Infosecurity News

  1. SSL Forward Secrecy Now Included in SSL Pulse Reports

    SSL has long been used to provide security in communications; and Ivan Ristic, director of engineering at Qualys has long been an enthusiast. Last year, with the Trustworthy Internet Movement, he was instrumental in establishing SSL Pulse, "a continuous and global dashboard for monitoring the quality of SSL support across the top one million web sites."

  2. WhatsApp, Avira, and AVG not Hacked, Just Hijacked

    Reports emerged over the last few days that numerous big-name organizations such as WhatsApp, AVG, Alexa and Avira, had been hacked by the pro-Palestine group KDMS. In fact they had not been hacked, merely hijacked in a series of DNS redirection attacks against Network Solutions.

  3. Eight Silk Road-related Arrests Made Worldwide – Four in the UK

    Just hours after the FBI arrested Dread Pirate Roberts, alleged operator of the Silk Road, the UK's new NCA arrested four Brits on related drug charges. Two further arrests were made in the US, and two in Sweden.

  4. NIST, Cyberdefense is Shut Down in the Shutdown

    The National Zoo’s Panda Cam, the World War II memorial, vast swaths of FEMA and food stamps are all casualties of the US government’s ongoing shutdown in the wake of Congress failing to approve funding for government operations. Cybersecurity isn’t escaping the furloughs either, leaving some to postulate that the US is essentially asleep at the switch right now – and eminently vulnerable.

  5. Author of Blackhole Exploit Kit Allegedly Arrested in Russia

    A security researcher tweeted yesterday, "Blackhole exploit kit author 'Paunch' and his partners arrested in Russia." There is no further corroboration, and nothing yet from the Russian authorities; but some circumstantial evidence suggests it may be true.

  6. UK Lauches Its Own FBI: The NCA

    The UK's latest attempt to launch a national police police force as elite and feared as the FBI came into being Monday. Its purpose, says home secretary Theresa May, is "the relentless disruption of organised criminals."

  7. EU's Data Protection One-Stop-Shop Inches Forward

    Current European data protection laws require that multinationals abide by the national data protection law in each country in which they operate. This is burdensome. To ease this burden, the proposed General Data Protection Regulation includes a one-stop-shop principle. But this is proving problematic.

  8. Skorpion Charger Hopes to Take the Sting Out of Android Malware

    Wireless hardware specialist Belkin and Kaprica are tackling Android security with a mobile malware detection scheme that is as simple as plugging in a handset to charge. The Skorpion USB charger is designed to perform a deep scan of a connected device on a set schedule.

  9. PureVPN WAS Hacked, But is NOT Closing

    Ever since the extent of government surveillance of the internet became known through the Snowden leaks, public and commercial interest in virtual private networks (VPNs) to both bypass internet blockades and provide user privacy has escalated.

  10. How Does Law Enforcement 'Subvert' Tor?

    Last summer an FOI request showed that the FBI had abandoned an investigation into TSChan, allegedly a child pornography site on the Darknet, since "because everyone... connected to the TOR Network is anonymous, there is not currently a way to trace the origin of the website. As such no other investigative leads exist."

  11. Google: Android Malware Threat is Vastly Exaggerated

    Legions of vendor reports have highlighted the sheer pervasiveness of Android malware: that there are now 1 million samples in the wild; and that 99% of all mobile malware is Android-related. Google however says that the actual threat has been vastly overblown, and that most malware is caught in its multi-layered defense strategy before users ever install it.

  12. Adobe Hacked – Customers' Card Details and Adobe Source Code Stolen

    Adobe has been hacked. Source code for numerous Adobe products including Acrobat and ColdFusion has been stolen. Customer IDs and passwords have been accessed; and card details for 2.9 million customers stolen.

  13. Industrial Sector's Confidence Outruns its Security Preparedness

    When it comes to industrial systems, manufacturers believe they’re doing well in terms of cybersecurity, even as data breaches are actually increasing. In an era of increasing cyber-espionage by state-sponsored attackers, PricewaterhouseCoopers (PwC) said that despite “significant security improvements, they have not kept pace with today’s determined adversaries” as they continue to “rely on yesterday’s security practices to combat today’s threats.”

  14. Was Nortel's Ottawa Campus bugged?

    On Monday of this week it was reported that listening devices had been found in the former Nortel campus – due to be occupied by the Canadian Department of National Defence (DND). DND has since denied this; but the accusation remains.

  15. Yahoo Swap Bug Bounty Tshirt for $15,000

    On Tuesday this week Infosecurity reported that Yahoo had offered the equivalent of $12.50 (being a voucher redeemable in the company shop) as a reward for responsibly disclosed vulnerabilities. Launch of a new Yahoo reward program has now been rushed forward.

  16. Silk Road Shut Down, and Dread Pirate Roberts Arrested

    Silk Road is perhaps the most infamous illicit marketplace on the hidden (dark) web. It has been seized and shutdown by the feds; and its owner, allegedly Ross William Ulbricht (aka Dread Pirate Roberts), has been arrested.

  17. NSA, DHS Retool Cybersecurity Curriculum Requirements

    Cybersecurity training programs at colleges and universities across the United States are being required to apply new curriculum standards established by the National Security Agency and the U.S. Department of Homeland Security.

  18. Fake Facebook Mobile Login Steals Credit Card Info

    A mobile phishing page is popping up that mimics the official Facebook mobile login page. In and of itself this is not a new gambit—but this particular phish looks to steal more than login credentials.

  19. LexisNexis Data Thieves Hack National White Collar Crime Center

    The National White Collar Crime Center (NW3C) - a congressionally-funded non-profit organization that provides training, investigative support and research to agencies and entities involved in the prevention, investigation and prosecution of cybercrime - has been hacked, according to researcher Brian Krebs' investigation.

  20. Symantec Takes Down a Sizeable Chunk of the ZeroAccess Botnet

    The ZeroAccess botnet, the bandwidth-intensive bug that is known as the most pervasive bot around the world, has had some of the wind knocked out of it. Security firm Symantec has executed a sinkholing operation that took down more than half a million bots and made a serious dent to the number of bots controlled by the botmaster.

Why not watch?

  1. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. Alert Fatigue: What Are You and Your Security Teams Missing?

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?