Infosecurity News

  1. Netflix Scam Uses Elaborate Tech Support Ruse

    Netflix is being used in a new phishing scam that lures victims into calling a “tech support” line, connecting to a live human that proceeds to probe around the user’s PC and lift information, behind an elaborate cover.

  2. Qualys Previews Its Infosecurity Europe 2014 Line-up

    Qualys, Inc., a pioneer and leading provider of cloud-based security and compliance solutions with over 6,700 customers worldwide, will be exhibiting at Infosecurity Europe 2014, which takes place in Earl’s Court, London, from April 29 through May 1.

  3. Heartbleed May Have Led to Compromises at Mumsnet and Canada Revenue Agency

    The scourge of Heartbleed, which may affect nearly two-thirds of websites, is continuing apace with data exposures at leading UK parenting site Mumsnet and the Canadian tax agency.

  4. Mandiant: China-backed Cyber Threats Show No Signs of Abatement

    More than a year after security firm Mandiant caused a stir by publishing a report that alleged China was behind widespread and increasingly sophisticated cyber-espionage projects, it’s back again to tell us that things have gone from bad to worse.

  5. HeartBleed 101

    The major security flaw known as Heartbleed, which may affect nearly two-thirds of websites online, threatens to expose masses of usernames, passwords and other sensitive information worldwide. And, predict experts, the ramifications will be with us for years.

  6. Android Flaw Allows Home Screen Icons to be Hijacked

    A fresh Android vulnerability dubbed “occupy your icons” by mobile researchers has been uncovered. It allows a malicious app to replace legitimate Android home screen icons with fake ones that point to phishing apps or malware-serving websites.

  7. SANS’ Eric Cole Gets Infosecurity Europe Hall of Fame Nod

    Dr. Eric Cole, SANS Instructor and security consultant, will be this year’s lone inductee into the Infosecurity Europe Hall of Fame

  8. Masergy Acquires Global DataGuard

    Managed services provider Masergy has acquired advanced security services provider Global DataGuard in a move that significantly ramps up its security portfolio.

  9. Investment Firm Snaps Up Encryption Specialist Cryptzone

    Medina Capital, the equity investment firm focused on the IT infrastructure sector, is fleshing out its security portfolio with the purchase of Cryptzone. The publicly traded company offers encryption and identity and access management (IAM) solutions.

  10. Windows XP Support is Over, but the Finance Industry Persists in Using It

    Today marks the end of support for Windows XP by Microsoft, and the beginning of a bonanza for hackers who will be targeting the vulnerable machines. XP usage has dropped across the board as companies upgrade, but new analysis shows that here’s still plenty of work to be done.

  11. Eight Indicted in Wide-ranging ID Theft Conspiracy

    Eight defendants in Florida are facing a 22-count indictment charging them with participating in a conspiracy to steal personal identifying information, and using it to make unauthorized wire transfers from the victims' bank accounts. They are also charged with obtaining unauthorized credit and debit cards.

  12. Microsoft to Start Blocking Adware

    Pop-up ads that come as part of software packages are incredibly annoying, but they can also be dangerous and act as a top conduit for distributing malware. Microsoft is accordingly making some changes to the way it classifies adware, and will begin blocking it from user machines starting in July.

  13. Exploit Kits and Redirection Anchor the Data Theft 'Kill Chain'

    There is a growing global criminal-infrastructure-as-a-service economy being perpetrated through exploit kits and compromised website redirection chains – with billions of attacks adding to cybercriminals' sophistication and ability to evade detection. According to the latest Websense Security Labs 2014 Threat Report, the infrastructure of an attack campaign is now typically constantly developed, enhanced and reused throughout the entire threat lifecycle.

  14. Botnets Take to Mobile Dating App Tinder to Flirt and Hurt

    A series of bots have invaded the Android version of dating app Tinder, and are spreading dangerous downloads after luring users with tempting profiles and pictures stolen from an Arizona-based photography studio.

  15. Microsoft and secunet Team Up on Secure Tablet

    secunet and Microsoft Germany are showing how a reliable, highly secure and ultra-mobile solution can become reality through a combination of security technology made in Germany and a high-performance tablet.

  16. Kaspersky Unveils Interactive Cyberthreat Map

    The trend toward visualizing virtual threat data continues with an interactive cyberthreat map from Kaspersky Lab, which displays cybersecurity incidents occurring worldwide in real time.

  17. Insider Leaks 1,000-page Dossier on BBC Confidential Sources

    The UK’s Information Commissioner’s Office has been asked to investigate alleged breaches of data protection laws after a former employee of Films on Record leaked a 1,000-page dossier of confidential information and source material from the BBC to the Mayor of Tower Hamlets.

  18. 'Online Learning' Scam Delivers Bogus Card Charges

    A prolific international scheme designed to fleece unwary consumers with bogus sub-$15 charges is making the rounds, according to security researcher Brian Krebs. The common thread? The victims have all paid for online learning tools, but instead have been subjected to multiple junk charges from a company called “BLS Weblearn.”

  19. Tesla Electric Vehicle Owners Should Beware the Phish

    Connected cars are continuing to wheel their way into consumer lives, with some, like Elon Musk’s Tesla line of electric vehicles, serving as prototypes for the Internet of Things (IoT)-enabled future. Sleek, sustainable and connected, the Tesla Model S is a futuristic automobile, with a robust set of communications capabilities. But because it connects with car owners and the Tesla infrastructure using a variety of TCP/IP mechanisms, one researcher is highlighting potential security issues.

  20. Sally Beauty Data Breach Larger than Originally Thought

    The Sally Beauty data breach is likely larger than the 25,000 records the cosmetic supply company originally thought had been compromised. It has issued a statement noting that the unauthorized intrusion into its network it detected on March 5 may have affected a larger number of additional records containing payment card data.

Why not watch?

  1. Alert Fatigue: What Are You and Your Security Teams Missing?

  2. New Cyber Regulations: What it Means for UK and EU Businesses

  3. How to Manage Your Risks and Protect Your Financial Data

  4. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

What’s hot on Infosecurity Magazine?