Infosecurity News

  1. With a Sale Looming, Struggling BlackBerry Joins FIDO Alliance

    Marking one of the first efforts by mobility specialists to get involved in the Fast IDentity Online (FIDO) Alliance, the industry consortium revolutionizing online authentication with the first standards-based specifications, BlackBerry has joined the alliance and been appointed to the board of directors.

  2. NSA and GCHQ Crack Majority of Encrypted Traffic

    Given the effort taken by the NSA and GCHQ spy agencies to monitor the greater part of the world’s internet traffic, it was never likely that they would simply ignore all of the encrypted traffic. The latest of the Edward Snowden files show that they did not.

  3. Hand of Thief Trojan Has No Claws

    The Hand of Thief (HoT) trojan made waves when it hit the Russian cybercrime underground in July, claiming to target all Linux distributions. But the commercial malware is more like a commercial nowhere: it turns out, the hand is easily amputated.

  4. Bugcrowd Snags $1.6 Million for Crowdsourcing Bug Hunting

    Crowdsourcing is big. Bug bounties are big. Why not put them together? San Francisco/Australia-based startup Bugcrowd says why not indeed.

  5. Barret Brown Gagged by Order of the Court

    The arrest and trial of Barret Brown, activist and one time self-styled voice of Anonymous, concerns activists and media alike: in theory he faces 100 years in jail for hiding his computer, threatening an FBI agent, and publishing an internet link.

  6. WikiLeaks Publishes Spy Files #3

    WikiLeaks has published its latest tranche of files, which it calls Spy Files #3, on the global covert surveillance industry: 249 documents from 92 intelligence contractors. The purpose is to shine “a light on the secretive mass surveillance industry.”

  7. Samsung Bundles Anti-virus into Android KNOX

    Samsung is looking to thicken the walls, as it were, in its Android KNOX security-hardened mobile devices, by bundling in enterprise anti-virus from Lookout Software.

  8. Vaz Tells SOCA to Publish the Blue Chip Hacking List

    Eighteen months after Operation Millipede closed with the successful prosecution of four rogue private investigators for illegally obtaining personal information, the UK's Serious Organized Crime Agency (SOCA) finally delivered a list of almost one hundred clients that had used the service of the PIs to the country's Information Commissioner's Office (ICO).

  9. Citi Ordered to Pay $55K to Connecticut over 2011 Data Breach

    The state of Connecticut has slapped Citi with a $55,000 settlement over a 2011 data breach that resulted in hackers gaining access to names, account numbers and e-mail addresses belonging to around 360,000 Citi North American credit card customers.

  10. Syrian Electronic Army defaces US Marine Website

    The Syrian Electronic Army's latest exploit has been to hack and deface a US Marines recruitment website. The defacement showed a series of photos with military-dressed personnel, faces obscured, holding handwritten messages.

  11. FinFisher Spyware Presentation Details Leaked

    FinFisher is a trojan spyware kit developed and marketed by the UK/German company Gamma Group. It is used by many governments around the world for surveillance purposes – and was notoriously found to be targeting Bahraini activists.

  12. A Q&A with MafiaBoy

    MafiaBoy was the internet alias of Michael Demon Calce, a high school student from Quebec, who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites including Yahoo!, Amazon.com, Dell, Inc., eBay, and CNN. Here, he talks about how he did it, the politics of cyberattacks, and the evolution of attack motivations and methods.

  13. Infosecurity Weekly News Update: 26 August - 2 September 2013

    Dan Raywood summarizes all of the top news headlines from the information security industry from the week commencing 26 August 2013.

  14. Tor is Not as Safe as You May Think

    A new research paper, due to be presented at the 20th ACM Computer and Communications Security Conference (CCS 2013) at Berlin in November, has demonstrated that over time Tor users can be discovered with a high degree of accuracy.

  15. Black Budget: NSA's Team of Elite Hackers Tasked with 'Sabotage'

    The Edward Snowden leak is the leak that keeps on giving for news organizations, apparently: New documents have been released that detail the National Security Agency and the CIA’s intelligence budget. And, perhaps not surprisingly, it points to the existence of an elite group of government hackers.

  16. Dropbox Hackable; Well, in a Way

    Two researchers have demonstrated that they can reverse engineer the Dropbox client and gain access to the user’s cloud storage. But first they have to own the user’s computer – and if they do that, they’ve probably got the files locally.

  17. ISACA Kicks Off COBIT 5 Assessor Certification

    Assessors are key figures in IT environments, ensuring that processes and policies are in place to support effective governance and management of information. But as ISACA knows, doing it well is every bit as complex as the IT environment itself – so you want to make sure those assessors have the appropriate skills, expertise and training in place.

  18. Facebook Hijacked to Spread Chrome, Firefox Browser Malware

    Facebook is being used to spread malware again, this time through messages claiming to be from friends wanting to share videos. The “video link” of course opens a door for hackers to hijack users’ Facebook accounts and web browsers.

  19. Breach Notification is Now EU Law for Communications Providers

    On 25 August, the EU’s new breach notification Regulation for electronic communication service (ECS) providers came into force. The Regulation supplements an earlier Directive that instructed ECS companies to notify their competent national authority in accordance with national laws.

  20. The Ponemon Institute: Most Organizations are Woefully Behind in Application Security

    When it comes to locking down enterprise infrastructure, the application layer is responsible for more than 90% of all security vulnerabilities, yet more than 80% of IT security spending continues to be at the network and endpoint layer, new research has found.

Why not watch?

  1. Securing Your Move to Hybrid Cloud Infrastructure

  2. New Cyber Regulations: What it Means for UK and EU Businesses

  3. The Future of Fraud: Defending Against Advanced Account Attacks

  4. Learn Key Strategies for Industrial Data Security

What’s hot on Infosecurity Magazine?