Infosecurity News

  1. Malware No Longer Avoids Virtual Machines

    Most enterprises are implementing virtualization, so malware authors are learning to write their code to attack that infrastructure more effectively.

  2. Android RAT Krysanec Masquerades as Legit Apps

    Undetected, the bug sets up a backdoor to siphon off all kinds of personal information.

  3. LastPass Users Left in the Lurch After Massive Outage

    Datacenter downer as firms are left unable to access key online accounts

  4. Chinese Heart App Virus Slams 100,000 Android Phones

    Malware written by software student spreads like wildfire in the Middle Kingdom.

  5. 2014 So Far: The Year of the Data Breach

    Attacks are intensifying, and have already claimed 10 million personal records.

  6. SecureAuth Adds Risk-based Authentication Scheme

    Latest stab at "post-password" security adds live threat intelligence to the mix.

  7. Xiaomi Issues Update After Data Privacy Concerns

    MIUI Cloud Messaging made opt-in after negative feedback.

  8. Need Data Breach Statute Compliance? There's an App for That

    Data Breach 411 for Apple OS gives executives all the state security breach statutes at their fingertips.

  9. Click Fraud Malware Found Lurking Inside Image Files

    Dell SecureWorks researchers warn of growing threat from digital steganographic techniques.

  10. XSSposed Aims to Call Out Compromised Websites

    The public archive of compromised websites is meant to motivate companies to patch simple vulnerabilities.

  11. Sophisticated Spy Campaign Targets Former Eastern Bloc Countries

    Espionage malware has persisted in embassies and state offices for at least four years.

  12. BlackHat 2014: Mobile Point of Sale Devices at Risk from Hackers

    Hackers can take over mobile point of sale devices through various means, including inserting a maliciously crafted card.

  13. BlackHat 2014: Medical Device Security Not as High Risk as Previously Claimed

    While it's true that medical devices are vulnerable and can be tampered with, these attacks are still in the realm of unlikelyhood.

  14. BlackHat 2014: Square Launches Bug Bounty Program

    The program has paid $250-$1,500 per bug for uncovering card payment issues.

  15. Google Gives HTTPS a Helping Hand by Demoting Insecure Sites

    Web giant will use the secure protocol as a ‘signal’ in search ranking algorithm

  16. FBI Used Drive-By-Downloads to Expose Tor Pedophiles

    Controversial Operation Torpedo has come to light through released court documents.

  17. BlackHat 2014: Airport Scanners Riddled with Security Flaws

    The scanners used by many airports in the United States are riddled with security flaws, a security researcher told attendees at the Black Hat conference in Las Vegas Wednesday.

  18. WordPress Vulnerability Affects A Quarter of the Internet

    The wide-net bug paves the way for massive DDoS attacks that can’t be mitigated by normal security measures.

  19. John McAfee: Google and Facebook’s Erosion of Privacy is a Tragedy

    AV founder calls on users to take a stand against apps which are chipping away at personal freedoms.

  20. NSS Launches Cyber Resiliency Center

    The SaaS tool runs “what if?” scenarios that model a given environment’s deployed security layers, to show which threats are able to exploit their attack surface.

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?