Infosecurity News

  1. Android app piracy sees triple-digit growth

    Thanks to a lack of comprehensive content protection, Android developers are finding themselves at major risk for piracy, and it’s significantly impacting their business, according to a new survey from Protection Technology Research (PTR).

  2. What is Microsoft doing with Hotmail passwords?

    Costin Riau, a security expert with Kaspersky Lab, tried to log into his old hotmail account with his old hotmail password – all 36 characters. It failed, with an error message saying, “Microsoft account passwords can contain up to 16 characters.”

  3. EU’s Clean IT is being anything but clean in its intentions

    Digital rights groups have long claimed that the online terrorist threat is used by governments as a reason for imposing wide-ranging control of the internet. A newly leaked document from the EU Clean IT project seems to confirm such mission-creep.

  4. Facebook’s $9.5 million class action settlement confirmed

    The 9th U.S. Circuit Court of Appeals has ruled by 2-1 that Facebook’s class action settlement of $9.5 million over its defunct Beacon service must stand, concluding that the sum was “substantial in this case.”

  5. IBM: Top threats include data breaches, BYOD, browser exploits

    When it comes to trends in security for 2012 so far, the landscape has seen a sharp increase in browser-related exploits, like recent ones for Internet Explorer and Java, along with renewed concerns around social media password security and continued disparity in mobile devices and corporate bring-your-own-device (BYOD) programs.

  6. An analysis of DDoS attack methodologies

    What stands out most from Imperva’s new analysis of DDoS attack methodologies, is that DDoS is easy, growing in use and probably more prevalent than commonly perceived.

  7. ICO and Ofsted agree encryption needed in schools

    As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.

  8. NIST releases comprehensive risk assessment guidelines

    The US National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines for determining the level of information security risks in IT infrastructure.

  9. Veracode goes large with VAST app security testing for cloud, mobile

    Application security testing company Veracode has launched the Vendor Application Security Testing (VAST) program to provide independent, automated and outsourced compliance testing for cloud, mobile and outsourced applications, to help enterprises reduce the security risks associated with the use of vendor-supplied software.

  10. Microsoft: Pre-installed malware not from factory lines

    The pre-installed malware found on fresh-from-the-factory PCs by Microsoft's Digital Crimes Unit was not implemented on the factory line, a Microsoft spokesperson has confirmed.

  11. Peter the Great beats Sun Tzu in cybercrime

    Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.

  12. TDSS/TDL4 'indestructible botnet' is back with 250K victims already

    Damballa has discovered a new iteration of the TDSS/TDL4 botnet that, at its height last autumn, infected more than 5.5 million victims. Now, it’s back and is utilizing domain generation algorithm (DGA)-based communication for command-and-control (C&C).

  13. Romanian Subway hackers plead guilty to cyber-fraud

    Subway restaurant franchises can rest easy: The culprits behind an international electronic fraud ring that targeted point-of-sale (PoS) vulnerabilities at hundreds of US retail locations have pled guilty to cyber-fraud charges.

  14. The cloud: transforming the role of the infosec professional

    Infosecurity caught up with John Howie, COO of the Cloud Security Alliance (CSA), at the recent ASIS/(ISC)² Congress in Philadelphia, where he discussed how the cloud is altering the role of security professionals

  15. 51% of SMB endpoints infected annually

    When it comes to small- and medium-sized business (SMB) applications, the cloud and mobility are on the rise, driving an increased need for comprehensive security, according to a new report from Osterman Research, commissioned by Trend Micro.

  16. NullCrew: the principled hacker group?

    In a wide-ranging interview broadcast over online Spreaker radio but conducted probably via IRC, UK Anon Winston Smith has been talking to Null, the leader of the NullCrew hacking group.

  17. GSA to implement $2.5B email-as-a-service project

    The US General Services Administration (GSA) is planning to implement a five-year, $2.5 billion email-as-a-service (EaaS) strategy, as part of the government-wide cloud computing initiative that helps meet federal mandates for migrating information technology to the cloud.

  18. Philippines inks Cyber Crime Prevention Act

    The Phillipines has signed the Cybercrime Prevention Act of 2012 into law, meant to curtail and punish a range of internet-related offenses, from libel to hacking and cybersex to spamming.

  19. Cyber Security Hall of Fame to induct 11 security pioneers

    The first inductees of the National Cyber Security Hall of Fame have been announced, representing a collection of pioneers who invented the technologies, created awareness, promoted and delivered education, developed and influenced policy and created businesses to begin addressing the threats that came along with the rise of the digital age.

  20. China's smart-grid explosion drives 'huge' security spending spree

    China’s cybersecurity market is set to explode, growing from a valuation of just $1.8 billion last year to $50 billion by 2020, according to new research from GlobalData. The big 44.7% growth curve – which the firm says is an anomaly on the global stage – will be mainly driven by efforts to secure the country’s extensive and ever-growing power infrastructure.

Why not watch?

  1. Navigating Exposures in Energy ICS Environments

  2. Dispelling the Myths of Defense-Grade Cybersecurity

  3. Identifying Concentration Risk and Securing the Supply Chain

  4. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

What’s hot on Infosecurity Magazine?