Infosecurity News

  1. Jericho Forum unveils best practice identity commandments

    The Jericho Forum has taken the wraps off a set of best practice identity principles - enshrined in a set of commandments - which seek to lay down the ground rules for IT security professionals when dealing with the complex world of digital identities.

  2. Facebook flaws leaks millions of data elements to third parties claims researcher

    The reputation of the apparent cybercriminal's playground that is Facebook took another battering this week after a Symantec researcher revealed that as many as 100,000 Facebook applications are leaking data to third parties.

  3. Organizations not equipped to prevent DDoS attacks, DNS failures

    Many organizations are not equipped to prevent and respond to web infrastructure failures caused by distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, according to research commissioned by VeriSign.

  4. WebGL opens browser to attacks that can disable computer

    A researcher at the Context Information Security consulting firm has identified a number of serious vulnerabilities in the new WebGL 3D graphics standard enabled by default in Firefox 4 and Google Chrome browsers, and as an option in the Apple Safari browser.

  5. FERC wants more power to protect electric grid from cyber attacks

    The Federal Energy Regulatory Commission (FERC) is looking to expand its authority to protect the electrical grid against cyber attacks.

  6. Sony Ericsson posts info on hacking Xperia Android phones

    In a move that has caused raised eyebrows in the smartphone industry, Sony Ericsson has posted detailed information on how to hack its Xperia range of Android smartphones.

  7. TalkTalk introduces first ISP-level malicious URL filtering service

    TalkTalk, a third-party telco and broadband supplier, has launched the UK's first ISP-level broadband security service.

  8. Context discovers security flaws in WebGL technology

    Context Information Security claims to have discovered a range of security flaws in WebGL technology, a web-based extension to the JavaScript programming language that allows 3D graphic images to appear with users’ web browsers.

  9. Curiosity kills the cat as hackers use new infection techniques

    Hackers appear to be using social networking and news trending topics, judging from a recent analysis from Luis Corrons, technical director with Panda Security, who notes that the death of Osama bin Laden and the Royal Wedding have been used as lures in the last few weeks.

  10. LastPass hits the master password change button after alert

    LastPass, the popular online password management service, has started the lengthy process of forcing members to undergo master password changes following anomalies on its inter-server data logging systems.

  11. FBI says audit does not reflect cyber investigation capabilities

    The FBI says an audit finding insufficient national cybersecurity investigation skills does not reflect current expertise and results.

  12. Sony says evidence suggests Anonymous was behind massive data breach

    Sony said that it appears the massive data breach affecting 100 million of its PlayStation Network (PSN) and Sony Entertainment Online (SOE) customers may have been carried out by the hacker group Anonymous, although the group denies responsibility.

  13. Android trojan infection methodology explained

    Hard on the heels of a welter of Google Android malware stories, data security specialist Imperva says its research team has discovered how cybercriminals are using Android apps to infect users with trojans.

  14. Fortinet threat report shows CoreFlood botnet infecting 2.3 million users

    The latest monthly threat report from Fortinet claims that 2.3 million PCs were infected by the CoreFlood botnet, which was dismantled recently by an FBI sting operation. In addition, the report claims to show that Russian domain pharma sites now dominate the spam selling scene.

  15. LastPass hits the master password change button after alert

    LastPass, the popular online password management service, has started the lengthy process of forcing members to undergo master password changes following anomalies on its inter-server data logging systems.

  16. Companies can take steps to fix flaws without patches

    Companies can take steps to mitigate vulnerabilities without using patches or other expensive remedies, said Marc Maiffret, chief technology officer at eEye Digital Security.

  17. Sony admits to week delay in notifying public about data breach

    In a letter to Congress, Sony admitted to a delay of a week in providing information to the public, law enforcement, and state regulatory authorities about the hack of its servers, which exposed the personal information of 100 million customers.

  18. Check Point reveal top security challenges for 2011

    At the Check Point Experience in Barcelona on 4th May 2011, John Vecchi, head of product marketing for Check Point, shared his thoughts on the top information security trends and challenges for 2011.

  19. APT-driven zero-day attacks tapped by RSA hackers says researcher

    It looks as though cybercriminals are starting to get to grips with the advanced persistent threats (APT) attack strategies first outlined by Stonesoft late last year. And, says one security researcher, they are linking the strategy with zero-day attacks for maximum effect.

  20. First dynamic firewall in beta test for Android

    Following on from the release of the first full disk encryption app for Google Android back in March, Whisper Systems is now also developing a dynamic firewall app for the smartphone platform.

Why Not Watch?

  1. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?