Infosecurity News

  1. Malware attackers leave behind digital clues

    Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of an advanced cyber-attack can help identify even the most sophisticated threat actors – if researchers know what to look for.

  2. BAE Systems Detica Reports on BYOD Problems

    Nobody doubts that BYOD is a security issue – the connection of employees’ personal devices to the corporate network worries IT staff. There are security solutions; but study after study surprisingly shows that many companies simply ignore the problem – either not allowing the use of BYOD even though they know it happens, or allowing it but doing nothing to secure it.

  3. Cutwail spamming out Andromeda – using Qantas as the lure

    A current spam campaign from the Cutwail botnet is sending out the Andromeda bot loader (aka Gamarue) which subsequently downloads the Zeus banking trojan. Numerous spam themes are employed, including flight/ticket details, courier, tax, hotel, payroll, invoice, social media and others.

  4. CREST launches CRESTx at Lancaster university

    CREST is the council for registered ethical security testers, a standards based organisation that provides assurance and trust in penetration testers and ethical hackers. On 3 July 2013 it is running its first CRESTx conference at Lancaster university, one of the EPSRC-GCHQ Academic Centres of Excellence in Cyber Security.

  5. Phishing targets UK businesses 3,000 times per day

    Phishing attacks are evolving, and becoming more widespread over time: Kaspersky Lab has found that 3,000 UK internet users were subjected to phishing attacks each day for the past year, a notable increase from 1,000 the year before.

  6. Google adds phishing and malware levels to Transparency Report

    Google, which flags 10,000 unsafe websites each day, has expanded its Transparency Report to add a section that will shed more light on the sources of malware and phishing attacks.

  7. (ISC)² kicks off Women in Security mentoring program

    Women in Security (WiS), a special interest group led by (ISC)²'s London Chapter, is launching a mentoring scheme to help women interested in information security to explore the profession and the opportunities its offers.

  8. 'Hidden' SOCA Report Shows UK Businesses Regularly Hack Rivals

    The Independent has claimed that a report produced and suppressed by the Serious Organized Crime Agency demonstrates that law firms, telecoms giants and insurance companies routinely hire criminals to steal rivals' information.

  9. Fake anti-virus jumps from PCs to Android

    A fresh ransomware scheme is plaguing Android users by way of the well-known FakeAV malware, which has now made the leap from computers to mobile devices.

  10. ATM-like cryptology aims to banish IDs and passwords

    Finding a clever way to eliminate the use of passwords and user IDs entirely in a way that offers airtight security is, naturally, an identity technologist’s Holy Grail. CertiVox is the latest security Parsifal, debuting the open-source M-Pin Strong Authentication System for banishing the use of credentials.

  11. Bitcoin Foundation told to cease and desist

    The Bitcoin Foundation has received a cease and desist letter from the California Department of Financial Institutions, alleging that it may be engaged in money transmissions without the requisite state license.

  12. (ISC)² launches Cyber Warrior Scholarship for veterans

    To help combat the widening of the gap between demand for and supply of cybersecurity professionals, the (ISC)²’s nonprofit arm has launched the U.S.A. Cyber Warrior Scholarship program, aimed at providing cybersecurity career training to qualified veterans who served in the US military.

  13. The effect of PRISM on Europe's General Data Protection Regulation

    PRISM is the US surveillance program that allows the NSA to gain access to the accounts of major US cloud services providers, including the accounts of non-US citizens. The GDPR is the proposed data protection law for the EU. The two are, on the surface, incompatible.

  14. Chrome Vulnerable to Camjacking

    Camjacking is clickjacking aimed at taking over the PC’s webcam – and although Adobe fixed the Flash vulnerability that allows it back in 2011, it lives on in the Flash implementations of Chrome and (not verified) IE10.

  15. Google Glass privacy questioned by six countries and the EU

    Led by Canada's privacy commissioner Jennifer Stoddart, and enjoined by 36 provincial and international colleagues, Google has been invited to enter a dialogue with data protection authorities over the privacy issues around Google Glass.

  16. Malware swarming on P2P networks

    For all of their benefits when it comes to enabling consumer communication, peer-to-peer networks have been notorious hideouts for pirated content and other things that wish to elude detection. They’re providing cover now for something else: malware.

  17. Manchester City’s Scouting Database Compromised

    75% of the UK’s Premier League football clubs, and 50% of clubs in the major European leagues use the services of Scout7 to provide solutions in player scouting, recruitment and information management. Manchester City’s private database has been breached.

  18. Big Data causes big problems for security

    For enterprises, the ability to detect data breaches within minutes is critical in preventing data loss, yet only 35% of firms stated they have the ability to do this. The culprit? An ever-escalating array of data sources stemming from virtualization, anywhere, anytime work habits and an explosion of end-user devices and applications. In short, organizations around the world are finding themselves unable to harness the power of Big Data for security purposes.

  19. Opt-out porn filters in the UK by the end of the year

    UK ISPs will have porn filters operational before the end of 2013 said David Cameron’s ‘pornification’ advisor Claire Perry at a Westminster eForum last week.

  20. Blank media levy extended to smartphones and tablets

    The ‘blank media levy’ is effectively a tax on blank media (originally tape cassettes) designed to compensate content creators for illegal copying of copyrighted works. Over the years it was extended to include CDs, DVDs, hard disks – and is now making its first forays into devices that include solid state memory.

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  3. Learn Key Strategies for Industrial Data Security

  4. Supply Chain Risk and Mitigation in Operational Technology

What’s hot on Infosecurity Magazine?