Infosecurity News

  1. Google plots Pwnium 3 Chrome hacking contest, with $3.14 million on the line

    In a move with perfect timing considering the number of Chromebooks that Google sold over the holidays (hint: a lot), the company has announced its third Pwnium hacking competition, which will have a new focus: the Chrome OS. In all, the browsing behemoth plans to award up to $3.14 million in winnings to those who can produce full exploits.

  2. Advocacy groups mark Data Privacy Day with key announcements

    The year 2012 was a very bad year for data breaches, with more than 240 million records compromised. So, to mark this week’s international Data Privacy Day, the Online Trust Alliance has released its ‘2013 Data Protection and Breach Readiness Guide’ to help organizations prevent and respond to such incidents.

  3. Anatomy of a botnet targeting Facebook users

    PokerAgent, a trojan botnet that infected about 800 computers, mainly in Israel, and stole around 16,000 Facebook credentials during 2011/2012 is analyzed in depth.

  4. Lessons to learn from the Yahoo! hack

    Last month Egyptian hacker ViruS_HimA claimed a hack into a Yahoo server. He provided proof without disclosing any content, and claimed his purpose was to improve security by demonstrating its weakness.

  5. Malwarebiter is fakeAV, warns MalwareBytes

    A product advertising itself as the ‘World’s greatest anti-malware software’ is really fakeAV from a site that delivers Zeus via drive-by downloading, says Malwarebytes; but Norton Safe Web doesn’t know it.

  6. Numerous surveillance cameras may be vulnerable to unauthorized access by hackers

    About 20 security camera solutions are vulnerable to hackers looking to gain remote, unauthorized access to closed-circuit surveillance networks.

  7. Ransomware threat on the increase

    While DDoS and APTs may be the main threat to business, ransomware is increasingly and effectively being targeted against the consumer. A new spike in Trojan.Ransomlock.Y detections has been noted this week.

  8. Google facing legal battle in the UK over Safari cookies

    Today is Data Protection Day in Europe (Data Privacy Day in the US/Canada). It also marks the launch of a new Facebook page, ‘Safari Users Against Google's Secret Tracking.’

  9. Twitter ordered by France to reveal anti-semitic tweeters

    A French court yesterday ruled that Twitter must reveal the identities of users who post racist and anti-Semitic comments following demands from the Union of Jewish Students of France (UEJF).

  10. Senate Democrats introduce 2013 Cybersecurity Act

    After a US presidential election season that saw cybersecurity policy come front and center in debates and as planks in political platforms, the US Senate Committee on Commerce said this week that it is reviving the debate surrounding the passage of a comprehensive cybersecurity bill with a new proposal.

  11. Eastern European CERTs stage massive Virut botnet takedown

    A large Eastern European botnet has been thwarted in Poland and Russia – for now. Local Computer Emergency Response Teams (CERTs) and partners have shut down the Virut threat, which in Poland alone commanded more than 890,000 unique IP addresses.

  12. ICO fines Sony £250,000 for loss of personal data in 2011

    In a monetary penalty notice dated 14 January but announced today, the Information Commissioner’s Office has fined Sony Computer Entertainment Europe Ltd £250,000 for a serious breach of the UK's Data Protection Act.

  13. SCADA password-cracker targets Siemens gear

    SCADA vulnerabilities are once again making their frightening selves known with the revelation that a new password-cracker is specifically targeting industrial control systems.

  14. Cybersecurity faces mostly 'post-PC' threats

    Even as the existing cybersecurity threat landscape becomes more complex, IT departments should be looking to the next wrinkle: cybercriminals have moved beyond the PC, targeting Android, social media and the Mac OS X with new attacks.

  15. New features available for GoAnywhere file transfer services

    Linoma Software, the managed file transfer and data encryption specialist, has announced new clustering and load balancing capabilities for its GoAnywhere Services version 3.1 offering.

  16. Why did WikiLeaks dox Swartz?

    In a brief series of tweets, WikiLeaks seems to have named Aaron Swartz as a WikiLeaks contributor; but the motivation for the move remains unclear.

  17. Mega’s security put under the microscope; and Mega responds

    Following the razzmatazz at the launch of Dotcom’s new secure Mega file storage service over the weekend comes the expected analysis and criticism of its security. There are two primary areas of focus – the RSA key generation and an apparent deduplication process.

  18. Red Dot – a new exploit kit for hire

    A new exploit kit dubbed Red Dot is being offered for hire on the internet underground at $700 for 6 months, or $1200 for a full year (although the vendor retains ‘the right to change the price of the product at any time’).

  19. Canadian student threatened, expelled and then hired

    The solution to bad publicity is to own it, not inflate it. That’s what SkyTech has done with the Canadian student who found flaws in its software: first he was threatened and expelled, but now he’s been offered a scholarship and part-time job.

  20. Foxit fixes PDF reader security vulnerability

    Foxit has released a new version of its PDF viewer, Reader 5.4.5, which fixes a web browser plugin vulnerability that would allow attackers to execute arbitrary code.

Why not watch?

  1. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  2. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  3. New Cyber Regulations: What it Means for UK and EU Businesses

  4. Learn Key Strategies for Industrial Data Security

What’s hot on Infosecurity Magazine?