Infosecurity News
Los Alamos subjected to ‘maelstrom’ of simulated cyberattacks
Los Alamos National Laboratory, the government lab responsible for the security of the US nuclear stockpile, recently conducted a vigorous cyber exercise involving more 100 participants from a number of federal agencies.
Tunisian government to beef up security after cyberattacks
After suffering a series of cyberattacks, the interim Tunisian government is taking steps to solidify the security of government email accounts and websites.
Boston police release unredacted Facebook data of ‘Craigslist killer’
The complete Facebook account of Philip Markoff, in hard copy and including friend IDs, was given by the Boston Police to the Boston Phoenix newspaper.
City trader fined £450,000 by the FSA
“For the reasons given in this Notice...”, says an FSA Decision Notice, "...the FSA has decided to impose on Mr Ian Charles Hannam a financial penalty of £450,000.”
Dirt Jumper DDoS bot family has over 300 varieties
The Dirt Jumper distributed denial of service (DDoS) bot family has evolved into over 300 varieties of bot packages, explained Curt Wilson of Arbor Networks.
ISO issues interorganizational communication security standards
The International Organization for Standardization (ISO) has published new standards for interorganizational and intersector communications, including data exchanges for critical infrastructure.
US to fast-track cyber weapon development
The US plans to fast-track the development of cyber weapons to give it the ability to create the means to attack specific targets within months, and even days.
Zero-day security hole in BackTrack Linux uncovered by student
A zero-day security flaw has been identified in the latest version of BackTrack Linux, a version used by security professionals for penetration testing. The vulnerability was discovered by a student in the InfoSec Institute’s ethical hacking class.
ISACA issues latest version of COBIT infosec governance framework
ISACA, the not-for-profit IT security association, has issued COBIT 5, the latest version of its IT security reference guide.
Smartphones are still firmly 'enterprise-unready'
Research from by Altimeter Group, Bloor Research and Trend Micro shows that the ‘consumer marketing’ legacy of many smartphones makes them ill-equipped to meet enterprise security demands.
DHS gets California company to hack game consoles
In a project that started from law enforcement agencies' request to the US Department of Homeland Security (DHS), which was then farmed out to the US Navy, Obscure Technologies of California has been awarded a contract to find ways of hacking game consoles.
SQL injection tops SMB database security concerns
More than half of small and medium-sized businesses (SMBs) are most concerned about SQL injection attacks against their databases, according to a survey of 6,000 SMBs users of GreenSQL’s database security product.
Adobe plugs security holes in Reader and Acrobat, adds free e-signature to Reader
Adobe has shipped updates for Reader and Acrobat that fix four security holes that could cause the application to crash and allow an attacker to take control of an affected system.
Anonymous attacks high-tech trade groups over support for CISPA
Anonymous claimed credit for launching distributed denial-of-service attacks (DDoS) against a number of high-tech trade groups in retaliation for their support of the Cyber Intelligence Sharing and Protection Act (CISPA).
Google fixes SSL certificate bug in Chrome browser
Google has released an update for Chrome that fixes a problem with the SSL certificate when users attempt to connect to sites over HTTPS.
Utah increases estimate of Medicaid data breach 10-fold
The Utah Department of Health (UDOH) is now admitting that social security numbers of up to 280,000 individuals were stolen from the Department of Technology Services server, a 10-fold increase from the original estimate.
Real-time data mining comes to Twitter
Twitter is usually described as a micro-blogging social network. To many who monitor its ‘trending topics’ it is also an early warning news service, frequently pointing users to breaking news before the traditional news media reports it.
What an Englishman does in bed
Companies that monitor the end point behavior of their remote workers will have to start monitoring their (internet) behavior in bed. That at least is the inference to be drawn from a new street survey conducted by Infosecurity Europe.
Fake AT&T bills being used to deliver malware
Cybercriminals are sending spam to AT&T Wireless customers with huge bills in order to trick recipients into clicking on a link to malicious websites, according to Commtouch.
Evolve or perish: Darkshell DDoS is adapting
New variants of Darkshell, a distributed denial of service (DDoS) botnet targeting Chinese websites, have been detected by McAfee Labs.