Infosecurity News

  1. LockLizard Expands Document DRM Market to Android Devices

    LockLizard, a London-based provider of PDF document digital rights management (DRM) controls, is in the final stages of delivering a DRM secured viewer for the Android device marketplace.

  2. CryptoLocker: The Ransomware There's No Coming Back From

    A ransomware threat known as CryptoLocker is making the rounds, scrambling files in the process. And once it’s triggered, there is no way to recover them.

  3. Google Chrome Opens Up Personal Information to Hackers

    Google Chrome has been shown to have a major security flaw: any consumer who has ever typed in personal information while using the Google Chrome browser, be it for e-commerce or to sign up for newsletters, should be aware that this information is saved to their hard drives, unencrypted.

  4. Public WiFi Hotspots Ripe for MITM Attacks

    Ah, the public hotspot: oases of connectivity in airports, coffee shops, bookstores, town centers and at chains that range from Starbucks to Barnes & Noble to McDonalds.

  5. Nordstrom Hit By Card Skimmer Scam

    The retail sector often faces unique security challenges, not the least of which are the point of sale (PoS) terminals and cash registers that offer a convenient repository from which to lift credit and debit card numbers. Hackers can make use of connected PoS terminals to get in virtually, or can compromise physical security to get ahold of the information they want.

  6. Blue-chip Hacking List Scandal Grinds On

    The blue-chip list is a list of around 100 major firms and a few celebrities that employed four disgraced – and imprisoned – private investigators. The 'scandal' is that SOCA sat on the list without ever revealing its content, and possibly without adequately investigating the PI clients concerned.

  7. Google Offer OSS Patch Bounty to Fixers

    More and more software companies – including Google – have started to offer bug bounties to independent security researchers who find and responsibly disclose software flaws. Now Google will offer a bounty to OSS developers who also fix them.

  8. vBulletin Exploit Makes the CMS Rounds

    vBulletin, one of the most popular content management systems (CMS) on the web and the engine behind many a discussion forum, is the target of a new exploit making its way into the wild.

  9. SSL Forward Secrecy Now Included in SSL Pulse Reports

    SSL has long been used to provide security in communications; and Ivan Ristic, director of engineering at Qualys has long been an enthusiast. Last year, with the Trustworthy Internet Movement, he was instrumental in establishing SSL Pulse, "a continuous and global dashboard for monitoring the quality of SSL support across the top one million web sites."

  10. WhatsApp, Avira, and AVG not Hacked, Just Hijacked

    Reports emerged over the last few days that numerous big-name organizations such as WhatsApp, AVG, Alexa and Avira, had been hacked by the pro-Palestine group KDMS. In fact they had not been hacked, merely hijacked in a series of DNS redirection attacks against Network Solutions.

  11. Eight Silk Road-related Arrests Made Worldwide – Four in the UK

    Just hours after the FBI arrested Dread Pirate Roberts, alleged operator of the Silk Road, the UK's new NCA arrested four Brits on related drug charges. Two further arrests were made in the US, and two in Sweden.

  12. NIST, Cyberdefense is Shut Down in the Shutdown

    The National Zoo’s Panda Cam, the World War II memorial, vast swaths of FEMA and food stamps are all casualties of the US government’s ongoing shutdown in the wake of Congress failing to approve funding for government operations. Cybersecurity isn’t escaping the furloughs either, leaving some to postulate that the US is essentially asleep at the switch right now – and eminently vulnerable.

  13. Author of Blackhole Exploit Kit Allegedly Arrested in Russia

    A security researcher tweeted yesterday, "Blackhole exploit kit author 'Paunch' and his partners arrested in Russia." There is no further corroboration, and nothing yet from the Russian authorities; but some circumstantial evidence suggests it may be true.

  14. UK Lauches Its Own FBI: The NCA

    The UK's latest attempt to launch a national police police force as elite and feared as the FBI came into being Monday. Its purpose, says home secretary Theresa May, is "the relentless disruption of organised criminals."

  15. EU's Data Protection One-Stop-Shop Inches Forward

    Current European data protection laws require that multinationals abide by the national data protection law in each country in which they operate. This is burdensome. To ease this burden, the proposed General Data Protection Regulation includes a one-stop-shop principle. But this is proving problematic.

  16. Skorpion Charger Hopes to Take the Sting Out of Android Malware

    Wireless hardware specialist Belkin and Kaprica are tackling Android security with a mobile malware detection scheme that is as simple as plugging in a handset to charge. The Skorpion USB charger is designed to perform a deep scan of a connected device on a set schedule.

  17. PureVPN WAS Hacked, But is NOT Closing

    Ever since the extent of government surveillance of the internet became known through the Snowden leaks, public and commercial interest in virtual private networks (VPNs) to both bypass internet blockades and provide user privacy has escalated.

  18. How Does Law Enforcement 'Subvert' Tor?

    Last summer an FOI request showed that the FBI had abandoned an investigation into TSChan, allegedly a child pornography site on the Darknet, since "because everyone... connected to the TOR Network is anonymous, there is not currently a way to trace the origin of the website. As such no other investigative leads exist."

  19. Google: Android Malware Threat is Vastly Exaggerated

    Legions of vendor reports have highlighted the sheer pervasiveness of Android malware: that there are now 1 million samples in the wild; and that 99% of all mobile malware is Android-related. Google however says that the actual threat has been vastly overblown, and that most malware is caught in its multi-layered defense strategy before users ever install it.

  20. Adobe Hacked – Customers' Card Details and Adobe Source Code Stolen

    Adobe has been hacked. Source code for numerous Adobe products including Acrobat and ColdFusion has been stolen. Customer IDs and passwords have been accessed; and card details for 2.9 million customers stolen.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?