Infosecurity News
Iran threatens to reciprocate any US, UK and Israeli cyber-attacks
The war of words between the US and Iranian governments took a dark turn last week when an Iranian army chief – apparently responding to comments from US military chiefs' previous threats of an internet war – said that Iran will respond to any form of online aggression in a reciprocal manner.
Trend spots malware hidden within rogue copies of Opera Mini Java edition
A Trend Micro fraud analyst claims to have spotted rogue versions of Opera Mini, a Java (jar) mobile phone browser that can be downloaded and used on a wide number of mobile phones.
Betfair loses data on more than three million customers to hackers
Betfair has apparently admitted that data on more than three million of its customers – including 2.9 user names and almost 90,000 bank account details – was hacked by cybercriminals, possibly from Cambodia.
Is personnel turmoil behind DHS cybersecurity reorg?
High-level turnover at the Department of Homeland Security's (DHS) cybersecurity office may be a factor in the reorganization of the National Protection and Programs Directorate, which oversees the office.
Red Lambda develops auto-mining security intelligence software
Red Lambda has taken the wraps off an automatic data mining application that analyzes data on the organization's IT resources and archives – as well as on the internet – and presents the information in a drill-down dashboard format to the user.
ISF issues major update on Standard of Good Practice for IT security professionals
The Information Security Forum (ISF) has published a major update on its Standard of Good Practice for IT security professionals, which is billed as the industry’s most business-focused, all-in-one guide to information security assurance.
Elcomsoft enhances password recovery software to crack encrypted BlackBerry media cards
Russian password recovery specialist has enhanced its Phone Password Breaker software to crack encrypted media cards for the BlackBerry smartphone. The password recovery specialist claims the software's password recovery rate on the BlackBerry is in the order of millions passwords per second.
Laptop heist exposes personal data on 16,000 patients at Minneapolis hospitals
Personal information of more than 16,000 patients at two health facilities in the Minneapolis area have been compromised as the result of a stolen laptop, the facilities admitted this week.
Superbotnet poised to be unleashed by cybercriminals
A cybercriminal organization is creating a superbotnet by sending out billions of malware-laden emails for an unknown purpose, according to Commtouch researcher Avi Turiel.
MySQL.com web site hacked to serve up malware
Reports are coming in that the MySQL.com site was hacked and booby-trapped to serve up malware earlier this week – unconfirmed reports from security researcher Brian Krebs suggest that hacked access to the site was sold by cybercriminals for $3,000.
Two million Massachusetts citizens affected by data breaches since January 2010
Around two million Massachusetts citizens, one out of every three state residents, had personal information compromised through data theft or loss since the beginning of 2010, according to Attorney General Martha Coakley.
Dutch government revokes DigiNotar's CA root certificates
The Dutch government is revoking the DigiNotar’s subordinate certificate authorities (CAs) under the Staat der Nederlanden root certificates.
Go Daddy goes phishing
The breach of websites hosted by Go Daddy was likely the result of a phishing attack, said Nicholas Percoco, head of Trustwave SpiderLabs.
Arrested LulzSec suspect was looking for position with US Department of Defense
As reported elsewhere over the weekend, a 23-year-old Arizona man was arrested late last week in connection with the hack of Sony Pictures Entertainment in May and was, according to security researcher Brian Krebs, a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.
Trend Micro expert calls new Facebook interface a 'stalker enabler'
If you use Facebook, you'll undoubtedly have noticed a series of major changes to your web interface over the last few days. According to a Trend Micro solutions architect, users should not lose sight of the fact that the underlying data remains intact, and there are still security issues that need to be addressed.
Apple OS X Lion passwords cracked
It looks as though the security of the password system on Apple's OS X Lion operating system has been compromised, with a security researcher claiming that there is a workaround that allows users to crack the password on a Mac system that has been password-protected.
Avast acquires Android software vendor ITAgents
Avast, the central European IT security vendor, has acquired ITAgents, an Austrian developer of Google Android apps, for an undisclosed sum. The acquisition has already completed, Infosecurity understands.
Cybersecurity startups fail to hit venture capital sweet spot
Cybersecurity startups often fail to attract venture capital (VC) because investors want to invest in companies that will makes millions quickly, but not all information security startup are interested in that model, observed Chris Wysopal, founder and chief technology officer with application security firm Veracode.
SQL injection attacks increasing in number, sophistication and potency, researchers find
The prevalence and intensity of SQL injection attacks are increasing, according to Imperva's Hacker Intelligence Initiative (HII) report.
Researchers claim to have broken SSL/TLS encryption
Two security researchers claim to have found a way of breaking the SSL/TLS encryption that is widely used to guarantee the reliability and privacy of data exchanged between web browsers and servers.
