Infosecurity News

  1. Syrian Electronic Army Steps Up a Gear – Re-Directs Major Websites to its Domain

    Rather than hack individual websites or Twitter accounts, SEA’s latest attack was on the MelbourneIT domain registrar. It was then able to redirect visitors to MelbourneIT’s customers – including the New York Times, Twitter and Huffington Post – to an SEA controlled website.

  2. Password Cracker Cracks 55 Character Passwords

    One of the world’s leading password crackers just got better and is now able to crack passwords of up to 55 characters in length and algorithms such as TrueCrypt 5.0+, LastPass and Samsung Android Password/PIN.

  3. Facebook Report Discloses Number of Government Requests for User Data

    Facebook has now joined other major cloud service companies with its own version of a transparency report: its first Global Government Requests Report purports to show how many government requests for user data it received in the first six months of 2013.

  4. Molerats Hacking Campaign adds Poison Ivy to its Repertoire

    Molerats is the term used for a hacking campaign orchestrated by the Gaza Hackers Team. Until now it had seemed that this group concentrated on using the XtremeRAT trojan. New research now suggests that that the group has also started using the Poison Ivy RAT.

  5. NSA Revealed Spying on the UN and EU Embassies

    The latest revelations from Edward Snowden published by Der Spiegel and Laura Poitras, the American film maker based in Berlin and visited by David Miranda before his detention at Heathrow, shows extensive and sophisticated NSA surveillance of both the EU and UN organizations in the US.

  6. Twitter Scanning DMs to Help Profile its Users

    A European privacy activist is warning that Twitter monitors users' Direct Message private tweets, even to the extent of visiting URLs contained and copying the content of the web pages concerned – most likely for behavioral profiling.

  7. Lady Gaga Sees Applause for Single, Despite 'Hacker' Leak

    Lady Gaga is…displeased. She’s blaming “hackers” for the leak of her new single, “Applause,” ahead of its scheduled release date on August 19.

  8. China Hit with Biggest DDoS Attack in its History

    China faced the largest distributed denial-of-service (DDoS) attack in its history over the weekend, leading to a two-to-four hour shutdown of swaths of IP addresses using .cn, China's country code top-level domain.

  9. The Insecure Pacemaker: FDA Issues Guidance for Wireless Medical Device Security

    The concept of a hacker causing a heart attack by remotely compromising a pacemaker or shutting down an insulin pump on a diabetic is unfortunately not in the realm of science fiction, with very real vulnerabilities having been found in connected medical devices. The US Food and Drug Administration (FDA) is now addressing the issue with a 24-page set of recommendations for regulating medical devices with wireless connectivity.

  10. DDoS Weapon Found Hidden in Orbit Downloader

    Anti-virus companies don’t just block malware – they also give their customers the option to block ‘potentially unwanted apps’ or PUAs. These aren’t strictly malware, but can violate a user’s privacy. Adware can potentially be a PUA.

  11. German Federal Government Warns on the Security Dangers of Windows 8

    The problem revolves around the upcoming Trusted Platform Module v 2.0 developed by the US-dominated Trusted Computing Group, which cannot be deactivated by the user. The concern is that this provides a back door for Microsoft, and by extension, for the NSA.

  12. Latest Spy Law May Force Mega to Leave New Zealand

    Kim Dotcom warned earlier this month that if a new bill – the Telecommunications (Interception Capability and Security) bill known as TICS – were to become law, he would move Mega’s privacy services out of New Zealand. TICS was passed yesterday in the New Zealand parliament by a vote of 61 to 59.

  13. The Counter-productive Effect of the Cost of Cybercrime

    The cost of cybercrime is frequently used to justify the cost of security products and the implementation of new – and invariably more stringent – cyber laws. But what if those figures are wrong? Could it mean that industry, and government, gets its entire cybersecurity strategy wrong?

  14. Poison Ivy Dissected: Commodity Tool or APT Weapon?

    The contradiction behind a remote access trojan (RAT) such as Poison Ivy is that while it is easy to use and widely used, it can also indicate a sophisticated – or APT-style – attack designed to exfiltrate specific data from major organizations.

  15. NIST Updates Patching and Malware Avoidance Guides

    The US National Institute of Standards and Technology (NIST) has updated two of its computer security guides to help system managers protect their systems from hackers and malware.

  16. Microsoft Warns of Permanent Zero-Day Exploits for Windows XP

    When Microsoft announced that it would discontinue support for Windows XP starting on April 8, 2014, many companies began the long process of transitioning to modern operating systems like Windows 7 or Windows 8. But there are others that won’t – and the software giant is raising the spectre of a zero-day onslaught as a result.

  17. Android Bitcoin Wallet Issue Points Out Critical Need for Mobile App Management

    The previously disclosed flaw in Android’s Bitcoin wallet has now been quantified in terms of its scope: the vulnerability has left over 360,000 applications up for attack, subsequently compromising the data of thousands of users, as well as their cyber-wallets.

  18. The Detention of David Miranda Raises Serious Issues

    Over the weekend David Miranda, partner of Glen Greenwald - the Guardian journalist who published the first of a series of reports detailing United States and British mass surveillance programs, based on documents obtained by Edward Snowden - was detained at Heathrow for just under 9 hours – the maximum allowed under Section 7 of the Terrorism Act. Miranda was in transit from Berlin to his home in Brazil. All of his electronic equipment was confiscated.

  19. Google Responds to British Lawsuit: UK Privacy Laws Don’t Apply

    There have been two new developments in the British lawsuit against Google for allegedly overriding Safari privacy settings to track users’ internet habits: firstly the High Court granted permission to serve on Google Inc, putting the papers into the public domain; and secondly Google responded by claiming it does not have to answer to the UK courts.

  20. Are Encryption Keys Protected by the Fifth Amendment?

    A man was arrested in Wisconsin this week as the latest move in a long-running battle by the authorities to force him to hand over decryption keys for hard drives believed to contain child pornography.

Why not watch?

  1. Supercharge Your Security With Intelligence-Driven Threat Hunting

  2. Learn Key Strategies for Industrial Data Security

  3. Securing Your Move to Hybrid Cloud Infrastructure

  4. The Future of Fraud: Defending Against Advanced Account Attacks

What’s hot on Infosecurity Magazine?