Infosecurity News

  1. Most small businesses don't understand mobile security threats

    New research into eight critical security threats on mobile devices found the majority of small to medium enterprises (SMEs) are either unaware of or defenseless against the threats posed to their networks by mobile devices and BYOD.

  2. The HangOver Campaign - more on Indian hackers targeting Pakistan

    A few days ago details of a long-standing and wide-ranging attack primarily against Pakistan and apparently emanating from India were released. Now it appears it was just the tip of an iceberg.

  3. Queen's Speech and user identification through IP addresses

    The reason for Her Majesty's government to bring forward proposals viz-a-viz "the problem of matching Internet Protocol addresses" (Queen's Speech 2013) may have as much to do with BT's current plans as with the stalled Communications Data Bill.

  4. Mandiant: Chinese espionage hackers are back

    The group of Chinese cyber-espionage hackers reportedly operating as an arm of the People’s Liberation Army is allegedly back at it, attacking a range of US enterprise and government targets to steal everything from technology blueprints to business plans to manufacturing information.

  5. Password strength meters inspire better choices – but only for sensitive accounts

    Password strength meters that offer web surfers a visual gauge of how weak or strong a chosen lock may be are increasingly present on websites – but how effective are they at getting folks to choose stronger options? When it comes to locking down sensitive data, meters had an impact, suggesting that they act as important reminders for users about what’s at stake.

  6. Snapchat's woes escalate with complaint to FTC

    First it was shown that Snapchat photos and videos on Android are not deleted, merely hidden; then a YouTube video shows how to locate Snapchat videos on iOS; and now a complaint alleging deceptive business practices has been filed with the FTC.

  7. UK customers charged twice with contactless payment cards

    Marks and Spencer, Pret a Manger and Transport for London customers have all reported automatic payment deductions from contactless payment cards while they were making payment by other means, renewing long-standing concerns over the security of contactless payment cards.

  8. 22 million user IDs may have been stolen from Yahoo Japan

    Yahoo Japan, 35.5% owned by Japan’s mobile phone operator SoftBank and 34.7% owned by Yahoo Inc, announced Friday that it may have lost 22 million user IDs from its total of around 200 million.

  9. The APPS Act – a proposal to protect users’ mobile privacy

    Rep. Hank Johnson, D-Ga, has introduced the bipartisan Application Privacy, Protection and Security (APPS) Act of 2013 (H.R. 1913). Its purpose is to require app developers to maintain privacy policies, obtain consent from consumers before collecting data, and securely maintain the data they collect.

  10. Indian malware campaign targeting Pakistan uncovered

    A leading anti-malware company has uncovered a wide-ranging malware campaign that appears to originate in India and seems primarily to target Pakistan with data-stealing malware.

  11. New Mac malware discovered live on stage

    Proving that not all demonstrations are staged, a previously unknown Mac backdoor was discovered during a live presentation at the Oslo Freedom Forum earlier this week.

  12. DHS: Critical infrastructure threats up 68% in 2012

    Critical infrastructure threats are up significantly according to US officials – a worrying state of affairs that spans a wide range of threat vectors and potential participants.

  13. Did Stuxnet help rather than hinder Iran’s nuclear program?

    Stuxnet is often cited as history’s first true cyber weapon. By common consensus it was developed and used by the US and Israel to successfully disrupt Iran’s nuclear program – but a new report questions its success.

  14. CISO: Chief Infosec Scapegoat Officer

    CISOs are often the first victim following a major security breach. Given the prevalence of such breaches, the average tenure of a CISO is now just 18 months; and this is likely to worsen if corporate security doesn’t improve.

  15. Enhanced and advanced Pushdo botnet is back

    Pushdo, one of the more enduring and resilient botnets, has already survived four takedowns in five years. Now a new variant with new evasion techniques has been detected.

  16. Twitter Uses Automation to Improve Security

    The Twitter product security team are improving the security of their code by adopting more security automation.

  17. LulzSec 'pirates' plead guilty to hacking

    Four LulzSec members who claim to be "latter-day pirates" have plead guilty to hacking charges and compromising millions of people's information.

  18. Game-changer: Android malware moves beyond apps

    Android malware authors have officially turned the complexity corner, according to an analysis of mobile malware for the first quarter of 2013. The size and scope of the Android threatscape is evolving, adding new tactics and advanced approaches that extend beyond malicious applications.

  19. Why is Microsoft reading users’ Skype messages?

    Heise Security published a suggestion that Microsoft is reading users’ Skype messages, but Microsoft maintains automated scanning is used to identify suspected spam and phishing links.

  20. More than 13,000 visitors attended Infosecurity Europe 2013

    Infosecurity Europe has released basic figures on last month’s eighteenth annual exhibition and conference: pre-ABC audit figures show a 6% increase in visitors over 2012 to 13,200, with more than 70 new exhibitors.

Why Not Watch?

  1. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

What’s Hot on Infosecurity Magazine?