Infosecurity News

  1. ISACA Releases COBIT 5 Guide for Managing Vendor-based Security Risks

    As enterprises increasingly rely on cloud service providers and other third-party vendors to provide fundamental services, the related security risk becomes more significant. Global IT association ISACA has released a new guide applying the COBIT 5 business framework for the governance and management of enterprise IT to help enterprises effectively manage vendors.

  2. KPMG: Every FTSE 350 Firm is a UK National Security Threat

    The companies on the London Stock Exchange pose a serious risk to the UK’s national security, according to KPMG, which found that all FTSE 350 firms are leaking data that can be used by a range of cyber attackers, including state-sponsored cyber-spies.

  3. ICO Says Police License Plate Monitoring Must Stop

    One week ago the ACLU revealed widespread US police license plate monitoring and complained of too few rules to prevent abuse. Yesterday the ICO used the UK's data protection law to tell UK police to stop doing similar.

  4. Mobile and Home Networking Malware Creep On

    One would have to be living under a rock, or using two cans and a piece of string to communicate, not to be aware that mobile and WiFi security threats are escalating as wireless networking penetration rises. The latest numbers reveal that in the second quarter of 2013, a full 10% of home networks and more than 0.5% of mobile networks were infected with malware.

  5. NIST Tweaks Digital Signature Standard

    The US National Institute of Standards and Technology (NIST) has released a revision to the digital signature standard used to ensure the integrity of electronic documents, as well as the identity of the signer.

  6. Oxford Expands its Cybersecurity Education

    The University of Oxford is poised to broaden its cybersecurity education offerings, with advanced degree training beginning this autumn.

  7. Move Over Zeus: KINS Banking Trojan Looks to Be the Next Great Financial Crimeware

    A new professional-grade banking trojan is stepping into the cybercrime vacuum left by Zeus and Citadel – and looks to be as effective as those notorious kings of crimeware have been at draining people’s bank accounts.

  8. Calling All IT Security Professionals: How to Stay Secure at BlackHat and DEFCON

    Hacker conferences, like Black Hat and DEFCON, are notorious for highlighting the security missteps of attendees. Before the show, which takes place in Las Vegas next week, IT security professionals should take every security precaution to prevent being hacked.

  9. Lakeland Kitchenware Hacked with Java 0-Day

    The Lakeland kitchenware online store has emailed its customers with a warning that two of its databases were breached by hackers late last week, and that it was resetting all customer passwords.

  10. iOS and Android VoIP Service Viber Hacked by Syrian Electronic Army

    The pro-Assad hacking group Syrian Electronic Army (SEA) yesterday defaced the Viber subdomain support.viber.com and pasted a screenshot of user information supposedly taken from a breached database.

  11. Global Cybercrime, Espionage Costs $100–$500 Billion Per Year

    Cyber-crime and espionage is clearly a costly scourge for businesses and governments, factoring in data theft, clean-up costs, brand damage, customer losses, and so on. In total, the range for cybercrime loss to the global economy is between $100 billion and $500 billion, according to McAfee.

  12. UAE Fends Off Cyber-Attacks Originating in Egypt

    The United Arab Emirates has successfully fought off a series of cyber-attacks that it was able to trace back to Egypt.

  13. Report: China Uses Taiwan as Test-Bed for US Cyber-Espionage Attacks

    Disputed ex-Chinese province Taiwan is reportedly playing a big role in the global cyberwar. Security experts say the island is a proving ground for Chinese hacker-spies, who attack its IT infrastructure on a regular basis with hundreds of attempts per month, before deploying those tactics to other countries like the US.

  14. Web Applications Attacked 26 Times Per Minute

    A new web application attack report reveals that retailers suffer twice as many SQL injection attacks as other industries, and that one website received 94,000 attack requests in 24 hours – or 26 attack requests per minute.

  15. Cameron on Internet Porn: Global Alliance to "Stamp Out Vile Images"

    Prime Minister David Cameron's expected statement on internet porn was duly delivered yesterday, and led to immediate accusations of being confused, unworkable, and the beginning of online censorship.

  16. Royal Baby: Exclusive Pics! – Don't Fall for It

    When Kate Middleton, the Duchess of Cambridge, went into labor with the child who recently became third in line for the throne of England, the event immediately had millions of royal-watchers riveted – and, apparently, plenty of spammers ready to leverage the vast amount of public interest in everything from the sex of the baby to “secret pictures” of the new arrival.

  17. SIM Cards Cracked; Hundreds of Millions of Phones Vulnerable

    The SIM card – long considered the uncrackable heart of the mobile phone – can finally be rooted. Details will be presented by a German researcher at Black Hat on 31 July. Meanwhile estimates put the number of vulnerable phones at either 500 million or 750 million.

  18. Ubuntu Forum Hacked; 1.8 Million Accounts Compromised

    On Saturday, Canonical – which looks after the Ubuntu Linux user forum – received reports of a site defacement. Within four minutes it had taken the Ubuntu Forums site off-line to investigate what turns out to be a major hack.

  19. Apple Developer Site Breached

    Two things happened last week: Apple developers began to receive unexpected password reset emails, and the Apple Developer center was shut down for maintenance. Everything pointed to a breach; but Apple said little.

  20. California Student Gets Jail Time for Rigging Campus Election with Keyloggers

    It’s a rite of passage for many college students to run for student government office – particularly if they have grander political aspirations. But some take it just a tad too seriously (think Tracy Flick in “Election”). Take, for instance, the case of a former Cal State San Marcos student who has been sentenced in federal court to a year in prison for using keylogging software to rig a campus election.

Why Not Watch?

  1. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?