Infosecurity News

  1. Washington Post (& CNN, & Time, but not NYT) Hacked by Syrian Electronic Army

    The Washington Post yesterday issued a brief statement confirming that it had indeed been breached by SEA. At around the same time, the New York Times claimed that a brief outage on Wednesday had been caused by maintenance rather than hacking.

  2. Error 451 – Unavailable for Legal Reasons

    The Open Rights Group has launched a campaign for the adoption of a new HTTP 400 range status code: Error 451, designed to indicate that access to a page or website is unavailable by court order.

  3. IBM to Acquire Financial Malware Defense Firm Trusteer

    IBM has announced a definitive agreement to buy the Israeli firm Trusteer, which specializes in anti-financial malware and fraud software. Although terms have not been revealed, market estimates put the price at around $800-$900 million.

  4. Users Have No Expectation of Privacy in Gmail Says Google

    In filing a motion to dismiss a class action that it illegally intercepts and reads emails, Google lawyers have invoked a ruling from a 1979 court case (Smith vs Maryland) that originally referred to telephony.

  5. DNS Posioning and Spoofing Made Simpler with BIND Vulnerability

    Web page spoofing just got easier: One of the defenses against Domain Name System (DNS) cache poisoning and web address spoofing lies in the randomization of the IP address of the queried name server. But a newly found vulnerability in BIND, the most widely used DNS software on the internet, enables an attacker to de-randomize the queries—greatly reducing the time and effort required to successfully poison BIND's cache.

  6. Hacking the Lightbulb: Malware Can Produce a Sustained Blackout

    Considering the hyper-connected world that we live in, a good security mantra should be: if it can be connected to the web, it can be hacked. Even light bulbs. Yes, even light bulbs.

  7. Cyber Spies in London Recycle Bins Told to Move On

    News emerged last week that a London firm had been installing wifi snooping equipment in London recycle bins, spying on the mobile phones of passers-by. But the City of London authorities have moved quickly with a cease and desist instruction.

  8. Dalai Lama’s Website Compromised and Serving Malware

    The Dalai Lama and his supporters have been under almost continuous cyber attack for years. In a new ‘don’t go there’ announcement, a security researcher warned Monday that the Chinese language version of his website has been compromised in a new water hole attack that delivers a backdoor trojan.

  9. Joomla Exploit Cashes Out Accounts with Zbot Variant

    Websites using the popular content management system Joomla are at risk of being hijacked for use in malware payload and phishing attacks, thanks to the discovery of a fresh vulnerability and accompanying zero-day attack.

  10. Department of Defense Approves BlackBerry for MDM

    Remember when President Obama had to get a special, encrypted version of his BlackBerry in order to continue using a smartphone post-election? It’s taken the US Department of Defense (DoD) about five years since then to support anything but restricted smartphone use (no selfsies, folks), but now a step is at hand: The US Defense Information System Agency (DISA) has given BlackBerry Z10 and BlackBerry Q10 smartphones with BlackBerry Enterprise Service 10 the authority to operate (ATO) on DoD networks.

  11. Bitcoin Besieged by Hackers and Regulators

    Just as Bitcoin warns its users that Android-based bitcoin wallets are vulnerable to theft, so the New York Department of Financial Services subpoenas 22 digital currency companies and investors, and investigates the regulatory guidelines that should be put in place.

  12. Two Men Arrested in London Over DDoS Extortion Threats

    Following what the Greater Manchester police described as their largest ever cybercrime investigation, two polish men were arrested at a Heathrow hotel on suspicion of blackmailing a Manchester-based internet company with threats of a DDoS attack.

  13. RAT Drains California Escrow Firm Out of Business

    In a testament to the very real business threat that cybercrime represents, a remote access trojan (RAT) has drained a California escrow firm of $1.5 million, forcing it to shut its doors and lay off its nine employees – at the state’s behest.

  14. World's Largest Telcos Face Legal Action from Privacy International over Tempora

    Privacy International has sent a pre-action letter (a formal pre-cursor to legal action) to BT, Verizon Business, Vodafone Cable, Level 3, Global Crossing (now owned by Level 3), Viatel and Interoute. At issue is the telcos' involvement in GCHQ's spy program Tempora.

  15. Mobile Malware Spikes 30% in First Half of 2013

    Mobile malware continues to escalate in volume, with security vendor Fortinet seeing a 30% increase in malicious samples in just the last six months. The firm is seeing more than 1,300 new samples per day, mostly, unsurprisingly, Android-focused. The threats range from new ransomware samples to new exploits of old vulnerabilities.

  16. Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue

    Later this month in Sydney and in London in September, Gartner will hold summits on compliance and security. Compliance, it suggests, should be subsumed into risk management, rather than security being subsumed into compliance.

  17. Hand of Thief Banking Trojan Takes Aim at 'Secure' Linux OS

    Hard on the heels of the discovery of the Russia-originated KINS banking trojan, a different Cyrillic cybercrime team has developed a financial trojan targeting the Linux operating system.

  18. Fort Disco – a Botnet that Delivers Brute Force Logon Attacks

    The last year has seen an evolution of botnets from home computers to commercial servers; a practice that seems to be gathering pace. However, methods of compromising web servers are different to the traditional PC compromise.

  19. Latvia to Extradite Suspected Gozi Mastermind to Face Charges in the US

    Since the beginning of 2013, the US authorities have sought the extradition of Deniss Calovskis, a Latvian citizen, who was charged in January with being one of the three ringleaders behind the Gozi virus.

  20. CIA’s John Mullen Declares People Biggest Threat and Risk Management Best Defense

    People present the greatest cyber vulnerability and educating them is key to protecting your valuable information, John K. Mullen, senior operations officer at the CIA told the audience at 2013 SINET Innovation Summit in New York, August 6th 2013.

Why not watch?

  1. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  2. Supercharge Your Security With Intelligence-Driven Threat Hunting

  3. Supply Chain Risk and Mitigation in Operational Technology

  4. Securing Your Move to Hybrid Cloud Infrastructure

What’s hot on Infosecurity Magazine?