Infosecurity News

  1. A look at the Russian underground cyber market

    “The Russian shadow economy is an economy of scale, one that is service oriented and that has become a kleptocracy wherein crony capitalism has obtained a new lease on life in cyberspace,” says a new report into the cybercriminal Russian underground.

  2. The cyberwar of words and malware between US/Israel and Iran

    The cyberwar between the US/Israel and Iran is one of words as well as computer code. It is widely thought that Iranian hackers are behind the recent spate of attacks against US banks, and that the DDoS attack against HSBC was a specific Iranian hacker response to the anti-Islam film, the 'Innocence of Muslims'.

  3. This is a far, far weirder thing than Sony has ever done

    Last week it emerged that the William Faulkner estate was suing Sony over the distribution of the Woody Allen movie, ‘Midnight in Paris.’ On the very next day it launched a second suit against Northrop Grumman and the Washington Post.

  4. Hacker Halted: Government Needs to Embrace Bug Bounty Incentive

    We have nothing to lose by offering bug bounty rewards, Jeremiah Grossman, Founder and CTO of WhiteHat Security told the audience at Hacker Halted in Miami, 29th October 2012.

  5. Problems at a cyber security conference highlight the difficulties in information sharing

    The 12th ICS Cyber Security Conference was held Oct 22-25 at the Old Dominion University's Virginia Modeling Analysis and Simulation Center – but did not quite go to plan...

  6. Anonymous hacks Greek Ministry of Finance

    As public demonstrations against austerity measures grow in Greece, and support for far-right organizations such as the Golden Dawn increases, Anonymous hacks into the Ministry of Finance and releases confidential documents just days before the government is due to vote on further cuts.

  7. Hacker Halted: Forget About Securing Devices and Secure the Data

    Opening the Hacker Halted conference in Miami, Florida, 29th October 2012, Jav Bavisi, president and CEO of the EC-Council, told the audience that the post-PC era of computing requires a fundamental shift in the security industry’s tactics.

  8. NullCrew continues its hacking spree with a new international operation

    NullCrew is a hacking team that bears some similarities to the defunct LulzSec: it has sympathy with Anonymous, but is separate from Anonymous. It does, however, operate with none of the taunting flamboyance that probably led to the downfall of LulzSec.

  9. 3.6 million social security numbers and 387,000 card numbers stolen

    Taxpayers in South Carolina have been told of a security breach involving the theft of millions of social security numbers and hundreds of thousands of debit and credit card numbers. None of the SSNs were encrypted and 16,000 of the bank cards were similarly unencrypted.

  10. DDoS and SQL injection are the most popular attack subjects

    An analysis of conversations in one of the largest known hacker forums – with around 250,000 members – has revealed that SQL-injection and DDoS are the subjects of most interest to up-and-coming wannabe hackers.

  11. The Future of Hacktivism: Why Unemployment Will Increase Hacktivist Activity

    Research on the similarities between hacktivist groups like Anonymous and real-world protest groups and the future of hacktivism has been carried out by Czech Technical University in Prague.

  12. Stoke-on-Trent gets £120K fine for second data encryption offense

    The ICO has hit the Stoke-on-Trent City Council with a hefty £120,000 fine for failing to use basic encryption on email messages, and for sending a message about a child protection case to the wrong person.

  13. Government official advises users to use a false name online

    There’s a row brewing in the UK after a senior security official at the Cabinet Office advises users to provide false personal information to websites such as Facebook. Opposition MPs and Facebook are not amused.

  14. Unprotected backdoor into industrial control systems

    A software tool that is used to program the programmable logic controllers (PLCs) used in much of the critical infrastructure contains an unprotected backdoor that could be used by hackers to access any such device that has an internet connection.

  15. Jesus and Ninja show up in most-hacked passwords list

    Apparently, quite a few people feel that “Jesus” can save them from online account breaches –but the popular Spanish men’s name and savior in the Christian tradition performs no miracles as a password, coming in at 21 in a list of the top 25 most-hacked passwords of 2012.

  16. Jester’s warbag: be careful of what you do on the internet

    Jester (th3j35t3r) describes himself as a patriotic cyber activist. He spends his time trying to find and take down what he considers to be enemies of the USA, ranging from Wikileaks and Anonymous to militant Islamic websites.

  17. Former Sky insider found guilty of misusing company information

    “Sky succeeds in its claims against Mr Freeman, Mr Sullivan and Mr Marrow and also against Mr Lee,” ruled High Court judge Sir William Blackburne, finding that Mr Lee had misused confidential Sky customer data.

  18. Insiders exploiting privileged accounts likely behind Saudi Aramco attack

    With the recent attack on Saudi oil giant Aramco being credited to Iran by the US government, a new report suggests that it may have been an inside job.

  19. With an eye to piracy, Microsoft will not sell physical copies of Windows 8 in China

    In an effort to combat software piracy and the related malware vectors that it presents, Microsoft will not sell Windows 8 as a physical boxed product in China.

  20. Barnes and Noble hacked

    Barnes and Noble has revealed a data breach involving PIN pads in its 63 stores. It appears that only one pad was affected in each of the stores, but all have now been disconnected for forensic examination.

Why Not Watch?

  1. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  2. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. OT Security Ecosystem for Targeted Risk Reduction and Reporting

What’s Hot on Infosecurity Magazine?