Infosecurity News

  1. Webroot reports zero-day malware generating forged Microsoft security certificates

    The zero-day malware exploit against Adobe Acrobat and Reader reported earlier this week appears to have escalated, with Webroot Software noting that the payload from the exploit is generating a cluster of files designed to look like Windows system files which have been digitally signed with Microsoft security certificates.

  2. Botnet numbers growing fourfold each year

    The number of computers infected by botnet malware has almost quadrupled each year since 2004, according to a report to be released by Project Honey Pot next week.

  3. Spam volumes exceeded pre-McColo levels this year

    One year after the McColo shutdown, spam volumes have not only recovered, but have grown beyond what they were before the rogue ISP was taken offline.

  4. Two-factor authentication technology being compromised says Gartner

    Just when the UK banks have started issuing two-factor authentication devices to a growing number of account holders, a report from the Gartner group claims to show that fraudsters have started to raid user accounts by beating the same technology.

  5. Imperva reports major social networking hub site compromised

    Data security specialist Imperva has issued a warning after discovering a potentially serious SQL injection flaw with Rockyou.com, the social networking application development web portal.

  6. Now Koobface creates its own malicious web pages

    Koobface - the long-running worm which first appeared 12 months ago - is being customised by hackers to crack security systems on website hosting services, and so allow it to auto-create its own web pages.

  7. Encrypted MoD laptop stolen – along with encryption key

    The UK Ministry of Defence says one of its encrypted laptops was stolen from its headquarters in Whitehall, central London in November – along with the laptop’s encryption key.

  8. Hacker makes plea bargain

    The hacker accused of helping to perpetrate the largest credit card theft in US history has agreed to plead guilty as part of a plea bargaining deal with federal prosecutors.

  9. Microsoft fixes browser flaw

    Microsoft’s last Patch Tuesday of the year saw the release of fixes for five flaws in its Internet Explorer browser, including a critical zero-day security vulnerability that was first publicly disclosed three weeks ago.

  10. Fortify introduces SaaS edition of its application vulnerability technology

    After several months of testing with a few clients, Fortify has rolled out a software-as-a-service (SaaS) version of its application vulnerability technology, Fortify 360.

  11. SecureWorks scoops up UK's dns in private cash and stocks deal

    SecureWorks, the US managed information security services specialist, has acquired dns, its UK-based rival, in a cash-and-stock deal that remains private between the two companies.

  12. Koobface rises again - this time it's a Christmas greeting

    Reports are coming in of a new variant of the Koobface worm doing the rounds of PCs connected to the internet. This latest variation of the long-running criminal-driven malware uses a Christmas greeting to spread infections via the Facebook social networking portal.

  13. House of Lords hears evidence on risk of cyberterattacks

    The House of Lords has heard evidence from a number of high-ranking IT experts about the risk of cyberattacks to the IT and communications infrastructure of the UK, and what might happen if a natural disaster interrupts the internet in a major way.

  14. ISA: Stimulus, not regulation, to spur cybersecurity

    Market stimulus, not regulation, is the key to enhancing cybersecurity at a national level, according to a report issued by a cybersecurity advocacy group last week.

  15. PGP whole disk encryption approved for MoD / Armed Forces usage

    After several months of tests, PGP Corporation has announced that its Whole Disk Encryption (WDE) technology has been approved for use by the Ministry of Defence and British Armed Forces.

  16. Adobe to patch mystery flaw tomorrow

    Adobe has announced that it will be issuing a critical update for its Flash and Air products tomorrow - but isn't telling us what the vulnerabilities are.

  17. Apple iPhone worms highlight flaw in whitelisting

    The recent well-publicised worms affecting the Apple iPhone - Ikee and Ikee-B - have raised a stir in the mobile phone security arena, but, says ESET, the IT security vendor, many observers have failed to realise the real problem with mobile phone security - users.

  18. Sophos warns of Facebook `Rubber Duck' identity theft

    How easy is it to steal an identity on Facebook, the popular social networking portal? Very, as Sophos Asia-Pacific discovered recently when it carried out the Facebook equivalent of a honeypot hacker trap.

  19. Webinar: Data leak prevention, security and log management webinar scheduled

    The issue of data leaks have been in the news constantly these last 12 months, with a litany of companies hit by publicly embarrassing leaks, losses and thefts.

  20. Cameroon is worst neighborhood on web for cybersecurity

    The Cameroon '.CM' domain tops the list of the riskiest top-level domains in terms of cybersecurity, according to a report from McAfee.

Why not watch?

  1. Identifying Concentration Risk and Securing the Supply Chain

  2. How to Manage Your Risks and Protect Your Financial Data

  3. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  4. Dispelling the Myths of Defense-Grade Cybersecurity

What’s hot on Infosecurity Magazine?