Infosecurity News

  1. Twitter ordered by France to reveal anti-semitic tweeters

    A French court yesterday ruled that Twitter must reveal the identities of users who post racist and anti-Semitic comments following demands from the Union of Jewish Students of France (UEJF).

  2. Senate Democrats introduce 2013 Cybersecurity Act

    After a US presidential election season that saw cybersecurity policy come front and center in debates and as planks in political platforms, the US Senate Committee on Commerce said this week that it is reviving the debate surrounding the passage of a comprehensive cybersecurity bill with a new proposal.

  3. Eastern European CERTs stage massive Virut botnet takedown

    A large Eastern European botnet has been thwarted in Poland and Russia – for now. Local Computer Emergency Response Teams (CERTs) and partners have shut down the Virut threat, which in Poland alone commanded more than 890,000 unique IP addresses.

  4. ICO fines Sony £250,000 for loss of personal data in 2011

    In a monetary penalty notice dated 14 January but announced today, the Information Commissioner’s Office has fined Sony Computer Entertainment Europe Ltd £250,000 for a serious breach of the UK's Data Protection Act.

  5. SCADA password-cracker targets Siemens gear

    SCADA vulnerabilities are once again making their frightening selves known with the revelation that a new password-cracker is specifically targeting industrial control systems.

  6. Cybersecurity faces mostly 'post-PC' threats

    Even as the existing cybersecurity threat landscape becomes more complex, IT departments should be looking to the next wrinkle: cybercriminals have moved beyond the PC, targeting Android, social media and the Mac OS X with new attacks.

  7. New features available for GoAnywhere file transfer services

    Linoma Software, the managed file transfer and data encryption specialist, has announced new clustering and load balancing capabilities for its GoAnywhere Services version 3.1 offering.

  8. Why did WikiLeaks dox Swartz?

    In a brief series of tweets, WikiLeaks seems to have named Aaron Swartz as a WikiLeaks contributor; but the motivation for the move remains unclear.

  9. Mega’s security put under the microscope; and Mega responds

    Following the razzmatazz at the launch of Dotcom’s new secure Mega file storage service over the weekend comes the expected analysis and criticism of its security. There are two primary areas of focus – the RSA key generation and an apparent deduplication process.

  10. Red Dot – a new exploit kit for hire

    A new exploit kit dubbed Red Dot is being offered for hire on the internet underground at $700 for 6 months, or $1200 for a full year (although the vendor retains ‘the right to change the price of the product at any time’).

  11. Canadian student threatened, expelled and then hired

    The solution to bad publicity is to own it, not inflate it. That’s what SkyTech has done with the Canadian student who found flaws in its software: first he was threatened and expelled, but now he’s been offered a scholarship and part-time job.

  12. Foxit fixes PDF reader security vulnerability

    Foxit has released a new version of its PDF viewer, Reader 5.4.5, which fixes a web browser plugin vulnerability that would allow attackers to execute arbitrary code.

  13. Cyber risk is not translating into boardroom discussion

    Responsibility for cyber risk starts and stops with the board, says GCHQ; cyber attack is the most likely technology risk incident says the World Economic Forum; but the board isn’t taking it seriously, suggests Trustwave.

  14. PCI Council announces new board seats, working groups and Asia-Pac event

    The PCI Security Standards Council (PCI SSC) is tapping the payments community to participate in the 2013–2015 Board of Advisors election process, fresh PCI Special Interest Groups (SIG) and the 2013 PCI Community Meetings.

  15. FAKEM RATs disguise their network traffic as legitimate

    While well known remote access trojans such as Gh0st, PoisonIvy, Hupigon, and DRAT produce network traffic that is easily detectable, a new family of malware dubbed FAKEM seeks to disguise its presence by making the traffic look like a legitimate protocol.

  16. Spam campaign makes offerings to Zeus

    The widespread banking trojan/botnet known as Zeus is continuing to throw its malware-infested thunderbolts at unsuspecting users, this time through a wide-net spam campaign.

  17. Shylock malware dials up Skype

    The banking trojan known as Shylock is calling up more victims, thanks to a new propagation tactic of using Skype. It’s also added a few new features to worsen the infection.

  18. Credit card-stealing malware infests nearly 100 Zaxby's chicken restaurants

    Hackers have already been shown to have a taste for Subway, but they apparently have a hankering for fried chicken too. A new criminal attack has potentially compromised credit card data at almost 100 locations of Zaxby’s, a Southern, chicken-centric restaurant chain in the US.

  19. Red October analysis reveals complex, two-stage attack

    In the wake of the discovery of Red October, a complex, in-depth cyber-espionage campaign going back at least five years, security researchers have published a comprehensive analysis of the breadth and depth of the operation, uncovering a two-pronged attack methodology.

  20. Anonymous Mexico hits defense ministry in support of Zapatistas

    South-of-the-border members of the hacktivist collective Anonymous have claimed responsibility for a cyber attack on the Mexican defense ministry that brought down its website temporarily this week.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?