Infosecurity News

  1. Information security risks lurk in oft-neglected places

    A new study by Kroll Advisory Solutions highlights the information security risks lurking in oft-neglected places, such as voicemail, conference calls, and even the mailroom.

  2. FDA warns about software flaws in medical devices

    The US Food and Drug Administration (FDA) has found that software flaws in medical devices are leading to compromises of those devices.

  3. USAID gets detention after failing FISMA test

    The US Agency for International Development (USAID) is working to improve its network security monitoring in response to a failing grade on the Federal Information Security Management Act (FISMA) scorecard, according to Jerry Horton, the agency’s chief information officer.

  4. PDFs wrapped in XDP evade anti-virus scans

    "Security researcher Brandon Dixon has discovered a way to bypass the Antivirus detection for malicious PDFs," writes eHackingNews, "using the XML Data Package(XDP) format." It goes on to add that "opening the malicious XDP file can result in Adobe Reader Exploit."

  5. Microsoft increases hackers' exploit development costs

    Jonathan Ness, security development manager of Security Science – part of the Trustworthy Computing group – claimed that Microsoft are looking to reduce or eliminate exploit based attacks by increasing the cost required to develop attacks – specifically the discovery and exploitation of vulnerabilities.

  6. Microsoft’s Bill Harmon on tackling child exploitation online: We can win

    On June 20th at the Microsoft HQ in Seattle, Bill Harmon, associate general counsel, Microsoft digital crimes unit, presented at the TwC International Media Campus Tour on child sexual exploitation online. While he assessed that the problems we have today with child safety is so much greater than thirty years ago due to technology, he concluded that we “can win this war”.

  7. Kayak.com investigates search engine glitch that exposed users' personal data

    Online travel website Kayak.com is investigating a security breach in which personal information of users was available through its search engine.

  8. AT&T security chief: mobiles are the “nail in coffin” for trust, and the perimeter

    The man responsible for the security of AT&T’s network recently told one audience that mobility is perhaps the death knell for trust within an organization’s network perimeter. His solution lies in a gradual network-based security strategy that moves your assets into the cloud.

  9. Pennsylvania man indicted for hacking Energy Department networks

    A Pennsylvania man has been arrested for hacking into computer networks at the Department of Energy (DOE), the University of Massachusetts (U-Mass), and a number of companies and trying to sell access to these networks to an uncover FBI agent.

  10. Fake anti-virus comes to Android – or does it?

    Webroot has reported the arrival of fake anti-virus, one of the most prevalent of PC threats, on the Android mobile platform. Beware of the Android Security Suite Premium – it’s a trojan.

  11. Governments spend too much on cyber surveillance and not enough on catching crooks

    A report from academics including Ross Anderson and Richard Clayton from Cambridge University suggests current cyberdefense is misdirected: too much money is spent on preventing cybercrime rather than apprehending cybercriminals.

  12. Nuclear regulator warns about cybersecurity lapses at California power plant

    The US Nuclear Regulatory Commission (NRC) is warning Southern California Edison that it might take enforcement action against the utility because of cybersecurity lapses found in a May security audit of its San Onofre nuclear power plant.

  13. Customers’ bank details stolen from Glasgow City Council

    Glasgow City Council has been forced to write to 37,835 suppliers and residents following the theft of an unencrypted laptop from its offices in Cochrane Street.

  14. Anonymous and law enforcement: unlikely allies

    Anonymous and the various law enforcement agencies would, at first glance, appear to be pitted against each other. But events suggest that their intentions are remarkably similar.

  15. Teen site Habbo Hotel suspends chat after pornographic content reports

    Finnish online teen community Habbo Hotel has shut down its chat functions after reports of pornographic content, the site announced Wednesday.

  16. Enterprises should employ a “no jailbreak” policy on mobile devices, say analysts

    Gartner’s John Girard and Lawrence Pingree went in depth on mobile security risks at this week’s Gartner Security and Risk Management Summit outside Washington DC. The primary risk to data breaches, as they see it, are allowing jailbroken or rooted devices to access your enterprise environment.

  17. ICO re-opens Google Street View probe in the UK

    The UK’s data protection watchdog, the Information Commissioners Office, has written to Google demanding further information about the collection of personal data via its Street View project.

  18. One-third of CEOs have never been briefed by CISO on security

    A disturbing 36% of chief executive officers (CEOs) have never received an information security report from their chief information security officer (CISO), a survey sponsored by CORE Security found.

  19. US attorney general appoints prosecutors to probe Stuxnet leak

    Attorney General Eric Holder has appointed US attorneys to investigate the leak of information about the US government’s involvement in developing the Stuxnet worm, along with other recent national security breaches.

  20. Security is a pillar of Dell's strategic vision

    Michael Dell participated in one of the keynotes at this week’s Gartner Security and Risk Summit outside Washington DC, in what amounted to a fireside chat with Gartner analysts about Dell’s future in IT security.

What’s hot on Infosecurity Magazine?