Infosecurity News

  1. Waking Shark II – Stress Testing the City of London

    Today is Waking Shark II day – the day the City of London's cyber resilience is tested in a day long exercise. Details are scarce (it wouldn't be a test if they were known) but the war game is expected to concentrate on the ability of banks to maintain operations in the face of a sustained cyber attack.

  2. APTs and the Moriarty of Cybercrime

    Researchers have analyzed 11 apparently distinct APT campaigns, and have come to the conclusion that they are not as distinct as previously thought – in short, there's a malware quartermaster, a Moriarty of cybercrime, serving multiple threat actors.

  3. PCI DSS Version 3.0 Goes Beyond Compliance

    The PCI Security Standards Council (PCI SSC) has published version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) for debit and credit card security, geared to move organizations from mere compliance to more comprehensive security approaches built on shared responsibility.

  4. How GCHQ hacked Belgacom

    In September Der Spiegel published details from Snowden leaks indicating that GCHQ had been behind the hacking of Belgian telcommunications company Belgacom, in an operation codenamed Op Socialist. On Friday it published further details indicating how the breach had been effected.

  5. Stuxnet Also Infected Russian Nuclear Facility

    Stuxnet is widely taken to be the harbinger of modern cyberwarfare. It was developed by the US and Israel to target the Iranian nuclear program – but now it appears that it also infected a Russian plant.

  6. British Spy Agencies, Al Gore and Berners-Lee all Talking About Snowden

    In an unprecedented move, the reclusive heads of Britain's MI5, MI6 and GCHQ spy agencies appear in public before a parliamentary committee, while Al Gore gives a speech in Montreal and Sir Tim Berners-Lee is interviewed by the Guardian – and all are talking about Snowden's revelations.

  7. Adobe Breach is Far, Far Worse than Originally Thought

    After Brian Krebs gave Adobe a strong hint that it had been breached, the company announced that just short of three million accounts may have been compromised. It later upped this to 38 million – but it now appears that the true figure is around 150 million.

  8. Lack of IT Automation Drives Frequent Firewall Outages

    For UK and US businesses, increased complexity stemming from trends like cloud computing and virtualization is driving a need for more automation within the IT network; but reality is lagging the requirement.

  9. Automatic IFS Encryption for IBM i with New Release from Linoma Software

    Linoma Software’s Crypto Complete data encryption solution is breaking ground on IBM i by providing automatic encryption of files stored on the operating system’s integrated file system (IFS).

  10. Computer Animation Snares 1000 Sex Predators

    Terre des Hommes is a network of ten international organizations that work for the rights of children. TDH Netherlands, Monday, published a dossier on, and a call to action to stop, the web cam sexual exploitation of children.

  11. CryptoLocker Most Current Prolific Malware

    CryptoLocker is a new breed of ransomware that encrypts victims' data with public key encryption, and demands payment for the decryption key – the only way that infected victims can regain access to their data.

  12. Privacy International Calls on OECD to Investigate Telecoms Relationships with GCHQ

    Following its involvement in taking the UK to the European Court over GCHQ's mass surveillance program, Privacy International has now raised formal complaints with the OECD against the telecoms companies that have co-operated with GCHQ.

  13. Snapchat the Bait; Adware the Delivery

    Researchers have discovered a 'Snapchat' link that provides many things – mainly advertisement-serving adware – but the one thing it doesn't deliver is Snapchat itself.

  14. US Government Agency Compromised by Social Engineering

    Two researchers have demonstrated that lessons have not been learned from Robin Sage, a fictitious character created on social media in 2009, who went on to collect friends in the FBI and CIA and get job offers from Google and Lockheed Martin.

  15. Amount of Mobile 'Madware' Spikes in Google Play

    Mobile malware focused at Google’s Android operating system is proliferating at a prodigious rate. But increasingly, a particularly unsavory brand of malicious adware – dubbed “madware” – has been making significant inroads to Google Play. Volume-wise, it came to be present in 23% of apps in the first half of 2013.

  16. (ISC)² Recognizes Excellence in Government Cybersecurity

    (ISC)² has announced the recipients of its annual US Government Information Security Leadership Awards (GISLA) program, including the inaugural Lynn F. McNulty Tribute GISLA award, which went to Dr. Ronald “Ron” Ross, senior fellow at the National Institute of Standards and Technology (NIST).

  17. Contactless Payment Details Can Be Intercepted with Inexpensive Equipment

    A paper published this week by the Institution of Engineering and Technology (IET) demonstrates that contactless payment card data can be intercepted at more than four times the distance laid down by standards.

  18. Finnish Government Network Hacked

    Finnish foreign minister Erkki Tuomioja yesterday confirmed reports that the country's government networks had been breached by hackers. Local TV station MTV3 had earlier claimed that Chinese or Russian agents may have been involved.

  19. RSA Europe 2013: SMB Websites More Toxic than Pornographic Sites says Symantec

    Legitimate SMB websites pose a greater cybersecurity threat than pornography sites, says Sian John, security strategist at Symantec.

  20. Apple iOS Apps Found to Have a Common Hijacking Vulnerability

    A flaw impacting Apple iOS-based apps has been discovered that, if exploited, could allow an attacker to hijack the server URL from which mobile applications load their data, replacing the served data with his own content.

Why not watch?

  1. Identifying Concentration Risk and Securing the Supply Chain

  2. Navigating Exposures in Energy ICS Environments

  3. New Cyber Regulations: What it Means for UK and EU Businesses

  4. Dispelling the Myths of Defense-Grade Cybersecurity

What’s hot on Infosecurity Magazine?