Infosecurity News

  1. Visa to waive PCI DSS compliance validation for US merchants that deploy chip-enabled terminals

    Effective Oct. 1, 2012, Visa is eliminating the requirement for US merchants to annually validate their compliance with the PCI Data Security Standard (PCI DSS) if 75% of the merchant’s annual Visa transactions originate from chip-enabled terminals.

  2. Cybercriminals steal – from each other

    The latest monthly malware and threats report from GFI Labs - the research operation of GFI Software - claims that cybercriminals are now stealing end user credentials from each other, as well as using complex new methodologies when seeking to infect end users' PCs.

  3. SpyEye trojan is revealed as credit card credential grabbing machine

    A security researcher with Computer Associates has carried out an in-depth analysis of the SpyEye trojan and concluded that the malware has been cleverly coded to hide the fact that it is really little more than a clever piece of credential-grabbing code.

  4. Researcher says MBR malware is back in fashion

    A Symantec security researcher is reporting that MBR – Master Boot Record – infections are now back in fashion amongst cybercriminals after several years of largely being ignored.

  5. Hampshire school data breach highlights need for multiple passwords

    A data breach at Bay House School in Hampshire has highlighted the importance of not using the same password for different websites and applications, say experts.

  6. New CSA registry enables cloud providers to demonstrate security controls

    Cloud providers can demonstrate their adherence to industry-standard security practices by applying for listing in the Cloud Security Alliance’s (CSA) new Security, Trust and Assurance Registry (STAR).

  7. Black Hat 2011: Security researchers hack iPad dongle to become card skimmer

    At the Black Hat 2011 event, which has just finished in Las Vegas, security researchers have shown how it is possible to hack a dongle for the iPad – which was originally designed to allow iPads to accept debit and credit card payments – to become a card skimming device.

  8. Future of SSL in doubt? Researcher Marlinspike unveils alternative to certificate authorities

    Noted security researcher and hacker Moxie Marlinspike slammed the certificate authorities at last week’s Black Hat conference in Las Vegas, just before he introduced his own alternative for authenticating secure web communications.

  9. Trojanised Android app seen checking for keywords in text messages

    A threat analyst with Trend Micro claims to have spotted a trojanised Android app in the wild that checks for keywords in text messages, and relays the data back to remote hackers.

  10. Dell SecureWorks says 60 families of APT malware traced back to China

    After researching the growing problem of APTs (Advanced Persistent Threats) – a security issue first discovered by StoneSoft late last year - Dell SecureWorks claims to have revealed around 60 different types of families of custom malware that use APTs as their infection vehicle.

  11. DefCon 19: 10-year-old code cracker reveals zero-day smartphone gaming security flaw

    A 10-year-old code cracker taking part in the first Defcon kids event over the weekend – part of the DefCon 19 event that has just taken place in Las Vegas – has reportedly discovered a zero-day flaw in the way the iOS and Android smartphone/tablet operating systems rely on the system clock.

  12. US standards body issues warning to energy suppliers over cyber attacks

    A US energy industry standards body has warned suppliers to improve their defences against cyber attacks.

  13. Anonymous hacker group publishes data stolen from US police departments

    Hacktivist group Anonymous and its offshoot LulzSec have published information stolen from rural US police departments in revenge for recent law enforcement actions.

  14. California adopts nation’s first privacy and security rules for smart grid customer data

    The California Public Utilities Commission (CPUC) has adopted the first privacy and security protections for customer data on smart grid electricity networks in the US.

  15. Trusteer claims to have wiped banking malware from 1.6 million users' PCs.

    In-browser security specialist Trusteer is reporting that, a year after adding malware removal to its Rapport software, it has successfully removed banking trojans and similar malware from around 1.6 million users' PCs.

  16. Black Hat 2011: Google Android as vulnerable to drive-by downloads as PCs claims Dasient Research

    Dasient Research claims that mobile apps running on the Android platform are as vulnerable to drive-by download security attacks as the software loaded onto desktop PCs.

  17. Black Hat 2011: Busting a security myth – Macs more vulnerable to network attacks

    With organizations off all stripes seeking to defend against advanced persistent threats (APTs), a team of researchers from iSEC Partners put the Mac OS X operating system head-to-head with Windows to see how each performs in the realm of enterprise security.

  18. New Android botnet Identified

    The world of security threats is changing, as the smartphone is now entering the frame as a vehicle for security attacks. That's the underlying message from the latest Fortinet threat landscape report, which claims that a new Android botnet has been seen in the wild.

  19. NIST seeks help in testing iPad, iPhone security for government use

    The National Institute of Standards and Technology (NIST) is launching a pilot program to test the security of the Apple iPad and iPhone for government use.

  20. Webroot offers free mobile banking security to Android users

    Webroot has extended its mobile security applications to its partners in banking in order to protect their customers who use tablets and smartphones to conduct mobile banking.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

What’s Hot on Infosecurity Magazine?