Rather than consulting a crystal ball, the Information Security Forum (ISF) looked to experts in the field – including those from its member organizations – to develop a set of security risk predictions for 2012 and beyond. 29 July 2010
As would-be iPhone users reportedly continue to queue in stores to buy new iPhone 4 handsets with two year airtime contracts costing large sums of money, the Daily Telegraph has revealed how the iPhone is logging a lot more information on its owners than they realise. 09 July 2010
Reports are coming in that a major hack of the Pirate Bay – the long-standing file-sharing index portal – has allegedly resulted in the release of the site's' four million users' details 08 July 2010
The Obama Adminstration has published a strategy aimed at improving the security of online transactions. 28 June 2010
The Federal Trade Commission announced a deal with Twitter in response to charges that the micro-blogging service failed to protect users’ personal information. The agreement includes the establishment of an independently audited information security program at Twitter. 24 June 2010
A recent survey from Osirium shows that IT security admins from larger organizations do a better job at protecting login credentials for security devices than their counterparts from smaller firms. 24 June 2010
Next time you come across a 'different' looking ATM that may – or may not – have a card skimming device attached, it's probably not worth looking around for furtive-looking data thieves, as they may be sitting comfortably at home while using a text message-enabled receiving device. 08 June 2010
Consultancy Deloitte has acquired security specialist IM Global to address the fears of its corporate customers. 01 June 2010
Recently publicized new features for Hotmail aim to increase security for the Microsoft webmail service. 24 May 2010
The security and privacy scares surrounding Facebook appear to have left their mark with users, as a survey carried out by Sophos claims to show that 60% of users would consider quitting the social networking site over the ongoing privacy issues. 19 May 2010
Cybercriminals are selling fake and stolen accounts on social networking site Facebook in bulk in the underground economy, according to security researchers. 05 May 2010
Things are not looking good for Terry Childs, the former San Francisco network administrator who compromised the city's network and essentially held it to ransom. Childs was convicted of computer tampering this week, and now faces up to five years in jail. 28 April 2010
As many in the security profession know, not all hacking involves computers, and, further, not all information security lies in networks. In fact, it may be the case that the most vulnerable element of security includes the people who are tasked with protecting information. 28 April 2010
A semi-annual report from Unisys shows that, when it comes to overall security, Americans are chiefly concerned about the unauthorized use of banking card information and identity theft. 15 April 2010
Infosecurity rounds up the week's news 06 April 2010
Reports are coming in that social networking giant Facebook is proposing a change to its privacy policy. And in true social networking style, users seem apathetic to the changes, despite their importance, says Sophos, the IT security vendor. 01 April 2010
Research commissioned by internet security specialist Webroot has revealed that 37% of social networkers have blocked search engines from showing their profiles to people they do not know. 31 March 2010
More than seven in ten IT executives have no idea what files are moving out of their organizatiocns, according to a survey conducted at the RSA onference by Ipswitch earlier this month. 30 March 2010
A self-confessed computer hacker who pleaded guilty to some of the most serious card account hacking and ID frauds in US history, has been sentenced to 20 years in prison. 26 March 2010
In an effort to fix what they called a “badly broken” immigration system in the US, two senators have proposed the use of biometric Social Security cards for all workers. 22 March 2010
You've heard about Apple potentially bricking iPhones, but that's small potatoes, compared to remotely disabling whole fleets of cars using centrally controlled computer systems. That's just what a 20-year-old employee for a Texas auto dealership is being accused of doing after he was laid off last month. 18 March 2010
Kaspersky has launched a one-click password manager designed to help users protect and maintain strong passwords across the online services that they use. 16 March 2010
The St. Louis Metropolitan Police Department is investigating a cyber attack that may have compromised the information of 24 people. 16 March 2010
A former worker for the Transportation Security Administration was indicted by a federal grand jury in Denver last week, on charges of trying to damage a protected computer. According to the District of Colorado attorney's office, Douglas James Duchak tried to corrupt a TSA database in the Agency's Colorado Springs Operations Center (CSOC). 15 March 2010
