Infosecurity News

  1. DHS gets California company to hack game consoles

    In a project that started from law enforcement agencies' request to the US Department of Homeland Security (DHS), which was then farmed out to the US Navy, Obscure Technologies of California has been awarded a contract to find ways of hacking game consoles.

  2. SQL injection tops SMB database security concerns

    More than half of small and medium-sized businesses (SMBs) are most concerned about SQL injection attacks against their databases, according to a survey of 6,000 SMBs users of GreenSQL’s database security product.

  3. Adobe plugs security holes in Reader and Acrobat, adds free e-signature to Reader

    Adobe has shipped updates for Reader and Acrobat that fix four security holes that could cause the application to crash and allow an attacker to take control of an affected system.

  4. Anonymous attacks high-tech trade groups over support for CISPA

    Anonymous claimed credit for launching distributed denial-of-service attacks (DDoS) against a number of high-tech trade groups in retaliation for their support of the Cyber Intelligence Sharing and Protection Act (CISPA).

  5. Google fixes SSL certificate bug in Chrome browser

    Google has released an update for Chrome that fixes a problem with the SSL certificate when users attempt to connect to sites over HTTPS.

  6. Utah increases estimate of Medicaid data breach 10-fold

    The Utah Department of Health (UDOH) is now admitting that social security numbers of up to 280,000 individuals were stolen from the Department of Technology Services server, a 10-fold increase from the original estimate.

  7. Real-time data mining comes to Twitter

    Twitter is usually described as a micro-blogging social network. To many who monitor its ‘trending topics’ it is also an early warning news service, frequently pointing users to breaking news before the traditional news media reports it.

  8. What an Englishman does in bed

    Companies that monitor the end point behavior of their remote workers will have to start monitoring their (internet) behavior in bed. That at least is the inference to be drawn from a new street survey conducted by Infosecurity Europe.

  9. Fake AT&T bills being used to deliver malware

    Cybercriminals are sending spam to AT&T Wireless customers with huge bills in order to trick recipients into clicking on a link to malicious websites, according to Commtouch.

  10. Evolve or perish: Darkshell DDoS is adapting

    New variants of Darkshell, a distributed denial of service (DDoS) botnet targeting Chinese websites, have been detected by McAfee Labs.

  11. Baylor Law accidentally discloses GPAs, LSAT scores of incoming class

    Baylor Law School sent out an email to the incoming class informing them of an extension to the deadline for “seat deposits” along with a spreadsheet containing GPAs and LSAT scores on all class members.

  12. ABB won't patch industrial control system flaw

    Swiss industrial conglomerate ABB does not plan to patch an arbitrary code execution vulnerability in components of itsWebWare Server application, used in various industrial systems, because it is a legacy product nearing the end of its lifecycle.

  13. Anonymous UK plans to attack the Home Office

    The UK faction of Anonymous has announced a campaign against the Home Office in protest against extradition arrangements with the US, and the European Arrest Warrant (EAW). It is timed for 9:00pm on Saturday.

  14. Weighing the costs and benefits of disaster recovery planning

    In order to protect data from a disaster or cyberattack, organizations should develop a disaster recovery plan based on a cost-benefit analysis of the value of the data versus the cost of maintaining backup facilities, according to a report from Wisegate.

  15. UK government puts brakes on web snooping plans

    In an apparent about-turn over government plans to allow security and police services to spy on e-mails, phone calls and internet browsing habits, deputy prime minister Nick Clegg said the legislation will be published only as a draft.

  16. Blackhole-laden spam targets airline passengers

    Cybercriminals have launched a Blackhole-laden spam campaign against US Airways passengers, trying to convince them to click on a link to "view" their reservation, according to Kaspersky Lab.

  17. IRS security dissing party continues

    The Internal Revenue Service (IRS) just can’t catch a break when it comes to its information security posture; the US Treasury’s auditors are joining the criticisms begun by the Government Accountability Office (GAO) about infosec shortcomings at the US tax collector.

  18. UK hacker G-Zero jailed for using Zeus and SpyEye

    Edward Pearson, aka G-Zero, has been jailed for 26 months at Southwark Crown Court for “making an article for use in fraud and two counts of possession of an article for use in fraud.”

  19. Mac users: “If you have no real need for Java, remove it”

    Discussing the latest drive-by threat to Mac users that exploits an unpatched Java vulnerability known as CVE-2012-0507, Graham Cluley of Sophos blogs, “My advice is that if you have no real need for Java, remove it.”

  20. Adobe offers malware classification tool for 'quick malware triage'

    Adobe has released a free tool that helps IT administrators classify suspicious files as malicious or benign using machine-learning algorithms.

Why Not Watch?

  1. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

What’s Hot on Infosecurity Magazine?