Infosecurity News

  1. Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue

    Later this month in Sydney and in London in September, Gartner will hold summits on compliance and security. Compliance, it suggests, should be subsumed into risk management, rather than security being subsumed into compliance.

  2. Hand of Thief Banking Trojan Takes Aim at 'Secure' Linux OS

    Hard on the heels of the discovery of the Russia-originated KINS banking trojan, a different Cyrillic cybercrime team has developed a financial trojan targeting the Linux operating system.

  3. Fort Disco – a Botnet that Delivers Brute Force Logon Attacks

    The last year has seen an evolution of botnets from home computers to commercial servers; a practice that seems to be gathering pace. However, methods of compromising web servers are different to the traditional PC compromise.

  4. Latvia to Extradite Suspected Gozi Mastermind to Face Charges in the US

    Since the beginning of 2013, the US authorities have sought the extradition of Deniss Calovskis, a Latvian citizen, who was charged in January with being one of the three ringleaders behind the Gozi virus.

  5. CIA’s John Mullen Declares People Biggest Threat and Risk Management Best Defense

    People present the greatest cyber vulnerability and educating them is key to protecting your valuable information, John K. Mullen, senior operations officer at the CIA told the audience at 2013 SINET Innovation Summit in New York, August 6th 2013.

  6. US Counterintelligence Executive Says NSA Doesn’t Have Adequate Resource to Monitor All Communications

    Presenting the keynote at the 2013 SINET Innovation Summit in New York, August 6th 2013, Frank Montoya Jr., National Counterintelligence Executive, assured the audience that "we don't have the resources" to monitor and evaluate information on all communications when asked about the NSA surveillance programs.

  7. Did the FBI Use CIPAV Against Tor?

    Following the arrest of Eric Eoin Marques last week, websites in the darknet hidden services began to go down. A piece of javascript malware was found and posted to the internet. Researchers are now wondering if this is the first live sample of the FBI's fabled CIPAV malware.

  8. Feds Seek Extradition of Child-Porn Dealer – Darknet Compromised

    On Friday the Irish High Court denied bail to Mr Eric Eoin Marques, arrested the day before on an extradition warrant issued in Maryland charging him with distributing and promoting child pornography on the internet.

  9. Colin Powell's Emails Tapped by Hacker

    The hacker known as Guccifer, who makes a habit of hacking the rich and powerful – the 'Illuminati' in his own terms – has struck again, this time forcing former US Secretary of State Colin Powell to deny an affair.

  10. Rodecap – a New Spam Bot in Town

    Just over a week ago Symantec published a note on a new spam bot that it was and is currently investigating. A Swiss researcher, however, was already on it, having trapped the first instance in his sandnet two days earlier.

  11. Comfoo – the APT RAT that Ratted on RSA

    The Comfoo trojan has been in continuous development since at least 2006. It has more than 200 variants and has been used in at least 64 different campaigns, including the RSA SecurID breach in 2010 – but little has been known about it.

  12. Black Hat 2013: Researchers Demo How Smart TVs Can Watch You

    Two different presentations at Black Hat Las Vegas on August 2nd 2013 called new attention to the risks posed by smart TVs increasingly found in homes and offices around the world. Researchers demonstrated how vulnerabilities in these systems can be used to steal online credentials, sensitive data and even turn device cameras against users to record them illicitly. Ericka Chickowski reports.

  13. BSides Las Vegas: How to Find Fame as an Information Security Professional

    Self-promotion through social media is the key to improving your visibility in the information security industry Javvad Malik told an engaged audience at BSides Las Vegas on August 1st 2013.

  14. VERIS: A New Database for Sharing Security Incident Information

    A new community database has been launched by Verizon to help bridge the uncertainty gap in data breach information: what we know and what we need to know. Based on VERIS, it is designed to facilitate the secure sharing of incident information for the good of all.

  15. XKeyscore – the Front End that Queries the NSA Databases

    The Guardian has released the latest of its Edward Snowden leaks – NSA training material for a system called XKeyscore that allows analysts to search through vast databases of emails, online chats and browsing histories.

  16. Black Hat 2013: Responsible Disclosure on Increase through Bug Bounty Program

    Responsible zero-day vulnerability disclosure is on the increase, according to Brian Gorenc, manager of HP’s Zero Day Initiative.

  17. What is the Syrian Electronic Army?

    As the Syrian Electronic Army (SEA) continues its hacking spree across largely Western organizations, it is worth pausing to question: what is the SEA, how does it operate, and what are its motivations?

  18. 83% of Mobile Apps Exhibit Risky Behavior

    iOS apps are worse than Android apps, and free apps are worse than paid apps – but in a study that has implications for both personal and BYOD use, as many as 83% of all apps exhibit at least one form of risky behavior.

  19. UK's Porn Surfing Filter Continuing to Create Waves

    It's a question of where to start: TalkTalk's filter provided by Huawei; more than porn will be blocked; UK's 'pornification' MP Claire Perry hacked and now sued; at least one ISP in open rebellion; and Anonymous launches op PornStorm.

  20. Google's Chromecast Video Streaming Product Hacked Already

    Google's Chromecast, a $35 device for streaming internet video to the TV, has been rooted within days of its launch.

Why not watch?

  1. Supply Chain Risk and Mitigation in Operational Technology

  2. The Future of Fraud: Defending Against Advanced Account Attacks

  3. Securing Your Move to Hybrid Cloud Infrastructure

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?