Infosecurity News

  1. Infosecurity Europe 2013: Analysts scan the threat horizon

    Hacktivism and espionage are poised for growth, but cyberthreats will continue to follow the money.

  2. Infosecurity Europe 2013: Small firms in cybercriminals' sights

    More small firms are the victims of cyber attacks, and the cost of breaches is rising across the board, according to a PwC-BIS survey.

  3. IPS needs to become more aware of advanced evasion techniques

    Advanced evasion techniques (AETs) rarely receive the full publicity they deserve – possibly because it is a term originally coined by one manufacturer (Stonesoft) to describe how attackers defeat other security manufacturers.

  4. Infosecurity Europe 2013: Minister puts infosecurity at heart of UK growth strategy

    Chloe Smith, Minister for Political and Constitutional Reform, opens Infosecurity Europe 2013

  5. Twitter for news and malware: threats spreading through malicious tweets

    With 288 million active users, Twitter has proven itself over and over to be a fantastic tool for spreading information and acting as a news source, especially in times of crisis.

  6. Fresh Operation Beebus attack targets military drone technology

    Attack on the drones? A dozen organizations in aerospace, defense, telecom and government agencies located in the US and India are the target of an Operation Beebus campaign that goes back to at least as early as December of 2011.

  7. BAE Systems Detica Promotes Need for Security Data Analytics

    It has to be accepted that in some areas security simply isn’t working – or at least it’s not working well enough. Time and again it’s discovered that a major breach has occurred, followed by a subsequent revelation that the attackers have been on the network for months or even years.

  8. BadNews Android malware pushes fraud schemes

    A new mobile malware family, the appropriately named BadNews, has been found in 32 apps across four different developer accounts in Google Play. It masquerades as an advertising network, but in actuality pushes fraud-oriented malware and other “monetization” bugs.

  9. Many SOHO routers vulnerable

    A Baltimore-based security firm has evaluated thirteen mainstream routers used by consumers and small offices to connect to the internet, and found all of them vulnerable – 11 of them remotely.

  10. LulzSec hacker Kresinger gets a year in prison

    Cody Kresinger, who pleaded guilty in April 2012 to charges of conspiracy and unauthorized impairment of a protected computer – namely, Sony Pictures Entertainment – was yesterday sentenced to one year in prison and 1000 hours community service, and further ordered to pay $605,663 in restitution.

  11. Gozi is back – and worse than ever

    Hopes that the Gozi trojan had suffered a severe setback with the arrest of three gang leaders appear short-lived; Gozi remains and has been integrated into an MBR bootkit making it more dangerous than ever.

  12. Phishing campaign exploits Boston Marathon, Texas Fertilizer tragedies

    A combination phishing/iframe redirect/RedKit Exploit Kit/botnet attack is exploiting recent tragic events in Boston and Waco, Texas. The campaign infects machines with the Zeus and Kelihos bots, which steal financial and personal information, send unsolicited email or hijack the machine for use in distributed denial-of-service (DDoS) attacks.

  13. New security firm established to help combat APTs

    ThreatTrack Security, based in Clearwater, Florida, comprises experienced malware fighters and proven technologies for the analysis, detection and remediation of advanced cyber threats, including advanced persistent threats (APTs)

  14. Recycled phones retain their previous owners’ data

    Too many users are recycling their old phones without realising that data is left behind even after deletion or a factory reset. With employees now using their devices for both business and personal purposes, the result could be the inadvertent loss of confidential information.

  15. DDoS 'fire drill' service urges companies to be prepared

    We learn as children to practice what to do in the event of a disaster (fire, tornado, hurricane, earthquake, nuclear fallout). And when one lives in a high-risk area, preparedness and having plans are drilled into us, just like other societal norms like using a fork at dinner or putting trousers on one leg at a time.

  16. ENISA endorsed with a new 7 year EU mandate

    The European Network and Information Security Agency (ENISA) has received a new mandate from the European Parliament to continue and enhance its work: votes in favor, 626; against, 45; abstentions, 16.

  17. Linode web hosting hack used Adobe ColdFusion zero-day

    Web hosting provider Linode has been hit with a zero-day attack that compromised its database, including credit card numbers, parts of the source code and passwords. In a security notice the company said that it has instigated a full password reset for all accounts in the wake of the hit.

  18. Top Secret: secunet delivers sophisticated IT security solutions

    secunet Security Networks is one of Germany's leading providers of IT security services. Specializing in the protection of classified/sensitive information, the firm works closely with customers to develop and implement high-performance products and state-of-the-art IT security solutions.

  19. Mobile malware gets serious – RATs can bypass sandboxes and encryption

    Mobile remote access trojans are becoming increasingly sophisticated and increasingly successful – new research suggests that 1 in 1000 smartphones have mRATs installed.

  20. ICS-CERT reports two hacks on building management systems

    The latest issue of the ICS-CERT Monitor has described two similar hacks that happened last year where attackers used a weak credentials vulnerability to gain access to buildings’ energy management system (EMS), Tridium Niagara.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. OT Security Ecosystem for Targeted Risk Reduction and Reporting

What’s Hot on Infosecurity Magazine?