Infosecurity News

  1. Mac users: “If you have no real need for Java, remove it”

    Discussing the latest drive-by threat to Mac users that exploits an unpatched Java vulnerability known as CVE-2012-0507, Graham Cluley of Sophos blogs, “My advice is that if you have no real need for Java, remove it.”

  2. Adobe offers malware classification tool for 'quick malware triage'

    Adobe has released a free tool that helps IT administrators classify suspicious files as malicious or benign using machine-learning algorithms.

  3. ACLU finds widespread warrantless cell phone tracking by local police

    A report issued this week by the American Civil Liberties Union (ACLU) claims that local law enforcement is engaged in pervasive warrantless tracking of cell phones.

  4. ManTech buys HBGary, a security firm well known for its Anonymous run-in

    US defense firm ManTech has acquired technology security firm HBGary, which was at the center of a controversy last year when it claimed to have infiltrated Anonymous and was then attacked by the hacktivist group.

  5. Global Payments cops to 1.5 million total on credit card breach

    Global Payments, a third-party payment card processor, has admitted that around 1.5 million credit card numbers may have been stolen in a massive data breach last month, up significantly from the original report of 50,000.

  6. California child services loses storage devices with info on 800,000 people

    Computer storage devices containing personal information on 800,000 California residents were lost following a disaster recovery exercise held by IBM and Iron Mountain on behalf of the California Department of Child Support Services (DCSS).

  7. Imperva analyzes LulzSec’s attack tool

    In its latest Hacker Intelligence Initiative report, Imperva analyzes remote and local file inclusion (RFI/LFI) attacks as favored by LulzSec.

  8. GCHQ to get real-time access to personal traffic data

    The EC Data Retention Directive is already in force in the UK as a Statutory Instrument – The Data Retention (EC Directive) Regulations 2009. A proposed new bill will now force ISPs and telecommunications providers to make this data available to law enforcement in real time.

  9. Payment processor suffers data breach that exposes 50,000 credit card numbers

    Global Payments, an Atlanta-based credit and debit card processor for banks and merchants, has suffered a security breach that has exposed information on at least 50,000 cardholders, the Wall Street Journal reported.

  10. Blackhole: the 1-day exploit kit

    ESET has reported on the latest version of the Blackhole exploit kit, noting that it has been updated to include a recent Java vulnerability.

  11. Our expert is better than your expert, says Hotfile to Warner Bros

    Hotfile is being sued by Warner Bros (and others) – the MPAA – for copyright infringement; Hotfile is countersuing for bogus copyright infringement claims.

  12. Yahoo commits to honoring Do-Not-Track

    Do-Not-Track (DNT) is the evolving standard that will provide internet users with greater control over their privacy on the internet. “Yahoo websites worldwide will comply with visitors’ Do-Not-Track preferences starting later this year,” said the company on Wednesday.

  13. Mediyes trojan underscores need for proper key management

    The discovery of the Mediyes trojan using a valid digital signature has raised concerns about the need for proper key management, noted John Grimm with Thales e-Security.

  14. Top national security official pins RSA breach on China

    The US government has evidence that Chinese hackers were responsible for the breach of RSA last year that compromised the company’s “underlying software” and required the replacement of hundreds of SecurID tokens, a top national security official told Congress this week.

  15. Carders Market leader pleads guilty to ID theft/fraud scheme

    Chris Aragon, one of the leaders of the ID theft and fraud forum known as the Carders Market, has pled guilty to stealing thousands of personal identities and counterfeiting credit cards to buy high-end goods that were resold on eBay and craigslist.

  16. FTC reaches settlement on charges over RockYou breach

    The US Federal Trade Commission (FTC) has reached a settlement with the social gaming site RockYou over charges it failed to protect the privacy of its users, enabling hackers to access personal information on 32 million users in 2009.

  17. Digital Crime: Fourth great era of organized crime

    Organized digital crime is growing – but we still know little about the structure of organized digital crime groups. A new report from BAE Detica Systems and the John Grieve Centre for Policing and Security at London Metropolitan University seeks to change this.

  18. Australia blocks China’s Huawei from broadband project over security concerns

    The Australian government has blocked China’s Huawei Technologies from participating in the country’s AUS$36 billion national broadband network (NBN) project because of cybersecurity concerns.

  19. Belarusian sentenced to US prison for assisting identity theft scams

    A Belarusian named Dmitry Naskovets has been sentenced to 33 months in federal prison for operating CallService.biz, an online site that helped over 2,000 identity thieves commit fraud, federal authorities announced on Friday.

  20. Watchdog warns US agencies lax on global IT supply chain security

    The General Accounting Office (GAO) is warning that insecurity in the global IT supply chain is putting US national security agencies at risk.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?