Infosecurity News

  1. Kaspersky Unveils Interactive Cyberthreat Map

    The trend toward visualizing virtual threat data continues with an interactive cyberthreat map from Kaspersky Lab, which displays cybersecurity incidents occurring worldwide in real time.

  2. Insider Leaks 1,000-page Dossier on BBC Confidential Sources

    The UK’s Information Commissioner’s Office has been asked to investigate alleged breaches of data protection laws after a former employee of Films on Record leaked a 1,000-page dossier of confidential information and source material from the BBC to the Mayor of Tower Hamlets.

  3. 'Online Learning' Scam Delivers Bogus Card Charges

    A prolific international scheme designed to fleece unwary consumers with bogus sub-$15 charges is making the rounds, according to security researcher Brian Krebs. The common thread? The victims have all paid for online learning tools, but instead have been subjected to multiple junk charges from a company called “BLS Weblearn.”

  4. Tesla Electric Vehicle Owners Should Beware the Phish

    Connected cars are continuing to wheel their way into consumer lives, with some, like Elon Musk’s Tesla line of electric vehicles, serving as prototypes for the Internet of Things (IoT)-enabled future. Sleek, sustainable and connected, the Tesla Model S is a futuristic automobile, with a robust set of communications capabilities. But because it connects with car owners and the Tesla infrastructure using a variety of TCP/IP mechanisms, one researcher is highlighting potential security issues.

  5. Sally Beauty Data Breach Larger than Originally Thought

    The Sally Beauty data breach is likely larger than the 25,000 records the cosmetic supply company originally thought had been compromised. It has issued a statement noting that the unauthorized intrusion into its network it detected on March 5 may have affected a larger number of additional records containing payment card data.

  6. Facebook Builds its Own Threat Information Framework

    Keeping ahead of web-based threats requires a mechanism to continually search for new types of attacks while understanding existing ones. However, data fragmentation and threat complexity plagues efforts to keep track of all the data related to malware, phishing and other risks – differences in how threats are discussed, categorized or even named vary from platform to platform and vendor to vendor. Facebook is taking steps to solve the issue for itself with the release of ThreatData.

  7. Tax Phishes Spawn on Both Sides of Atlantic

    Tax season in both the US and the UK is upon us and it looks like cybercriminals are once more trolling for unwitting victims with thematic phishing emails aimed to those preparing to render unto Caesar.

  8. (ISC)² Teams with University of Phoenix for Cybersecurity Scholarships

    With an eye toward tackling the cybersecurity workforce skills shortage, the University of Phoenix and the (ISC)² Foundation are teaming up to offer nine full-tuition scholarships for individuals looking to devote themselves to information security.

  9. Angry Birds Leaks a Host of Info to Marketers

    Bad piggies may need to be toppled, but fans of the ubiquitous Angry Birds mobile app should be aware that the popular game collects and shares players’ personal information much more widely than most people realize.

  10. Criminal Underground is a Sophisticated Metropolis, with Stores, Education, and Law & Order

    “Shadowy hacker underworld.” “Dark Web.” “Underground cyber-forum.” These are the phrases that get bandied about referring to those dark corners of the internet where cybercriminals publish their malware, espionage campaigns are hatched and hacktivist manifestos are discussed. The verbiage is decidedly DIY. But new research suggests that these cyber black markets are hardly makeshift affairs: rather, they account for a mature and growing multi-billion-dollar economy with a robust infrastructure and social organization.

  11. Analysis of 3 Billion Attacks Demonstrates Security Gap Between Attack and Defense

    For the first time, NTT has pooled the resources of its group companies and produced a threat report based on an analysis of 3 billion attacks. What it found is that while attackers move faster than defenders, and there are still many basic processes and procedures that companies are failing to implement.

  12. NHS Care.data PR Fiasco Continues as Google Pulls Out of Secret Deal

    First the NHS was forced to delay its care.data project (storage of all patient GP health data in a central data warehouse) for six months; then it was learned that PA Consulting had obtained 27 DVDs of hospital event statistics (HES) and uploaded them to Google cloud (followed by a complaint being raised with the ICO); and now Google has pulled out of search discussions with the NHS because it is 'too toxic'.

  13. Snoopy: A Non-NSA Flying Stingray

    Stingray is a US law enforcement spoof cell tower used to track the location of mobile phones. Snoopy is a project conducted by London-based Sensepost Research Labs that does similar and much more with any WIFI-enabled device. Now Snoopy has gone airborne – mounted on a drone it can hover above a target area and trick mobile devices into connecting: a form of flying MITM attack.

  14. Apple Mac Ebay Scam Gang Busted

    EC3, the cyber branch of Europol, has dismantled a Polish gang involved in online auction fraud. The gang would offer electronic items such as Apple computers, but deliver anything from a brick to items of fruit and vegetables. The scam involved Ebay and Polish auction sites, and was busted through the cooperation of the Polish National Police, Europol and Ebay.

  15. Turkish Twitter Ban: An Exercise in Futility?

    Following a nationwide ban on Twitter last week, thousands of internet denizens have been working successfully to get around the moratorium. Now, Turkey has taken steps to thwart circumvention efforts that will result in IP address filtering – but it could be an exercise in futility.

  16. Time Warner Fielded Fewer than 250 National Security Information Requests in 2013

    In the wake of Edward Snowden’s revelations and allegations that top ISPs and tech companies were complicit in the mass surveillance of the American people by the NSA, there has been an avalanche of transparency reports detailing law enforcement requests for user information and what became of them. The latest is Time Warner Cable (TWC), whose first transparency report shows that it processed around 12,000 government requests in 2013.

  17. Middle East Malware Rates Five Times Worldwide Average

    At the RSA conference 2014 in San Francisco, Tim Rains, director of Trustworthy Computing at Microsoft, spoke to Infosecurity editor Eleanor Dallaway about the security threat landscape in the Middle East.

  18. Zorenium Bot: Heading to an iPhone Near You?

    A new bot with the name Zorenium has landed in the criminal underground, with the ability to target Apple iOS devices like iPhone and iPad. It's not widely known, nor is it widely detectable.

  19. California's DMV Investigates Card Processing Breach

    When Brian Krebs learned of a private MasterCard warning being circulated to banks, he challenged the DMV – and only then did it issue a public statement that it was indeed investigating a potential security issue.

  20. ISACA Launches Digital Badges for Credential Verification

    ISACA is taking steps against fraudulent security credentialing with the introduction of digital badges for individuals who have completed one of the group’s training processes.

Why Not Watch?

  1. Audit & Compliance in the Era of AI and Emerging Technology

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

What’s Hot on Infosecurity Magazine?