Infosecurity News

  1. UK government’s Facebook login proposals don’t hold water

    Earlier this month there was much discussion in leading UK national newspapers about a proposal to allow the use of social media credentials to access government websites. This was confirmed by the Government Digital Service blog, which has promised more details in the next few weeks.

  2. Randomness and the Intel Ivy Bridge microprocessor

    Cryptography Research (CRI) has published its investigation into the random number generator used by the Intel Ivy Bridge processor, the processor that is likely to be used by the majority of new PCs and laptops now and for the immediate future.

  3. ENISA summarizes risks and opportunities of IT consumerization

    The European Network and Information Security Agency (ENISA) has summarized both the risks and opportunities in the ‘consumerization of IT’, the business trend that includes BYOD.

  4. TD Bank lost customer data – six months ago

    The first public indication of the loss appeared on the California Attorney General website, with the publication of a sample ‘notification’ letter now being sent to the bank’s affected customers.

  5. ISF issues cybersecurity Benchmark as a Service

    In an effort to make the evaluation of security resilience and risk reduction strategies more accessible, the Information Security Forum (ISF) has launched a “Benchmark as a Service” (BaaS) tool, for real-time benchmarking via the cloud.

  6. Hackers and crackers invited to decode an 'unbreakable' secret message

    Wannabe code-crackers have a fresh challenge to rise to, if DeTron has its way. The encryption company ran a full page ad in the New York Times late last week challenging code breakers, hackers and cryptographers to crack a message encrypted by Quantum Direct Key (QDK) – a personal identification encryption technology aimed at eliminating multiple passwords for cloud services and web apps.

  7. New GCHQ Territorial (Spook) Army

    The UK’s Territorial Army is a paid force of part-time volunteers that make up around 25% of the army’s manpower. It is considered an essential part of the UK’s defense force. Now GCHQ is thinking of using the same principle to bolster the UK’s cyber defense.

  8. Malicious emails: Romney almost President

    A new malicious email campaign pretends to be from CNN. It announces breaking news – Mitt Romney is ‘almost president’. But it leads to a Blackhole exploit site.

  9. Firefox 16 shipped, pulled and updated within 2 days

    Firefox 16 was released on Tuesday, pulled from the download page on Wednesday, and replaced with Firefox 16.0.1 on Thursday. The main cause was that Tuesday’s version introduced a new critical bug that was fixed by Thursday.

  10. SMBs more vulnerable to data breaches than larger brethren

    Contrary to conventional wisdom, hackers don’t just target large enterprises with vast amounts of data to steal. Small- and medium-sized businesses are just as attractive of targets, and in some cases are more so.

  11. RSA Europe 2012: Anonymous responds to Corman’s comments

    “Anonymous has very few hackers, it has very few activists… It is very misleading to call the groups hacktivists. The common attribute is angst. The talented ones are either quitting or starting to do things that are more clandestine.”

  12. Teen hacker earns $60K for full Google Chrome exploit

    A teenage hacker with the handle 'Pinkie Pie' has nabbed a $60,000 prize from Google, for launching a full Chrome exploit for the second time.

  13. First annual report of cyber incidents in the EU

    The European Network and Information Security Agency (ENISA) has published its first Annual Incidents Report from data supplied in conformance with Article 13a of the EU’s telecom reform directive.

  14. RSA Europe 2012: UK’s ID Assurance Programme puts verification choice into user’s hands

    At this week’s RSA Europe Conference in London, representatives from the UK Government outlined details of a pan-government model for identity assurance that engages the services of third-party ID verification providers

  15. Android adware, Zitmo botnets and Romanian hackers, oh my!

    We're not in Kansas anymore: The third quarter of 2012 saw a marked increase in Android adware, while new evidence surfaced suggesting that the Zeus-in-the-Mobile (Zitmo) banking trojan is evolving into a botnet. And, Romanian hackers are continuing to perform large-scale scanning for web vulnerabilities, according to the quarterly threat assessment from Fortinet.

  16. RSA Europe 2012: DDoS Attacks Used as Diversion Technique

    DDoS attacks are being used as a component in the newly emerged multi-flank attacks, Symantec’s deSouza told his audience at RSA Europe 2012 in London, 09 October 2012.

  17. RSA Europe 2012: Replace perimeter-based security with intelligence-based security, says Art Coviello

    Art Coviello, executive vice president , EMC Corporation and executive chairman, RSA, opened RSA 2012 with a very clear message in his keynote: perimeter-based security strategies need to be replaced with intelligence-based strategies.

  18. Bad Bad Piggies – beware of fakes

    No slouches in spotting an opportunity, the bad guys have already focused on Rovio’s new Angry Birds spin-off, Bad Piggies. Be careful what you install – it might be a real pig.

  19. Mac-focused malware is big and getting bigger

    Despite the Mac reputation as being more secure because of Apple’s tight control over its vertically integrated ecosystem, Mac-specific malware and advanced persistent attacks (APTs) against human rights groups is on the rise, cautions Citizen Lab Senior Security Analyst Seth Hardy.

  20. World of Warcraft hit by hacking massacre

    Apocalypse has come to World of Warcraft: whole cities have been massacred in the online adventure game, leaving nothing but smoking wreckage.

Why not watch?

  1. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  2. Securing Your Move to Hybrid Cloud Infrastructure

  3. Supercharge Your Security With Intelligence-Driven Threat Hunting

  4. The Future of Fraud: Defending Against Advanced Account Attacks

What’s hot on Infosecurity Magazine?