Infosecurity News
Russian authorities arrest eight in bust of Carberp bank fraud ring
The Russian Ministry of Internal Affairs and the Federal Security Service this week arrested eight men allegedly involved in a Carberp bank fraud ring.
Indian company hacks GSM and usurps IMSI
At a security conference organized by Null in India, Matrix Shell claimed and demonstrated the ability to hack into GSM phones and manipulate the user’s International Mobile Subscriber Identity.
Researchers discover flaws in SSO that leave websites vulnerable
Indiana University and Microsoft researchers have uncovered flaws in Web-based single sign-on (SSO) services run by Google, Paypal, Facebook, Twitter, and others that allow hackers to get access to users’ accounts.
Russia government appoints Krutskikh as cybersecurity coordinator
The Russian government has appointed Andrei Krutskikh as cybersecurity coordinator under the Foreign Ministry.
New twist in social engineering rogue AV
Rogue anti-virus products continue to be a major source of malware. The trick for the criminal is in getting the victim to click the link; and GFI has spotted a new development.
Cost of data breaches outstripping inflation
The average cost to UK business per record lost, according to the latest Symantec/Ponemon study, has increased from £47 in 2007 to £79 in 2011. Had it been inflation alone, it would have increased to just over £53.
IT pros lack confidence in public cloud's perimeter defenses
The top security concern of IT professionals regarding public cloud computing is the lack of perimeter defenses and/or network control, according to a survey by cloud security provider CloudPassage.
(ISC)², IT-ACC form alliance to improve government IT acquisition processes
(ISC)², a non-profit information security professional association, and the Information Technology Acquisition Advisory Council (IT-AAC), a non-profit organizations to improve IT acquisition standards, have formed an alliance to improve the US government’s acquisition of IT products through security training and education.
Hackers waste no time in jailbreaking new iPad
A number of hackers have succeeded in jailbreaking the new iPad within hours of its release.
Tibetan groups targeted by Chinese attackers
Tibetan organizations are under attack from Chinese spear phishers who were also behind the Nitro attacks that targeted Western chemical and defense firms last year, according to research by AlienVault.
Hydraq trojan is back (well, it never went away)
The Hydraq trojan, which wreaked havoc during the Operation Aurora attacks in 2009, is back. Actually, it never went away, note Symantec researchers.
Did Anonymous accidentally blow covert surveillance of Assad’s emails?
On 6 February hacktivist group Anonymous delivered a threatening email to Bashar Assad’s personal email account. On 7 February his use of that account ceased.
Consumer loyalty depends on privacy and data security, survey finds
Consumers are taking privacy and security into account more often when making purchasing decisions, would consider leaving companies in the wake of a data breach incident, and measure corporate reputation based on these issues, according to a survey by public relations firm Edelman.
Mozilla plugs eight holes with latest version of its Firefox browser
Mozilla has fixed eight vulnerabilities, a majority of them “critical”, with the release of the latest version of its web browser, Firefox 11.
Quis custodiet ipsos custodes – Who watches the watchmen?
The Dutch Big Brother Awards for 2011 have been announced. There are three prize categories: People, Companies and Government.
HHS fines Blue Cross of Tennessee for theft of 57 hard drives
The US Department of Health and Human Services (HHS) is fining Blue Cross Blue Shield of Tennessee $1.5 million related to the 2009 theft of 57 unencrypted computer hard drives containing protected health information on over one million patients.
Performance comparison between Bit9, Symantec and McAfee
The Tolly Group has published a new report: 'Comparison of Bit9 Advanced Threat Solution versus McAfee Endpoint Protection Suite and Symantec Endpoint Protection 12.1'. But are they apples and oranges?
New Zealand breach affects 9,000 insurance claims
New Zealand’s Accident Compensation Corporation (ACC), which provides personal injury insurance to New Zealand residents, admitted that a spreadsheet containing 9,000 claims with personal details on 6,000 individuals was inadvertently sent to a client.
SafeNet acquires Cryptocard
SafeNet buys Cryptocard to offer the best of both worlds (local and cloud) in user authentication.
Framesniffing with Chrome, Safari and Internet Explorer
Security consultancy Context has produced an analysis of framesniffing, an attack technique that can data mine sensitive data through web browsers and iFrames.