Infosecurity News

  1. Patch Tuesday Preview: March 2014

    This month's Patch Tuesday is light, containing just five bulletins. Two are marked critical and three are marked important. One of the critical bulletins addresses Internet Explorer, and is believed to include a fix for the zero-day vulnerability highlighted by FireEye last month. Three fixes require a computer restart; so although light, it will still be a disruptive Patch Tuesday.

  2. Worms and Wildly Insecure Software: The Untold Story of Microsoft Cybersecurity in the Early 2000s

    It was post-dot-com bubble and post-Worldcom implosion, and the so-called “telecom winter” was dragging on. In the early 2000s, the communications industry had, in a word, been economically decapitated, and companies were struggling to find a new path to innovation and technology enablement that left old-world ideas behind. Against this backdrop the first tendrils of the web 2.0 economy began to flourish – and with it, came cyber-risks that had never been seen before.

  3. Malvertising Overtakes Porn as Top Mobile Malware Threat

    As the adoption of mobile devices continues to grow rapidly and businesses increasingly provide on-the-go access to corporate assets, the mobile malware landscape is evolving to take advantage of mainstream user behavior. In a sign of the times, web ads directing users to malicious sites have eclipsed pornography as the leading source of mobile malware encounters.

  4. Survey Proves Effectiveness of Anti-virus

    One of the leading anti-virus test labs, AV Comparatives, has published its fourth annual survey of users.Five thousand eight hundred and forty five users from all around the world responded to the survey, giving a snapshot of browsers, operating systems, and AV products currently being used.

  5. Malwarebytes Moves to Block Android PUPs

    Anti-virus firm Malwarebytes has announced that it will now defend Android users against pups, or 'potentially unwanted programs.' "The research team at Malwarebytes has noticed an increasing number of Android PUPs and, as from today, the new version of Anti-Malware Mobile will give people an option to automatically detect and block these," says the announcement.

  6. American Career Aspirations Do Not Include Cybersecurity

    The worldwide cybersecurity skills shortage is well-documented; and many countries have developed programs to fill the gap. These programs usually try to instill interest in schools, or tempt IT professionals into a career in security.

  7. Sold-out Tickets to the World Cup, Beyoncé and More! For a Malware Price

    There are a number of big artists touring this year, such as Beyoncé, Justin Timberlake and One Direction, and it’s also drawing closer and closer to the 2014 FIFA World Cup in Brazil. Given the marquee nature of the events, people need to be careful when searching the web for tickets to sold-out events.

  8. Cross-platform JRAT Targets UK and UAE Individuals

    A new spam campaign delivering a Java remote access trojan (RAT) known as JRAT has been uncovered, with the emails claiming to have attached a payment certificate to the message. The campaign has predominantly affected the UAE and the UK to date and appears to be after specific victims.

  9. Peeling the Onion – Tor's Criminal Content Revealed

    Tor was developed to provide internet anonymity to those who need it. But with the Snowden surveillance revelations came an increased interest in and demand for such anonymity – and not surprisingly that includes the criminal element. Malware C&C servers are hosted, illicit trading organizations homed, services hidden and money laundered; all within Tor.

  10. Zeus Trojan Gets Persistent with New Rootkit

    The Zeus banking trojan and botnet has had a number of iterations over the years, particularly since the source code was leaked online.

  11. Less than Half of RSA Conference Attendees Think NSA Surveillance is Wrong

    Even though Edward Snowden’s revelations about NSA mass surveillance programs have dominated headlines since last year and sparked an ongoing trend toward “transparency” on the part of the tech giants, it turns out that infosecurity professionals aren’t quite as concerned as the general public or some politicians.

  12. Neutrino Exploit Kit Up For Sale

    The (Russian) Neutrino exploit kit was first described by the French researcher Kafeine (Malware don't need Coffee) almost exactly one year ago. "A new exploit kit is being advertised since yesterday on underground forum : Neutrino," he announced. Now it is for sale.

  13. Cymru Discovers 300,000 Compromised Home Routers

    Team Cymru, a US security research firm based in Illinois has been investigating a SOHO router pharming campaign since January. So far it has identified 300,000 compromised devices, predominantly in Europe and Asia, with evidence that the campaign started at least in December 2013.

  14. TrustyCon 2014: NSA Surveillance “a benign enemy”, says Bruce Schneier

    Reuters Technology reporter Joseph Menn interviewed security expert Bruce Schneier in front of last week’s TrustyCon audience in San Francisco, where the security expert provided his analysis of the government surveillance controversy

  15. Ask.fm Social Network for Teens Launches Safety Centre

    As teens and tweens increasingly live their lives digitally and in an oversharing-friendly way, online safety has become a hot topic for concerned parents. Typically it’s seen as the families’ responsibility for monitoring their children’s internet and mobile use, but purveyors of social sites are beginning to get involved as well.

  16. Hackers Replace 'Russian' with 'Nazi' on Russia Today

    Russia Today (RT) tweeted Sunday, "Hackers deface http://RT.com website, crack admin access, place 'Nazi' in every headline. Back to normal now." Although the hackers are not known, it could be in retaliation for the increasing number of reports describing the pro-West Kiev government as 'neo-Nazi.'

  17. Is Sears a Victim of Retail Hacking, or Retail Hacking Hysteria?

    Bloomberg reported Saturday that US retail giant Sears "is investigating a possible security breach after a series of cyberattacks on other retailers have exposed the data of millions of consumers." Sears is apparently being aided in this investigation by both Verizon's digital forensics unit and the US Secret Service.

  18. SANS Announces 2014 EMEA Schedule

    The SANS Institute has released its latest training and events schedule for 2014 in the Europe, Middle East and Asia regions

  19. Is Uroburos the First Known Russian Cyberweapon?

    At a time of heightened tension between Russia and the West over Ukraine, a German security firm describes a sophisticated rootkit that it suggests may have been developed by Russian intelligence services. Named after a string found in the code, Ur0bUr()sGotyOu#, the Uroburos malware is thought to target governments, research institutes and major corporations.

  20. Revenge Porn: One Win (Texas), One Fail (New York)

    According to documents from Edward Snowden, more than 7% of Yahoo chat users send intimate photos taken via webcam. This is known because GCHQ stopped to count them from among their intercepts. But the concept and practice of 'revenge porn' should make people pause and carefully consider the possible consequences before they hit the send button.

Why Not Watch?

  1. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  2. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  3. Modernizing GRC: From Checkbox to Strategic Advantage

  4. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

What’s Hot on Infosecurity Magazine?