Identity theft protection company LifeLock will pay $12 million to settle charges of false claims made over its services. 10 March 2010
Computer games giant Ubisoft had to apologize to users after its online gaming service collapsed over the weekend. Ubisoft executives said that "exceptional demand" was to blame for the problem before the company blamed the downtime on an attack, the following day. 10 March 2010
In his keynote address at the RSA Conference 2010 in San Francisco, Scott Charney, corporate vice president of Microsoft’s Trustworthy Computing Group, outlined how Microsoft will apply its end to end trust vision to cloud computing. 02 March 2010
Infosecurity rounds up some of the week's security news 23 February 2010
An Indian resident has pleaded guilty to conspiracy and aggravated identity theft after engineering an international fraud scheme to hack online brokerage accounts in the US. 11 February 2010
Identity fraud in the United States has risen to an all time high, according to a report from Javelin Strategy and Research. The 2010 Identity Fraud Survey Report reveals that the number of identity fraud victims in the country has risen by the highest amount in a single year since the survey started seven years ago. 10 February 2010
Infosecurity is pleased to report that a prestigious array of presenters have been lined up for the latest virtual conference, due to take place on February 25. 05 February 2010
A legal case filed by a bank against a customer in the US promises to test the liability of customers in the event of security breaches. Dallas, Texas-based PlainsCapital bank is suing a business customer, Hillary Machinery, for not taking adequate measures to protect its banking details. 28 January 2010
Infosecurity US magazine is excited to announce the 2010 virtual conference on endpoint security, to be held on February 25, 2010. This one-day event brings a series of topical keynote sessions direct to your computer, giving you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world. 26 January 2010
Multi-factor mobile authentication firm PhoneFactor has developed a biometric verification system for its phone-based authentication platform. The system uses biometric validation of a user's voiceprint to provide what it says is three-factor authentication. 19 January 2010
The internal security risk issue is fast becoming a boardroom topic in most organizations, especially now that relatively rare road warriors have given way to a truly mobile workforce, able to work from almost anywhere, in most businesses. 18 January 2010
A Pennsylvania woman has been charged with identity theft and device fraud after forging driver's licenses and selling them on to third parties. 05 January 2010
An identity thief who used victims' credentials to register credit cards fraudulently was sentenced to more than nine years in prison wihout parole late last week. 21 December 2009
Infosecurity reports on the past week's news 01 December 2009
IBM has acquired Guardium, a company that sells enterprise database monitoring and security software. The acquisition gives IBM a software product that helps automate security compliance tasks, the companies said. 01 December 2009
Romanian fraudster Tibenu Szebeni has been given 27 months in prison and made to pay back $52 000 in ill-gotten gains after being convicted of ATM skimming. 30 November 2009
Botnet machines are being used as password crackers, according to data released by Microsoft on Friday. 30 November 2009
Economically challenged employees are likely to abandon their ethics in pursuit of new jobs by stealing corporate data, according to a survey from security firm Cyber-Ark. 24 November 2009
Los Alamos National Laboratory has spent $45 million on information security for its classified computer network in the past eight years, but it is still inadequate, according to a report from the Government Accountability Office. 18 November 2009
InDorse Technologies has released a software program that embeds policy information directly within its watermarking designed to protect image data. The watermarking product, called InDorse Image Assurance (InDIA), is designed to prevent the distribution of pirated photos and video gaming images to unauthorized personnel. 12 November 2009
Breaches, Certifications, Charges, Vulnerabilities, and Acquisitions. Infosecurity sums up the past week's news. 09 November 2009
The director of the FBI and the man charged with protecting the US from cyberthreats, Rober Mueller, has given up online banking after a phishing scare. 28 October 2009
A least-privilege security model has its merits, but it can be challenging to implement in for example Linux and UNIX environments where administrators often share passwords to root- or other superuser accounts. Find out how to implement least-privilege security management for Linux and UNIX for free on October 27 at 10am Pacific Time. 19 October 2009
