Infosecurity News

  1. Joomla Exploit Cashes Out Accounts with Zbot Variant

    Websites using the popular content management system Joomla are at risk of being hijacked for use in malware payload and phishing attacks, thanks to the discovery of a fresh vulnerability and accompanying zero-day attack.

  2. Department of Defense Approves BlackBerry for MDM

    Remember when President Obama had to get a special, encrypted version of his BlackBerry in order to continue using a smartphone post-election? It’s taken the US Department of Defense (DoD) about five years since then to support anything but restricted smartphone use (no selfsies, folks), but now a step is at hand: The US Defense Information System Agency (DISA) has given BlackBerry Z10 and BlackBerry Q10 smartphones with BlackBerry Enterprise Service 10 the authority to operate (ATO) on DoD networks.

  3. Bitcoin Besieged by Hackers and Regulators

    Just as Bitcoin warns its users that Android-based bitcoin wallets are vulnerable to theft, so the New York Department of Financial Services subpoenas 22 digital currency companies and investors, and investigates the regulatory guidelines that should be put in place.

  4. Two Men Arrested in London Over DDoS Extortion Threats

    Following what the Greater Manchester police described as their largest ever cybercrime investigation, two polish men were arrested at a Heathrow hotel on suspicion of blackmailing a Manchester-based internet company with threats of a DDoS attack.

  5. RAT Drains California Escrow Firm Out of Business

    In a testament to the very real business threat that cybercrime represents, a remote access trojan (RAT) has drained a California escrow firm of $1.5 million, forcing it to shut its doors and lay off its nine employees – at the state’s behest.

  6. World's Largest Telcos Face Legal Action from Privacy International over Tempora

    Privacy International has sent a pre-action letter (a formal pre-cursor to legal action) to BT, Verizon Business, Vodafone Cable, Level 3, Global Crossing (now owned by Level 3), Viatel and Interoute. At issue is the telcos' involvement in GCHQ's spy program Tempora.

  7. Mobile Malware Spikes 30% in First Half of 2013

    Mobile malware continues to escalate in volume, with security vendor Fortinet seeing a 30% increase in malicious samples in just the last six months. The firm is seeing more than 1,300 new samples per day, mostly, unsurprisingly, Android-focused. The threats range from new ransomware samples to new exploits of old vulnerabilities.

  8. Gartner Says Risk-Based Approach will Solve the Compliance vs Security Issue

    Later this month in Sydney and in London in September, Gartner will hold summits on compliance and security. Compliance, it suggests, should be subsumed into risk management, rather than security being subsumed into compliance.

  9. Hand of Thief Banking Trojan Takes Aim at 'Secure' Linux OS

    Hard on the heels of the discovery of the Russia-originated KINS banking trojan, a different Cyrillic cybercrime team has developed a financial trojan targeting the Linux operating system.

  10. Fort Disco – a Botnet that Delivers Brute Force Logon Attacks

    The last year has seen an evolution of botnets from home computers to commercial servers; a practice that seems to be gathering pace. However, methods of compromising web servers are different to the traditional PC compromise.

  11. Latvia to Extradite Suspected Gozi Mastermind to Face Charges in the US

    Since the beginning of 2013, the US authorities have sought the extradition of Deniss Calovskis, a Latvian citizen, who was charged in January with being one of the three ringleaders behind the Gozi virus.

  12. CIA’s John Mullen Declares People Biggest Threat and Risk Management Best Defense

    People present the greatest cyber vulnerability and educating them is key to protecting your valuable information, John K. Mullen, senior operations officer at the CIA told the audience at 2013 SINET Innovation Summit in New York, August 6th 2013.

  13. US Counterintelligence Executive Says NSA Doesn’t Have Adequate Resource to Monitor All Communications

    Presenting the keynote at the 2013 SINET Innovation Summit in New York, August 6th 2013, Frank Montoya Jr., National Counterintelligence Executive, assured the audience that "we don't have the resources" to monitor and evaluate information on all communications when asked about the NSA surveillance programs.

  14. Did the FBI Use CIPAV Against Tor?

    Following the arrest of Eric Eoin Marques last week, websites in the darknet hidden services began to go down. A piece of javascript malware was found and posted to the internet. Researchers are now wondering if this is the first live sample of the FBI's fabled CIPAV malware.

  15. Feds Seek Extradition of Child-Porn Dealer – Darknet Compromised

    On Friday the Irish High Court denied bail to Mr Eric Eoin Marques, arrested the day before on an extradition warrant issued in Maryland charging him with distributing and promoting child pornography on the internet.

  16. Colin Powell's Emails Tapped by Hacker

    The hacker known as Guccifer, who makes a habit of hacking the rich and powerful – the 'Illuminati' in his own terms – has struck again, this time forcing former US Secretary of State Colin Powell to deny an affair.

  17. Rodecap – a New Spam Bot in Town

    Just over a week ago Symantec published a note on a new spam bot that it was and is currently investigating. A Swiss researcher, however, was already on it, having trapped the first instance in his sandnet two days earlier.

  18. Comfoo – the APT RAT that Ratted on RSA

    The Comfoo trojan has been in continuous development since at least 2006. It has more than 200 variants and has been used in at least 64 different campaigns, including the RSA SecurID breach in 2010 – but little has been known about it.

  19. Black Hat 2013: Researchers Demo How Smart TVs Can Watch You

    Two different presentations at Black Hat Las Vegas on August 2nd 2013 called new attention to the risks posed by smart TVs increasingly found in homes and offices around the world. Researchers demonstrated how vulnerabilities in these systems can be used to steal online credentials, sensitive data and even turn device cameras against users to record them illicitly. Ericka Chickowski reports.

  20. BSides Las Vegas: How to Find Fame as an Information Security Professional

    Self-promotion through social media is the key to improving your visibility in the information security industry Javvad Malik told an engaged audience at BSides Las Vegas on August 1st 2013.

Why not watch?

  1. Navigating Exposures in Energy ICS Environments

  2. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?