Infosecurity News

  1. The Stealthy Hardware Trojan that Can Affect Intel Ivy Bridge Processors

    A team from universities in the US, Netherlands, Switzerland and Germany have published research demonstrating that subtle changes below the gate level of chips can alter functionality in a controlled but covert manner.

  2. Mobile Pwn2Own to Pay $300K for iPhone and Android Zero-day Exploits

    Itching to jailbreak Apple's iOS 7? Ready to root a Samsung KNOX phone? Frothing at the mouth to show vulnerabilities in the iPhone 5S fingerprint reader? And get paid for it? Well if so, you’re in luck: HP’s Zero Day Initiative (ZDI) has announced the second annual Mobile Pwn2Own competition, to be held on November 13–14 of this year.

  3. Solving the TPM Uptake Challenge

    Trusted platform modules (TPM) have been around for more than 10 years, but adoption of them by users has been slow going. Led by Infosecurity magazine’s Drew Amorosi, a panel of industry experts came together at the Trusted Computing Conference in Orlando last week to discuss TPM adoption and the outlook for better uptake moving forward.

  4. OSINT: You Don't Need to Work for the NSA or GCHQ to Spy on People

    While the world has been hearing about the surveillance techniques of the spy agencies in the US and UK, the capabilities available to anyone through Open Source Intelligence (OSINT) products have been quietly expanding.

  5. Symantec to Revoke SSL Certificates Starting Oct. 1

    The deadline for abandoning SSL certificates with less than 2048-bit keys is approaching, and as of Dec. 31 of this year will be revoked. At least one vendor is setting an earlier deadline: for Symantec, it’s Oct. 1.

  6. Belgacom Hacked; NSA Involvement Suspected

    Coinciding with a report in De Standaard, Belgian telecoms firm Belgacom issued a statement yesterday saying it had successfully cleansed its internal network of "an unknown virus in a number of units in our internal IT-system."

  7. (ISC)² Dishes Out Latest Scholarships to Combat IT Security Workforce Lag

    The (ISC)² Foundation has announced the recipients of its 2013 information security scholarships.

  8. Medical ID Fraud Costs Consumers $12bn in Out-of-Pocket Costs

    With all of the debate in the US about Medicare and health insurance changes, it’s easy to overlook one big national healthcare issue that has life-threatening and hefty financial consequences: medical identity theft.

  9. Cyber-Gang Attempts Santander Bank Heist with $20 Device

    The term “bank heist” may conjure up an Ocean's 11-style strike involving laser alarms and perhaps even a contortionist or two, but the everyday reality is much more mundane. Take, for instance, the alleged plot by 12 men to steal millions from a branch of European bank Santander remotely, using a cheap and readily available keyboard video mouse device.

  10. NSA Shown to Operate a MITM Hack in Brazil

    In case any doubts remain, new Snowden revelations first published in Brazil, show that the NSA engages in economic espionage, uses mainstream hacking techniques, and spies on diplomats and the banking system.

  11. NCC Group CEO Launches £1m Charity Campaign

    Rob Cotton, the CEO of global information assurance firm NCC Group, has launched an ambitious new campaign to raise £1million for The Christie charity.

  12. NIST Says Don't Use our Crypto Algorithm

    Standing accused of NSA interference in its processes, and backdoors in its algorithms, NIST now says our crypto standards and processes are sound -- but don't use the elliptic curve algorithm.

  13. Twitter Announces Intention to Go Public

    Fittingly, Twitter tweeted its Thursday announcement: "We've confidentially submitted an S-1 to the SEC for a planned IPO. This Tweet does not constitute an offer of any securities for sale.” Now, back to work, it added.

  14. Defining and Selling Trusted Computing

    A panel of industry experts and members of the Trusted Computing Group (TCG) convened at the Trusted Computing Conference in Orlando this week to discuss the value behind common, hardware-based standards and why it has thus far been a tough sell for the industry

  15. Massive Data Breach Hits Millions of Vodafone Germany Customers

    One of the world’s largest corporations has been hit with a widespread data breach: Vodafone Germany said that personal information on more than two million mobile phone customers has been stolen, possibly by a company insider.

  16. BlackBerry Issues Four Security Advisories for BB 10 Devices

    BlackBerry prides itself on its reputation as providing a secure mobile option – but it too occasionally finds flaws. The company’s Security Incident Response Team (BBSIRT) has released four security advisories having to do with Adobe Flash Player, WebKit and libexif vulnerabilities.

  17. Massive Botnet is Behind Tor Usage Spike

    Despite speculation that Operation PRISM and concerns over NSA surveillance are spurring users to take up online privacy safeguards in droves, the sudden spike in usage for the Tor browser that began in August can be attributable to pretty much one thing: a massive botnet.

  18. Crackdown on Cybercriminals Equals Reduced Cybercrime in Russia

    The latest analysis from a major Russian security firm indicates that the Russian cybercrime market has contracted by 6% - down from $2,055 million in 2011 to $1,936 million in 2012.

  19. NSA to Recommend TPM Standard for Government Use

    The US National Security Agency (NSA) will advise that all IT products purchased by government agencies to protect information on national security systems make use of hardware-based trusted platform module (TPM) chips or security devices.

  20. Vast Majority of PCs have Java Vulnerabilities

    A vast majority – 81% – of Windows machines are running an outdated version of Java, leaving their users wide open to known exploits.

Why not watch?

  1. Securing Your Move to Hybrid Cloud Infrastructure

  2. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  3. Learn Key Strategies for Industrial Data Security

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?