Two experiments conducted at MIT are raising questions about the level of privacy among those who use modern tools such as mobile phones and social networks - and suggesting that there is even less of it than most of us already thought. 22 September 2009
This week promises to be an exciting one for Infosecurity and its readers as, while President Obama is reportedly close to appointing a Frank Kramer, former assistant defense secretary under President Bill Clinton, as his new cybersecurity chief, we will be hosting a topical IT security webinar looking at how to protect your critical data on a budget. 14 September 2009
Lapses in data security at major colleges and universities across the USA over the past four years have exposed tens of millions of personal records of students, alumni, faculty and staff and put them at risk of identity fraud and theft, according to a report from Identity Theft 911, the ID theft resolution service. 11 September 2009
Congress is working on proposed privacy legislation that would give consumers much more control over the personal and private information they generate and share with third-party companies on the internet during their everyday online activities. 09 September 2009
A group of academics with the University of California in San Diego and MIT claim to have discovered a cloud attack methodology called a side channel attack. By signing up to Amazon's cloud computing service and placing a virtual machine on the same physical machine as a target application, they claim the security of the cloud application can be compromized. 08 September 2009
As the recession continues to chew into budgets, and cybercriminals see increased opportunity for looting, CISOs need to ensure that their information security defences remain strong but affordable. Find out more for free! 07 September 2009
Whilst threats against business critical data have been rising steadily in recent times, almost all companies have had their IT security budgets cut or placed under intense scrutiny. 05 September 2009
With the recent scares about the swine flu, more and more businesses feel the need to plan for a pandemic, but are their security and IT up to the challenge? 04 September 2009
The number of organizations with at least half of their servers virtualized is expected to double in 2010 to 51%, according to a survey of 480 IT professionals about virtualization conducted by identity and access management vendor Centrify Corporation. 03 September 2009
Many authentication systems are not secure, especially as users often fail to remember a multiple of usernames and passwords, according to security company Network Box’s latest white paper Authentication, Who Are you? 02 September 2009
In this week’s information security news: Trojan eavesdrops on Skype; Snow Leopard only recognizes two Trojans; private messages are sent to wrong recipients; search warrants are needed for digital data; and more… 01 September 2009
Two-factor security vendor PhoneFactor is taking its clue from the CARS Cash for Clunkers rebate announcing a Cash for Security Clunkers program where organisations can trade in their security tokens for a phone authentication platform. 25 August 2009
In this week’s information security news: Microsoft patch exploited by hackers; Office 2010 sandbox security welcomed by security industry; hackers get their revenge on police; and more… 24 August 2009
Radisson Hotels & Resorts has announced that its computer systems have been accessed without authorisation between November 2008 and May 2009. Radisson is not saying, however, whether the unauthorised incursion was caused by hackers or an internal security issue, nor how many customers are affected by the incident. 20 August 2009
In this week's information security briefs: Poor password management a rising problem; Gartner says that IT products and services are heading for regulation by 2015; how Google helped Twitter fend off its DDOS attacks, and more... 17 August 2009
The programme for Infosecurity Magazine’s Virtual Conference on Information Security 2009 is now available with an exciting line-up of speakers from the IT security industry. 03 August 2009
This morning, 30 July, at the Black Hat conference in Las Vegas, Robert Lentz, Senior Information Assurance Official for the Department of Defense, declared the need for two extra cyber-czar roles: one for identity, and one for information security training and education. 30 July 2009
California's TriCipher has announced plans to unveil its myOneLogin authentication and identification technology on day three of the Cloud SSO event in San Diego on July 29th. 23 July 2009
Researchers with Russian IT security vendor Kaspersky Lab say they detected 575 new variants of the Koobface worm during June. 13 July 2009
Two researchers from Carnegie Mellon University claim that it is possible to predict a person's social security number by using statistical analysis, throwing the security of a key personal identifier into doubt. 08 July 2009
Danny Bradbury explores some of the more interesting stories in the security field from the last week. 30 June 2009
