Infosecurity News

  1. California prison workers settle data breach lawsuit

    Employees at the Pelican Bay State Prison in California have reached a settlement with the state over allegations that their personnel information was exposed to prison inmates.

  2. 16 code defects uncovered for open source code bases

    Software testing firm Coverity has uncovered 16 code defects, similar to a defect recently found in the MySQL database server, in nine different open source code bases, including Nmap, OpenBabble, and Ncbi-tools.

  3. PPTP traffic should be considered unencrypted

    This is the view of Moxie Marlinspike, who along with David Hulton first presented his method for cracking Microsoft’s CHAPv2 at Defcon, and has now described the process on CloudCracker.

  4. Bachmann aide accuses candidate, senior staff of data theft

    A campaign aide to former Republican presidential candidate Michele Bachmann is suing Bachmann and her senior campaign staff for allegedly stealing her private email list to promote the candidate among Christian home-school advocates in Iowa.

  5. Better late than never: Wells Fargo appoints first CISO

    In an announcement that boggles the infosec-savvy mind, global financial firm Wells Fargo has only just appointed its first chief information security officer (CISO).

  6. Big Data Analytics should be used for security as well as commercial purposes

    “Big data analytics can improve information security and increase cyber resilience” claims a new report from the Information Security Forum (ISF).

  7. ENISA calls for joint effort between users and providers to secure online identities

    ENISA notes that nearly 18.5 million user passwords have been stolen in just seven major hacks this year already, and has published guidelines on how both users and service providers can better secure them in the future.

  8. New Morto worm variant emerges with file infection capability

    A new variant of the Morto worm has added a file infection capability to the malware’s arsenal of weapons, warned a Microsoft researcher.

  9. Korean hackers arrested for stealing data on 8.7 million mobile subscribers

    South Korea’s National Police Agency (NPA) has arrested two hackers for stealing and selling personal information on 8.7 million KT mobile subscribers.

  10. Black Hat 2012: Webroot Researcher Says Delayed Breach Disclosure is Advisable

    At Black Hat in Las Vegas, July 27 2012, Grayson Milbourne - director of threat research at Webroot - told Infosecurity that sometimes it is best if a breach goes undisclosed until the company concerned has answers and a recovery plan.

  11. All your speech belongs to Apple

    Apple’s new Mountain Lion operating system is now available – but with it comes a surprising new twist to the terms and conditions for the new dictation capability. Apple gets and keeps the dictated files.

  12. Rakshasa: Hindu demon – and permanent, undetectable backdoor

    A security researcher has developed proof of concept for a PC backdoor that is both undetectable and very difficult to remove – and capable of infecting more than 100 different motherboards.

  13. Apple to buy AuthenTec for $356 million

    In a deal unanimously agreed by the AuthenTec board, but not yet by its shareholders, Apple Inc is to buy the mobile security firm at a price valuing shares at $8.00 – a 58% premium on the earlier closing price.

  14. Black Hat 2012: Pappas bounces his way to $200,000 Microsoft BlueHat prize

    Vasilis Pappas has won Microsoft's $200,000 BlueHat defensive computer technology research prize for his kBouncer, an efficient and fully transparent return-oriented programming (ROP) mitigation technique.

  15. Black Hat 2012: FAA's new air traffic control system vulnerable to cyber attack

    The US Federal Aviation Administration’s (FAA) new air traffic control system could be vulnerable to cyber attack, warned researcher Andrei Costin at the Black Hat conference this week in Las Vegas.

  16. Russian websites pushing Olympics malware for Android

    On the day of the official launch of the 2012 London Olympic Games, GFI Software warns Android gamers about fake 2012 apps being offered from Russian websites.

  17. YouView: business and security issues

    YouView, an internet-connected variant of Freeview – chaired by Lord Sugar and supported by all the major UK TV channels, and ISPs such as BT and TalkTalk – has finally launched in the UK, but to more criticism than praise.

  18. Mahdi malware campaign resurrected

    After having its command-and-control server shut down, the Madhi (Messiah) malware is back with improved features, warns Kaspersky Lab.

  19. NIST: You can't tell software misuse without a scorecard

    The US National Institute of Standards and Technology (NIST) has issued a scoring system for computer security managers to assess the severity of security risks caused by software misuse.

  20. BlackHat 2012: Microsoft Incorporates BlueHat ROP Mitigation Technology into EMET

    One of the three finalist entries for Microsoft's first-ever BlueHat Prize for building new security defense technologies is now part of the software giant's free Enhanced Mitigation Experience Toolkit (EMET).

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?