Infosecurity News

  1. PCI DSS can provide information security roadmap for cloud computing

    The Payment Card Industry Data Security Standards (PCI DSS) are basic information security practices that can be applied to the cloud environment in the same way as traditional environments, said Tabatha Greiner, executive consultant for global PCI quality assurance with Verizon.

  2. Breach at Korean gamer Nexon exposes data on 13 million subscribers

    A data breach at South Korean online gamer Nexon has exposed personal information on 13 million subscribers.

  3. ICO dishes out some of first public sector fines against two councils

    The Information Commissioner’s Office (ICO) has imposed some of its first fines against public bodies after staff with North Somerset Council and Worcestershire County Council sent highly sensitive personal information to the wrong recipients.

  4. Lyceum Capital acquires Clearswift

    Lyceum Capital, a private equity firm, has increased the total amount spent on IT industry investment this year to more than £100 million with the acquisition of data security vendor Clearswift.

  5. Four people arrested in connection with US terrorist-funded PBX hacking

    The FBI has revealed that four hackers were arrested in the Philippines last week in connection with an organized attack on the clients of telecoms giant AT&T in the US. Newswire reports suggest that the hacker crew was funded by terrorists linked to an Al Qaeda group that carried out the Bali bombings in 2002 and which killed 202 people.

  6. Solera head researcher slams malware authors for “lazy, repetitive malware scams”

    The director of security research with Solera Networks has called malware authors “mal-slackers” for their “lazy repetitive malware scams” they have created for this US Thanksgiving.

  7. BEAST-driven SSL attack not as bad as it seems claims Context

    Researchers at Context Information Security are playing down the level of risk to enterprises caused by the BEAST - Browser Exploit Against SSL/TLS – that was identified by researchers in late September.

  8. Acuity releases free PCI DSS compliance analysis software

    Acuity has taken the wraps off a free PCI DSS compliance analysis application that can be downloaded from its web site. The software is billed as being able to identify, assess, manage and report on risks to cardholder data.

  9. Kingston Technology says that secure encrypted USB sticks are no longer enough

    Research carried out by Kingston Technology claims to show that purchasing secure and encrypted USB sticks is no longer enough to defend data within a company environment.

  10. ISF publishes guide on risk-free Federated Identity & Access Management

    The Information Security Forum (ISF) has published a new report on Federated Identity and Access Management that describes the methodology that IT security professionals need to adopt when implementing the technology into their systems.

  11. Symantec reports one-click fraud has arrived on smartphones

    Do you want the good news, or the bad news first? The bad news is that one-click fraud has, at long last, arrived on smartphones. The good news (unless you live in Japan) is that the frauds are focused on Japanese language users of mobile phones.

  12. Fake iTunes updates demolish the idea that Apple iOS is secure

    The long-held belief that the Apple iOS platform is inherently secure due to Apple’s walled garden approach to software has been holed once again, this time by a security firm that has developed a method of sending Fake iTunes and Flash updates to iPhone and iPad users.

  13. Websense slams Motorola Android ad campaign on security grounds

    Websense has slammed the latest ad campaign from Motorola for its Droid Razr smartphone, citing the fact that the Android platform is secure.

  14. Lieberman Software president warns on silent update feature being developed for Firefox 10

    Mozilla is reported to be making inroads on adding a silent update mechanism to its popular Firefox desktop web browse, and plans to integrate the new service into Firefox 10 early next year, although this timeframe may slip a few months, the open source organization says.

  15. Prolexic mitigates world's largest packet-per-second DDoS attack

    Prolexic Technologies claims that it has successfully mitigated what it claims was the world's largest DDoS attack in packets-per-second (PPS) terms - 69 million packets-per-second and with an amazing 45 Gbps of traffic.

  16. Know your enemy: Staying one-step ahead of cyberthreats

    Advanced intelligence capabilities are crucial for organizations to stay one step ahead of cyberthreats, advised Rick Howard, general manager of VeriSign iDefense.

  17. ISO issues two new records management standards

    The International Organization for Standardization (ISO) has unveiled two new records management standards for storage and disclosure of corporate information.

  18. Krebs on Security website servers hit by DDoS attack

    The dangers of reporting on matters of a darker nature in the world of IT security were thrown sharply into focus today when security researcher Brian Krebs revealed he had experienced a sustained DDoS attack on his news servers.

  19. More than 150 data breaches uncovered in Norfolk and Suffolk, England

    A Freedom of Information request has uncovered more than 150 breaches of the UK Data Protection Act (DPA) since 2008 at police departments, city and county councils, and hospitals in Norfolk and Suffolk, England.

  20. Data security analysts' salaries to rise 6%, says Robert Half

    Salaries for data security analysts are predicted to rise 6% in 2012, while IT salaries overall are expected to increase 4.5% next year, according to research by Robert Half Technology.

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Why Your Organisation Needs Trusted Time Synchronisation

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?