Danny Bradbury documents Tools, Twitter, Law, Hacked, Patched, and the Totally Whacked this week. 22 June 2009
Lawmakers in the US have introduced a bill that they hope will fix what they see as flaws in the controversial 2005 REAL ID act. The new bill introduces checks and balances to protect consumer privacy, according to congressional leaders and privacy watchdogs. 16 June 2009
Vision Solution’s explores the data protection, recovery and optimization technologies and strategies for running AIX and IBM i (i5/OS) environments in its white paper State of Resilience & Optimization on IBM Power Systems. 16 June 2009
LockLizard explores the pitfalls of PDF security in its white paper 10 Things You Really Wished You Had Known About PDF Security. 09 June 2009
The anonymity of cybercafe users in India is being severely curtailed, in a bid to stamp out illegal, fraudulent and terrorist usage of this popular method of gaining internet access. 08 June 2009
President Obama finally announced the results of Melissa Hathaway's 60-day cybersecurity review on Friday, and unveiled plans to hand pick a senior official responsible for cybersecurity policy. 01 June 2009
The Government Accountability Office criticised Federal agencies this week for poorly implementing information security controls, arguing that most of them were deficient. 21 May 2009
Last week, Infosecurity Magazine was at the RSA show in San Francisco. A variety of vendors launched new products. 27 April 2009
Despite the need for security being exaggerated in an economic downturn, smaller IT security companies will suffer, says Dave Hansen, Corporate SVP &GM Security Business Unit at CA, speaking to Infosecurity at the RSA conference in San Francisco. 27 April 2009
In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape. 22 April 2009
Powerpoint, Porn and Twitter 14 April 2009
Infosecurity magazine are now on Twitter. Please ‘follow’ us to receive our latest news, views and industry comments. 08 April 2009
Palin, patches and Mac hack. This week in brief. 16 March 2009
A mixture of private sector and congressional witnesses slammed the US for a lack of cohesion in its cyber security stance this week, calling for better leadership in the defense of the country's "cyber turf". 12 March 2009
Arrests A Chinese official has reportedly been arrested for taking backhanders to help one local anti-virus company disrupt the business of another. Yu Bing, director of the internet monitoring department of Beijing’s Public Security Bureau, allegedly took 4.5m Yuan ($657,000) to frame executives at antivirus company Micropoint and stop its products reaching the market. The money was said to have come from antivirus firm Rising, according to reports. 02 March 2009
Identity theft continues to be the top consumer complaint in the US, according to the Federal Trade Commission. 27 February 2009
Black Hat DC This week, Black Hat DC was on in Arlington, VA. Moxie Marlinspike announced a new attack against SSL that forces HTTPS traffic into HTTP to allow a man in the middle attack. Dan Kaminsky, who discovered the infamous DNS flaw last year and criticized SSL at the the time, reacts here. He also resolved at the conference to take two months off work to promote the adoption of DNSSEC - a more secure DNS standard that has not been widely implemented. 23 February 2009
Social networking giant Facebook has back-tracked on a controversial decision to retain users' information, even when they close their accounts. 20 February 2009
The FBI is investigating a $9m large-scale ATM fraud using cards cloned from US card processor RBS Worldpay. 04 February 2009
Online recruitment website monster.com has suffered from another major data breach. 29 January 2009
Apple's own announcements at the MacWorld show last week may have been relatively underwhelming, but several companies rolled out new security technologies at the event. A stolen computer tracker accompanied a two-factor authentication system for the iPhone. 12 January 2009
President-elect Obama was among 33 celebrities whose Twitter accounts were hacked this week. Attackers managed to compromise the accounts on the microblogging service by hacking into the company's support tools. 07 January 2009
Global IP Communications claims to have developed the world's first Trojan-proof password dialog system for Windows PCs. 17 September 2008
ID theft via social networking sites is all media hype according to Shawn Moyer and Nathan Hamiel. In their session on social networking at Black Hat, Las Vegas, the duo insisted that ID theft via social networking sites is not a problem. 18 August 2008
Identity theft and fraud in the US fell by 12% in 2007 as it fraudsters apparently relied on offline channels for their attacks. 14 February 2008
With a key deadline rapidly approaching, will there be rapprochement between the Federal Government and a group of individual states over the implementation of the Real ID Act? 08 February 2008
Email Address
Password
Forgotten login?