical infrastructure at risk from SCADA vulnerabilities

SCADA software, used for industrial control mechanisms in utilities, airports, nuclear facilities, manufacturing plants and the like, is increasingly a target for hackers looking to exploit what appear to be growing numbers of vulnerabilities – giving rise to fears that critical infrastructure may be at risk.

Yahoo! mail exploit on sale for $700

A new zero-day vulnerability in Yahoo! Mail has given rise to a $700 exploit for sale in the hacking underground.

UN nuclear agency compromised by anti-Israel hacktivists

Another Middle East-focused cyber-attack has been launched, but it’s a piece of news that would not be out of place in the Cold War era: the International Atomic Energy Agency has been hacked. Information from an out-of-use server has been stolen and posted online.

The salami apocalypse – big data in the wrong hands

The world is not facing a Mayan calendar doomsday next month so much as a salami apocalypse next year: threats built layer upon layer from small bits of information that can be combined into detailed personal profiles.

Privacy advocates ask Facebook to withdraw proposed policy changes

A letter signed by Marc Rotenberg, president at the Electronic Privacy Information Center and Jeffrey Chester, president at the Center for Digital Democracy, has asked Mark Zuckerberg to withdraw the newly announced changes to Facebook’s Data Use Policy.

Europol and ICE seize 132 domain names on Cyber Monday

The US Operation In Our Sights temporarily morphed into Project Cyber Monday 3 – with a European Project Transatlantic offshoot – and netted a combined haul of 132 seized counterfeiting website domains.

High-end Citadel financial malware overtakes Zeus as king

Citadel, which researchers say is essentially the Lamborghini of the financial information-stealing malware scene, is well on its way to overtaking Zeus and SpyEye as the go-to banking trojan after only being discovered earlier this month.

What’s Hot on Infosecurity Magazine?