Infosecurity News

  1. StubHub turns to fraud specialist to combat abuse of its platform

    StubHub, an online ticket exchange, was having trouble with criminals using its open platform to verify credentials that had been stolen from other sources. The website turned to SilverTail for help, explained Robert Capps, senior manager of trust and safety at the company.

  2. US data breach costs decline for first time in seven years

    The average organizational and per capita cost of a data breach in the US declined in 2011 for the first time in the seven years that the 'US Cost of a Data Breach Study' has been compiled.

  3. NIST publishes guidance for electronic health record usability and security

    The National Institute of Standards and Technology (NIST) has released technical guidance for evaluating the usability of electronic health records (EHR), while maintaining the security and privacy of those records.

  4. Russian authorities arrest eight in bust of Carberp bank fraud ring

    The Russian Ministry of Internal Affairs and the Federal Security Service this week arrested eight men allegedly involved in a Carberp bank fraud ring.

  5. Indian company hacks GSM and usurps IMSI

    At a security conference organized by Null in India, Matrix Shell claimed and demonstrated the ability to hack into GSM phones and manipulate the user’s International Mobile Subscriber Identity.

  6. Researchers discover flaws in SSO that leave websites vulnerable

    Indiana University and Microsoft researchers have uncovered flaws in Web-based single sign-on (SSO) services run by Google, Paypal, Facebook, Twitter, and others that allow hackers to get access to users’ accounts.

  7. Russia government appoints Krutskikh as cybersecurity coordinator

    The Russian government has appointed Andrei Krutskikh as cybersecurity coordinator under the Foreign Ministry.

  8. New twist in social engineering rogue AV

    Rogue anti-virus products continue to be a major source of malware. The trick for the criminal is in getting the victim to click the link; and GFI has spotted a new development.

  9. Cost of data breaches outstripping inflation

    The average cost to UK business per record lost, according to the latest Symantec/Ponemon study, has increased from £47 in 2007 to £79 in 2011. Had it been inflation alone, it would have increased to just over £53.

  10. IT pros lack confidence in public cloud's perimeter defenses

    The top security concern of IT professionals regarding public cloud computing is the lack of perimeter defenses and/or network control, according to a survey by cloud security provider CloudPassage.

  11. (ISC)², IT-ACC form alliance to improve government IT acquisition processes

    (ISC)², a non-profit information security professional association, and the Information Technology Acquisition Advisory Council (IT-AAC), a non-profit organizations to improve IT acquisition standards, have formed an alliance to improve the US government’s acquisition of IT products through security training and education.

  12. Hackers waste no time in jailbreaking new iPad

    A number of hackers have succeeded in jailbreaking the new iPad within hours of its release.

  13. Tibetan groups targeted by Chinese attackers

    Tibetan organizations are under attack from Chinese spear phishers who were also behind the Nitro attacks that targeted Western chemical and defense firms last year, according to research by AlienVault.

  14. Hydraq trojan is back (well, it never went away)

    The Hydraq trojan, which wreaked havoc during the Operation Aurora attacks in 2009, is back. Actually, it never went away, note Symantec researchers.

  15. Did Anonymous accidentally blow covert surveillance of Assad’s emails?

    On 6 February hacktivist group Anonymous delivered a threatening email to Bashar Assad’s personal email account. On 7 February his use of that account ceased.

  16. Consumer loyalty depends on privacy and data security, survey finds

    Consumers are taking privacy and security into account more often when making purchasing decisions, would consider leaving companies in the wake of a data breach incident, and measure corporate reputation based on these issues, according to a survey by public relations firm Edelman.

  17. Mozilla plugs eight holes with latest version of its Firefox browser

    Mozilla has fixed eight vulnerabilities, a majority of them “critical”, with the release of the latest version of its web browser, Firefox 11.

  18. Quis custodiet ipsos custodes – Who watches the watchmen?

    The Dutch Big Brother Awards for 2011 have been announced. There are three prize categories: People, Companies and Government.

  19. HHS fines Blue Cross of Tennessee for theft of 57 hard drives

    The US Department of Health and Human Services (HHS) is fining Blue Cross Blue Shield of Tennessee $1.5 million related to the 2009 theft of 57 unencrypted computer hard drives containing protected health information on over one million patients.

  20. Performance comparison between Bit9, Symantec and McAfee

    The Tolly Group has published a new report: 'Comparison of Bit9 Advanced Threat Solution versus McAfee Endpoint Protection Suite and Symantec Endpoint Protection 12.1'. But are they apples and oranges?

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?