Infosecurity News
Free risk analysis/management app released for iPhone, iPad and iPod touch
Citicus, a corporate risk management and compliance specialist, has released a risk analysis/management app for the iOS range of Apple devices – the iPhone, iPad and iPod touch.
Intergrity and honesty top list of most important federal government cybersecurity skills
Integrity and honesty top the list of skills needed for the current and future federal cybersecurity workforce, according to an Office of Personnel Management (OPM) survey.
End-of-life IT assets pose serious security risk to most firms
Research just published claims that end-of-life IT assets - especially portable devices like smartphones and laptops - pose a serious data security threat to many firms.
Pharmacy spam campaign hijacks Google brand name
A new pharma spam campaign uses the Google brand. More than 250 similar blog-related campaigns have been tracked in the last two days.
West Virginia hospital exposed personal data on 3,655 patients
The West Virginia Attorney General’s Office announced that personal information of 3,655 patients at the Charleston Area Medical Center (CAMC) was placed onto a publicly available website.
RSA 2011: Application whitelisting comes to the consumer
Application whitelisting technology is hardly a novel concept – in fact, the technology has been available to enterprises for some years now. But, as GlobalSCAPE executives told Infosecurity at this year’s RSA Conference in San Francisco, application whitelisting for consumers is just around the corner.
BBC 6 Music and 1Xtra websites infected by Phoenix exploit kit hack
Visitors to two websites operated by the BBC were injected by malicious code earlier this week, opening up users to attacks by hackers, claims Websense.
Lumension releases beta version of its Application Scanner v2.0
Lumension has released a beta version of its free Application Scanner v2.0 that scans executable files and identifies all applications within the endpoint environment, along with its Endpoint Intelligence Center (EIC) that consolidates malware, vulnerability, patch, and application information with relational cloud-based intelligence.
RSA: Fake AV Companies Making More Money than Security Vendors
Having spoken on the ‘Public, meet private: Lessons learned in chasing cyber crooks’ panel at the RSA 2011 conference in San Francisco, Pedro Bustamante, senior research analyst at Panda Security, tells Infosecurity’s Eleanor Dallaway why geography is obstructing cyber legal justice
Education programs are hardly a security ‘silver bullet’
User education is often touted as a cornerstone of any effective IT security program. But as Jack Daniel, community development manager with internet security firm Astaro contends, not every organization will reap benefits from educating its end-users.
RSA 2011: Terrorist groups pose most dangerous cyber threat
While nation-states actively attempt to exploit the networks of the US government, critical infrastructure, and commercial networks, US Deputy Secretary of Defense William Lynn told the RSA Conference audience that terrorist groups are inevitably more likely to fire the most severe type of destructive cyber warfare salvos.
Real-world ATM skimming techniques revealed
Security researcher Brian Krebs has had a long-standing interest in the increasing problem of ATM skimmers - fraudsters who install hidden gadgets on cash machines with the intention of ripping off bank card customers. And he has posted an in-depth analysis of one such scam earlier today.
Panda Security launches 'Internet in Safe Hands' campaign
Panda Security has launched a senior citizens' safer internet campaign, with the aim of educating people over 60 on how to make their internet activities more safe.
New York City hospital system admits to massive data breach
The New York City Health and Hospital Corp. (HHC) said that personal information of nearly 1.7 million hospital patients, staff, vendors, and contractors was stolen from a GRM Management Information Services van.
RSA Security: Commtouch intros unified security engine
It's day two of the RSA Conference in San Francisco and Commtouch has taken the wraps off what it claims is the industry's first unified engine that combines three internet security technologies.
Salesforce.com moves to ‘Cloud 2’ says its CEO
As the keynote presenter at the Cloud Security Alliance Summit today in San Francisco, Marc Benioff, chief executive officer of salesforce.com, introduced his vision of ‘Cloud 2’. “The best days are still very much ahead of us in this industry”, he told the audience.
Australian ambulance dispatch system downed by malware
Reports are coming in the New South Wales (NSW) ambulance dispatch system was downed at 1pm local time on Saturday by a computer virus, forcing dispatch officers to move to a back-up paper-based system.
Mobile World Congress: F-Secure introduces Android and Symbian protection
F-Secure has released version 7 of its Protection Service for Mobile (PSM 7) which extends the smartphone security software-as-a-service (SaaS) platform to support Google Android and Symbian handsets.
Interview: Matt Moynahan, CEO, Veracode
With mobile and application security on more agendas than ever before, Veracode’s CEO, Matt Moynahan, talked to Infosecurity’s Eleanor Dallaway about why Microsoft are doing security better than Symantec, why Apple will be raising their eyebrows in embarrassment, and why really good coders with security knowledge are in short supply...
German researchers crack iPhone security in 360 seconds
Reports are coming in that a team of German researchers have successfully shown how to crack the security of a stolen iPhone in under six minutes.