Infosecurity News
RSA 2013: The grey area of active defense – live manipulation of Kelihos
A live demonstration of active defense at RSA this week highlights the current debate on just how active (for which read ‘offensive’) companies can be in defending their networks. Laws to prevent hacking may also protect the hackers.
RSA 2013: Interview with security evangelist Stephen Cobb
Infosecurity Editor, Eleanor Dallaway, spent a fascinating 45 minutes picking the brain of ESET security evangelist, Stephen Cobb at RSA in San Francisco.
RSA 2013: Compliance Equals False Sense of Security, Says Vormetric
Compliance is responsible for a false sense of security, Alan Kessler, President & CEO, Vormetric, told Infosecurity at the RSA Conference in San Francisco, February 26 2013.
RSA 2013: Aadhaar, the Indian Electronic Identity Scheme, will change lives, says RSA keynote presenter
During the keynote sessions at the RSA conference in San Francisco today, Srikanth Nadhamuni, Head of Technology at UID Authority of India and CEO at Khosla Labs, presented Aadhaar, the identity scheme in India.
Technology moves to make cloud synchronization / storage secure
One of the most worrying security concerns to come out of the growth of cloud computing and BYOD has been the extensive adoption of third-party file synchronization services, typified by Dropbox and Box, but also including other cloud services such as Drive and SkyDrive.
Big data analytics for anomaly detection in security
Big data analytics first evolved for use in marketing: by understanding the relationships between customers and actions, better marketing can be developed. Now the practice is being applied to security: by understanding the relationship between network anomalies and events, better security will evolve.
NBC hack serves Citadel malware to visitors
NBC has become the latest high-profile target for a cyber-attack, with its website, NBC.com, becoming compromised by the Citadel financial malware kit long enough to start serving malware to visitors before being corrected.
Latest (ISC)2 Workforce Study Shows Lack of Skilled Infosec Professionals and Developers
The problem is that not enough skilled people actually get into the profession; and all too often security is deemed to be separate from software development. These are the key findings of the sixth and latest study among the existing global security workforce conducted by (ISC)2, Booz Allen Hamilton and Frost and Sullivan.
A hacker's dream: two-thirds of SharePoint users have no security policy
Even though Microsoft SharePoint is widely deployed throughout enterprises and SMBs as a collaboration platform, a shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application.
New e-shop hawks stolen PayPal accounts
Hacked PayPal credentials are up for sale in the cybercriminal underworld, arranged in a fast and convenient “e-shop” format.
The car of the future will be recording everything you do
A very public row between the New York Times motor correspondent John Broder and Tesla Motors is entertaining motor enthusiasts and worrying privacy advocates. The NYT delivered a negative review, but Tesla had logged every part of the test drive.
Educause hit with server-side data breach
Educause, a non-profit community for IT professionals focused on the higher education vertical, is warning that a data breach has affected its 1,800 college and 300 corporate members.
Security firm accuses Chinese military of involvement in worldwide hacking
Mandiant, a security firm with a close relationship with both US and UK governments (one of the five companies in GCHQ’s new Cyber Incident Response scheme) has made the clearest statement yet: the Chinese military is behind the hacking team known as APT1 (aka ‘Comment Crew’).
French data privacy regulator plans to take on Google
France’s National Commission for Computing and Civil Liberties (CNIL) has warned Google that its response to earlier demands over its privacy policy are inadequate, and that an action plan against Google would be discussed by the Article 29 Working Party of EU national regulators on February 26.
We can’t block YouTube, Egypt’s telecomms authority tells the court
On February 9, Egypt’s Judge Hassouna Tawfiq ordered that YouTube be temporarily banned in Egypt for 30 days following Google’s refusal to remove the Innocence of Muslims video from YouTube.
What will the future of enterprise security look like?
With the year 2020 approaching, join our panel of experts who will examine what near-term advances in information technology may hold, and how enterprises can get ahead of the security curve in anticipation
Facebook is the latest media company to admit it was hacked
On Friday Facebook admitted to being just another hacked media company, joining the New York Times, Washington Post, Wall Street Journal and Twitter in admitting a recent breach – although Facebook claims that no user data was lost.
ZeroAccess is top bot in home networks
When it comes to buggy home LANs in the US, the rate of home network infections actually decreased from 13% to 11% in the fourth quarter of 2012 – translating to about one in 10 households. But out of that, 6% exhibited high-level threats, such as bots, rootkits and banking trojans, while moderate-level threats included spyware, browser hijackers and adware.
The zombie apocalypse is more than just a prank – it’s a wake-up call
On Monday a few TV stations in Michigan, California, Montana and New Mexico broadcast a warning “the bodies of the dead are rising from their graves and attacking the living.”
Jeremy Hammond's legal team seeks judge's recusal
Hacker Jeremy Hammond is accused of being part of the Stratfor breach. Presiding judge Loretta Preska’s husband, Thomas Kavaler, appears on a list of Stratfor ‘victims’. Hammond’s legal team says this creates an appearance of partiality, and has demanded that Preska be recused.
