Infosecurity News

  1. Government official advises users to use a false name online

    There’s a row brewing in the UK after a senior security official at the Cabinet Office advises users to provide false personal information to websites such as Facebook. Opposition MPs and Facebook are not amused.

  2. Unprotected backdoor into industrial control systems

    A software tool that is used to program the programmable logic controllers (PLCs) used in much of the critical infrastructure contains an unprotected backdoor that could be used by hackers to access any such device that has an internet connection.

  3. Jesus and Ninja show up in most-hacked passwords list

    Apparently, quite a few people feel that “Jesus” can save them from online account breaches –but the popular Spanish men’s name and savior in the Christian tradition performs no miracles as a password, coming in at 21 in a list of the top 25 most-hacked passwords of 2012.

  4. Jester’s warbag: be careful of what you do on the internet

    Jester (th3j35t3r) describes himself as a patriotic cyber activist. He spends his time trying to find and take down what he considers to be enemies of the USA, ranging from Wikileaks and Anonymous to militant Islamic websites.

  5. Former Sky insider found guilty of misusing company information

    “Sky succeeds in its claims against Mr Freeman, Mr Sullivan and Mr Marrow and also against Mr Lee,” ruled High Court judge Sir William Blackburne, finding that Mr Lee had misused confidential Sky customer data.

  6. Insiders exploiting privileged accounts likely behind Saudi Aramco attack

    With the recent attack on Saudi oil giant Aramco being credited to Iran by the US government, a new report suggests that it may have been an inside job.

  7. With an eye to piracy, Microsoft will not sell physical copies of Windows 8 in China

    In an effort to combat software piracy and the related malware vectors that it presents, Microsoft will not sell Windows 8 as a physical boxed product in China.

  8. Barnes and Noble hacked

    Barnes and Noble has revealed a data breach involving PIN pads in its 63 stores. It appears that only one pad was affected in each of the stores, but all have now been disconnected for forensic examination.

  9. Sony PS3 hacked again

    Sony’s policy of maintaining control over what software can run on its PS3 console has been undermined – some suggest permanently – by the release of the PS3 LVO decryption keys.

  10. Proposed new law will give Dutch police authority to hack foreign computers

    Yesterday, reporting an interview with Foreign Secretary William Hague, the Telegraph stated that the UK, “should be willing to engage in covert cyber attacks on enemy states.” The Netherlands is simultaneously proposing to allow its police to take the battle to foreign computers.

  11. Sony data breach lawsuit largely dismissed

    A class-action suit against Sony over a PlayStation Network data breach in April of 2011 has been largely dismissed, after months of consumer backlash and high-profile recriminations against the company.

  12. US considers preemptive action to prevent 'Cyber Pearl Harbor'

    Iran may have been the culprit behind the recent rash of cyber-attacks on oil and gas giants in the Middle East, said US Defense Secretary Leon Panetta, who recently warned that the US was facing the possibility of a “cyber-Pearl Harbor” as politically motivated hackers target the nation’s power grid, transportation systems, financial networks and government entities.

  13. ISSE 2012: Securing the OS and User Experience is Key to Securing Smartphones, Says BlackBerry

    Smartphones should be shipped with microkernel technology from the beginning and a sandbox for every application, Patrick Michaelis, senior product manager, BlackBerry Security, told the audience at ISSE 2012 in Brussels, 23rd October. “The technology is 25 years old but nobody is using it”, he said.

  14. Microsoft settles with Sabelnikov over the Kelihos botnet

    A short note on Andrey Sabelnikov’s Facebook page says simply, “Endless story is ended at last.” Sabelnikov is the Russian coder accused by Microsoft of being the man behind the Kelihos botnet. Sabelnikov denied this – and now the two sides have reached an agreement.

  15. Piers Morgan’s denial of phone hacking at The Mirror to be tested in court

    Just weeks before the Leveson Inquiry is expected to deliver a critical report on press ethics to prime minister David Cameron, a new lawsuit over alleged phone hacking is filed; this time against Trinity Mirror Group, including the time when Piers Morgan was editor.

  16. Japan & India strengthen cyber-security cooperation

    During a meeting to exchange views on regional and international security, including maritime, cyber and outer-space security, India and Japan have agreed to kick off the India-Japan Cyber Security Dialogue, starting with an early meeting in the coming months.

  17. Cross-zone scripting vulnerabilities found in Dropbox and Drive

    “Exploiting this vulnerability,” announced IBM’s Application Security Insider blog, “an attacker could steal arbitrary files from a DropBox / Google Drive user by tricking him into viewing a malicious HTML file inside the mobile app.”

  18. Passwords: young people are lax, rich people are careful

    A new survey on password attitudes shows a difference between age groups, income, marital status and more – providing intriguing data that might be as valuable to the sociologist as to the security industry.

  19. Pacemaker virus could lead to "mass murder"

    Hackers now have a new attack vector, but one with much more serious consequences than data theft or financial ruin: pacemakers and implantable cardioverter-defibrillators (ICDs).

  20. Top 5 UK SMS spam campaigns are finance-related

    When it comes to mobile spam, some campaigns are destined for the Hall of Fame, thanks to how widespread they’ve become. Taking a look at the contenders, mobile security firm AdaptiveMobile has ranked the top five SMS spam campaigns that have plagued UK mobile phone users in 2012—and they all revolve around finances.

Why not watch?

  1. The Future of Fraud: Defending Against Advanced Account Attacks

  2. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  3. Supercharge Your Security With Intelligence-Driven Threat Hunting

  4. Supply Chain Risk and Mitigation in Operational Technology

What’s hot on Infosecurity Magazine?