Infosecurity News
Malaysia backs global cybersecurity group to share threat data
Malaysia has set up the Global Cyber Security Alliance (GCSA) to encourage sharing of cyber threat information among nations.
Firms lose 12% of their brand value from data breaches, survey finds
Companies that experience a major data breach lose on average 12% of their brand’s value, according to a survey conducted by the Ponemon Institute and sponsored by Experian Data Breach Resolution.
Stop! Don't pick up that apparently lost iPhone!
A Novato, Calif., woman thought she was doing the right thing by picking up an apparently lost iPhone 4 in her shopping cart, taking it to her son's home and calling the phone's owner to tell her she could collect the handset.
The real world consequences of an APT hack
Security researcher Brian Krebs has detailed an interesting analysis of how an APT attack ended up with Chinese hackers effectively running amok on a hedge fund's IT resource – and how the company dealt with the problem.
Hackers disrupted US government satellites, says report
Hackers, perhaps from China, interfered with two US government satellites during 2007 and 2008 by penetrating a ground station in Norway, according to a report being issued by a congressional commission next month.
TDL4 botnet may be available for rent
ESET's senior research fellow David Harley says that, while his team of researchers have been tracking the TDL4 botnet for some time, they have noticed a new phase in its evolution.
Solera research director spots a hybrid spear phishing attack
Andrew Brandt, The newly-installed director of threat research with Solera Networks, has been analyzing what appears to be a hybrid spear phishing attack against a colleague and revealed the effort that goes into making these targeted attack emails look genuine.
Jericho Forum talks about identity security strategies
At the RSA Europe event earlier this month, Infosecurity got a chance to catch up with Paul Simmonds, a board member of the Jericho Forum.
Application vulnerability ranked as key threat by 72% of IT security professionals
Research just released by (ISC)² claims to show that application vulnerability was ranked as the number one threat by more than 72% of IT security professionals.
Duqu should act as an alarm for IT security professionals
Responding to Symantec – and McAfee's – reports last week about the 'Son of Stuxnet' worm appearing and harvesting information from industrial control systems, Venafi says the Duqu malware is definitely a major security threat.
Barnaby Jack hacks diabetes insulin pump live at Hacker Halted
At the Hacker Halted conference in Miami, Florida, McAfee research architect, Barnaby Jack, demonstrated how to hack into an insulin pump live in his presentation titled ‘Life threatening vulnerabilities’.
JBoss worm exploiting old bug to infect unpatched servers
Old bugs, it seems, do not die – nor do they fade away – as Dennis Fisher, editor of Kaspersky Lab's ThreatPost newswire says that there is a new worm in the wild that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm, he added, also attempts to install a remote access tool in order to give the attacker control over the newly infected server.
Anonymous has tools to take down critical infrastructure, says Sourcefire
Anonymous does not need sophisticated tools like Stuxnet or Duqu to carry out its threat to attack industrial control systems that regulate critical infrastructure, warned Dominic Storey with Sourcefire.
Nasdaq breach allowed hackers to spy on company directors
Hackers who infiltrated Nasdaq’s computer systems last year were able to eavesdrop on communications of company directors, according to people familiar with the investigation.
AVG's popularity means it is being targeted by fake maintenance site scams
AVG's free anti-virus is one of the most popular free IT security applications in the market, but according to one security researcher, its success has meant a surge in the number of fake download sites charging a subscription for the service.
RSA hackers may have hit several hundred firms, says security researcher
The widely publicized data breach revealed by RSA back in March may not have been the only one to hit a major company, a leading security researcher has said.
IP Expo: Symantec talks up security threats to communications
At the IP Expo event in London this week, senior managers with Symantec were out in force, explaining to show visitors why communications and security technologies are now closely integrated. Alongside sponsoring a security theater at the show, the IT security vendor was also talking about the results of its 2011 threat management survey.
Georgia Tech turns an iPhone into a SpyPhone
Researchers at Georgia Tech have built on the smartphone accelerometer analysis carried out by iSuppli back in 2009 and successfully used an iPhone 4 to measure vibrations from a nearby computer keyboard, allowing them to map which keys are being pressed on the desktop computer.
IP Expo: Check Point explains its cloud strategy
At the London IP Expo event yesterday, Infosecurity got a chance to catch up with Caroline Ikomi, technical director with Check Point, where she brought us up to speed on how the firm is adapting to a cloud-based IT landscape.
Nemours loses data on 1.6 million patients and employees
Nemours, a children’s healthcare system serving the Eastern US, has admitted that three unencrypted backup tapes containing personal information on 1.6 million patients and employees have been lost.
