Latest News

Internet and Network Security

Black Hat: Google knows more about citizens than Kim Jon-il In his thought-provoking session, entitled ‘Changing threats to privacy: From TIA to Google’, Maxie Marlinspike, researcher with the Institute for Disruptive Studies, declared that surveillance is at an all-time high, and privacy is at an all-time low.
30 July 2010 ISF shares its security risk predictions Rather than consulting a crystal ball, the Information Security Forum (ISF) looked to experts in the field – including those from its member organizations – to develop a set of security risk predictions for 2012 and beyond.
29 July 2010 Black Hat 2010: Microsoft and Adobe collaborate to share vulnerability information At Black Hat Las Vegas, 28th July 2010, Microsoft announced that it will extend its Microsoft Active Protections Program (MAPP) to include vulnerability information sharing from Adobe Systems.
28 July 2010 Juniper Networks purchases SMobile In an attempt to fortify its mobile security portfolio, Juniper Networks announced it has acquired SMobile, a specialist in the field.
28 July 2010 Black Hat 2010: Cybersecurity is top priority for Homeland Security The thirteenth Black Hat conference kicked off in Las Vegas this morning with a keynote from Deputy Secretary Jane Holl Lute.
28 July 2010 Commerce Secretary looks to improve cybersecurity in commercial sector Speaking at a cybersecurity symposium in Washington yesterday, US Commerce Secretary Gary Locke called on commercial, academic and public sector interests to submit their ideas on mitigating cyber threats in the commercial sphere, without stifling innovation in the internet economy.
28 July 2010 Trusteer adds malware removal utility to Rapport browser add-in If you use e-banking with HSBC, NatWest, RBS, Santander and a growing number of other European and US banks, chances are you'll have been asked to download and install a free copy of Trusteer's Rapport security add-in to your browser.
28 July 2010 Cyber crimes cost organizations $3.8 million per year A recent study conducted by the Ponemon Institute reveals that, on average, cyber crime costs organizations in the US about $3.8 million per year.
27 July 2010 IBM discusses its security strategy It has been a busy acquisition season in the security sector thus far, with few companies being more active in this sphere than IBM. Members of the IBM security team spoke with Infosecurity about their views on the future of security and the firm’s strategy going forward.
22 July 2010 McAfee announces security tools for Apple Macs Security firm McAfee has released two security products for Apple Macs.
22 July 2010 Half a billion people sign up to Facebook despite privacy risk Despite the privacy concerns raised by civil rights groups around the world, almost one in 12 people on the planet is signed up to social networking site Facebook.
22 July 2010 Free web browser and plug-in security service launched Cloud security specialist Qualys has launched an interactive and online web browser checking service. Known as BrowserCheck, the service has been in development for almost 18 months and under active beta test internally for some three months, Wolfgang Kandek, Qualys' chief technology officer told Infosecurity.
19 July 2010 Mozilla increases reward for security bugs Mozilla – the organization responsible for the open-source Firefox web browser – has upped the ante for the discovery of security bugs, as it will begin paying security researchers $3000 for each reported flaw with its products.
19 July 2010 Blocking access to Web 2.0 in workplace not viable Work usage of Web 2.0 services has soared in recent years, but many businesses block access to Web 2.0 sites in the work environment on the basis that these services pose too much of a security risk.
16 July 2010 Internet security takes a leap forward Internet security took a giant leap forward on Wednesday with the global roll-out of technology aimed at making the public network safer for all users without affecting performance.
15 July 2010 Scam targets Visa, MasterCard online verification services Trusteer recently warned that the Zeus (Zbot) financial malware is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs – Verified by Visa and MasterCard SecureCode.
14 July 2010 Trend Micro reports global rise in social networking at work A survey of workers in the US, UK, Germany and Japan has revealed that almost a quarter of employees surveyed now visit social networking sites whilst on the corporate IT network.
14 July 2010 New phishing attack disguised as a PDF reader update Malicious e-mail attacks that look like PDF reader updates have been increasing in volume since the middle of June, says Symantec Hosted Services.
12 July 2010 Fake Adobe Flash updates lure the unwary Barracuda Networks has warned internet surfers to be wary of fake Adobe flash updates, after it uncovered a number of compromised sites in the wild which present unwary visitors with an official-looking Adobe Flash update page.
