Infosecurity News

  1. RSA Europe 2012: UK’s ID Assurance Programme puts verification choice into user’s hands

    At this week’s RSA Europe Conference in London, representatives from the UK Government outlined details of a pan-government model for identity assurance that engages the services of third-party ID verification providers

  2. Android adware, Zitmo botnets and Romanian hackers, oh my!

    We're not in Kansas anymore: The third quarter of 2012 saw a marked increase in Android adware, while new evidence surfaced suggesting that the Zeus-in-the-Mobile (Zitmo) banking trojan is evolving into a botnet. And, Romanian hackers are continuing to perform large-scale scanning for web vulnerabilities, according to the quarterly threat assessment from Fortinet.

  3. RSA Europe 2012: DDoS Attacks Used as Diversion Technique

    DDoS attacks are being used as a component in the newly emerged multi-flank attacks, Symantec’s deSouza told his audience at RSA Europe 2012 in London, 09 October 2012.

  4. RSA Europe 2012: Replace perimeter-based security with intelligence-based security, says Art Coviello

    Art Coviello, executive vice president , EMC Corporation and executive chairman, RSA, opened RSA 2012 with a very clear message in his keynote: perimeter-based security strategies need to be replaced with intelligence-based strategies.

  5. Bad Bad Piggies – beware of fakes

    No slouches in spotting an opportunity, the bad guys have already focused on Rovio’s new Angry Birds spin-off, Bad Piggies. Be careful what you install – it might be a real pig.

  6. Mac-focused malware is big and getting bigger

    Despite the Mac reputation as being more secure because of Apple’s tight control over its vertically integrated ecosystem, Mac-specific malware and advanced persistent attacks (APTs) against human rights groups is on the rise, cautions Citizen Lab Senior Security Analyst Seth Hardy.

  7. World of Warcraft hit by hacking massacre

    Apocalypse has come to World of Warcraft: whole cities have been massacred in the online adventure game, leaving nothing but smoking wreckage.

  8. The 2012 Cost of Cyber Crime Report Says Successful Attacks Doubled

    The 2012 Cost of Cyber Crime study is published today. It’s good news and bad news. The frequency of successful cyber attacks has more than doubled over the last three years, but the annual cost to organizations has slowed dramatically in the last two years.

  9. DarkAngle trojan masquerades as Panda Cloud AV

    In a new twist to ‘rogueware’, Panda Security has warned that its cloud antivirus product name is being used to mask a particularly unpleasant trojan called DarkAngle. While victims may believe that they are installing anti-malware, they may actually be installing the malware itself.

  10. Microsoft will reject ‘weak’ digital certificates from tomorrow

    A weak digital certificate is defined as one signed with an RSA key of less than 1024 bits. Since it is now generally accepted that keys of a lesser length can be brute-forced with modern computing power, Microsoft is upping the ante by forcing a move to a stronger key length.

  11. American think tanks hit in wide-scale cyber-espionage push

    American think tanks are becoming a big intelligence target for hackers from China and other countries, according to Rep. Mike Rogers (R-Mich.), chairman of the US House Intelligence Committee.

  12. Top Android malware is adding features to cast a wider, more difficult-to-detect net

    Android malware for premium SMS fraud continues to grow as a category, and most of it rests on the shoulders of one family of malware: Android.FakeInstaller. However, while FakeInstaller is well-known and included in mobile security software, hackers are now including new features geared to avoid detection and expand its reach.

  13. Microsoft buys authentication firm PhoneFactor

    Microsoft has bought the multi-factor authentication (MFA) company PhoneFactor. Financial terms of the deal have not been released. PhoneFactor will largely continue as is until its products are ‘onboarded’ into the Microsoft Volume Licensing programs.

  14. Data loss, Wi-Fi and NFC identified as top mobile security concerns

    Data loss is the biggest mobile security danger, reveals a new Cloud Security Alliance (CSA) report, but emerging concerns include rogue Wi-Fi access points and Near-Field Communications (NFC) exploitation.

  15. Profile Stalker – an application that spams on Tumblr

    gr8brittyn posted on Tumblr, “Guys I’m really sorry for the Profile Stalkr spam. If you haven’t already, DON’T CLICK IT. I literally cannot figure out how to stop it — and if you try to delete the posts, they’re instantly reposted. I can’t edit them, delete them… anything. PLEASE DO NOT CLICK!”

  16. HMRC choses CPA-accredited encryption

    HM Revenue and Customs (HMRC) chooses CPA over CAPS for its encryption – both CESG-administered security accreditation schemes – and saves the British tax-payer £2.4 million.

  17. Universal man in the browser malware allows real-time information processing

    Hackers who employ the man-in-the-browser (MiTB) gambit to steal information from computer systems have found a way to more efficiently cast their net. According to researchers at Trusteer, a new strain of MiTB malware can adopt a “one-size-fits-all” approach to collecting compromising data from websites, eliminating the time-consuming process of parsing through specific logs for the sensitive bits.

  18. Fusion Center fail, says Senate Report

    A US Senate Committee has produced a 140+ page report analyzing the operation and achievements of the hugely expensive fusion center programme – and is far from satisfied with what it finds.

  19. Ponemon Institute examines business logic attacks

    A study by Ponemon Institute, commissioned by Silver Tail Systems, has examined what it calls 'business logic' attacks against websites. This is not hacking in the traditional sense. It is not breaking into into a server and exfiltrating data, it is the abuse of the legitimate logic of a website.

  20. Hosting company PRQ raided by the Swedish police

    PeRiQuito AB, a Swedish web-hosting company better known as PRQ and even better known as a host for Wikileaks and one-time host of The Pirate Bay, has been raided for the third time by the Swedish police. The reason is not yet known.

Why not watch?

  1. New Cyber Regulations: What it Means for UK and EU Businesses

  2. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. Alert Fatigue: What Are You and Your Security Teams Missing?

What’s hot on Infosecurity Magazine?