Infosecurity News

  1. University of Wisconsin-Milwaukee admits to possible data breach affecting 75,000

    The University of Wisconsin-Milwaukee (UWM) has notified 75,000 students and staff members that their personal information, including social security numbers, may have been compromised as the result of a data breach.

  2. Sophos warns LinkedIn users to review their online data following privacy rule change

    Sophos has warned LinkedIn users of the need to be aware of a change to the business social networking site's privacy policy, apparently allowing the site to use member's names and photos in promotional advertisements. The change, says the IT security vendor, allows LinkedIn to use the information and pictures by default, meaning that users have to opt out of seeing their names and photos in the site's advertisements.

  3. Canadian Apple store refuses to return woman's stolen iPhone

    Here's an interesting – if cautionary – tale of how an Apple store in Canada apparently refused to hand back a stolen iPhone to a woman, despite police and Apple's database as confirming the hardware was registered to her.

  4. GFI senior threat researcher warns on cybercriminal sting offering low-cost versions of CCleaner

    GFI Software's senior threat researcher has warned about a Russian website that is apparently offering various low-cost versions of the CCleaner PC utility, which is widely used to remove unwanted files, fix problematic registry entries and the like. The only problem with the pirate site is that the software is infected with malware.

  5. ISO and IEC publish new standards on biometric data security

    The International Organization for Standardization (ISO) has teamed up with the International Electrochemical Commission (IEC) to publish joint security and privacy standards regarding the use of biometric data for authentication.

  6. New exploitation technique uses improper protocol specifications

    A new type of exploitation technique is making use of improper implementation of proprietary protocol specifications, warns an analysis by researchers from Alert Logic.

  7. Hong Kong Stock Exchange suspends trading after hackers close news website

    The Hong Kong Stock Exchange was forced to suspend afternoon trading in seven listed companies after the news portion of its website was hit by hackers.

  8. Malware-laden autowhaler spears cybercriminals preying on phishers

    A malware-laden autowhaler application unleashed to infect cybercriminals stealing from phishers, and a rogue anti-virus product offering up a fake codec suite for sale after it disables users’ video players, top GFI Software’s list of the most prevalent threats for July 2011.

  9. Government will crack down on rioters using social media, says PM David Cameron

    Prime minister David Cameron has said government will crack down on rioters using social networks to communicate, as Parliament was recalled from its summer recess to discuss the outbreak of violence this week.

  10. Security in the Post-PC era: smartphones and tablets require more security

    The smartphone, and increasingly the tablet, are fast becoming the primary device of choice for both personal and enterprise use. Infosecurity spoke with Omri Sigelman, VP of marketing and products for AVG Mobile Solutions, at last week’s Black Hat conference in Las Vegas to discuss the state of security in the rapidly changing ‘post-PC era’.

  11. Myanmar surprises as top source of malicious internet traffic

    Myanmar has come out of nowhere to top the list of sources of malicious internet traffic in Akamai’s State of the Internet report, the first time the country has ever appeared on the list.

  12. Anti-virus, firewalls and intrusion detection are no longer enough warns SANS security expert

    A leading IT security expert is warning companies that AV, firewalls and IDS technology may no longer be enough to defend company IT resources against attacks.

  13. Smart devices are shipping with security holes, say engineers

    Nearly 25% of engineers said they personally knew about security problems in their company’s smart devices that have not been disclosed to their customers and the general public, according to a recent survey by device security firm Mocana.

  14. Visa to waive PCI DSS compliance validation for US merchants that deploy chip-enabled terminals

    Effective Oct. 1, 2012, Visa is eliminating the requirement for US merchants to annually validate their compliance with the PCI Data Security Standard (PCI DSS) if 75% of the merchant’s annual Visa transactions originate from chip-enabled terminals.

  15. Cybercriminals steal – from each other

    The latest monthly malware and threats report from GFI Labs - the research operation of GFI Software - claims that cybercriminals are now stealing end user credentials from each other, as well as using complex new methodologies when seeking to infect end users' PCs.

  16. SpyEye trojan is revealed as credit card credential grabbing machine

    A security researcher with Computer Associates has carried out an in-depth analysis of the SpyEye trojan and concluded that the malware has been cleverly coded to hide the fact that it is really little more than a clever piece of credential-grabbing code.

  17. Researcher says MBR malware is back in fashion

    A Symantec security researcher is reporting that MBR – Master Boot Record – infections are now back in fashion amongst cybercriminals after several years of largely being ignored.

  18. Hampshire school data breach highlights need for multiple passwords

    A data breach at Bay House School in Hampshire has highlighted the importance of not using the same password for different websites and applications, say experts.

  19. New CSA registry enables cloud providers to demonstrate security controls

    Cloud providers can demonstrate their adherence to industry-standard security practices by applying for listing in the Cloud Security Alliance’s (CSA) new Security, Trust and Assurance Registry (STAR).

  20. Black Hat 2011: Security researchers hack iPad dongle to become card skimmer

    At the Black Hat 2011 event, which has just finished in Las Vegas, security researchers have shown how it is possible to hack a dongle for the iPad – which was originally designed to allow iPads to accept debit and credit card payments – to become a card skimming device.

Why Not Watch?

  1. Audit & Compliance in the Era of AI and Emerging Technology

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?