09 July 2010 Four million Pirate Bay users' details revealed Reports are coming in that a major hack of the Pirate Bay – the long-standing file-sharing index portal – has allegedly resulted in the release of the site's' four million users' details
08 July 2010 Free social networking security webinar and research paper this Thursday Social networking has gone from zero to hero in terms of business-to-consumer support and interactions, allowing organizations to increase their rapport with customers, as well as reducing the cost of customer support. But it's not all wine and roses, as there's the regulatory and compliance issue to address before you allow staff to access Facebook, MySpace, Twitter and all sites in between.
06 July 2010 Unpatched Windows flaw causing problems says Microsoft Microsoft has announced that an unpatched flaw in Windows XP and Server 2003 – which it routinely alerted users about in the middle of last month – is being actively exploited by hackers in the wild.
06 July 2010 China keeps Google waiting on licence decision Chinese authorities have still not told Google whether its licence to operate in the country will be renewed after nearly a week of waiting.
06 July 2010 Hackers disrupt YouTube, iTunes and Wikipedia on US Independence Day Hacker groups hit several top websites on US Independence Day, but it remains unclear if the malicious efforts were co-ordinated or not, according to US reports.
05 July 2010 Apple iTunes security allegedly compromised Reports have been coming in overnight that a growing number of iTunes' accounts have been hacked, with unauthorised charges appearing on user accounts, as well as a 'take-over' of a number of apps on the iTunes store apparently by a Vietnamese software developer.
05 July 2010 Ipswitch offers free networking testing software Ipswitch has announced it is offering WhatsUp Gold Engineer's Toolkit software – which normally sells for several hundred pounds – as a free download for a limited period of time.
05 July 2010 Google ceases redirect of search portal in China Google has apparently flinched – at least partially – in its game of chicken versus the Chinese government, as the company attempts to smooth over relations with Beijing to renew its provider’s license.
01 July 2010 IBM acquires BigFix IBM today announced it has entered into an agreement to acquire BigFix, Inc., a privately-held company based in Emeryville, California.
01 July 2010 Teenagers may be sharing too much information online Results of a recent online behavior survey commissioned by McAfee give rise to concern if you are the parent of a teenager.
30 June 2010 Chrome browser to block outdated plug-ins Three researchers from the Google Security Team revealed that the Chrome web browser will attempt to enhance security through increased scrutiny of plug-ins, including blocking those that are out-of-date.
30 June 2010 US holds pole position as spam generator The end-of-May state of spam report from Kaspersky Lab claims that the US maintained its position as the prime distributor of spam – despite a decrease of 2.4% compared to March's figure.
28 June 2010 Minnesota WiFi hacker who threatened vice president indicted A Minnesota man was indicted yesterday for an incident where he allegedly hacked into a neighbor’s WiFi network and sent threatening emails to the vice president, governor of Minnesota, and a US senator.
25 June 2010 Ex-NSA CIO/CTO says Eastern Europe is developing its IT security technology more efficiently Eastern Europe is catching up to the West in terms of IT security awareness and, as a result, is starting to develop some interesting solutions to the problem of cybersecurity, according to Prescott Winter, the former CIO/CTO with the National Security Agency.
25 June 2010 Symantec security ops manager warns of new phone support cyberscam Cybercriminals are branching out into new areas and, says Orla Cox, security operations manager with Symantec, one of the latest diverse scams involves a 'company' called Online PC Doctors, who initiate the cybercrime by telephoning the victim directly to advise the computer users they have a 'virus' and offer to fix it for a fee.
25 June 2010 Twitter’s Facebook app difficulties down to Facebook, says Twitter An update to Twitter's Facebook app, which allows users to "follow" their Facebook friends, appears to have failed due to problems with Facebook.
24 June 2010 Firefox browser gets nine bug fixes and crash protection Mozilla has patched eight flaws, including five critical vulnerabilities in versions 3.5 and 3.6 of the Firefox browser.
23 June 2010 Firefox extension provides encrypted search capability The Electronic Frontier Foundation has teamed up with the Tor Project in offering a Firefox browser plug-in that encrypts communication between users and several major websites.
