Infosecurity News

  1. New PCI DSS deadline tomorrow warns LogRhythm

    Tomorrow is the day that the new PCI DSS 1.2 rules kick in, requiring all level one merchants – defined as firms processing more than 6 million transactions per year – to adhere to the v1.2 security guidelines, or face possible action by their card processor.

  2. LinkedIn users targeted by ZeuS-based fake connection requests

    Hard on the heels of the spate of Twitter attacks comes news that LinkedIn members are being targeted by carefully crafted fake connection requests that route users to the ZeuS data-downloading malware.

  3. Virtualisation delivers data protection, says security expert

    Virtualisation is the key to better information security in cloud computing, says Eric Baize, a board member at cross-industry security initiative, SAFECode.

  4. Insurance agent fines, data breaches lead to prototype information security plan

    A number of insurance agents have recently been fined by states for not having a written information security plan in place, and some large insurance firms have reported data breaches involving clients’ personal information. To help address this problem, the Independent Agents and Brokers of America has developed a prototype information security plan to assist agents and brokers.

  5. Spamit.com spam affiliate service to close – spam levels to drop

    The Spamit.com spam affiliate programme, which is responsible for the promotion of spam via a number of outlets worldwide using financial incentives, is to close at the end of this month.

  6. Stuxnet – a new age in cyber warfare says Eugene Kaspersky

    The Stuxnet worm, which has reportedly been successfully targeted at Iranian nuclear plants, is being widely reported as originating from a government agency or well-funded source with political intent. The CEO of Kaspersky Lab, however, says that, whilst there is insufficient evidence to point the finger of blame at anyone yet, the worm represents a new age in cyber warfare.

  7. HP completes Fortify acquisition

    HP has announced it has completed its acquisition of security firm Fortify Software.

  8. One million malware-infected spam HMTLs appearing every day says Barracuda Networks

    Hackers are using an increasing variety of sophisticated attack vectors to infect internet users PCs, and it seems that infected spam HTML is now being used as a carrier. In its latest attack vector analysis, Barracuda Networks claims that it is now seeing more than a million instances a day of unwanted emails containing malicious HTML attachments.

  9. Microsoft helps to create opportunities for young jobseekers

    Microsoft today launched the second phase of Britain Works, its three-year plan to get half a million people into employment by 2012, reports Personnel Today.

  10. Cybersecurity bill would give president emergency powers

    Proposed cybersecurity legislation, a combination of existing bills circulating on Capitol Hill, would give the president power to declare an emergency if there is an imminent cyber threat to the nation’s critical infrastructure.

  11. Google tackles rogue pharmacies in court

    Google has joined the fight against online sales of counterfeit drugs by taking legal action against rogue pharmacies that advertise on its sites.

  12. Czech Republic halts Google’s Street View cameras

    The Czech Republic has banned Google from extending its use of the Street View mapping service due to privacy concerns.

  13. Nosey NHS staffer looked at patient records 330-plus times

    An NHS IT manager in Yorkshire has been warned he faces a prison term after he admitted illegally spying on medical records of patients. Data security specialist Imperva says the fact that he was able to do this highlights the need to lock down private data in large organisations, and only allow viewing on a need-to-access and auditable basis.

  14. BAE Systems to provide FBI information security safeguards

    UK-based BAE Systems received a $40 million order to provide certification and accreditation services, as well as information security risk assessments, for FBI computer networks.

  15. Apple acquires Polar Rose face recognition software firm

    Apple is to acquire Swedish face recognition software firm Polar Rose for an undisclosed amount.

  16. Apple acquires Polar Rose face recognition software firm

    Apple is to acquire Swedish face recognition software firm Polar Rose for an undisclosed amount.

  17. Twitter hit by XSS attack

    The Twitter micro-blogging service website was apparently hit by an XSS, or cross-site scripting, attack today that took advantage of a mouse rollover vulnerability.

  18. Aggressive plug-and-play malware campaign returns

    There has been a recent resurgence in plug-and-play (PNP) malware campaigns by spammers after a two-week period of inactivity. The spammers are using what appear to be stolen emails as templates to send out millions of new virulent messages, according to St. Bernard’s Red Condor team.

  19. Microsoft confirms zero-day vulnerability in ASP.NET

    Microsoft has issued a security advisory confirming exploits of an unpatched vulnerability that affects web applications built on ASP.NET.

  20. Intel investigates how anti-piracy HDCP protocol was exposed

    Intel is investigating how a master key for its High-Bandwidth Digital Content Protection (HDCP) anti-piracy protocol was published online.

Why not watch?

  1. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  2. How to Manage Your Risks and Protect Your Financial Data

  3. Alert Fatigue: What Are You and Your Security Teams Missing?

  4. Identifying Concentration Risk and Securing the Supply Chain

What’s hot on Infosecurity Magazine?