Infosecurity News
Academic tenure stifles cybersecurity innovation, academic and entrepreneur warns
Academic tenure discourages educational investment in cybersecurity innovation, Paul Barford, a computer sciences professor at the University of Wisconsin-Madison, as well as the chief scientist at cloud security specialist Qualys, told the Security Innovation Network (SINET) summit at the Massachusetts Institute of Technology on Tuesday.
Big day at IBM – acquires SIEM vendor Q1 Labs, establishes new security division
Today IBM made two announcements regarding its security business: the planned purchase of Q1 Labs and its intent to establish the IBM Security Systems division.
East Surrey Hospital loses details of 800 patients on an insecure USB stick
The East Surrey Hospital has admitted it lost the details of around 800 patients on unencrypted memory stick in September of last year. The revelation was made in the Surrey and Sussex Healthcare NHS Trust's annual report.
Large-scale spam campaigns lead to online banking heists
According to security researcher Brian Krebs, phishers and cybercriminals have been casting an unusually wide net of late, sending out huge volumes of fraudulent email designed to spread password-stealing banking trojans. And, he reports, judging from the number of victims that have reportedly costly cyberheists in the past two weeks, many small to medium sized organizations have been taking the bait.
OnStar shifts into reverse over data collection from former customers
General Motors’ OnStar navigation and emergency services provider has reversed itself and decided not to continue to collect data from vehicles of former OnStar subscribers.
Qualys backs Marlinspike-inspired Convergence notaries
Cloud security specialist Qualys is supporting two Convergence notaries, based on an approach developed by security researcher Moxie Marlinspike, as an alternative to SSLs and certificate authorities (CAs).
ISPs would notify consumers about botnet infections under US proposal
The US Departments of Homeland Security and Commerce are seeking public comments on a proposed voluntary program under which Internet service providers (ISPs) would notify users when their computers have been infected by botnet malware.
Close to 5 million US military patient records stolen from contractor
Medical records of 4.9 million US military personnel and their families have been compromised as a result of a theft of backup tapes from an SAIC contractor’s car in San Antonio, Texas.
Iran threatens to reciprocate any US, UK and Israeli cyber-attacks
The war of words between the US and Iranian governments took a dark turn last week when an Iranian army chief – apparently responding to comments from US military chiefs' previous threats of an internet war – said that Iran will respond to any form of online aggression in a reciprocal manner.
Trend spots malware hidden within rogue copies of Opera Mini Java edition
A Trend Micro fraud analyst claims to have spotted rogue versions of Opera Mini, a Java (jar) mobile phone browser that can be downloaded and used on a wide number of mobile phones.
Betfair loses data on more than three million customers to hackers
Betfair has apparently admitted that data on more than three million of its customers – including 2.9 user names and almost 90,000 bank account details – was hacked by cybercriminals, possibly from Cambodia.
Is personnel turmoil behind DHS cybersecurity reorg?
High-level turnover at the Department of Homeland Security's (DHS) cybersecurity office may be a factor in the reorganization of the National Protection and Programs Directorate, which oversees the office.
Red Lambda develops auto-mining security intelligence software
Red Lambda has taken the wraps off an automatic data mining application that analyzes data on the organization's IT resources and archives – as well as on the internet – and presents the information in a drill-down dashboard format to the user.
ISF issues major update on Standard of Good Practice for IT security professionals
The Information Security Forum (ISF) has published a major update on its Standard of Good Practice for IT security professionals, which is billed as the industry’s most business-focused, all-in-one guide to information security assurance.
Elcomsoft enhances password recovery software to crack encrypted BlackBerry media cards
Russian password recovery specialist has enhanced its Phone Password Breaker software to crack encrypted media cards for the BlackBerry smartphone. The password recovery specialist claims the software's password recovery rate on the BlackBerry is in the order of millions passwords per second.
Laptop heist exposes personal data on 16,000 patients at Minneapolis hospitals
Personal information of more than 16,000 patients at two health facilities in the Minneapolis area have been compromised as the result of a stolen laptop, the facilities admitted this week.
Superbotnet poised to be unleashed by cybercriminals
A cybercriminal organization is creating a superbotnet by sending out billions of malware-laden emails for an unknown purpose, according to Commtouch researcher Avi Turiel.
MySQL.com web site hacked to serve up malware
Reports are coming in that the MySQL.com site was hacked and booby-trapped to serve up malware earlier this week – unconfirmed reports from security researcher Brian Krebs suggest that hacked access to the site was sold by cybercriminals for $3,000.
Two million Massachusetts citizens affected by data breaches since January 2010
Around two million Massachusetts citizens, one out of every three state residents, had personal information compromised through data theft or loss since the beginning of 2010, according to Attorney General Martha Coakley.
Dutch government revokes DigiNotar's CA root certificates
The Dutch government is revoking the DigiNotar’s subordinate certificate authorities (CAs) under the Staat der Nederlanden root certificates.
