Infosecurity News

  1. Thousands of Home Modems Vulnerable to Credential-Stealing

    Researchers have discovered three information-disclosure vulnerabilities affecting thousands of home routers and Brocade load-balancers.

  2. FBI and Euro Cops Pounce to Cuff Blackshades Malware Users

    Coordinated campaign looks to lock down remote access tool.

  3. Scammers Sell Fake Kaspersky Lab Apps on Windows Phone and Google App Stores

    Cybercriminals package malware inside legitimate looking security software

  4. Mass-Mail Spam Carries Unusual Malware Payload

    A new, wide-net malware attack posing as an “important company update” is being spammed out, targeting Windows users. The campaign carries an unusual differentiator: it uses gadget files to do the dirty work.

  5. NIST Kicks Off Post-Snowden Crypto Standards Review

    The reverberations from Edward Snowden’s disclosures regarding the National Security Agency continue, with the National Institute of Standards and Technology (NIST) announcing it has begun a review of the institute’s cryptographic standards and guidelines program.

  6. Adobe’s Last XP-ready Patches Cover Critical Updates for Flash, Acrobat and Reader

    The software maker announces fixes for several remote code execution vulnerabilities.

  7. Spend on Testing Not Marketing says Fortinet

    Information security vendors should spend “less on marketing and more on testing”, John Maddison, VP marketing at Fortinet told Infosecurity at Infosecurity Europe 2014

  8. One Direction 'Free' Tickets Scam Heats Up Facebook

    Free Stones tickets? How about free One Direction tickets if you’re a little younger? A new Facebook bait-and-switch scam is spreading across friendship circles promising one or both; but users should file this one under 'too good to be true.'

  9. Email Attackers Switch to ‘Blitzkrieg’ Tactics to Maximize Impact

    Agari TrustIndex reports cyber gangs are increasingly 'weaponizing' their malicious emails with sophisticated threats

  10. Iran's Operation Saffron Rose Points to Increasing Cyber-espionage Sophistication

    FireEye has identified a hacking group inside Iran that is behind Operation Saffron Rose, one of the first espionage campaigns from Iran that went after US aerospace companies and Iranian opposition inside and outside of the country.

  11. NSA Accused of Installing Backdoors on US Tech Exports

    Latest Snowden revelations hit new spy agency head Mike Rogers’ attempts to promote greater transparency

  12. Fresh Phishing Scam Aims at Google Account Passwords

    Hackers have been stealing Google account passwords in a new and better crafted phishing attack that is hard to catch with traditional heuristic detection, warns Bitdefender. A particularity in how Google Chrome displays data using Uniform Resource Identifiers (URIs) makes Chrome users most vulnerable, however the phishing attack also targets Mozilla Firefox users.

  13. HMRC Acted Unlawfully in Hiding Details of Spyware Investigation

    Judge rules in favor of Privacy International after criticizing HMRC department for failing to reveal details of an investigation into British business Gamma International. The Andover-based firm was accused of breaking export restrictions.

  14. Point-of-Sale Malware Has Become Highly Sophisticated

    Point-of-sale (PoS) systems that process debit and credit cards for retail stores and restaurants are in the dubious limelight these days thanks to high-profile hacks at Target and elsewhere. But PoS malware has been lurking around for a very long time, evolving and getting smarter.

  15. Interview: Trey Ford, Global Security Strategist, Rapid7

    If you know of Trey Ford, it will probably be as former General Manager at Black Hat. But as of January 2014, he became global security strategist at Rapid7. At Infosecurity Europe, Infosecurity editor Eleanor Dallaway sat down with him to talk about the current threat landscape and the pros and cons of the information security industry.

  16. Cybercrime Boss Offers Ferrari Prize for Most Lucrative Online Attack

    New video highlights the problem legitimate organizations have in recruiting the best talent

  17. Heartbleed Bug Hits Industrial Control Systems

    The Heartbleed saga continues, this time with an industrial control element. ICS vendor Digi International has identified five products that are vulnerable to the bug, where attackers could obtain user credentials and cryptographic keys used to access the devices.

  18. Bitly Compromised; Users Warned to Reset Accounts

    Cyber-danger can be found in many places, including, apparently, basic social networking utilities. Link-shortening service Bitly has warned its users that their account credentials may have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens.

  19. Mobile Ransomware Gives Android Porn Fans the Willies

    Reveton-like malware tricks users into downloading from insalubrious sites. Experts say it could presage a more sophisticated campaign targeted at mobile users.

  20. Spammers Target Mobile Messaging Users in New Malware Blitz

    Kaspersky Lab reports increase in spam aimed at Whatsapp, Viber and Google Hangouts users

Why not watch?

  1. Learn Key Strategies for Industrial Data Security

  2. Securing Your Move to Hybrid Cloud Infrastructure

  3. Supply Chain Risk and Mitigation in Operational Technology

  4. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

What’s hot on Infosecurity Magazine?