Infosecurity News

  1. 1.6 million records hacked and dumped by GhostShell

    Hacking group Team GhostShell launches a new logo, drops 1.6 million hacked records in the name of ProjectWhiteFox (NASA, European Space Agency, Bigelow Aerospace and more), and signs off until the new year.

  2. Shamoon was an external attack on Saudi oil production

    In its first comment on the apparent purpose behind the August Shamoon attack on Aramco, Saudi Arabia said Sunday that it was an external attack not just against Aramco, but against the Saudi economy.

  3. GPU cluster can crack any NTLM 8-character hashed password in 5.5 hours

    A cluster of 25 AMD Radeon GPUs using OpenVCL and the Hashcat password recovery software is claimed to make 348 billion guesses per second against NTLM hashed passwords, and 63 billion against SHA1 hashed passwords according to a presentation at last week’s Passwords^12 conference in Oslo.

  4. Cyber-attacks that kill, IPv6, and vulnerability markets on tap for 2013

    As rough of a year as 2012 was for cybersecurity, in 2013 we will see higher stakes than ever before, researchers say. WatchGuard's security research analysts are predicting upticks in emerging cyber threats – including those that can cause loss of human life.

  5. Goodbye, 123456: Blackberry bans weak passwords

    Blackberry has always had a reputation for taking particular care when it comes to security. Its enterprise-server-based deployment configuration was one of the reasons the Blackberry soared to such a high penetration rate in North America, pre-iPhone. Now, Blackberry-maker Research in Motion is tackling the consumer side of things, banning 106 passwords from being used with its devices because they are too weak.

  6. New and improved SHA1 cracking method for passwords published

    SHA1 is probably the most widely used password cryptographic hash function; but perhaps it shouldn’t be. The first attack faster than brute force against SHA1 was discovered in 2005, and just over two months ago NIST declared, “Federal agencies should stop using SHA-1...”

  7. Malware set to take a big bite out of Apple in 2013

    As Macs and other Apple devices move from the purview of the creative and CxO arenas into a more entrenched home in the enterprise, SophosLabs expects malware developers to reallocate their resources accordingly.

  8. Zeus malware throws €36+ million lightning bolt across Europe

    A highly sophisticated, multi-pronged cybercriminal attack used to steal an estimated €36+ million from more than 30,000 bank accounts across Europe has been uncovered. The attack uses a new, souped-up form of the Zeus trojan.

  9. 2012: The Year Malware Went Nuclear

    Kaspersky Lab has broken down the top security stories of 2012, and the list is certainly filled full of doozies. The Mac OS X Flashback epidemic, cyber-espionage, the Android mobile malware explosion and Java zero-days are but a few of the greatest hits, or worst hits, as it were, of the year.

  10. Swiss intelligence agency loses terabytes of data to an insider

    An IT technician working for the Swiss intelligence agency NDB simply downloaded and walked out with terabytes of data – the equivalent of ‘thousands or even millions of printed pages.’

  11. O2 Ireland loses back-up tape with unknown, unencrypted data

    O2 Ireland, part of the Spanish telecommunications company Telefónica Europe, has admitted the loss of a backup tape. The loss happened in September 2011, O2 learned about it in the summer 2012, and is now telling its customers.

  12. Acer India hacked by Maxney; 15,000 user details leaked

    It was announced on Sunday that the Acer India website has been hacked over the weekend, and a 41 Mb file was stolen and published on RapidShare.

  13. Microsoft tackles click-fraud in online advertising

    Microsoft is teaming up malware researchers with its online advertising fraud experts in order to tackle a rising tide of online click-fraud.

  14. EMV global payment standard will drastically reduce credit-card fraud in the US

    With the Europay, MasterCard and Visa (EMV) global standard for credit and debit cards poised to be adopted in the US (there is an April 2013 migration deadline), analysts at Frost & Sullivan say that credit card payments will become much more secure. Almost half of the world’s credit card fraud last year (46%) took place in the US, where the easily compromised magnetic stripe still rules the day.

  15. Hacktivist group targets Syria in wake of internet blackout

    Global hacktivist collective Anonymous is targeting Syrian websites worldwide to protest an internet blackout in that country, which was instituted Thursday in what most think is an attempt by President Bashar al-Assad to cut off communication routes for the opposition.

  16. Clickjacking threatens two-thirds of top 20 banking sites

    Almost a two-thirds of the top banking sites, one-fifth of popular open-source web app sites and a full 70% of the top 10 websites by number of visitors have absolutely no countermeasures against clickjacking attacks, even if they require a secure environment, such as banks providing online banking services.

  17. Anti-virus vendors warn users to beware of the ChangeUp worm

    ChangeUp is the Symantec name for the worm known as W32/VBNA-X by Sophos and W32/Autorun.worm.aaeb by McAfee. All three companies are warning their users about an increase in detections over the last few days.

  18. BPI demands UK Pirate Party shut down its Pirate Bay proxy

    The British Phonographic Industry (BPI) has written to the UK Pirate Party, a democratic political party, and demanded that it close the proxy service it provides to allow users to bypass the ISP block on The Pirate Bay.

  19. Hewlett Packard’s Autonomy woes deepen

    On Tuesday a new shareholder lawsuit claimed audit firms Deloitte and KPMG missed red flags about Autonomy’s accounting, and also named HP's board of directors, officers, and former executives alleging breach of duty and negligence.

  20. Report tests browser ability to filter malicious URLs

    NSS Labs has published the second of its two analyses on the security capabilities of the four leading browsers. The first report was on the ability of browsers to block malware; this second is on browsers ability to filter malicious URLs.

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  3. Learn Key Strategies for Industrial Data Security

  4. Supercharge Your Security With Intelligence-Driven Threat Hunting

What’s hot on Infosecurity Magazine?