Infosecurity News
Superbotnet poised to be unleashed by cybercriminals
A cybercriminal organization is creating a superbotnet by sending out billions of malware-laden emails for an unknown purpose, according to Commtouch researcher Avi Turiel.
MySQL.com web site hacked to serve up malware
Reports are coming in that the MySQL.com site was hacked and booby-trapped to serve up malware earlier this week – unconfirmed reports from security researcher Brian Krebs suggest that hacked access to the site was sold by cybercriminals for $3,000.
Two million Massachusetts citizens affected by data breaches since January 2010
Around two million Massachusetts citizens, one out of every three state residents, had personal information compromised through data theft or loss since the beginning of 2010, according to Attorney General Martha Coakley.
Dutch government revokes DigiNotar's CA root certificates
The Dutch government is revoking the DigiNotar’s subordinate certificate authorities (CAs) under the Staat der Nederlanden root certificates.
Go Daddy goes phishing
The breach of websites hosted by Go Daddy was likely the result of a phishing attack, said Nicholas Percoco, head of Trustwave SpiderLabs.
Arrested LulzSec suspect was looking for position with US Department of Defense
As reported elsewhere over the weekend, a 23-year-old Arizona man was arrested late last week in connection with the hack of Sony Pictures Entertainment in May and was, according to security researcher Brian Krebs, a model student who saw himself one day defending networks at the Department of Defense and the National Security Agency.
Trend Micro expert calls new Facebook interface a 'stalker enabler'
If you use Facebook, you'll undoubtedly have noticed a series of major changes to your web interface over the last few days. According to a Trend Micro solutions architect, users should not lose sight of the fact that the underlying data remains intact, and there are still security issues that need to be addressed.
Apple OS X Lion passwords cracked
It looks as though the security of the password system on Apple's OS X Lion operating system has been compromised, with a security researcher claiming that there is a workaround that allows users to crack the password on a Mac system that has been password-protected.
Avast acquires Android software vendor ITAgents
Avast, the central European IT security vendor, has acquired ITAgents, an Austrian developer of Google Android apps, for an undisclosed sum. The acquisition has already completed, Infosecurity understands.
Cybersecurity startups fail to hit venture capital sweet spot
Cybersecurity startups often fail to attract venture capital (VC) because investors want to invest in companies that will makes millions quickly, but not all information security startup are interested in that model, observed Chris Wysopal, founder and chief technology officer with application security firm Veracode.
SQL injection attacks increasing in number, sophistication and potency, researchers find
The prevalence and intensity of SQL injection attacks are increasing, according to Imperva's Hacker Intelligence Initiative (HII) report.
Researchers claim to have broken SSL/TLS encryption
Two security researchers claim to have found a way of breaking the SSL/TLS encryption that is widely used to guarantee the reliability and privacy of data exchanged between web browsers and servers.
CA Technologies opens European research centre in Barcelona
CA Technologies has announced the creation of a European research centre in co-operation with Universitat Politècnica de Catalunya BarcelonaTech (UPC).
Check Point says social engineering attacks now a business reality
Research just released from Check Point claims to show that 42% of UK firms experienced 25 or more social engineering attacks in the last two years, including targeted attacks such as spear phishing.
(ISC)² foundation delivers cyber security education across the world
On the first day of the (ISC)² Congress 2011, (ISC)² announced that it has formed the (ISC)² Foundation - a new charitable organisation dedicated to delivering education and awareness programmes to communities around the globe to make the cyber world a safer place for everyone.
(ISC)² launches global chapter programme
On the opening day of the first (ISC)² Congress, collocated with ASIS 2011 in Orlando, Florida, the information security professional body announced the formation of the (ISC)² chapter programme.
Morto worm likes playing games – with your remote desktop
A Symantec security expert has spotted a variant of the Morto worm that seems to parse requests through a Chinese online gaming server. The good news – from a UK perspective – is that the game it parses commands through are aimed at the Chinese community in the Far East.
Barracuda Networks launches 'No Limits' road show in Europe
Barracuda Networks has launched its No Limits road show in Europe, allowing clients to meet the security firm's CEO Dean Drako, chief research officer Dr. Paul Judge and the rest of the senior management. The tour will also, says the company, provide end users with best practice information and advice on protecting themselves form the latest threats on the internet, as well as resellers with further information.
Gartner: Keep encryption simple and standardized to cut cost and complexity
Businesses should consider self-encrypting drives (SEDs) for new installations that hold significant volumes of sensitive data, says Gartner.
Russian forum sites using Captcha technology to keep foreigners out, says researcher
A leading IT security researcher says he has observed a rising number of Russian forum sites using Captcha technology to help keep foreigners (i.e., non-Russian security investigators) out of their systems.
