Infosecurity News

  1. Attackers Ramp Up Threats to the Energy Sector

    The US energy sector experienced the largest number of malware attacks of any industry in the spring and summer of 2012, with the end result being expensive outages at pipelines, oil refineries and drilling platforms. This year, brute-force attacks and botnet infestations are all alarmingly on the rise.

  2. Building Security In Maturity Model: Version 5 Released

    BSIMM-V is effectively a scorecard that can be used by companies to either measure or improve their existing software development security stance. It is not a 'standard' in the regulatory sense; it more a practical description of actual best practices.

  3. RSA Europe 2013: The Lessons BT Learnt from Securing London 2012

    The lessons learnt from securing the digital infrastructure at the London 2012 Games have given BT a better understanding of how to do cyber defence, said Mark Hughes, CEO of BT Security in his keynote at RSA Europe today

  4. Adobe Breached Users Now Estimated at 38 Million

    When news of the Adobe breach emerged at the beginning of October, the company admitted that bank card and other personal information on 2.9 million users had been stolen together with usernames and passwords for an undisclosed number of customers. That number is now put at 38 million.

  5. Microsoft SIR Report Highlights Risks of Unsupported Software Ahead of XP Withdrawal

    On April 8 2014, Microsoft will withdraw all support from the XP operating system, despite 21% of the worldwide OS marketplace still using it, and 13% of the UK. The results of the latest Microsoft SIR report prove just how vulnerable this will leave users, according to Microsoft director of Trustworthy Computing, Tim Rains.

  6. Frost & Sullivan Report Positions Women as Future Infosec Leaders

    There are two undisputed facts in the information security marketplace: there is a severe skills shortage; and women are dramatically under-represented in the security workforce. A new Frost & Sullivan report argues that a solution to the former can be found in redressing the latter.

  7. Cisco Patches Remote Code Execution and DoS Flaws in Multiple Products

    Cisco has issued three patches to address serious security flaws across a handful of products. Exploitation of the vulnerabilities could give an attacker a way to remotely execute arbitrary code to take over a server, or could lead to a denial-of-service (DoS) attack.

  8. Hackers use Buffer to Send Out Spam on Twitter and Facebook

    Buffer, a social media app, allows its users to schedule and automatically post updates to social media sites such as Facebook and Twitter. Over the weekend it started posting weight-loss spam tweets and posts.

  9. Researchers: LinkedIn Intro is a Man-in-the-Middle Attack

    LinkedIn has released a new product called Intro, which shows users' LinkedIn profiles from inside the native iPhone mail client. Members can, at-a-glance, see the profile picture of the person who’s emailing, learn more about their background, and connect on LinkedIn. It sounds like another step in the march to hyper-connected convenience, but at least one research group has raised security concerns over the functionality.

  10. 44% of Americans Don't Sign Their Credit and Debit Cards

    More than two in five Americans (44%) have chosen not to sign the back of their credit or debit cards, instead writing “see ID” or leaving it blank. However, the tactic is not achieving its intended outcome, as 87% of respondents report that majority of the time they make a purchase with their cards, they are not asked to present proof of ID.

  11. Google Blocks PHP.net – Claims it Serves Malware

    Google's Safe Browsing Tool, used by Chrome, Firefox and Safari to protect users from sites serving malware, yesterday blocked php.net, home of the hugely popular open-source PHP programming language.

  12. (ISC)² Names Inaugural Winners of USA Cyber Warrior Scholarships

    The (ISC)² Foundation, the nonprofit charitable trust of (ISC)², today announced the inaugural recipients of the 2013 USA Cyber Warrior Scholarship, a program developed in partnership with Booz Allen Hamilton to help close the cybersecurity workforce gap by providing career training to qualified veterans who served in the US military.

  13. More Network Solutions Problems: Bouncing Emails and Website Outages

    Network Solutions has had more than a few problems recently. In July a DDoS attack affected some of its servers; this was followed by internal MySQL problems. Then came the DNS hijack affecting some major customers earlier this month.

  14. SMS Spam Report Highlights Football Betting and Payday Loan Spam

    Payday loans and sports betting – the latter hitting new heights with the start of the football season – are behind the majority of messaging spam received in the UK.

  15. A DDoS Attack Could Cost $1 Million Before Mitigation Even Starts

    A new report suggests that companies are unaware of the extent of the DDoS threat, unaware of the potential cost of an attack, and over-reliant on traditional and inadequate in-house defenses.

  16. SQL Injection and Cross-site Scripting Attacks Surge in Q3

    Cross-site scripting (XSS) and SQL injection activity is up 32% in the third quarter, as those with malicious intent look to specifically target web-facing and cloud applications carrying sensitive information about organizations and their customers.

  17. UN Nuclear Agency Computers Infected with Malware

    The International Atomic Energy Agency (IAEA) has admitted that some of its computers have been infected with malware for at least the last few months, but denies that any sensitive data regarding its nuclear inspections has been compromised.

  18. Google and Arbor Networks Team Up on DDoS Digital Attack Map

    Distributed denial-of-service (DDoS) attacks are getting more frequent and harder to detect. To help companies keep up with daily threat levels, Arbor Networks has collaborated with Google Ideas to create a data visualization map of global attacks.

  19. Consumers Take Their Business Elsewhere After a Data Breach

    The costs of data breaches have been well-documented when it comes to remediation and consulting costs, but the more qualitative fallout from a breach, like the impact to brand identity, is harder to pin down.

  20. European Civil Liberties Committee Approves Current Draft Data Protection Regulation

    Edward Snowden's leaked information on the character and extent of NSA surveillance brought new impetus to the European Commission's proposed new General Data Protection Regulation, which had been floundering under the weight of extensive US government and business lobbying.

Why not watch?

  1. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. Navigating Exposures in Energy ICS Environments

  4. Dispelling the Myths of Defense-Grade Cybersecurity

What’s hot on Infosecurity Magazine?