Infosecurity News

  1. Investigation into the Tesco 'Hack'

    More than 2000 Tesco user credentials complete with the monetary value of earned vouchers were anonymously posted on Pastebin on Wednesday (still there at the time of writing this). The question is, how were they acquired: from reused passwords obtained from other breaches; or directly from Tesco?

  2. Anti-theft Software Could Be Attackers' Conduit to Millions of PCs

    A useful cyber-defensive utility can be turned into a powerful tool for cyber-attackers in the form of full access to millions of users' computers, according to research from Kaspersky Lab regarding an element of Absolute Software’s anti-theft software

  3. UK lags behind US in Security Preparedness and Attitudes

    Just 17 per cent of UK business leaders see cyber security as a major priority, compared to 41 per cent in the US, according to new research from BT. This comes from a survey of 500 IT decision makers in medium to large organizations across seven countries undertaken by Vanson Bourne for BT in October 2013.

  4. Dropbox Transparency Report Includes Secret FISA Court Requests

    Online file-sharing service Dropbox, like other cloud-based tech providers, has been allowed to disclose national security requests for user information for the first time. In its latest transparency report, it said that it fielded 249 or fewer national security requests from the US government in 2013. These include National Security Letters and orders issued under the Foreign Intelligence Surveillance Act (FISA orders).

  5. Sophos Acquires Cyberoam to Boost Layered Defense Portfolio

    Anti-virus company Sophos has announced that it has acquired Cyberoam, a fellow player in the network security market that specializes in unified threat management (UTM) and security information and event management (SIEM).

  6. PCI DSS Compliance is Improving, But Not Yet Good Enough

    Verizon has published its third report into the state of PCI DSS conformance drawn from an analysis of compliance assessments for more than 500 companies around the world. The result shows that compliance is improving, but that the majority of companies that accept payment cards still fail to maintain PCI security standards.

  7. Hacking a Car with a $20 Gadget

    Much has been made of the connected car phenomenon, as more and more vehicles are now coming equipped with connections to cloud services for entertainment and monitoring via 4G or satellite connectivity. While this opens up a new cyber-front for hackers, it turns out that old-fashioned closed-system vehicles are hackable too.

  8. Whistleblower Blows Whistle on Barclays Bank

    A Snowden-style finance whistleblower, who seems to have grown a conscience, has blown the whistle on Barclays bank for the loss and subsequent mis-use of 27,000 files of detailed personal data on customers and potential customers. Those files reached the hands of rogue traders known as 'spank shops.'

  9. Imperva Buys Skyfence and Incapsula to Improve its Cloud Security Offering

    While launching a new cloud strategy, Imperva has simultaneously announced the acquisition of Skyfence (a cloud security start-up) and Tomium (a mainframe monitoring firm); and has agreed to buy the remaining shares in its majority owned subsidiary, Incapsula.

  10. Target Hackers May Have Gotten In Through the Air Conditioner

    More details of the Target breach continue to be revealed, with the latest intel pointing to the air conditioning guys being used as an entry point by the hackers. The hackers came in through the vents, so to speak.

  11. Bredo Botnet: Is it Coming Back?

    Earlier in the week, many consumers experienced a big spike in email spam volume – messages targeting containing financial malware that's familiar from the not-too-distant past.

  12. US and Belarus Take Home Top Honors in Spam Rankings

    The US is once again the world’s spammiest nation, topping the 2013 “Spampionship” league table published by Sophos.

  13. Barclays Leads in Web Security among UK Banks

    When it comes to banks, Barclay’s arguably has one of the highest profiles in the world, thanks to its sponsorship of the English Premier League. But it should be known for something else as well: it came in first in security functionality in Forrester Research’s review of the eight top UK bank and building society sites.

  14. GCHQ Used DDoS Attack on Anonymous' Communications

    A top secret presentation by GCHQ at a 2012 NSA conference called SIGDEV shows that the hitherto unknown GCHQ Joint Threat Research Intelligence Group launched a DDoS attack (called Rolling Thunder) on the IRC communications channels used by Anonymous and LulzSec.

  15. PoS Breaches Spread with Thousands Affected at Marriott and Holiday Inn Locations

    Target. Neiman Marcus. Michaels. The retail sector continues to crop up with point-of-sale (PoS)-led data breaches. But a new security breach affecting 14 Marriott, Holiday Inn, Westin, Renaissance and Radisson properties demonstrates that hospitality franchises are being targeted as well.

  16. Chewbacca Turns Up as Part of 11-Country Malware Campaign Against Retailers

    The Chewbacca keylogging malware has been spotted in the wild, and we don’t meet on Yavin 4 or Endor: it’s been uncovered as part of a global point-of-sale (PoS) malware campaign right here on Planet Earth.

  17. Personal Details of 800,000 Orange Users Stolen

    But not their passwords. Last Friday a French publication provided details on the data stolen from French mobile operator, Orange. The breach occurred on 16 January, and involved the loss of names, addresses, email addresses, phone numbers and 'household composition' for approximately 800,000 customers.

  18. Chaos Computer Club Files Criminal Complaint Against German Government

    Following its involvement in the complaint to the European Court over the UK government's use of mass surveillance via GCHQ, Germany's Chaos Computer Club has now filed a complaint with the Federal Prosecutor General's office against the German federal government alleging illegal covert activities.

  19. Bell Canada Hacked by NullCrew

    Bell Canada announced Sunday that "22,421 user names and passwords and 5 valid credit card numbers of Bell small-business customers were posted on the Internet this weekend." It claims that it was not directly breached, but that the "posting results from illegal hacking of an Ottawa-based third-party supplier." But there's more to the story.

  20. NSA/GCHQ Hacking Gets Personal: Belgian Cryptographer Targeted

    Belgian newspaper De Standaard reported Saturday that the federal prosecutor is investigating the hacking of Jean-Jacques Quisquater, a renowned cryptographer and professor at the Université catholique de Louvain, close to Brussels. The hack was discovered while the authorities were investigating the breach at Belgacom.

Why not watch?

  1. How to Manage Your Risks and Protect Your Financial Data

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  4. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

What’s hot on Infosecurity Magazine?