Infosecurity News

  1. Security is fundamental to continued adoption of mobile innovations

    The exploding mobility trend will continue to advance only as long as people who use the devices feel they can be trusted. That was the focus of Mobiquity CEO Scott Snyder’s opening keynote at this week’s AT&T Cyber Security Conference in New York.

  2. Senators propose compromise cybersecurity bill

    In an effort to break the cybersecurity logjam in the US Senate, two senators have proposed a compromise draft bill that they hope will be acceptable to both Democrats and Republicans.

  3. Week of the Password Breach: Last.fm is lastest victim

    Music website Last.fm joins the growing list of websites that have had their customers’ passwords exposed on the internet this week.

  4. NHS electronic health records: Benefits and dangers

    Over the next few years, health records in the UK will become largely digital. Andrew Lansley’s new NHS Information Strategy offers both huge benefits and serious dangers for the future of the NHS/patient relationship.

  5. SOCA announces jailing of two UK credit card crooks

    Freshshop, the site set up and run by Jay Moore (aka t0pp8uzz) was a one-stop card fraud shop. Now Moore and his money-mule helper and co-conspirator Damian Horne (aka GM) have been jailed following an investigation by the UK Serious Organized Crime Agency (SOCA).

  6. Not all is harmonious at eHarmony: Dating site admits to password breach

    Online dating site eHarmony joins LinkedIn as the latest social networking site to be hacked, admitting to a breach that may have exposed 1.5 million user passwords.

  7. Adobe issues free security patches for older version of Photoshop, Illustrator

    Bowing to pressure from users of the CS5 versions of Photoshop and Illustrator, Adobe has issued free security patches to plug critical flaws in the software that could enable an attack to take control of a vulnerable system.

  8. Flame: why was it missed for so long?

    While the in-depth analysis of Flame continues, and we learn more and more about its intricacies and capabilities, one question remains: why did the AV industry fail to spot it earlier?

  9. Taking a bite of the iOS security Apple: A glimpse inside

    In an unprecedented move at openness, Apple has issued a document on iOS security that provides details on the system architecture, encryption and data protection, network security features, and device access for iOS devices.

  10. Facebook redesigns admin controls to prevent page hijacking

    Facebook has improved the protections for page administrators by enabling them to assign lower admin rights, which helps prevent page hijacking.

  11. Warning about the dangers in browser syncing

    Chrome v19 introduced a ‘tab sync’. This in turn, claims Imperva, introduces a new threat vector for business – a threat Imperva terms BYOB (bring your own browser).

  12. Hulk DoS tool analyzed and mitigated

    On 17 May, security researcher Barry Shteiman released Hulk (HTTP unbearable load king). It is, as its name suggests, a denial-of-service (DoS) tool that operates by sending an unbearable load of HTTP requests to the target web server, overloading it and bringing it to a standstill.

  13. US government drags its feet on declassifying documents

    The number of US government documents that were declassified, as well as the number reviewed for declassification, dropped in fiscal year (FY) 2011. This was compared with the previous fiscal year, according to an annual report by the Information Security Oversight Office (ISOO).

  14. Majority of firms plan to institute employee monitoring for social media use

    Around 60% of corporations said they plan to implement a formal security monitoring plan for employee use of social media by 2015, according to a survey by Gartner.

  15. Military grade chips may not be as secure as we think

    Sergei Skorobogatov and Chris Woods have discovered a backdoor into a military grade chip, permitting ‘a new and disturbing possibility of a large scale Stuxnet-type attack via a network or the Internet on the silicon itself’.

  16. PayPal researcher proposes technique to thwart clickjacking attacks

    Researcher Brad Hill with PayPal argues that a combination of a randomized user interface (UI) and a backend screenshot comparison tool could put an end to clickjacking attacks.

  17. Industry group unveils voluntary principles to combat botnets

    At a White House event today designed to draw attention to the problem of botnets, the Industry Botnet Group (IBG) unveiled a set of principles to combat their proliferation.

  18. Massachusetts hospital to pay $750,000 for 2010 data breach

    South Shore Hospital in South Weymouth, Mass., has agreed to pay $750,000 to settle charges brought by the state Attorney General Martha Coakley for a 2010 data breach that exposed personal information on more than 800,000 people.

  19. Flaming Hack: What does 'Flame' mean for the rest of us?

    We’ve all heard about Flame, the ‘mother of all cyberweapons’, the attack tool that takes cyberwarfare to a new level. But what does it actually mean for the rest of us?

  20. Neelie Kroes Promises champagne connection - for the wealthy

    Neelie Kroes, European Commissioner for the Digital Agenda, has promised a champagne connection for those who can afford it.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

What’s Hot on Infosecurity Magazine?