Infosecurity News

  1. Bitcoin hackers hit Mt. Gox and Instawallet with major attacks

    Bitcoin, the virtual currency employed for various web-related transactions, has been enjoying an epic valuation the last few days, reaching an all-time high of $142 per BTC this week according to trading platform Mt. Gox. That translates into $1 billion in BTC circulation, and the smell of money has apparently attracted hackers to the well: Two separate attacks, aimed at Mt. Gox as well as Instawallet, have caused major Bitcoin service interruptions.

  2. UK think-tank advocates a central hub for police social media intelligence

    Policing is intelligence led. Social media is a prime source of intelligence (SOCMINT – social media intelligence). To maximize the potential in SOCMINT it is suggested that the police should develop a central hub of social media expertise.

  3. Krebs outs Flashback author

    A year ago Flashback became the most prolific ever Mac virus, infecting an estimated 650,000 Macs. Now researcher and blogger Brian Krebs names the man he believes to have authored the trojan.

  4. Zombie survivalist game, The War Z, taken offline following password hack

    Gaming platforms, from the Sony PlayStation Network data heist to a break-in of the Gamingo platform one year ago are sporadic but compelling targets for hackers, thanks to their ability to touch so many users at one time. The latest gaming victim is the online multiplayer game, The War Z, which has been taken offline after the compromise of thousands of user accounts.

  5. Hundreds of Japanese one-click scams found infesting Google Play store

    Niche-focused malware is becoming more prevalent as targeted attack vectors continue to pay off in terms of social engineering.

  6. London Underground users can now be hacked at more than 100 Tube stations

    The introduction of Virgin Media’s WiFi to the London Underground is a valuable addition to the UK capital’s anywhere, anytime attitude towards work and the internet – access via mobile phones and tablets need no longer be affected simply because the user is 20 metres underground.

  7. Firefox 20: 11 security fixes and improved private browsing

    Firefox 20 was released on Tuesday. It includes 3 critical, 4 high, and 4 moderate vulnerability fixes; plus several enhancements including a private browsing mode and improved download manager.

  8. LockLizard extends PDF rights management security to the iOS platform

    The London-based digital rights management (DRM) specialist has released its latest Secure PDF Viewer for the iOS mobile operating system

  9. BaneChant trojan hides behind multiple mouse clicks

    A backdoor trojan apparently aimed at the governments of the Middle East and Central Asia has been detected, with a notable new ability to evade detection by tying its execution to multiple mouse clicks.

  10. Washington DSHS clients face potential patient data breach

    Stolen hardware is once again the culprit behind a potential healthcare breach – this time in Washington state, where a private contractor's laptop containing confidential and personal health information on 652 state Department of Social and Health Services (DSHS) clients was discovered to be stolen.

  11. Men's Health & Miltary-themed emails spread malware

    An email campaign spreading malware via links purporting to be either for Men’s Health articles or military-related is spreading quickly, and appear to be coming from Australia or South Korea.

  12. Does ACTA live on in the EC IPRED Directive?

    The European Commission has run a public consultation on the enforcement of IPRED – the Intellectual Property Rights Enforcement Directive. The consultation closed on the day before April Fool’s Day – but not everybody is amused.

  13. American Express joins the ranks of US banks attacked by al-Qassam group

    On Thursday last week the American Express website went offline for a couple of hours during a DDoS attack by the Izz ad-Din al-Qassam Cyber Fighters in pursuance of their ongoing protest against the Innocence of Muslims video.

  14. Don't forget: Evernote used for malware control

    The cloud-based note-taking tool Evernote, with its adorable elephant logo and general user-friendly touchy-feely vibe, seems innocuous enough. However, cybercriminals are giving it a very different character, by hijacking the popular service and using it as a communication and control (C&C) server for malware.

  15. Amazon cloud’s public buckets may be too public

    Amazon’s Simple Storage Service (S3) is a popular cloud storage service, used by business to store static files, and by individuals to share them. Storage can be either public or private; but new research suggests that public is possibly more public than intended.

  16. Spamhaus suffers largest DDoS attack in history – entire internet affected

    Spamhaus, an IP blacklisting service, has been under a distributed denial-of-service (DDoS) attack for a week. Attack traffic has been rated at up to 300Gbps – three times higher than the previous record, and six times greater than the typical attack recently targeting US banks.

  17. Java vulnerabilities are almost ubiquitous

    Java vulnerabilities are seemingly ubiquitous, with vulnerabilities and zero-days nabbing headlines on what seems like a weekly basis. According to an analysis, that perception cleaves fairly close to reality: 94% of endpoints are vulnerable to at least one Java exploit, opening the door for data theft.

  18. The dark side of encryption and social networks: Pedophile Jailed in UK

    An internet pedophile has been jailed at the Inner London Crown Court for eight years after using social networks for grooming and encryption to hide his offenses. Because of the encryption, the police can only guess at other crimes.

  19. Trojans, RATs and Slovenian money gang involved in $2.5 million bank fraud

    Slovenian Police have detained five citizens in a $2.5 million, highly targeted bank fraud campaign. The criminal group was found to be using 25 money mules to electronically transfer funds out of the accounts of smaller companies.

  20. Identifying individuals through mobile tracking

    A new report published in Nature's Scientific Reports section shows how the location data available from mobile devices can be used as a virtual fingerprint to identify individual people regardless of whether the data is 'anonymized'.

Why not watch?

  1. Unpacking the Top Vulnerabilities Exploited by Sophisticated Attackers

  2. New Cyber Regulations: What it Means for UK and EU Businesses

  3. Supply Chain Risk and Mitigation in Operational Technology

  4. Securing Your Move to Hybrid Cloud Infrastructure

What’s hot on Infosecurity Magazine?