Infosecurity News

  1. Removing administrator rights is no solution against drive-by attacks

    When Windows 7 was released, Gartner recommended that migration from XP be used as a catalyst for removing administrator rights from as many users as possible, which it said is ‘the single most important way to improve endpoint security.’

  2. Credit reporting one key to celebrity doxxing affair

    In the wake of the high-profile celebrity and politician doxxing campaign last week, in which private information about dozens of celebs from Michelle Obama to Kim Kardashian was posted online, more information about the provenance of the information has come to light.

  3. NIST’s National Vulnerability Database vulnerable and hacked

    The first sign of a problem was the simple message, this site is ‘down for maintenance’. This was later replaced by the current message, NVD ‘has experienced an issue with its web services and is currently not available.’ The reality is, NVD got hacked.

  4. Who’s really attacking your ICS Equipment?

    State-sponsored malware such as Stuxnet and Flame raised awareness of ICS/SCADA vulnerabilities, and the potential for serious infrastructure damage via them. New research presented today at Blackhat Europe discusses the findings of a honeynet study into ICS attacks.

  5. Printer-related security breaches affect 63% of enterprises

    Even though organizations are increasingly aware of the damage that can be done to their reputation and customer trust through the misuse or loss of sensitive data, a new report reveals that only 22% of businesses have implemented secure printing initiatives, indicating a low level of awareness of the efficacy of this attack vector.

  6. Tibetan, Uyghur activists fall victim to MiniDuke malware

    Activists for Tibet and China’s Uyghur community are being targeted once again, this time with an Adobe PDF vulnerability using the MiniDuke malware.

  7. Malware attack recovery costs an average of $3,000 per day

    Organizations citing cybersecurity costs as an impediment to implementing a layered defense should rethink their priorities: Denial of service (DDoS) and malware infection recovery costs range into the thousands of dollars – per day.

  8. Nevermind Anonymous – organizations are in danger of DOSing themselves

    The danger comes from staff bringing both their personal devices and their personal preferences to work – whether that’s listening to the radio, watching the latest episode of their favorite soap during break periods, or browsing YouTube.

  9. CSO role expands to include organization-wide risk management

    That information security is really an aspect of organizational risk management is well known in theory, but is now being mirrored in practice. New research demonstrates that CSOs are increasingly adopting a risk-based rather than tick-box approach to security.

  10. France, Skype go tête-à-tête over lawful intercept

    Skype is running into a contretemps, as it were, with the French telecom authority over lawful intercept regulations, with some executives possibly facing criminal charges for non-compliance.

  11. Amid banking DDoS attacks, Obama convenes cybersecurity meeting with CEOs

    President Barack Obama is shining yet another light on the rising cybersecurity threat in the US, sitting down with more than a dozen CEOs inside the White House Situation Room to discuss how government and the private sector can work together to better protect the nation’s citizens and critical infrastructure.

  12. Celebrities, politicians lose privacy in doxxing attack

    A range of political and celebrity targets have been made victims of a cyber-attack known as “doxxing”, by perpetrators using a Russian website.

  13. Australia's central bank admits it was hacked

    The Reserve Bank of Australia has admitted that its been an ongoing target for hackers, although the nation's central bank says no data has been lost as a result of the attacks.

  14. VISA sued over PCI fines levied on retail company

    In what is believed to be an industry first, Tennessee-based footwear and sports apparel retail chain Genesco is suing Visa over a $13 million dollar fine imposed following a data breach in 2010.

  15. Another Honeywell ICS vulnerability rears its head in building control

    A new vulnerability, CVE-2013-0108, has been discovered in Honeywell industrial control systems (ICS), continuing the growing trend of SCADA and building control issues.

  16. Spam back with a vengeance in February

    After a fourth quarter of declining spam levels in 2012, junk emails actually almost doubled in February 2013.

  17. Lack of privacy is not that bad, says Univ. of Chicago – you haven’t got it anyway, says Cambridge

    Against a background of the EU likely to water down its privacy proposals, and Harvard university secretly searching the emails of 16 resident deans, two major universities have published two very different papers on privacy in the internet age.

  18. Tripwire acquires nCircle

    Tripwire, a Portland Ore security and compliance company, has announced a definitive agreement to acquire nCircle, a San Francisco risk and security performance management company.

  19. China’s next-generation internet is streets ahead of the West

    So says an article in the latest issue of New Scientist, commenting on a report published in the Proceedings of the Royal Society last week. The key, apparently, is China’s implementation of Source Address Validation Architecture (SAVA).

  20. Malware developers paying $100 apiece for Google Play accounts

    Dovetailing with the ever-escalating glut of Android-based mobile malware, it turns out that a black market for Android developer accounts has sprung up. Google Play accounts are apparently going for $100 a pop in the cyber-underground.

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  3. Learn Key Strategies for Industrial Data Security

  4. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

What’s hot on Infosecurity Magazine?