Infosecurity News

  1. The VOHO campaign: Gh0st RAT spread by water-holing

    The VOHO campaign would appear to be a sophisticated and extensive APT-style attack targeting primarily political activists, the defense industrial base and education – especially in the Boston and Washington DC areas.

  2. Two separate privacy concerns rock Facebook

    As Facebook shares continue their general downward trend, the social network giant is rocked by two new privacy concerns: a glitch that has started to expose old private messages; and the tie-up with advertising metrics company Datalogix.

  3. Mobile malware up 2,180% in 2012

    The rise of mobile malware is becoming an industry meme, and no wonder: As mobility starts to permeate every aspect of consumer and business lives, malware vectors are increasing.

  4. New Islamist hacker collective emerges to protest 'Innocence of Muslims' video

    A new Islamist hacker collective has amassed to protest the “Innocence of Muslims” YouTube video, via attacks on several low-level Western websites. It promises continued action in the wake of the film.

  5. Android app piracy sees triple-digit growth

    Thanks to a lack of comprehensive content protection, Android developers are finding themselves at major risk for piracy, and it’s significantly impacting their business, according to a new survey from Protection Technology Research (PTR).

  6. What is Microsoft doing with Hotmail passwords?

    Costin Riau, a security expert with Kaspersky Lab, tried to log into his old hotmail account with his old hotmail password – all 36 characters. It failed, with an error message saying, “Microsoft account passwords can contain up to 16 characters.”

  7. EU’s Clean IT is being anything but clean in its intentions

    Digital rights groups have long claimed that the online terrorist threat is used by governments as a reason for imposing wide-ranging control of the internet. A newly leaked document from the EU Clean IT project seems to confirm such mission-creep.

  8. Facebook’s $9.5 million class action settlement confirmed

    The 9th U.S. Circuit Court of Appeals has ruled by 2-1 that Facebook’s class action settlement of $9.5 million over its defunct Beacon service must stand, concluding that the sum was “substantial in this case.”

  9. IBM: Top threats include data breaches, BYOD, browser exploits

    When it comes to trends in security for 2012 so far, the landscape has seen a sharp increase in browser-related exploits, like recent ones for Internet Explorer and Java, along with renewed concerns around social media password security and continued disparity in mobile devices and corporate bring-your-own-device (BYOD) programs.

  10. An analysis of DDoS attack methodologies

    What stands out most from Imperva’s new analysis of DDoS attack methodologies, is that DDoS is easy, growing in use and probably more prevalent than commonly perceived.

  11. ICO and Ofsted agree encryption needed in schools

    As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.

  12. NIST releases comprehensive risk assessment guidelines

    The US National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines for determining the level of information security risks in IT infrastructure.

  13. Veracode goes large with VAST app security testing for cloud, mobile

    Application security testing company Veracode has launched the Vendor Application Security Testing (VAST) program to provide independent, automated and outsourced compliance testing for cloud, mobile and outsourced applications, to help enterprises reduce the security risks associated with the use of vendor-supplied software.

  14. Microsoft: Pre-installed malware not from factory lines

    The pre-installed malware found on fresh-from-the-factory PCs by Microsoft's Digital Crimes Unit was not implemented on the factory line, a Microsoft spokesperson has confirmed.

  15. Peter the Great beats Sun Tzu in cybercrime

    Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.

  16. TDSS/TDL4 'indestructible botnet' is back with 250K victims already

    Damballa has discovered a new iteration of the TDSS/TDL4 botnet that, at its height last autumn, infected more than 5.5 million victims. Now, it’s back and is utilizing domain generation algorithm (DGA)-based communication for command-and-control (C&C).

  17. Romanian Subway hackers plead guilty to cyber-fraud

    Subway restaurant franchises can rest easy: The culprits behind an international electronic fraud ring that targeted point-of-sale (PoS) vulnerabilities at hundreds of US retail locations have pled guilty to cyber-fraud charges.

  18. The cloud: transforming the role of the infosec professional

    Infosecurity caught up with John Howie, COO of the Cloud Security Alliance (CSA), at the recent ASIS/(ISC)² Congress in Philadelphia, where he discussed how the cloud is altering the role of security professionals

  19. 51% of SMB endpoints infected annually

    When it comes to small- and medium-sized business (SMB) applications, the cloud and mobility are on the rise, driving an increased need for comprehensive security, according to a new report from Osterman Research, commissioned by Trend Micro.

  20. NullCrew: the principled hacker group?

    In a wide-ranging interview broadcast over online Spreaker radio but conducted probably via IRC, UK Anon Winston Smith has been talking to Null, the leader of the NullCrew hacking group.

Why Not Watch?

  1. How To Enhance Security Operations with AI-Powered Defenses

  2. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?