Infosecurity News

  1. LOIC DDoS tool – is it 'safe' for the user?

    The DDoS weapon of choice for Anonymous activists, the Low Orbit Ion Canon (LOIC), was downloaded from the internet 381,961 times during 2011. That number has already been exceeded in 2012, with daily downloads averaging more than 3400.

  2. Security firm finds dodgy Android apps that offer "free" stuff to get information

    GFI Software researchers have identified 20 Android applications on the Google Play marketplace that lure users with offers of “free” products or money to fill out surveys.

  3. New NIST protocol enables secure biometric data access

    The US National Institute of Standards and Technology (NIST) has published a new protocol for securely communicating with biometric sensors over wired and wireless networks using web services.

  4. SOCA knocked off the web by DDoS – again

    The UK’s Serious Organised Crime Agency has today confirmed that a DDoS attack forced it take its website off-line at 22:00 Wednesday. As of writing, 14:30 Thursday, it is still down.

  5. The evolving role of the CISO – new study by IBM

    A study by IBM’s Center for Applied Insights concludes that there are now three ‘types’ of CISO: influencers, protectors and responders. Evolution towards the ‘influencer’ role is necessary, and happening.

  6. Hackers levy an ‘idiot tax’ on Belgian bank

    “While this could be called 'blackmail,' we prefer to think of it as an 'idiot tax' for leaving confidential data unprotected on a Web server,” announces an unidentified hacker group in a news statement on Pastebin.

  7. Google releases security update for Chrome 18 web browser

    Google has updated its Chrome 18 web browser with fixes for five vulnerabilities, including three high-risk flaws.

  8. Al-Qaeda uses steganography - documents hidden in porn videos found on memory stick

    Steganography is the science of hiding data. Its most common digital use is to hide data within graphics – text hidden in a picture. Al-Qaeda apparently hid documents within porn videos on a memory stick.

  9. Number of vulnerabilities down, malicious attacks up

    While the number of vulnerabilities decreased by 20%, the number of malicious attacks continued to skyrocket by 81% in 2011, according to Symantec’s annual 'Internet Security Threat Report'.

  10. Oracle fixes zero-day database vulnerability that was already ‘fixed’

    After being outed by security researcher Joxean Koret, Oracle has issued a fix for a zero-day database vulnerability that can be remotely exploited. It's a flaw that was supposedly “fixed” in the company’s quarterly security update.

  11. Welsh board first NHS organization to be fined for data breach

    The UK Information Commissioner’s Office (ICO) has fined the Aneurin Bevan Health Board in South Wales £70,000 for a “serious breach” of the Data Protection Act, the first National Health Service (NHS) organization to receive a data breach fine.

  12. New combined home firewall & anti-virus is free

    Home computer users do not, in general, pay for security. They rely instead on free software offered with little or no support. This can cause problems when different free products conflict with each other.

  13. Intruder alert: Star Trek Online account database compromised

    The studio behind the Star Trek Online game had its user account database breached over a year ago, but is only reporting it now.

  14. Europeans exhibit more caution regarding BYOD

    BT conducted a survey of over 2000 IT users and decision makers across 11 countries. The research, released during last week’s Infosecurity Europe show in London, showed that Western European organizations tend to take a more guarded approach to BYOD implementation when compared to their global counterparts.

  15. Columbia posts faculty social security numbers on the internet

    Columbia University has notified 3,000 faculty members that their names, addresses, social security numbers, and bank account numbers were available on the internet for two years.

  16. 42 blackmail sites -posing as news sites - shut down in China

    Genuine news sites publish information on events – these sites, say the Chinese authorities, promised not to publish information for a fee.

  17. Want someone else’s Hotmail account?

    A software bug can often lead to a vulnerability that can be exploited with sophisticated exploit code. Or sometimes you can just instal a free add-on that lets you do the same thing with no effort.

  18. SOCA and the FBI takedown 36 AVC websites

    In a joint exercise between between multiple law enforcement agencies, 36 websites associated with an e-commerce platform known as an automated vending cart (AVC) used to sell stolen credit cards were taken down on Wednesday.

  19. Hacker could take over traffic and railroad control systems using backdoor

    A researcher has uncovered a backdoor in RuggedCom software used to control traffic and railroad systems that could enable a remote attacker to take control of the systems.

  20. Hacker posts VMware source code on internet

    A hacker has posted source code for VMware’s ESX virtual machine on the internet, the company has confirmed.

Why not watch?

  1. The Future of Fraud: Defending Against Advanced Account Attacks

  2. Supply Chain Risk and Mitigation in Operational Technology

  3. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  4. Learn Key Strategies for Industrial Data Security

What’s hot on Infosecurity Magazine?