Infosecurity News
Poweliks Malware Hides in Registry to Evade AV Tools
Traditional security will not find this new threat, experts warn.
IcoScript RAT Hides Behind Yahoo! Email Addresses
The malware went undetected for years thanks to clever camouflage.
BlackHat USA 2014: Multi-factor Authentication Tackles BYOD Complexity
Authentify offers prioritization for biometrics and other authentication mechanisms.
Israeli Spies Tapped John Kerry’s Phone Calls – Report
Intelligence services eavesdropped on secretary of state during key peace talks, according to a German report.
GCHQ Announces First Master’s Degree Courses in Infosecurity
First milestone for government plan to improve higher education options and close skills gaps.
Mozilla Fesses up to Accidental Data Breach
Firefox developer exposed personal details of 76,000 users of its Developer Network
Citadel Evolves to Boost Persistency
The banking trojan has added use of remote desktop to evade security software.
Fiesta Exploit Kit Starts Delivering a Double Payload
Malware authors are looking for more bang for the buck.
Backoff PoS Malware is Crafty and Dangerous, US-CERT Warns
The card-scraping bug have been undetectable by AV systems so far.
Twitter Government Access Requests Jump 50%
Washington wants to know more about micro-blogging users than any other government, according to latest Transparency Report.
Russia Demands Apple and SAP Hand Over Source Code
Kremlin wants tech giants to prove they’re not a conduit for NSA spying.
Internet of Things Laid Bare: 25 Security Flaws Per Device
HP researchers discover 70% of the most common devices have vulnerabilities.
Crippling DDoS Hits Major Aussie Broadband Provider
Cirrus Communications had half of its network taken down by attack earlier this week.
Chinese Hackers Use APTs to Target Gaming Companies
TG-3279 group wants to play games for free or re-use source code in competing products, says Dell
Cloud Security Alliance Develops Assessment Spec for Third Parties
The STAR Attestation is aimed at CPA assessments.
DDoS-ers Launch Attacks From Amazon EC2
Cybercriminals exploit vulnerability in Elasticsearch software to infiltrate cloud instances.
Nation-E Readies Cybersecurity Center for Critical Infrastructure
The focus will be on training and disaster preparedness.
Bugcrowd Launches Open-source Disclosure Framework
The move is meant to encourage responsible vulnerability disclosure practices.
UK Drops Charges Against US Hacking Suspect Love
British man released from bail but another US indictment is filed as extradition pressure mounts.
C-Level Execs Concerned About Cybersecurity, But Not Investing in It
Time, interest and funding are all lacking despite the reputation hazards of a data breach.