Infosecurity News

  1. Bad Botnet Growth Skyrockets in 2017

    There was a 37% increase in botnet command-and-control (C&C) listings in 2017, with the majority (68%) of them being hosted on servers run by threat actors.

  2. CoffeeMiner Forces Coffee Shop Visitors to Mine for Monero

    Bad guys can access all of the compute power connected to a particular public Wi-Fi network, all at once, to mine for cryptocurrency.

  3. As Cloud Looms, Security Tops IT Resilience Investment

    The majority of IT professionals are investing in virus protection (71%), malware protection (67%), patch management (53%), and IDP (52%).

  4. Carphone Warehouse Breach Results in £400K Fine

    ICO forces retailer to pay up, but larger fines await with GDPR

  5. Patch Tuesday: More Work for Admins With 56 Flaws to Fix

    Scheduled updates follow last week’s out-of-band patches

  6. FBI Boss: We Don’t Want Backdoors, but We Do Want Access to Encrypted Devices

    Wray claims Feds have nearly 7800 devices they can’t access

  7. Reddit Users Lose Bitcoin Tips After Third-Party Breach

    Reddit has confirmed that one of its email providers, Mailgun, has been breached.

  8. (ISC)² Names Infrastructure and Security Director

    Bruce Beam will lead all aspects of (ISC)²’s global IT/ICT and cybersecurity operations.

  9. India Exposes Personal Info for 1 Billion Citizens

    The Tribune of India was able to access the entirety of the state identification database for just $8.

  10. Cloud Workloads at Risk from Security, Management & Compliance Failures

    Security top concern on future cloud adoption for IT decision makers

  11. Tories left Red-Faced After HTTPS Gaffe

    UK Conservative Party lets secure cert expire

  12. VTech to Pay $650K to Settle Kids’ Privacy Case

    Digital toymaker was also accused by FTC of failing to properly secure children’s data

  13. WPA3 Set to Secure Public Wi-Fi Networks in 2018

    New protocol will land later this year

  14. Hard-Coded Backdoor in My Cloud Devices Offers Attackers Access to Personal Photos, Videos

    Threat actors could gain control over the device, exfiltrate information and spread malware.

  15. Google Drive Exploited to Download Malware Directly from URL

    Proofpoint uncovered the vulnerability and created a proof of concept exploit for the issue, which exists in the Google Apps Script.

  16. Monero Crypto-Mining Invades BlackBerry Mobile Site

    Coinhive weighed in on the Reddit thread saying that the site appears to have been surreptitiously infected.

  17. UK Companies Set to Splurge on Cyber-Risk Mitigation

    ICSA report claims cyber remains top risk for boardrooms in 2018

  18. Attackers Target Winter Olympics with Weaponized Word Doc

    New steganography tool used to obfuscate attack

  19. UK Firms Deluged with Cyber-Attacks in 2017

    ISP spots 633 daily attempts per business to breach the corporate firewall

  20. Apple Confirms Devices Affected by Meltdown, Spectre

    As vendors rush patches out, Shadow Brokers claims it has an exploit for sale.

Why Not Watch?

  1. How To Enhance Security Operations with AI-Powered Defenses

  2. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?