Infosecurity News

  1. Oracle fixes zero-day database vulnerability that was already ‘fixed’

    After being outed by security researcher Joxean Koret, Oracle has issued a fix for a zero-day database vulnerability that can be remotely exploited. It's a flaw that was supposedly “fixed” in the company’s quarterly security update.

  2. Welsh board first NHS organization to be fined for data breach

    The UK Information Commissioner’s Office (ICO) has fined the Aneurin Bevan Health Board in South Wales £70,000 for a “serious breach” of the Data Protection Act, the first National Health Service (NHS) organization to receive a data breach fine.

  3. New combined home firewall & anti-virus is free

    Home computer users do not, in general, pay for security. They rely instead on free software offered with little or no support. This can cause problems when different free products conflict with each other.

  4. Intruder alert: Star Trek Online account database compromised

    The studio behind the Star Trek Online game had its user account database breached over a year ago, but is only reporting it now.

  5. Europeans exhibit more caution regarding BYOD

    BT conducted a survey of over 2000 IT users and decision makers across 11 countries. The research, released during last week’s Infosecurity Europe show in London, showed that Western European organizations tend to take a more guarded approach to BYOD implementation when compared to their global counterparts.

  6. Columbia posts faculty social security numbers on the internet

    Columbia University has notified 3,000 faculty members that their names, addresses, social security numbers, and bank account numbers were available on the internet for two years.

  7. 42 blackmail sites -posing as news sites - shut down in China

    Genuine news sites publish information on events – these sites, say the Chinese authorities, promised not to publish information for a fee.

  8. Want someone else’s Hotmail account?

    A software bug can often lead to a vulnerability that can be exploited with sophisticated exploit code. Or sometimes you can just instal a free add-on that lets you do the same thing with no effort.

  9. SOCA and the FBI takedown 36 AVC websites

    In a joint exercise between between multiple law enforcement agencies, 36 websites associated with an e-commerce platform known as an automated vending cart (AVC) used to sell stolen credit cards were taken down on Wednesday.

  10. Hacker could take over traffic and railroad control systems using backdoor

    A researcher has uncovered a backdoor in RuggedCom software used to control traffic and railroad systems that could enable a remote attacker to take control of the systems.

  11. Hacker posts VMware source code on internet

    A hacker has posted source code for VMware’s ESX virtual machine on the internet, the company has confirmed.

  12. Infosecurity Europe 2012: The ICO on better regulation and better infosec

    Christopher Graham, the UK Information Commissioner, talks about his role as an information regulator and facilitator at Infosecurity Europe in London

  13. One in five Macs harbors malware, Sophos finds

    A disturbing one in five Mac computers are infected by some form of malware, according to research by IT security firm Sophos.

  14. Infosecurity Europe 2012: defining risk management in the context of information security

    The three companies represented on the keynote panel (G4S Secure Solutions, Steria UK, and Skipton Building Society) are very different; and their CISOs have very different views on the functioning of risk management within infosec.

  15. DHS, industry organizations form first cybersecurity center for healthcare

    The US Department of Health and Human Services, the Health Information Trust Alliance (HITRUST), and 14 healthcare organizations have set up the first Cybersecurity Incident Response and Coordination Center for the healthcare industry

  16. Cybercriminals exploit Björk’s Biophilia app to compromise Androids

    Symantec has identified a social engineering scam that attempts to get users to download malware from third-party Android sites by passing itself off as part of pop icon Björk’s popular Biophilia app.

  17. Khosrow Zarefarid explains why he published 3m Iranian card details

    I am not a hacker, says Zarefarid. I did this to warn Iranian card holders that their accounts are in danger.

  18. Trojan used hacked WordPress sites to carry out mass Mac infections

    The Flashback trojan, which infected more Macs than any other malware in history, used hacked WordPress sites to get onto machines, according to Kaspersky Lab researcher Vicente Diaz.

  19. Data breach hits 228,000 South Carolina Medicaid recipients

    The South Carolina Department of Health and Human Services announced this week that an employee stole personal data on 228,000 Medicaid recipients.

  20. European Parliament approves the controversial EU/US PNR agreement

    “The EU-US Passenger Name Record (PNR) agreement was adopted with 409 votes in favour, 226 against and 33 abstentions,” announced the EU yesterday. Opponents included “rapporteur Sophie in'T Veld, who withdrew her name from the report.”

Why Not Watch?

  1. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?