Infosecurity News

  1. The 2012 Cost of Cyber Crime Report Says Successful Attacks Doubled

    The 2012 Cost of Cyber Crime study is published today. It’s good news and bad news. The frequency of successful cyber attacks has more than doubled over the last three years, but the annual cost to organizations has slowed dramatically in the last two years.

  2. DarkAngle trojan masquerades as Panda Cloud AV

    In a new twist to ‘rogueware’, Panda Security has warned that its cloud antivirus product name is being used to mask a particularly unpleasant trojan called DarkAngle. While victims may believe that they are installing anti-malware, they may actually be installing the malware itself.

  3. Microsoft will reject ‘weak’ digital certificates from tomorrow

    A weak digital certificate is defined as one signed with an RSA key of less than 1024 bits. Since it is now generally accepted that keys of a lesser length can be brute-forced with modern computing power, Microsoft is upping the ante by forcing a move to a stronger key length.

  4. American think tanks hit in wide-scale cyber-espionage push

    American think tanks are becoming a big intelligence target for hackers from China and other countries, according to Rep. Mike Rogers (R-Mich.), chairman of the US House Intelligence Committee.

  5. Top Android malware is adding features to cast a wider, more difficult-to-detect net

    Android malware for premium SMS fraud continues to grow as a category, and most of it rests on the shoulders of one family of malware: Android.FakeInstaller. However, while FakeInstaller is well-known and included in mobile security software, hackers are now including new features geared to avoid detection and expand its reach.

  6. Microsoft buys authentication firm PhoneFactor

    Microsoft has bought the multi-factor authentication (MFA) company PhoneFactor. Financial terms of the deal have not been released. PhoneFactor will largely continue as is until its products are ‘onboarded’ into the Microsoft Volume Licensing programs.

  7. Data loss, Wi-Fi and NFC identified as top mobile security concerns

    Data loss is the biggest mobile security danger, reveals a new Cloud Security Alliance (CSA) report, but emerging concerns include rogue Wi-Fi access points and Near-Field Communications (NFC) exploitation.

  8. Profile Stalker – an application that spams on Tumblr

    gr8brittyn posted on Tumblr, “Guys I’m really sorry for the Profile Stalkr spam. If you haven’t already, DON’T CLICK IT. I literally cannot figure out how to stop it — and if you try to delete the posts, they’re instantly reposted. I can’t edit them, delete them… anything. PLEASE DO NOT CLICK!”

  9. HMRC choses CPA-accredited encryption

    HM Revenue and Customs (HMRC) chooses CPA over CAPS for its encryption – both CESG-administered security accreditation schemes – and saves the British tax-payer £2.4 million.

  10. Universal man in the browser malware allows real-time information processing

    Hackers who employ the man-in-the-browser (MiTB) gambit to steal information from computer systems have found a way to more efficiently cast their net. According to researchers at Trusteer, a new strain of MiTB malware can adopt a “one-size-fits-all” approach to collecting compromising data from websites, eliminating the time-consuming process of parsing through specific logs for the sensitive bits.

  11. Fusion Center fail, says Senate Report

    A US Senate Committee has produced a 140+ page report analyzing the operation and achievements of the hugely expensive fusion center programme – and is far from satisfied with what it finds.

  12. Ponemon Institute examines business logic attacks

    A study by Ponemon Institute, commissioned by Silver Tail Systems, has examined what it calls 'business logic' attacks against websites. This is not hacking in the traditional sense. It is not breaking into into a server and exfiltrating data, it is the abuse of the legitimate logic of a website.

  13. Hosting company PRQ raided by the Swedish police

    PeRiQuito AB, a Swedish web-hosting company better known as PRQ and even better known as a host for Wikileaks and one-time host of The Pirate Bay, has been raided for the third time by the Swedish police. The reason is not yet known.

  14. Hacktivist campaign targets universities

    Hacktivist collective Team GhostShell is continuing its mission of drawing attention to what it perceives as societal ills, with a hack of data servers at top-rated universities across the globe.

  15. Verizon exec appointed to NSTAC

    The National Security Telecommunications Advisory Committee is about to get a new member, from a company with a strong public sector presence: President Obama intends to appoint Verizon Enterprise Solutions (VES) President John Stratton to the NSTAC.

  16. 4.5 million routers hacked in Brazil

    More than 4.5 million DSL modems have been hacked in Brazil by exploiting a vulnerability in the firmware. All affected modems used a chip from Broadcom.

  17. Anonymous #OpVendetta set for 5th November

    This weekend saw a leaflet paperstorm in London, with masked anons handing out flyers proclaiming #OpVendetta slated for 5th November in London. Led by Anonymous UK and Ireland, it is, we are told, “the biggest Anonymous protest in the UK” yet seen.

  18. File-sharing for personal use is not illegal in Portugal

    The latest move by rightsholders in Portugal in the ongoing war against file sharers has backfired dramatically: the Portuguese Prosecutor has declared that P2P file-sharing for personal use is not illegal.

  19. Businesses still lack confidence in the cloud

    The Cloud Security Alliance (CSA) and ISACA have issued their Cloud Market Maturity report, outlining the top 10 issues with cloud adoption by businesses. They found that confidence is lowest in government regulation as a factor in driving or securing the market.

  20. New Android trojan uses camera app to recreate user's physical surroundings

    Indiana University and the US Navy have created an experimental Android spyware trojan that takes over a device’s camera to take photos and build a 3-D model of the mobile user’s surroundings. The information is then gathered and uploaded to a central server.

Why not watch?

  1. Supercharge Your Security With Intelligence-Driven Threat Hunting

  2. Learn Key Strategies for Industrial Data Security

  3. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  4. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

What’s hot on Infosecurity Magazine?