Infosecurity News

  1. DLL loading pops back into the malware picture

    Commtouch is reporting that a new DLL hijacking technique has been spotted being used by cybercriminals in the wild, even though the use of DLL loading has been falling by the wayside in recent times.

  2. The Undead are in the dark about Social Security data breaches

    The Social Security Administration (SSA) has failed to notify close to 32,000 people that their social security numbers were mistakenly disclosed on the SSA’s death master file, a public database that provides information on deceased US citizens as a death verification tool.

  3. Security researcher analyses shady shipping centers

    Hard on the heels of last week's arrest of more than 100 people suspected of being part of a $13 million card crime ring, a leading security researcher has analysed the shady shipping centres that take a pivotal role in these types of frauds.

  4. RSA Europe: “Basic stupidity [surrounding IT security] is unstoppable”

    According to Ira Winkler, president and acting CEO of the Internet Security Advisory Group, social engineering – as a means of hacking people – is actually a far wider term than many people are aware of.

  5. 'Operation Hackerazzi' – No, it's not a new Lady Gaga song

    The FBI has arrested a Florida man in an email hacking probe, codenamed "Operation Hackerazzi", that involved disclosure of personal information and photos of Hollywood celebrities, including Mila Kunis, Christina Aguilera, and Scarlett Johansson.

  6. ATM skimmer spotted, powered by mini-MP3 player

    The ingenuity of cybercriminals has reached a new level, with a leading IT security researcher reporting on the re-tasking of a mini-MP3 player as the mainstay of an ATM skimmer.

  7. Fake Android Netflix app hoovering up user credentials

    It appears that hackers are taking advantage of the interest in Netflix – the California-based IP streaming firm that offers services on specific smartphones in North and South America – by releasing a general Android edition of the software that runs – or so it claims – on any Android-powered smartphone or tablet computer.

  8. Infosecurity writers take home more hardware

    Continuing our own brand of a ‘commitment to excellence’, Infosecurity writers took home two awards at this year’s BT Information Security Journalism Awards in London.

  9. Ministry of Defence drops another Adobe PDF blunder; reveals radar defense secrets

    The UK's Ministry of Defence has once again demonstrated its lack of understanding of how Adobe PDF format files function as, according the Daily Star tabloid newspaper, anyone with a simple knowledge of page formatting can 'unblack' apparently censored data from a release on radar defense issues on its website.

  10. ATM industry association issues anti-reverse engineering recommendations

    The ATM industry association – the ATMIA – has published a best practice manual on cash machine security. And a new feature of its recommendations is for developers to help prevent reverse engineering of cash machine software.

  11. Security researcher claims ID theft now more profitable than car theft

    A leading IT security researcher claims that hackers are now electronically breaking into US car dealerships – not to steal cars, but the IDs and other credentials of car purchasers, most of whom buy on finance.

  12. Low-cost kit for sale on eBay could hand national infrastructure secrets to terrorists

    Reports that air traffic control data has been found on network kits sold on eBay comes as no surprise, says Philip Lieberman, president of Lieberman Software.

  13. Chaos Computer Club warns on “German government” communications trojan

    Rumors of a series of German government-developed spyware trojans have been bouncing around for several years, but now the Chaos Computer Club (CCC) claims to spotted one in the wild.

  14. ISACA publishes COBIT process assessment model

    Now into its 15th year, the COBIT 5 framework is in the final stages of ratification by ISACA and, as part of this evolution of the GRC (governance, risk and compliance) framework, the association has issued a new process assessment model.

  15. Context discovers reverse web proxy security loophole; advises on remediation

    Context Information Security has warned of a back door threat to the Apache platform that could allow unauthorized access to internal or DMZ systems.

  16. Stanford Hospital faces $20 million lawsuit over patient data breach

    A class-action lawsuit for $20 million has been filed against Stanford Hospital & Clinics over a patient data breach in which personal information on 20,000 emergency room patients was posted on a public website for a year.

  17. Check Point introduces blades to tackle botnets

    Check Point has taken the wraps off its 33rd software blade technology, which is an anti-botnet platform designed to counter the problems of botnets and advanced persistent threats (APTs).

  18. £30 graphics card can brute-force crack any eight character password in just four hours

    A £30 graphics card can now process as many as 158 million passwords a second

  19. Plusnet migrates anti-spam systems to Cloudmark

    Plusnet, the Sheffield-based ISP, has announced it is migrating its several million customers from their existing IronPort based anti-spam / anti-virus email security platform and over to a new solution provided by Cloudmark.

  20. Weather report: Cloudy, with a chance of data leakage

    Almost half of organizations said their IT staffs are not ready to adopt the cloud, with data security cited as a top concern, according to survey sponsored by Symantec.

Why not watch?

  1. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  2. Navigating Exposures in Energy ICS Environments

  3. Alert Fatigue: What Are You and Your Security Teams Missing?

  4. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

What’s hot on Infosecurity Magazine?