Infosecurity News

  1. FTC goes after Wyndham Hotels for theft of 620,000 payment cards

    The US Federal Trade Commission (FTC) has filed a complaint against Wyndham Hotels for data security failures that led to three data breaches in less than two years and resulted in the theft of close to 620,000 payment card numbers.

  2. Android chosen for military security

    Invincea yesterday announced a $21.4m contract from the Defense Advanced Research Projects Agency (DARPA) and the US Army Research Laboratory (ARL) for a secure version of Android phones and tablets.

  3. Hackers crack CAPTCHA website security measures

    Hackers are able to bypass CAPTCHA security measures using computer-assisted tools and crowdsourcing to gain access to personal and financial information, Imperva warned in its latest Hacker Intelligence Report.

  4. Euro 2012 is the lure; pharmacy spam scam the result

    Spammers and scammers use international events and disasters as the lure for their ware. Euro 2012 provides both: an international event littered with individual disasters when national teams are dismissed.

  5. Information security risks lurk in oft-neglected places

    A new study by Kroll Advisory Solutions highlights the information security risks lurking in oft-neglected places, such as voicemail, conference calls, and even the mailroom.

  6. FDA warns about software flaws in medical devices

    The US Food and Drug Administration (FDA) has found that software flaws in medical devices are leading to compromises of those devices.

  7. USAID gets detention after failing FISMA test

    The US Agency for International Development (USAID) is working to improve its network security monitoring in response to a failing grade on the Federal Information Security Management Act (FISMA) scorecard, according to Jerry Horton, the agency’s chief information officer.

  8. PDFs wrapped in XDP evade anti-virus scans

    "Security researcher Brandon Dixon has discovered a way to bypass the Antivirus detection for malicious PDFs," writes eHackingNews, "using the XML Data Package(XDP) format." It goes on to add that "opening the malicious XDP file can result in Adobe Reader Exploit."

  9. Microsoft increases hackers' exploit development costs

    Jonathan Ness, security development manager of Security Science – part of the Trustworthy Computing group – claimed that Microsoft are looking to reduce or eliminate exploit based attacks by increasing the cost required to develop attacks – specifically the discovery and exploitation of vulnerabilities.

  10. Microsoft’s Bill Harmon on tackling child exploitation online: We can win

    On June 20th at the Microsoft HQ in Seattle, Bill Harmon, associate general counsel, Microsoft digital crimes unit, presented at the TwC International Media Campus Tour on child sexual exploitation online. While he assessed that the problems we have today with child safety is so much greater than thirty years ago due to technology, he concluded that we “can win this war”.

  11. Kayak.com investigates search engine glitch that exposed users' personal data

    Online travel website Kayak.com is investigating a security breach in which personal information of users was available through its search engine.

  12. AT&T security chief: mobiles are the “nail in coffin” for trust, and the perimeter

    The man responsible for the security of AT&T’s network recently told one audience that mobility is perhaps the death knell for trust within an organization’s network perimeter. His solution lies in a gradual network-based security strategy that moves your assets into the cloud.

  13. Pennsylvania man indicted for hacking Energy Department networks

    A Pennsylvania man has been arrested for hacking into computer networks at the Department of Energy (DOE), the University of Massachusetts (U-Mass), and a number of companies and trying to sell access to these networks to an uncover FBI agent.

  14. Fake anti-virus comes to Android – or does it?

    Webroot has reported the arrival of fake anti-virus, one of the most prevalent of PC threats, on the Android mobile platform. Beware of the Android Security Suite Premium – it’s a trojan.

  15. Governments spend too much on cyber surveillance and not enough on catching crooks

    A report from academics including Ross Anderson and Richard Clayton from Cambridge University suggests current cyberdefense is misdirected: too much money is spent on preventing cybercrime rather than apprehending cybercriminals.

  16. Nuclear regulator warns about cybersecurity lapses at California power plant

    The US Nuclear Regulatory Commission (NRC) is warning Southern California Edison that it might take enforcement action against the utility because of cybersecurity lapses found in a May security audit of its San Onofre nuclear power plant.

  17. Customers’ bank details stolen from Glasgow City Council

    Glasgow City Council has been forced to write to 37,835 suppliers and residents following the theft of an unencrypted laptop from its offices in Cochrane Street.

  18. Anonymous and law enforcement: unlikely allies

    Anonymous and the various law enforcement agencies would, at first glance, appear to be pitted against each other. But events suggest that their intentions are remarkably similar.

  19. Teen site Habbo Hotel suspends chat after pornographic content reports

    Finnish online teen community Habbo Hotel has shut down its chat functions after reports of pornographic content, the site announced Wednesday.

  20. Enterprises should employ a “no jailbreak” policy on mobile devices, say analysts

    Gartner’s John Girard and Lawrence Pingree went in depth on mobile security risks at this week’s Gartner Security and Risk Management Summit outside Washington DC. The primary risk to data breaches, as they see it, are allowing jailbroken or rooted devices to access your enterprise environment.

Why not watch?

  1. Going Beyond Traditional Attack Surface Management with Cyber Threat Intelligence

  2. Securing Your Move to Hybrid Cloud Infrastructure

  3. The Future of Fraud: Defending Against Advanced Account Attacks

  4. Learn Key Strategies for Industrial Data Security

What’s hot on Infosecurity Magazine?