Infosecurity News

  1. VA has failed to fix information security gaps for over a decade, says GAO

    For more than a decade, the Department of Veterans Affairs (VA) has failed to fix information security problems identified by the Government Accountability Office (GAO), as well as the VA’s Office of the Inspector General, the VA’s independent auditor, and the department itself, the GAO told a House panel.

  2. Jericho Forum professional explains challenges ahead in digital security

    James Whyte, head of IT service delivery with F&C Investments, and a member of the Jericho Forum, says that there is now a clear need for an effective - and secure - digital ecosystem in cyberspace.

  3. Zeus source code: from $100K to free in a matter of months

    Reports are coming in that the source code for Zeus, a long-running trojan that has been modified many times since the summer of 2007, is now available on several underground forums.

  4. Facebook flaws leaked data to third parties, claims researcher

    The reputation of the apparent cybercriminal's playground that is Facebook took another battering this week after a Symantec researcher revealed that as many as 100,000 Facebook applications are leaking data to third parties.

  5. Theft of Michaels' customer card numbers extends nationwide

    The theft of credit and debit card numbers from PIN-pad tampering at Michaels stores in the Chicago area extends nationwide, the company admitted this week.

  6. Canadian government is vulnerable to WikiLeaks-type data breach, report warns

    The Canadian government is vulnerable to a security breach similar to the US government’s WikiLeaks snafu that resulted in the leak of hundreds of thousands of sensitive documents, concluded an internal government report.

  7. Alarm bells sound on Microsoft acquisition of Skype

    Microsoft's acquisition of Skype for $8.5 billion has not gone down well in some quarters, with some experts questioning the wisdom of allowing the Redmond giant access to such a massive unified communications service.

  8. Jericho Forum unveils best practice identity commandments

    The Jericho Forum has taken the wraps off a set of best practice identity principles - enshrined in a set of commandments - which seek to lay down the ground rules for IT security professionals when dealing with the complex world of digital identities.

  9. Facebook flaws leaks millions of data elements to third parties claims researcher

    The reputation of the apparent cybercriminal's playground that is Facebook took another battering this week after a Symantec researcher revealed that as many as 100,000 Facebook applications are leaking data to third parties.

  10. Organizations not equipped to prevent DDoS attacks, DNS failures

    Many organizations are not equipped to prevent and respond to web infrastructure failures caused by distributed denial of service (DDoS) attacks and Domain Name System (DNS) failures, according to research commissioned by VeriSign.

  11. WebGL opens browser to attacks that can disable computer

    A researcher at the Context Information Security consulting firm has identified a number of serious vulnerabilities in the new WebGL 3D graphics standard enabled by default in Firefox 4 and Google Chrome browsers, and as an option in the Apple Safari browser.

  12. FERC wants more power to protect electric grid from cyber attacks

    The Federal Energy Regulatory Commission (FERC) is looking to expand its authority to protect the electrical grid against cyber attacks.

  13. Sony Ericsson posts info on hacking Xperia Android phones

    In a move that has caused raised eyebrows in the smartphone industry, Sony Ericsson has posted detailed information on how to hack its Xperia range of Android smartphones.

  14. TalkTalk introduces first ISP-level malicious URL filtering service

    TalkTalk, a third-party telco and broadband supplier, has launched the UK's first ISP-level broadband security service.

  15. Context discovers security flaws in WebGL technology

    Context Information Security claims to have discovered a range of security flaws in WebGL technology, a web-based extension to the JavaScript programming language that allows 3D graphic images to appear with users’ web browsers.

  16. Curiosity kills the cat as hackers use new infection techniques

    Hackers appear to be using social networking and news trending topics, judging from a recent analysis from Luis Corrons, technical director with Panda Security, who notes that the death of Osama bin Laden and the Royal Wedding have been used as lures in the last few weeks.

  17. LastPass hits the master password change button after alert

    LastPass, the popular online password management service, has started the lengthy process of forcing members to undergo master password changes following anomalies on its inter-server data logging systems.

  18. FBI says audit does not reflect cyber investigation capabilities

    The FBI says an audit finding insufficient national cybersecurity investigation skills does not reflect current expertise and results.

  19. Sony says evidence suggests Anonymous was behind massive data breach

    Sony said that it appears the massive data breach affecting 100 million of its PlayStation Network (PSN) and Sony Entertainment Online (SOE) customers may have been carried out by the hacker group Anonymous, although the group denies responsibility.

  20. Android trojan infection methodology explained

    Hard on the heels of a welter of Google Android malware stories, data security specialist Imperva says its research team has discovered how cybercriminals are using Android apps to infect users with trojans.

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?