Infosecurity News

  1. Google Swaps Out Crypto Ciphers in OpenSSL

    Google has incorporated a new TLS cipher suite in Chrome that operates three times faster than AES-GCM on devices that don’t have AES hardware acceleration, including most Android phones, wearable devices such as Google Glass and older computers. This improves user experience, reducing latency and saving battery life by cutting down the amount of time spent encrypting and decrypting data – but it also gives security a boost.

  2. Android Wallpaper Apps Hide Bitcoin Mining Malware

    Is your smartphone running low on battery for seemingly no reason? Are things taking longer to render or load? Your gadget could be secretly mining bitcoins, thanks to a piece of mobile malware in Google Play that quietly uses an Android phone’s processing power, while hiding behind innocuous-seeming wallpaper apps.

  3. GBGroup Acquires DecTech to Build Joint Identity and Fraud Portfolio

    Identity intelligence specialist GBGroup (GBG) is acquiring DecTech Solutions, an Australian provider of fraud detection, risk management and customer on-boarding solutions, for $34.4 million. Together they plan to deliver a joint identity and fraud solution and drive international expansion.

  4. NIST Releases Mobile App Vetting Tool

    The consumerization of IT and the bring-your-own-device phenomenon in the enterprise has given rise to concerns over data security stemming from risky mobile applications and unsecured devices. The US National Institute of Standards and Technology (NIST) is attempting to address the concerns with the launch of an open-source web application for managing the mobile app vetting process, dubbed AppVet.

  5. Fake Porn App is First SMS Trojan to Land on US Soil

    SMS trojans are starting to appear in more and more countries, and for the first time, researchers have detected an active SMS trojan in the US.

  6. Banking Trojans, Bitcoins and Espionage Dominate Recent Cyber-threats

    Mobile banking trojans! Bitcoin wallet attacks! Cyber-espionage threats! It turns out that these three cyber-baddies are developing their attack trajectories exactly as predicted for 2014.

  7. Samsung Galaxy S5 Fingerprint Hack Threatens Mobile Money

    The Samsung Galaxy S5 has been on the market for only a matter of days, with its highly anticipated fingerprint scanner that will work with PayPal for mobile purchases. But there’s just one problem: German researchers have managed to fool the scanner with a latex fingerprint spoof.

  8. Evolving DDoS Tactics Hijack Internet and Cause Attack Surge

    Purveyors of distributed denial of service (DDoS) attacks are chewing up more bandwidth than ever before, and, according to Akamai Technologies’ Prolexic Q1 2014 Global DDoS Attack Report, are looking to turn the internet into one on-demand botnet thanks to evolving techniques that can deliver a bigger punch with fewer resources.

  9. Samsung Joins FIDO Alliance, Creates FIDO-ready Galaxy S5

    Samsung and PayPal have announced that they will be using the S3 Authentication Suite from Nok Nok Labs to leverage the emerging Fast IDentity Online (FIDO) standards for mobile payments.

  10. Japan Awaits Its First Bitcoin ATM

    Japan's first bitcoin ATM will soon be landing in that country, earmarked for unveiling in Suzuka City, home of Japan’s Grand Prix event. From there, it will go on to a permanent location, to be determined.

  11. Stealer Trojan Becomes Mobile Malware Leader

    It’s no secret that mobile malware is growing exponentially, with Android bugs leading the way, but one stands out above the rest: The Trojan-SMS.AndroidOS.Stealer.a - better known as 'Stealer' - has become a leader in terms of the number of attempted infections on user devices monitored by Kaspersky Lab.

  12. CloudFlare Launches Bug-Hunting Program

    CloudFlare has launched a vulnerability disclosure program, facilitated by HackerOne’s bug reporting platform. The vendor is inviting the security community to report any flaws members may have discovered, track CloudFlare’s progress in addressing it, and receive confirmation when it has been fixed.

  13. Siemens among Industrial Control Systems Vulnerable to Heartbleed Flaw

    The Heartbleed flaw in OpenSSL is continuing to leave gaping holes in the security perimeter for organizations worldwide, including within industrial control systems. It turns out that certain Siemens and Innominate ISC products are vulnerable to this latest threat.

  14. Disintegration of Trust in Cyberspace Must Drive New Security Attitudes

    The revelations in 2013 that governments and their agencies have been spying on citizens in the name of national security have seriously undermined trust when it comes to operating in cyberspace, according to the Information Security Forum (ISF).

  15. Netflix Scam Uses Elaborate Tech Support Ruse

    Netflix is being used in a new phishing scam that lures victims into calling a “tech support” line, connecting to a live human that proceeds to probe around the user’s PC and lift information, behind an elaborate cover.

  16. Qualys Previews Its Infosecurity Europe 2014 Line-up

    Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions with over 6,700 customers worldwide, will be exhibiting at Infosecurity Europe 2014, which takes place in Earl’s Court, London, from April 29 through May 1.

  17. Heartbleed May Have Led to Compromises at Mumsnet and Canada Revenue Agency

    The scourge of Heartbleed, which may affect nearly two-thirds of websites, is continuing apace with data exposures at leading UK parenting site Mumsnet and the Canadian tax agency.

  18. Mandiant: China-backed Cyber Threats Show No Signs of Abatement

    More than a year after security firm Mandiant caused a stir by publishing a report that alleged China was behind widespread and increasingly sophisticated cyber-espionage projects, it’s back again to tell us that things have gone from bad to worse.

  19. HeartBleed 101

    The major security flaw known as Heartbleed, which may affect nearly two-thirds of websites online, threatens to expose masses of usernames, passwords and other sensitive information worldwide. And, predict experts, the ramifications will be with us for years.

  20. Android Flaw Allows Home Screen Icons to be Hijacked

    A fresh Android vulnerability dubbed “occupy your icons” by mobile researchers has been uncovered. It allows a malicious app to replace legitimate Android home screen icons with fake ones that point to phishing apps or malware-serving websites.

Why not watch?

  1. Learn Key Strategies for Industrial Data Security

  2. Securing Your Move to Hybrid Cloud Infrastructure

  3. The Future of Fraud: Defending Against Advanced Account Attacks

  4. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

What’s hot on Infosecurity Magazine?