Infosecurity News
Android spambot, blended threats top mobile spam threats in 2013
Mobile users are increasingly likely to be spammed. New research has revealed there were more than 350,000 unique unsolicited mobile spam variants in 2012, with the highest churn rate in December with more than 53,000 unique variants alone.
RSA 2013: CSA provides legal resources for cloud computing; issues list of top threats
The Cloud Security Alliance has announced several initiatives at this week’s RSA Conference in San Francisco that range from privacy issues, legal information, and major threats relevant to the cloud security landscape.
New emergency bug fixes for Adobe Flash
Adobe has released a new emergency out-of-band patch for Flash – the third Flash update this month and the fourth this year – fixing two vulnerabilities currently being exploited against Firefox, and a third vulnerability that could potentially be exploited.
RSA 2013: The grey area of active defense – live manipulation of Kelihos
A live demonstration of active defense at RSA this week highlights the current debate on just how active (for which read ‘offensive’) companies can be in defending their networks. Laws to prevent hacking may also protect the hackers.
RSA 2013: Interview with security evangelist Stephen Cobb
Infosecurity Editor, Eleanor Dallaway, spent a fascinating 45 minutes picking the brain of ESET security evangelist, Stephen Cobb at RSA in San Francisco.
RSA 2013: Compliance Equals False Sense of Security, Says Vormetric
Compliance is responsible for a false sense of security, Alan Kessler, President & CEO, Vormetric, told Infosecurity at the RSA Conference in San Francisco, February 26 2013.
RSA 2013: Aadhaar, the Indian Electronic Identity Scheme, will change lives, says RSA keynote presenter
During the keynote sessions at the RSA conference in San Francisco today, Srikanth Nadhamuni, Head of Technology at UID Authority of India and CEO at Khosla Labs, presented Aadhaar, the identity scheme in India.
Technology moves to make cloud synchronization / storage secure
One of the most worrying security concerns to come out of the growth of cloud computing and BYOD has been the extensive adoption of third-party file synchronization services, typified by Dropbox and Box, but also including other cloud services such as Drive and SkyDrive.
Big data analytics for anomaly detection in security
Big data analytics first evolved for use in marketing: by understanding the relationships between customers and actions, better marketing can be developed. Now the practice is being applied to security: by understanding the relationship between network anomalies and events, better security will evolve.
NBC hack serves Citadel malware to visitors
NBC has become the latest high-profile target for a cyber-attack, with its website, NBC.com, becoming compromised by the Citadel financial malware kit long enough to start serving malware to visitors before being corrected.
Latest (ISC)2 Workforce Study Shows Lack of Skilled Infosec Professionals and Developers
The problem is that not enough skilled people actually get into the profession; and all too often security is deemed to be separate from software development. These are the key findings of the sixth and latest study among the existing global security workforce conducted by (ISC)2, Booz Allen Hamilton and Frost and Sullivan.
A hacker's dream: two-thirds of SharePoint users have no security policy
Even though Microsoft SharePoint is widely deployed throughout enterprises and SMBs as a collaboration platform, a shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application.
New e-shop hawks stolen PayPal accounts
Hacked PayPal credentials are up for sale in the cybercriminal underworld, arranged in a fast and convenient “e-shop” format.
The car of the future will be recording everything you do
A very public row between the New York Times motor correspondent John Broder and Tesla Motors is entertaining motor enthusiasts and worrying privacy advocates. The NYT delivered a negative review, but Tesla had logged every part of the test drive.
Educause hit with server-side data breach
Educause, a non-profit community for IT professionals focused on the higher education vertical, is warning that a data breach has affected its 1,800 college and 300 corporate members.
Security firm accuses Chinese military of involvement in worldwide hacking
Mandiant, a security firm with a close relationship with both US and UK governments (one of the five companies in GCHQ’s new Cyber Incident Response scheme) has made the clearest statement yet: the Chinese military is behind the hacking team known as APT1 (aka ‘Comment Crew’).
French data privacy regulator plans to take on Google
France’s National Commission for Computing and Civil Liberties (CNIL) has warned Google that its response to earlier demands over its privacy policy are inadequate, and that an action plan against Google would be discussed by the Article 29 Working Party of EU national regulators on February 26.
We can’t block YouTube, Egypt’s telecomms authority tells the court
On February 9, Egypt’s Judge Hassouna Tawfiq ordered that YouTube be temporarily banned in Egypt for 30 days following Google’s refusal to remove the Innocence of Muslims video from YouTube.
What will the future of enterprise security look like?
With the year 2020 approaching, join our panel of experts who will examine what near-term advances in information technology may hold, and how enterprises can get ahead of the security curve in anticipation
Facebook is the latest media company to admit it was hacked
On Friday Facebook admitted to being just another hacked media company, joining the New York Times, Washington Post, Wall Street Journal and Twitter in admitting a recent breach – although Facebook claims that no user data was lost.
