Infosecurity News

  1. Visa reveals $11 million ATM heist

    Some ring in the New Year with champagne, others with highly coordinated theft operations. In the latter camp, Visa has revealed that cybercriminals pulled off an $11 million ATM heist as 2012 wound to a close.

  2. ESET releases new versions of anti-virus and internet security products

    Slovakia-based security vendor ESET has introduced NOD32 Antivirus 6 and ESET Smart Security 6 with anti-theft, a dedicated anti-phishing module and social media scanner

  3. Lucky 13 – a new attack against SSL/TLS

    According to the SSL Labs website, “There is little doubt that SSL is the technology that protects the internet. By transforming insecure communication channels into opaque data streams, SSL allows sensitive data to reach its destination uncompromised.”

  4. Malware takes a Nap to avoid detection

    Everyone likes to catch some naptime shut-eye now and again – including, apparently, malware. FireEye Labs has encountered stealthy malware that employs extended sleep calls to evade automated analysis systems capturing its behavior.

  5. Trust and Cooperation key to EU cyber strategy, says EC

    The strategy and an accompanying proposal for a Directive on Network and Information Security (NIS) across the European Union is expected to be published today, February 7 2013.

  6. Joint Microsoft/Symantec operation takes down Bamital botnet

    Bamital is a click-fraud and search hijack operation that is estimated to have earned its operators around $1 million annually. Microsoft and Symantec have now identified and shut down all known components of the botnet.

  7. Tridium vulnerability throws building controls wide open to hackers

    Imagine if hackers were able to remotely control electronic door locks, alarms, lights, elevators, heating and thermostat systems, and other physical industrial facilities? Well it turns out that, thanks to a critical vulnerability in Honeywell industrial control systems, they can.

  8. Juniper Networks acquires Accumuli’s Webscreen DDoS mitigation technology

    The agreement, effective from February 4, 2013, gives the US networking giant the Webscreen technology plus some assets, while providing Accumuli with $10 million to invest in its core services.

  9. ForeScout and AirWatch team up on enterprise-based BYOD solutions

    Two vendors specializing in enterprise-based mobile security recently announced a partnership that will integrate their technologies for BYOD deployments

  10. Malware monetization settles into four main vectors

    When it comes to malware, threats are coalescing into four typical methods that cybercriminals are using today to extract money from their victims, according to Fortinet Labs. The research also showed increasing activity in mobile malware variants of the Android Plankton ad kit, as well as in hacktivist web server vulnerability scanning.

  11. Visa to support generic EMV to bolster US smart card adoption

    Card processing giant Visa is embracing the idea of a common US debit security approach by agreeing to partially open up the kimono on the technology behind its Europay MasterCard Visa (EMV) chip card – hoping to facilitate EMV adoption in the process.

  12. Chinese ties suspected in APT targeting aerospace and defense industries

    An advanced persistent threat (APT) specifically targeting the aerospace and defense industries has been uncovered, with likely ties to Chinese hackers, security researchers say.

  13. DroidCleaner: Android malware that infects PCs

    DroidCleaner, an Android app that claims to free up smartphone memory but actually infects connected PCs, has been removed from Google Play but is still available from third-party app stores.

  14. Iceland expelled FBI agents seeking to question a WikiLeaks volunteer

    On Friday, Iceland’s interior minister revealed that two years ago he expelled FBI agents who had arrived unannounced in Iceland to interview an unidentified WikiLeaks associate in August 2011, and had instructed the police not to cooperate with the FBI.

  15. Twitter hacked – 250,000 user details may have been lost

    Late on Friday afternoon Twitter announced that it had been breached and that attackers may have had access to usernames, email addresses, session tokens and encrypted/salted versions of passwords for approximately 250,000 users.

  16. Red October cyber-espionage campaign used highly sophisticated infiltration techniques

    Red October (Rocra), the high-level cyber-espionage campaign that successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations worldwide, has a more shadowy persona than the typical APT, security researchers said.

  17. Google submits anti-trust proposals to EU

    Google has submitted anti-trust proposals to the European Union anti-trust regulator to stave off action that could potentially lead to a $4 billion fine.

  18. ISACA launches security audit programs for BYOD, data privacy and outsourcing

    Getting in on the triple zeitgeist of IT consumerization and the bring-your-own-device (BYOD) phenomenon, data privacy, and how to stay secure while taking on business partners, ISACA has developed three fresh IT audit/assurance programs for each subject area.

  19. Identity and access management in the cloud

    The growing prevalence of shadow IT caused by BYOD and remote working is making an existing security problem much worse: how do you protect an increasing number of passwords used for an increasing number of cloud applications?

  20. NY Times points blame for 4-month hack at Chinese government

    In a development that appears to be as politically motivated as the kidnapping of embedded investigative journalists in the Middle East, the New York Times said that it has uncovered a four-month-long hacking effort on the part of Chinese hackers.

Why not watch?

  1. Dispelling the Myths of Defense-Grade Cybersecurity

  2. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  3. Alert Fatigue: What Are You and Your Security Teams Missing?

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?