Infosecurity News

  1. Hacking a Car with a $20 Gadget

    Much has been made of the connected car phenomenon, as more and more vehicles are now coming equipped with connections to cloud services for entertainment and monitoring via 4G or satellite connectivity. While this opens up a new cyber-front for hackers, it turns out that old-fashioned closed-system vehicles are hackable too.

  2. Whistleblower Blows Whistle on Barclays Bank

    A Snowden-style finance whistleblower, who seems to have grown a conscience, has blown the whistle on Barclays bank for the loss and subsequent mis-use of 27,000 files of detailed personal data on customers and potential customers. Those files reached the hands of rogue traders known as 'spank shops.'

  3. Imperva Buys Skyfence and Incapsula to Improve its Cloud Security Offering

    While launching a new cloud strategy, Imperva has simultaneously announced the acquisition of Skyfence (a cloud security start-up) and Tomium (a mainframe monitoring firm); and has agreed to buy the remaining shares in its majority owned subsidiary, Incapsula.

  4. Target Hackers May Have Gotten In Through the Air Conditioner

    More details of the Target breach continue to be revealed, with the latest intel pointing to the air conditioning guys being used as an entry point by the hackers. The hackers came in through the vents, so to speak.

  5. Bredo Botnet: Is it Coming Back?

    Earlier in the week, many consumers experienced a big spike in email spam volume – messages targeting containing financial malware that's familiar from the not-too-distant past.

  6. US and Belarus Take Home Top Honors in Spam Rankings

    The US is once again the world’s spammiest nation, topping the 2013 “Spampionship” league table published by Sophos.

  7. Barclays Leads in Web Security among UK Banks

    When it comes to banks, Barclay’s arguably has one of the highest profiles in the world, thanks to its sponsorship of the English Premier League. But it should be known for something else as well: it came in first in security functionality in Forrester Research’s review of the eight top UK bank and building society sites.

  8. GCHQ Used DDoS Attack on Anonymous' Communications

    A top secret presentation by GCHQ at a 2012 NSA conference called SIGDEV shows that the hitherto unknown GCHQ Joint Threat Research Intelligence Group launched a DDoS attack (called Rolling Thunder) on the IRC communications channels used by Anonymous and LulzSec.

  9. PoS Breaches Spread with Thousands Affected at Marriott and Holiday Inn Locations

    Target. Neiman Marcus. Michaels. The retail sector continues to crop up with point-of-sale (PoS)-led data breaches. But a new security breach affecting 14 Marriott, Holiday Inn, Westin, Renaissance and Radisson properties demonstrates that hospitality franchises are being targeted as well.

  10. Chewbacca Turns Up as Part of 11-Country Malware Campaign Against Retailers

    The Chewbacca keylogging malware has been spotted in the wild, and we don’t meet on Yavin 4 or Endor: it’s been uncovered as part of a global point-of-sale (PoS) malware campaign right here on Planet Earth.

  11. Personal Details of 800,000 Orange Users Stolen

    But not their passwords. Last Friday a French publication provided details on the data stolen from French mobile operator, Orange. The breach occurred on 16 January, and involved the loss of names, addresses, email addresses, phone numbers and 'household composition' for approximately 800,000 customers.

  12. Chaos Computer Club Files Criminal Complaint Against German Government

    Following its involvement in the complaint to the European Court over the UK government's use of mass surveillance via GCHQ, Germany's Chaos Computer Club has now filed a complaint with the Federal Prosecutor General's office against the German federal government alleging illegal covert activities.

  13. Bell Canada Hacked by NullCrew

    Bell Canada announced Sunday that "22,421 user names and passwords and 5 valid credit card numbers of Bell small-business customers were posted on the Internet this weekend." It claims that it was not directly breached, but that the "posting results from illegal hacking of an Ottawa-based third-party supplier." But there's more to the story.

  14. NSA/GCHQ Hacking Gets Personal: Belgian Cryptographer Targeted

    Belgian newspaper De Standaard reported Saturday that the federal prosecutor is investigating the hacking of Jean-Jacques Quisquater, a renowned cryptographer and professor at the Université catholique de Louvain, close to Brussels. The hack was discovered while the authorities were investigating the breach at Belgacom.

  15. Sex and Violence: Teens' Risky Online Behavior Increases Cyber-bullying

    Most parents worry about their kids’ online behavior, especially as news of Facebook suicide campaigns, sexting and other alarming digital phenomena dominate the headlines.

  16. Honey Encryption joins Honeywords and Honeypots in the Security Lexicon

    'Honey' is the traditional term used to indicate a 'decoy' in computing. Two researchers have now used the epithet to describe their process of hiding a true key within a large number of false keys, making brute forcing stolen databases considerably more tricky.

  17. Multi-platform Java Bot Provokes DDoS Floods

    A new malicious Java application aimed at fomenting widespread distributed denial-of-service (DDoS) attacks is making the rounds: a multi-platform bot capable of running on Windows, Mac OS and Linux.

  18. Google sells Motorola to Lenovo

    Patent stripping is a form of asset stripping – but less destructive. It seems to be what Google has done with Motorola. It bought Motorola for $12.5 billion in 2011, and announced an agreement yesterday to sell it to Lenovo for $2.91 billion – minus the patents.

  19. SpyEye Trojan Author Pleads Guilty As Charged

    The FBI announced yesterday that Aleksandr Andreevich Panin, aka 'Gribodemon' and 'Harderman' has pled guilty to charges accusing him of being the primary developer and distributor of the SpyEye banking trojan.

  20. Mozilla Patches Thunderbird Remote Exploit Vulnerability

    Mozilla Thunderbird, a free, open-source, cross-platform application for managing email and news feeds, has a critical validation and filter bypass vulnerability in version 17.0.6.

Why not watch?

  1. The Future of Fraud: Defending Against Advanced Account Attacks

  2. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  3. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  4. Securing Your Move to Hybrid Cloud Infrastructure

What’s hot on Infosecurity Magazine?