Infosecurity News
OnStar shifts into reverse over data collection from former customers
General Motors’ OnStar navigation and emergency services provider has reversed itself and decided not to continue to collect data from vehicles of former OnStar subscribers.
Qualys backs Marlinspike-inspired Convergence notaries
Cloud security specialist Qualys is supporting two Convergence notaries, based on an approach developed by security researcher Moxie Marlinspike, as an alternative to SSLs and certificate authorities (CAs).
ISPs would notify consumers about botnet infections under US proposal
The US Departments of Homeland Security and Commerce are seeking public comments on a proposed voluntary program under which Internet service providers (ISPs) would notify users when their computers have been infected by botnet malware.
Close to 5 million US military patient records stolen from contractor
Medical records of 4.9 million US military personnel and their families have been compromised as a result of a theft of backup tapes from an SAIC contractor’s car in San Antonio, Texas.
Iran threatens to reciprocate any US, UK and Israeli cyber-attacks
The war of words between the US and Iranian governments took a dark turn last week when an Iranian army chief – apparently responding to comments from US military chiefs' previous threats of an internet war – said that Iran will respond to any form of online aggression in a reciprocal manner.
Trend spots malware hidden within rogue copies of Opera Mini Java edition
A Trend Micro fraud analyst claims to have spotted rogue versions of Opera Mini, a Java (jar) mobile phone browser that can be downloaded and used on a wide number of mobile phones.
Betfair loses data on more than three million customers to hackers
Betfair has apparently admitted that data on more than three million of its customers – including 2.9 user names and almost 90,000 bank account details – was hacked by cybercriminals, possibly from Cambodia.
Is personnel turmoil behind DHS cybersecurity reorg?
High-level turnover at the Department of Homeland Security's (DHS) cybersecurity office may be a factor in the reorganization of the National Protection and Programs Directorate, which oversees the office.
Red Lambda develops auto-mining security intelligence software
Red Lambda has taken the wraps off an automatic data mining application that analyzes data on the organization's IT resources and archives – as well as on the internet – and presents the information in a drill-down dashboard format to the user.
ISF issues major update on Standard of Good Practice for IT security professionals
The Information Security Forum (ISF) has published a major update on its Standard of Good Practice for IT security professionals, which is billed as the industry’s most business-focused, all-in-one guide to information security assurance.
Elcomsoft enhances password recovery software to crack encrypted BlackBerry media cards
Russian password recovery specialist has enhanced its Phone Password Breaker software to crack encrypted media cards for the BlackBerry smartphone. The password recovery specialist claims the software's password recovery rate on the BlackBerry is in the order of millions passwords per second.
Laptop heist exposes personal data on 16,000 patients at Minneapolis hospitals
Personal information of more than 16,000 patients at two health facilities in the Minneapolis area have been compromised as the result of a stolen laptop, the facilities admitted this week.
Superbotnet poised to be unleashed by cybercriminals
A cybercriminal organization is creating a superbotnet by sending out billions of malware-laden emails for an unknown purpose, according to Commtouch researcher Avi Turiel.
MySQL.com web site hacked to serve up malware
Reports are coming in that the MySQL.com site was hacked and booby-trapped to serve up malware earlier this week – unconfirmed reports from security researcher Brian Krebs suggest that hacked access to the site was sold by cybercriminals for $3,000.
Two million Massachusetts citizens affected by data breaches since January 2010
Around two million Massachusetts citizens, one out of every three state residents, had personal information compromised through data theft or loss since the beginning of 2010, according to Attorney General Martha Coakley.
Dutch government revokes DigiNotar's CA root certificates
The Dutch government is revoking the DigiNotar’s subordinate certificate authorities (CAs) under the Staat der Nederlanden root certificates.
Go Daddy goes phishing
The breach of websites hosted by Go Daddy was likely the result of a phishing attack, said Nicholas Percoco, head of Trustwave SpiderLabs.
Arrested LulzSec suspect was looking for position with US Department of Defense
As reported elsewhere over the weekend, a 23-year-old Arizona man was arrested late last week in connection with the hack of Sony Pictures Entertainment in May and was, according to security researcher Brian Krebs, a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.
Trend Micro expert calls new Facebook interface a 'stalker enabler'
If you use Facebook, you'll undoubtedly have noticed a series of major changes to your web interface over the last few days. According to a Trend Micro solutions architect, users should not lose sight of the fact that the underlying data remains intact, and there are still security issues that need to be addressed.
Apple OS X Lion passwords cracked
It looks as though the security of the password system on Apple's OS X Lion operating system has been compromised, with a security researcher claiming that there is a workaround that allows users to crack the password on a Mac system that has been password-protected.
