Infosecurity News

  1. Royal Baby: Exclusive Pics! – Don't Fall for It

    When Kate Middleton, the Duchess of Cambridge, went into labor with the child who recently became third in line for the throne of England, the event immediately had millions of royal-watchers riveted – and, apparently, plenty of spammers ready to leverage the vast amount of public interest in everything from the sex of the baby to “secret pictures” of the new arrival.

  2. SIM Cards Cracked; Hundreds of Millions of Phones Vulnerable

    The SIM card – long considered the uncrackable heart of the mobile phone – can finally be rooted. Details will be presented by a German researcher at Black Hat on 31 July. Meanwhile estimates put the number of vulnerable phones at either 500 million or 750 million.

  3. Ubuntu Forum Hacked; 1.8 Million Accounts Compromised

    On Saturday, Canonical – which looks after the Ubuntu Linux user forum – received reports of a site defacement. Within four minutes it had taken the Ubuntu Forums site off-line to investigate what turns out to be a major hack.

  4. Apple Developer Site Breached

    Two things happened last week: Apple developers began to receive unexpected password reset emails, and the Apple Developer center was shut down for maintenance. Everything pointed to a breach; but Apple said little.

  5. California Student Gets Jail Time for Rigging Campus Election with Keyloggers

    It’s a rite of passage for many college students to run for student government office – particularly if they have grander political aspirations. But some take it just a tad too seriously (think Tracy Flick in “Election”). Take, for instance, the case of a former Cal State San Marcos student who has been sentenced in federal court to a year in prison for using keylogging software to rig a campus election.

  6. Java: Write Once, Pwn Anywhere

    Just as a new report explains why Java vulnerabilities, despite Oracle's best efforts, remain the hackers' favored target, a Polish researcher discovers that the latest version, Java 7, is susceptible to a 10-year old attack.

  7. Rex Mundi Hackers Post Data Stolen from Numericable

    Numericable is a cable TV company operating in France, Belgium and Luxembourg. Rex Mundi claimed to have stolen customer data and demanded €22,000 for its return. Numericable declined, and denied that the hackers had the data.

  8. Tumblr Patches its iOS App After Password Vulnerability

    A brief statement from Tumblr late on Tuesday confirmed that its iPhone and iPad apps had been updated to patch "an issue that allowed passwords to be compromised [sniffed] in certain circumstances."

  9. GCHQ's Use of NSA's Prism Data is Legal, says UK

    The legality of Prism in the US is a question for Congress and the US courts, says Sir Malcolm Rifkind, chairman of the UK's all-party Intelligence and Security Committee – but the acquisition of Prism data by GCHQ is done legally.

  10. Dirty AndroRAT: New Tool Lets Anyone Trojanize Android Apps

    Malware authors are ever-adaptable, as evidenced by the rise of remote access tools (RAT) written in Java that are capable of running on multiple operating systems. The Android mobile operating system has made its way into the RAT crosshairs, with a new “binder” for sale in the criminal underground that allows users to repackage and trojanize legitimate Android applications.

  11. Mobiquant Invited by Japanese Government to Exhibit at IT pro EXPO

    The France-based mobile security specialist will participate in Japan’s leading IT innovation trade event to demonstrate its security solutions.

  12. Water Hole Replacing Spear-Phishing as State-Sponsored Weapon of Choice

    Spear-phishing is an attack that attempts to ensnare a specific individual or group of victims via email; water hole attacks wait for the victim to come to the trap. Attackers – especially state-sponsored attackers – are increasingly turning to the latter as their weapon of choice.

  13. Verizon Hack Turns Femtocells into Mobile Spy Stations

    Femtocells are nice-to-have mini-cells that boost cellular coverage indoors, to prevent consumers from going down to one, slow bar inside a house or store. Verizon Wireless offers femtocells for home use, but it turns out they can do more than supercharge one’s 3G – the $250 gadgets can also be turned into mobile spy stations.

  14. EXPIRO File Infector Variant Presents Unusual Threat Combo

    A file infector malware recently discovered in the wild is exhibiting what security researchers are calling unusual characteristics stemming from an unexpected combination of threat techniques.

  15. Goofing off at Work Can Lead to Malware Infections and Data Breaches

    Surveys show that employees spend up to 30% of their working hours on private affairs. And all of those non-productive hours could translate to not just lost output, but actual negative equity in the form of malware attacks and hacking incidents.

  16. Half-Life 3 Confirmed!

    Half-Life is a popular game developed by Valve and available on the Steam gaming platform. Enthusiasts of Half-Life 2 have been waiting years for the next installment; long wanted but never delivered. Despite the 'confirmation', it still isn't.

  17. Governments are Big Buyers of Zero-Day Flaws

    The extent and sophistication of the market for zero-day vulnerabilities is becoming better understood. It appears that governments – especially the US, UK, Israel, Russia, India and Brazil – are among the biggest customers.

  18. ICO Fines NHS Surrey £200,000

    The UK's Information Commissioner has fined NHS Surrey £200,000 for not ensuring that patient data was completely removed from recycled PCs. Some of those PCs ended up on an online auction site.

  19. Post-PRISM, Feds Have Been ‘Disinvited’ to Def Con Hacker Gathering

    As the annual Def Con event prepares to launch in Las Vegas on August 1, 15,000 hackers are planning to descend onto the hot desert landscape. Organizers have however warned federal agents, government security staffers and law enforcement agents that their particular presence is not required.

  20. Retina Scans? Yes Please! Just Not for Passwords or PINs

    Cue the Mission Impossible theme: Europeans (especially the French) really like the idea of biometrics – ultraviolet fingerprint authentication, vein topography scans and the like – when it comes to slipping into secure corridors and preventing international criminals from moving across borders. But when it comes time to use them for ho-hum applications like password replacement? Not so much...

Why not watch?

  1. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  2. The Future of Fraud: Defending Against Advanced Account Attacks

  3. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?