Infosecurity News

  1. Profile Stalker – an application that spams on Tumblr

    gr8brittyn posted on Tumblr, “Guys I’m really sorry for the Profile Stalkr spam. If you haven’t already, DON’T CLICK IT. I literally cannot figure out how to stop it — and if you try to delete the posts, they’re instantly reposted. I can’t edit them, delete them… anything. PLEASE DO NOT CLICK!”

  2. HMRC choses CPA-accredited encryption

    HM Revenue and Customs (HMRC) chooses CPA over CAPS for its encryption – both CESG-administered security accreditation schemes – and saves the British tax-payer £2.4 million.

  3. Universal man in the browser malware allows real-time information processing

    Hackers who employ the man-in-the-browser (MiTB) gambit to steal information from computer systems have found a way to more efficiently cast their net. According to researchers at Trusteer, a new strain of MiTB malware can adopt a “one-size-fits-all” approach to collecting compromising data from websites, eliminating the time-consuming process of parsing through specific logs for the sensitive bits.

  4. Fusion Center fail, says Senate Report

    A US Senate Committee has produced a 140+ page report analyzing the operation and achievements of the hugely expensive fusion center programme – and is far from satisfied with what it finds.

  5. Ponemon Institute examines business logic attacks

    A study by Ponemon Institute, commissioned by Silver Tail Systems, has examined what it calls 'business logic' attacks against websites. This is not hacking in the traditional sense. It is not breaking into into a server and exfiltrating data, it is the abuse of the legitimate logic of a website.

  6. Hosting company PRQ raided by the Swedish police

    PeRiQuito AB, a Swedish web-hosting company better known as PRQ and even better known as a host for Wikileaks and one-time host of The Pirate Bay, has been raided for the third time by the Swedish police. The reason is not yet known.

  7. Hacktivist campaign targets universities

    Hacktivist collective Team GhostShell is continuing its mission of drawing attention to what it perceives as societal ills, with a hack of data servers at top-rated universities across the globe.

  8. Verizon exec appointed to NSTAC

    The National Security Telecommunications Advisory Committee is about to get a new member, from a company with a strong public sector presence: President Obama intends to appoint Verizon Enterprise Solutions (VES) President John Stratton to the NSTAC.

  9. 4.5 million routers hacked in Brazil

    More than 4.5 million DSL modems have been hacked in Brazil by exploiting a vulnerability in the firmware. All affected modems used a chip from Broadcom.

  10. Anonymous #OpVendetta set for 5th November

    This weekend saw a leaflet paperstorm in London, with masked anons handing out flyers proclaiming #OpVendetta slated for 5th November in London. Led by Anonymous UK and Ireland, it is, we are told, “the biggest Anonymous protest in the UK” yet seen.

  11. File-sharing for personal use is not illegal in Portugal

    The latest move by rightsholders in Portugal in the ongoing war against file sharers has backfired dramatically: the Portuguese Prosecutor has declared that P2P file-sharing for personal use is not illegal.

  12. Businesses still lack confidence in the cloud

    The Cloud Security Alliance (CSA) and ISACA have issued their Cloud Market Maturity report, outlining the top 10 issues with cloud adoption by businesses. They found that confidence is lowest in government regulation as a factor in driving or securing the market.

  13. New Android trojan uses camera app to recreate user's physical surroundings

    Indiana University and the US Navy have created an experimental Android spyware trojan that takes over a device’s camera to take photos and build a 3-D model of the mobile user’s surroundings. The information is then gathered and uploaded to a central server.

  14. Level 3 enters the managed security market

    Level 3 Communications has launched a new global security solutions portfolio meant to provide an integrated approach for enterprises, encompassing layered security services, Level 3's communications networking and professional services. The solutions will be rolled out in a managed services environment.

  15. Microsoft faces $7 billion fine by EU

    Microsoft will be fined for failing to comply with a 2009 ruling from the EU, which had objected to the way the company was using its dominant operating system position to the advantage of its own browser.

  16. Europe says ICANN’s proposals are illegal

    ICANN is in the process of renegotiating the basis of the WHOIS database. Last week it reported that it “and the registrars are much closer to reaching a negotiated position on Whois verification and data retention.” But now Europe has said you can’t do that – it’s illegal.

  17. Private Facebook messages on Timeline? The social network says no

    Are private Facebook messages from the years 2007–2009 showing up on people’s public Timelines? Users say yes, but Facebook says the rumors are false.

  18. Adobe to revoke signing certificate after compromise of internal server

    Adobe is planning to revoke an Adobe code signing certificate, after hackers broke into an internal server to compromise the digital certificate. This allows the attackers to create files that appear to be legitimately signed by the software maker, but in fact contain malware.

  19. An Address from Theresa Payton, CEO, Fortalice & Former White House CIO

    Taken from our recent US Summer Virtual Conference, Theresa examines the current threat landscape

  20. Verizon joins Lockheed Martin Cyber Security Alliance to focus on public sector threats

    Verizon Enterprise Solutions has become the newest member of the Lockheed Martin Cyber Security Alliance, a collaborative effort to address national cyber defense challenges – including the growing threat posed by cyber attacks against the US' critical IT infrastructure.

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. How To Enhance Security Operations with AI-Powered Defenses

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

What’s Hot on Infosecurity Magazine?