Infosecurity News

  1. Sony PS3 hacked again

    Sony’s policy of maintaining control over what software can run on its PS3 console has been undermined – some suggest permanently – by the release of the PS3 LVO decryption keys.

  2. Proposed new law will give Dutch police authority to hack foreign computers

    Yesterday, reporting an interview with Foreign Secretary William Hague, the Telegraph stated that the UK, “should be willing to engage in covert cyber attacks on enemy states.” The Netherlands is simultaneously proposing to allow its police to take the battle to foreign computers.

  3. Sony data breach lawsuit largely dismissed

    A class-action suit against Sony over a PlayStation Network data breach in April of 2011 has been largely dismissed, after months of consumer backlash and high-profile recriminations against the company.

  4. US considers preemptive action to prevent 'Cyber Pearl Harbor'

    Iran may have been the culprit behind the recent rash of cyber-attacks on oil and gas giants in the Middle East, said US Defense Secretary Leon Panetta, who recently warned that the US was facing the possibility of a “cyber-Pearl Harbor” as politically motivated hackers target the nation’s power grid, transportation systems, financial networks and government entities.

  5. ISSE 2012: Securing the OS and User Experience is Key to Securing Smartphones, Says BlackBerry

    Smartphones should be shipped with microkernel technology from the beginning and a sandbox for every application, Patrick Michaelis, senior product manager, BlackBerry Security, told the audience at ISSE 2012 in Brussels, 23rd October. “The technology is 25 years old but nobody is using it”, he said.

  6. Microsoft settles with Sabelnikov over the Kelihos botnet

    A short note on Andrey Sabelnikov’s Facebook page says simply, “Endless story is ended at last.” Sabelnikov is the Russian coder accused by Microsoft of being the man behind the Kelihos botnet. Sabelnikov denied this – and now the two sides have reached an agreement.

  7. Piers Morgan’s denial of phone hacking at The Mirror to be tested in court

    Just weeks before the Leveson Inquiry is expected to deliver a critical report on press ethics to prime minister David Cameron, a new lawsuit over alleged phone hacking is filed; this time against Trinity Mirror Group, including the time when Piers Morgan was editor.

  8. Japan & India strengthen cyber-security cooperation

    During a meeting to exchange views on regional and international security, including maritime, cyber and outer-space security, India and Japan have agreed to kick off the India-Japan Cyber Security Dialogue, starting with an early meeting in the coming months.

  9. Cross-zone scripting vulnerabilities found in Dropbox and Drive

    “Exploiting this vulnerability,” announced IBM’s Application Security Insider blog, “an attacker could steal arbitrary files from a DropBox / Google Drive user by tricking him into viewing a malicious HTML file inside the mobile app.”

  10. Passwords: young people are lax, rich people are careful

    A new survey on password attitudes shows a difference between age groups, income, marital status and more – providing intriguing data that might be as valuable to the sociologist as to the security industry.

  11. Pacemaker virus could lead to "mass murder"

    Hackers now have a new attack vector, but one with much more serious consequences than data theft or financial ruin: pacemakers and implantable cardioverter-defibrillators (ICDs).

  12. Top 5 UK SMS spam campaigns are finance-related

    When it comes to mobile spam, some campaigns are destined for the Hall of Fame, thanks to how widespread they’ve become. Taking a look at the contenders, mobile security firm AdaptiveMobile has ranked the top five SMS spam campaigns that have plagued UK mobile phone users in 2012—and they all revolve around finances.

  13. Multi-device, multi-vendor IT security departments lack automation, grow risk

    Unsurprisingly, complexity in network security environments, particularly multi-vendor environments, yields risk, according to a new survey. And yet, manual processes and a lack of consolidation across operations is still the norm even as IT departments add more and more vendors, devices and firewall rules. This creates a gap between the capacity of the IT staff to manage systems and the rate of their proliferation.

  14. Shining a light on zero-day attacks

    A new study by Symantec researchers seeks a better understanding of zero-day attacks – and finds them more, prevalent, longer-lasting and more dangerous than hitherto realised.

  15. ISO releases cyberspace-focused security standard

    The ISO has released a brand-new cyber-security standard aimed at ensuring the safety of online transactions and personal information exchanged over the internet, including e-commerce, online banking, virtual medical records, remote office applications and more.

  16. miniFlame emerges as small, highly targeted cyber-espionage tool

    Spyware families are propagating, with the latest identified spawn being miniFlame, a “small and highly flexible malicious program” suitable for targeted, in-depth cyber espionage operations, according to Kaspersky Lab.

  17. Facing a malware onslaught, Google plans scanner for mobile app market

    Google is plotting ways to implement a client-side solution to prevent rogue apps from being downloaded from Google Play, the Android application store, according to an analysis.

  18. UK government’s Facebook login proposals don’t hold water

    Earlier this month there was much discussion in leading UK national newspapers about a proposal to allow the use of social media credentials to access government websites. This was confirmed by the Government Digital Service blog, which has promised more details in the next few weeks.

  19. Randomness and the Intel Ivy Bridge microprocessor

    Cryptography Research (CRI) has published its investigation into the random number generator used by the Intel Ivy Bridge processor, the processor that is likely to be used by the majority of new PCs and laptops now and for the immediate future.

  20. ENISA summarizes risks and opportunities of IT consumerization

    The European Network and Information Security Agency (ENISA) has summarized both the risks and opportunities in the ‘consumerization of IT’, the business trend that includes BYOD.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?