Infosecurity News

  1. Better late than never: Wells Fargo appoints first CISO

    In an announcement that boggles the infosec-savvy mind, global financial firm Wells Fargo has only just appointed its first chief information security officer (CISO).

  2. Big Data Analytics should be used for security as well as commercial purposes

    “Big data analytics can improve information security and increase cyber resilience” claims a new report from the Information Security Forum (ISF).

  3. ENISA calls for joint effort between users and providers to secure online identities

    ENISA notes that nearly 18.5 million user passwords have been stolen in just seven major hacks this year already, and has published guidelines on how both users and service providers can better secure them in the future.

  4. New Morto worm variant emerges with file infection capability

    A new variant of the Morto worm has added a file infection capability to the malware’s arsenal of weapons, warned a Microsoft researcher.

  5. Korean hackers arrested for stealing data on 8.7 million mobile subscribers

    South Korea’s National Police Agency (NPA) has arrested two hackers for stealing and selling personal information on 8.7 million KT mobile subscribers.

  6. Black Hat 2012: Webroot Researcher Says Delayed Breach Disclosure is Advisable

    At Black Hat in Las Vegas, July 27 2012, Grayson Milbourne - director of threat research at Webroot - told Infosecurity that sometimes it is best if a breach goes undisclosed until the company concerned has answers and a recovery plan.

  7. All your speech belongs to Apple

    Apple’s new Mountain Lion operating system is now available – but with it comes a surprising new twist to the terms and conditions for the new dictation capability. Apple gets and keeps the dictated files.

  8. Rakshasa: Hindu demon – and permanent, undetectable backdoor

    A security researcher has developed proof of concept for a PC backdoor that is both undetectable and very difficult to remove – and capable of infecting more than 100 different motherboards.

  9. Apple to buy AuthenTec for $356 million

    In a deal unanimously agreed by the AuthenTec board, but not yet by its shareholders, Apple Inc is to buy the mobile security firm at a price valuing shares at $8.00 – a 58% premium on the earlier closing price.

  10. Black Hat 2012: Pappas bounces his way to $200,000 Microsoft BlueHat prize

    Vasilis Pappas has won Microsoft's $200,000 BlueHat defensive computer technology research prize for his kBouncer, an efficient and fully transparent return-oriented programming (ROP) mitigation technique.

  11. Black Hat 2012: FAA's new air traffic control system vulnerable to cyber attack

    The US Federal Aviation Administration’s (FAA) new air traffic control system could be vulnerable to cyber attack, warned researcher Andrei Costin at the Black Hat conference this week in Las Vegas.

  12. Russian websites pushing Olympics malware for Android

    On the day of the official launch of the 2012 London Olympic Games, GFI Software warns Android gamers about fake 2012 apps being offered from Russian websites.

  13. YouView: business and security issues

    YouView, an internet-connected variant of Freeview – chaired by Lord Sugar and supported by all the major UK TV channels, and ISPs such as BT and TalkTalk – has finally launched in the UK, but to more criticism than praise.

  14. Mahdi malware campaign resurrected

    After having its command-and-control server shut down, the Madhi (Messiah) malware is back with improved features, warns Kaspersky Lab.

  15. NIST: You can't tell software misuse without a scorecard

    The US National Institute of Standards and Technology (NIST) has issued a scoring system for computer security managers to assess the severity of security risks caused by software misuse.

  16. BlackHat 2012: Microsoft Incorporates BlueHat ROP Mitigation Technology into EMET

    One of the three finalist entries for Microsoft's first-ever BlueHat Prize for building new security defense technologies is now part of the software giant's free Enhanced Mitigation Experience Toolkit (EMET).

  17. Software-related medical device recalls raise security, privacy concerns

    Close to 15% of medical device recalls by the US Food and Drug Administration (FDA) between January 2009 and May 2011 involved software problems, which could pose privacy risks to patient data, according to a study funded by the US Department of Health and Human Services.

  18. Siemens patches security flaws in SCADA systems

    Siemens has patched a number of security holes in its SIMATIC supervisory control and data acquisition (SCADA) systems, according to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

  19. EU reaches agreement with Google over competition issues

    European Union (EU) regulators have a reached an “understanding” with Google over concerns about anti-competitive behavior on the part of the search engine giant.

  20. Black Hat 2012: ModSecurity open-source firewall now supports Apache, IIS and Nginx

    The free open-source web application firewall known as ModSecurity – once just an Apache plug-in – now also plugs directly into IIS and Nginx web servers, and is particularly good for virtual patching.

Why Not Watch?

  1. How To Enhance Security Operations with AI-Powered Defenses

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?