Infosecurity News

  1. RSA Conference 2014: Intelligence Heavyweights Engage in Friendly Europe Bashing

    The US is not unique among nations when it comes to its intelligence gathering abilities. “We are just better” at it than most countries, according to Richard Clarke, the former presidential counter-terrorism adviser.

  2. RSA Conference 2014: Microsoft Does Not Put Backdoors in its Products says Charney

    In his keynote at the RSA Conference in San Francisco, February 25 2014, Scott Charney, VP of Microsoft’s Trustworthy Computing Group, insisted that Microsoft has not compromised its principles in order to work with the NSA

  3. RSA 2014: Art Coviello Addresses RSA/NSA Controversy in Keynote

    In the opening keynote at the RSA Conference 2014 in San Francisco, Art Coviello, Executive Chairman of RSA, gave his first public comments about RSA’s relationship with the NSA.

  4. Criminals Can Keylog an iPhone to Steal Passwords

    Last month, Trustwave's Neal Hindocha wondered whether cybercriminals could adapt to changes in user habits. In the PC world, a major tool for cyberthieves is the keylogger, used to capture passwords as they are entered at the keyboard. But users are switching to phones and tablets that have no keyboards. How, he wondered, would a keylogger work on a device with no keyboard?

  5. 80% of SOHO Routers Contain Vulnerabilities

    It has become increasingly obvious in recent months that routers are being targeted by attackers – even the NSA uses this attack vector as part of its Quantum Injection program. Now a new survey suggests that as much as 80% of the best-selling SOHO routers include vulnerabilities.

  6. ISACA Issues First COBIT 5 Audit Programs

    Global IT association ISACA has issued the first of more than 30 audit programs that will align with the COBIT 5 business framework, which helps enterprises govern and manage their information and technology.

  7. Tinder App Allowed Users to Precisely Locate Others

    Tinder is a very popular mobile dating app. It is designed to allow people to 'meet' virtually before deciding whether they would like to meet for real. Unfortunately, Tinder has a history of allowing one user to physically locate another, even if the approach has been rejected.

  8. 96% of Applications Have an Average of 14 Vulnerabilities

    The latest Cenzic report on application vulnerability trends shows that things aren't getting any better. All software has bugs, and almost all of them have bugs that are security vulnerabilities. In fact, on average, they have 14 separate vulnerabilities – a quarter of which are cross-site scripting flaws.

  9. Microsoft Pays Another $100K Bug Bounty

    Microsoft has paid out its second $100,000 bug bounty since launching its reward program in mid-2013. The award brings total payouts for the program to $253,000 in under a year.

  10. Zeus Trojan Now Hiding in Plain Sight – Using Pictures

    A new variant of the notorious Zeus banking trojan is making the rounds, with a new approach that uses steganography, a technique that allows it to disguise data inside of an existing file without damaging it.

  11. Scariest Search Engine on the Internet Just Got Scarier

    CNN Money described Shodan as "The scariest search engine on the Internet." Forbes called it a "terrifying search engine." Unlike Google, Shodan searches for internet-connected devices (which could have known vulnerabilities) rather than information. For those who believe this is scary, it just got scarier with the launch of Shodan Maps.

  12. 70% of Android Devices Vulnerable to a Remote Exploit

    Rapid7's Metasploit researchers have developed a new exploit for an old vulnerability that remains pervasive in the Android ecosystem some 9 months after it was patched by Google. With this new code, 70% of all Android users are vulnerable to a little social engineering and a remote takeover.

  13. Hundreds of Millions of Passwords are Compromised Yearly

    An analysis of compromised credentials posted to Pastebin suggests that hundreds of millions of passwords are being compromised by cybercriminals every year.

  14. Researcher Develops New Geographical Passwords

    Passwords do not keep our personal data safe. That much is empirically clear – the sheer volume of passwords that are stolen and the ease with which they are cracked demonstrates this on a weekly basis. But it is not the theory of passwords that fails, it is the human inability to use them wisely that is the weakness.

  15. Australia Offered Economic Espionage Results to the NSA

    Details from a newly disclosed document from the cache of Edward Snowden leaks demonstrates that the Australian spy agency (one of the Five Eyes) was monitoring a US law firm advising the Indonesian government on a trade dispute with the US in 2013 in a clear breach of attorney/client confidentiality – and offered that information to the NSA.

  16. Merkel and Hollande Propose a European Internet

    News outlets, such as the BBC, are reporting that Germany's Chancellor Angela Merkel "is proposing building up a European communications network to help improve data protection" and prevent European emails and other data passing through the United States where it can be, and has been, harvested by the NSA.

  17. The Syrian Electronic Army Hacked Forbes and Dumped 1 Million Credentials

    In a brief statement, Forbes said it had been compromised; that email addresses had been exposed (so beware of phishing attempts); and that passwords had been stolen ('encrypted', but change them anyway); and that law enforcement had been informed. It doesn't name the attackers, but there is more to this news.

  18. New IE 0-Day Used in Watering Hole Attack

    A new Internet Explorer 0-day exploit, apparently used by an old hacking group, was found to have been served by the compromised Veterans of Foreign Wars website. Similarities in the attack suggest the same group as that involved in operations DeputyDog and Ephemeral Hydra were behind the attack. That group is thought to emanate from China.

  19. Happy Valentine's Day: Scam Artists Turn to Online Dating

    Scam artists have for centuries preyed upon the tender affections of the lovelorn, stripping assets and leaving broken hearts in their wake. From the 18th Century classic "Les Liaisons Dangereuses" to the modern-day film "An Education" and Kanye’s “Gold Digger” anthem, popular culture has always shown us that the path to scam success often lies in matters of the heart.

  20. Trojanized Flappy Bird Wings Its Way to Android

    Flappy Bird may have had its wings clipped, but something else has risen, phoenix-like, in its place: a fake, weaponized version of the addictive iPhone and Android game.

Why not watch?

  1. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  2. Navigating Exposures in Energy ICS Environments

  3. New Cyber Regulations: What it Means for UK and EU Businesses

  4. Dispelling the Myths of Defense-Grade Cybersecurity

What’s hot on Infosecurity Magazine?