Infosecurity News

  1. Google Chrome turns 20

    Aah, it's seems only yesterday that Chrome was a tiny little browser cradled in Google's arms. Well, Chrome has just released version 20 and is ready to take on the world, but not before a few security holes are fixed.

  2. Cunard leaks personal details of 1000+ passengers

    In what the company describes as a ‘system issue’, but what looks more like user error, Cunard inadvertently sent an email with a spreadsheet attachment containing the contact information of 1,225 Cunard passengers to an unspecified number of customers.

  3. ACTA: the dead donkey that won’t lie down in Europe

    Every EU committee tasked with recommending how the European Parliament should vote on the ratification of the ACTA agreement has now voted: No. But ACTA just won’t lie down.

  4. FBI arrests: was UGNazi a target or an instrument?

    In what has been described as “the largest coordinated international law enforcement [carding] action in history”, the FBI has arrested 12 US citizens among a total of 24 arrests in eight countries.

  5. FTC goes after Wyndham Hotels for theft of 620,000 payment cards

    The US Federal Trade Commission (FTC) has filed a complaint against Wyndham Hotels for data security failures that led to three data breaches in less than two years and resulted in the theft of close to 620,000 payment card numbers.

  6. Android chosen for military security

    Invincea yesterday announced a $21.4m contract from the Defense Advanced Research Projects Agency (DARPA) and the US Army Research Laboratory (ARL) for a secure version of Android phones and tablets.

  7. Hackers crack CAPTCHA website security measures

    Hackers are able to bypass CAPTCHA security measures using computer-assisted tools and crowdsourcing to gain access to personal and financial information, Imperva warned in its latest Hacker Intelligence Report.

  8. Euro 2012 is the lure; pharmacy spam scam the result

    Spammers and scammers use international events and disasters as the lure for their ware. Euro 2012 provides both: an international event littered with individual disasters when national teams are dismissed.

  9. Information security risks lurk in oft-neglected places

    A new study by Kroll Advisory Solutions highlights the information security risks lurking in oft-neglected places, such as voicemail, conference calls, and even the mailroom.

  10. FDA warns about software flaws in medical devices

    The US Food and Drug Administration (FDA) has found that software flaws in medical devices are leading to compromises of those devices.

  11. USAID gets detention after failing FISMA test

    The US Agency for International Development (USAID) is working to improve its network security monitoring in response to a failing grade on the Federal Information Security Management Act (FISMA) scorecard, according to Jerry Horton, the agency’s chief information officer.

  12. PDFs wrapped in XDP evade anti-virus scans

    "Security researcher Brandon Dixon has discovered a way to bypass the Antivirus detection for malicious PDFs," writes eHackingNews, "using the XML Data Package(XDP) format." It goes on to add that "opening the malicious XDP file can result in Adobe Reader Exploit."

  13. Microsoft increases hackers' exploit development costs

    Jonathan Ness, security development manager of Security Science – part of the Trustworthy Computing group – claimed that Microsoft are looking to reduce or eliminate exploit based attacks by increasing the cost required to develop attacks – specifically the discovery and exploitation of vulnerabilities.

  14. Microsoft’s Bill Harmon on tackling child exploitation online: We can win

    On June 20th at the Microsoft HQ in Seattle, Bill Harmon, associate general counsel, Microsoft digital crimes unit, presented at the TwC International Media Campus Tour on child sexual exploitation online. While he assessed that the problems we have today with child safety is so much greater than thirty years ago due to technology, he concluded that we “can win this war”.

  15. Kayak.com investigates search engine glitch that exposed users' personal data

    Online travel website Kayak.com is investigating a security breach in which personal information of users was available through its search engine.

  16. AT&T security chief: mobiles are the “nail in coffin” for trust, and the perimeter

    The man responsible for the security of AT&T’s network recently told one audience that mobility is perhaps the death knell for trust within an organization’s network perimeter. His solution lies in a gradual network-based security strategy that moves your assets into the cloud.

  17. Pennsylvania man indicted for hacking Energy Department networks

    A Pennsylvania man has been arrested for hacking into computer networks at the Department of Energy (DOE), the University of Massachusetts (U-Mass), and a number of companies and trying to sell access to these networks to an uncover FBI agent.

  18. Fake anti-virus comes to Android – or does it?

    Webroot has reported the arrival of fake anti-virus, one of the most prevalent of PC threats, on the Android mobile platform. Beware of the Android Security Suite Premium – it’s a trojan.

  19. Governments spend too much on cyber surveillance and not enough on catching crooks

    A report from academics including Ross Anderson and Richard Clayton from Cambridge University suggests current cyberdefense is misdirected: too much money is spent on preventing cybercrime rather than apprehending cybercriminals.

  20. Nuclear regulator warns about cybersecurity lapses at California power plant

    The US Nuclear Regulatory Commission (NRC) is warning Southern California Edison that it might take enforcement action against the utility because of cybersecurity lapses found in a May security audit of its San Onofre nuclear power plant.

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?