Infosecurity News
Hackers use Buffer to Send Out Spam on Twitter and Facebook
Buffer, a social media app, allows its users to schedule and automatically post updates to social media sites such as Facebook and Twitter. Over the weekend it started posting weight-loss spam tweets and posts.
Researchers: LinkedIn Intro is a Man-in-the-Middle Attack
LinkedIn has released a new product called Intro, which shows users' LinkedIn profiles from inside the native iPhone mail client. Members can, at-a-glance, see the profile picture of the person who’s emailing, learn more about their background, and connect on LinkedIn. It sounds like another step in the march to hyper-connected convenience, but at least one research group has raised security concerns over the functionality.
44% of Americans Don't Sign Their Credit and Debit Cards
More than two in five Americans (44%) have chosen not to sign the back of their credit or debit cards, instead writing “see ID” or leaving it blank. However, the tactic is not achieving its intended outcome, as 87% of respondents report that majority of the time they make a purchase with their cards, they are not asked to present proof of ID.
Google Blocks PHP.net – Claims it Serves Malware
Google's Safe Browsing Tool, used by Chrome, Firefox and Safari to protect users from sites serving malware, yesterday blocked php.net, home of the hugely popular open-source PHP programming language.
(ISC)² Names Inaugural Winners of USA Cyber Warrior Scholarships
The (ISC)² Foundation, the nonprofit charitable trust of (ISC)², today announced the inaugural recipients of the 2013 USA Cyber Warrior Scholarship, a program developed in partnership with Booz Allen Hamilton to help close the cybersecurity workforce gap by providing career training to qualified veterans who served in the US military.
More Network Solutions Problems: Bouncing Emails and Website Outages
Network Solutions has had more than a few problems recently. In July a DDoS attack affected some of its servers; this was followed by internal MySQL problems. Then came the DNS hijack affecting some major customers earlier this month.
SMS Spam Report Highlights Football Betting and Payday Loan Spam
Payday loans and sports betting – the latter hitting new heights with the start of the football season – are behind the majority of messaging spam received in the UK.
A DDoS Attack Could Cost $1 Million Before Mitigation Even Starts
A new report suggests that companies are unaware of the extent of the DDoS threat, unaware of the potential cost of an attack, and over-reliant on traditional and inadequate in-house defenses.
SQL Injection and Cross-site Scripting Attacks Surge in Q3
Cross-site scripting (XSS) and SQL injection activity is up 32% in the third quarter, as those with malicious intent look to specifically target web-facing and cloud applications carrying sensitive information about organizations and their customers.
UN Nuclear Agency Computers Infected with Malware
The International Atomic Energy Agency (IAEA) has admitted that some of its computers have been infected with malware for at least the last few months, but denies that any sensitive data regarding its nuclear inspections has been compromised.
Google and Arbor Networks Team Up on DDoS Digital Attack Map
Distributed denial-of-service (DDoS) attacks are getting more frequent and harder to detect. To help companies keep up with daily threat levels, Arbor Networks has collaborated with Google Ideas to create a data visualization map of global attacks.
Consumers Take Their Business Elsewhere After a Data Breach
The costs of data breaches have been well-documented when it comes to remediation and consulting costs, but the more qualitative fallout from a breach, like the impact to brand identity, is harder to pin down.
European Civil Liberties Committee Approves Current Draft Data Protection Regulation
Edward Snowden's leaked information on the character and extent of NSA surveillance brought new impetus to the European Commission's proposed new General Data Protection Regulation, which had been floundering under the weight of extensive US government and business lobbying.
25 New SCADA Flaws Emerge in Critical Infrastructure
Researchers have found at least 25 new vulnerabilities in SCADA software, which controls critical infrastructure that, among other things, keeps clean water and reliable heat and electricity flowing to houses.
TalariaX Receives Renewed Certification as RSA SecurID Partner
Singapore-based TalariaX, and its sendQuick appliance-based SMS gateway, will continue as a SecurID partner for RSA Authentication Manager 8
One-in-Five 9–11 Year-Old Children Admit to Meeting a Stranger They Speak to Online
Today is the first day of Get Safe Online Week 2013, "an annual awareness campaign organized by Get Safe Online (GSOL) to reinforce the fact that people can stay online safely just by following some simple precautions." But neither adults nor children are yet doing so.
The RU:8080 Gang Kicks Off a New Dropbox Password Reset Campaign
Email scams are often given away by poor grammar and typos. AppRiver, however, has discovered a new scam that looks more than usually professional. It's an email that says, "You recently requested a link to reset your Dropbox password. The old one is now marked as "dangerous".
2014 SANS Training Calendar Announced
The SANS Institute has announced an enhanced calendar of training events across Europe for 2014.
Data Breach at Royal Vet College Prompts ICO BYOD Warning
In the wake of a data breach at the Royal Veterinary College, the UK’s Information Commissioner’s Office (ICO) is warning organizations they must make sure that their data protection policies reflect how the modern workforce are using personal devices for work.
Cyber Security Challenge and WSS Celebrate Female Code-breakers at Bletchley Park
On Friday 11th October 2013, veterans, women in top security positions and the next generation of cyber defenders met at the home of British code-breaking, Bletchley Park.