22 June 2010 Major hack of Israeli Twitter accounts Reports are coming in of a systematic hack of Twitter accounts – apparently owned by Israeli internet users – by Turkish hackers.
22 June 2010 Facebook stands up to privacy coalition Facebook has insisted it is doing enough to protect users' privacy in response to an open letter from a coalition of privacy groups calling for more action.
21 June 2010 eNom fails to act on bogus online pharmacies The world's second-largest seller of website addresses knowingly helped groups that sell counterfeit pharmaceuticals to US residents in violation of federal laws, a research report alleges.
21 June 2010 You can't trust the internet, says Panda technical director After observing the IT security arena for around 20 years, Luis Corrons, Panda Security's technical director, has come to a simple conclusion – you can't trust the internet and, as a result, users should always be distrustful of everything they see on the web.
18 June 2010 Internet Fraud Alert service to help rescue stolen account credentials Microsoft, eBay, PayPal, Citizens Bank and several US regulators, consumer organizations and security groups have set up an online fraud alert service.
18 June 2010 Inspector General identifies key deficiencies in US cybersecurity response The Department of Homeland Security’s Inspector General testified before Congress yesterday and provided an update on US-CERT’s efforts to improve cybersecurity, while also identifying many key points where the department is still falling short.
17 June 2010 Security vendor identifies Skype exploit in the wild M86 Security has come across active exploitation of a Skype ActiveX vulnerability that affects older versions of the popular VoIP service.
17 June 2010 Twitter warns of more disruptions during World Cup Twitter's outages at the start of the week could be repeated in the next few weeks due to technical problems and increased traffic during the FIFA World Cup, the site has warned.
17 June 2010 Security expert cautions on hidden Javascript tweets Rik Ferguson, senior security advisor with Trend Micro, has uncovered a potentially serious Javascript security attack on users of the Twitter microblogging service.
17 June 2010 Spammers gear up for Father’s Day Global spam exploiting Father's Day is increasing rapidly in the run up to the June 20 celebration in 52 countries, according to the Symantec Response team.
17 June 2010 Ipswitch scoops up MessageWay Solutions in latest acquisition Massachusetts-based managed file transfer (MFT) provider Ipswitch has acquired MessageWay Solutions in a bid to expand its offerings into high-value, sensitive file transfer services.
16 June 2010 Microsoft will need to produce a patch for Windows XP SP2 Businesses running Windows XP SP2 have been hit by a double-whammy this week.
16 June 2010 Infosecurity welcomes new blogger to its roster We are pleased to announce the addition of Geoff Webb to our list of contributors currently blogging for Infosecurity.
15 June 2010 AVG introduces free web security tool for Mac The company, known primarily for its free anti-virus software, has now ventured into a new area of personal computing protection by offering its AVG LinkScanner to Mac users.
15 June 2010 Security threat monitor app for iPhone released Sophos has released a free app for the iPhone that is said to allow users to stay on top of latest threats, news and malware information in the IT security-sphere.
15 June 2010 Senate introduces sweeping cybersecurity bill Late last week Senator Joe Lieberman, along with other ranking members of the Senate Committee on Homeland Security, introduced a comprehensive bill designed to strengthen the nation’s networks and critical infrastructure against cyberattacks while expanding presidential powers to combat the threats.
14 June 2010 ISACA identifies top five social media risks for business A white paper just published by ISACA, the not-for-profit IT security association, claims to show that five main social media issues pose a serious security risk for most businesses.
14 June 2010 Spammers getting lazier says Symantec Some rather amusing news comes our way today courtesy of Symantec, and it does not bode well for the creative prowess of spammers. It appears that one of May’s hottest spam trends was blank email subject lines according to the company’s latest “State of Spam & Phishing” report.
11 June 2010 Cybercriminals tap into World Cup fever with malware and infected emails If you're a World Cup fan, then you had better be ultra-careful on which links you click through to, as it seems that cybercrminals are ramping up their malware and infected emails to tap into fan's interest in the World Cup.
11 June 2010 New vulnerability in Windows revealed An independent security researcher has published exploit code for a zero-day vulnerability in Windows XP and Windows 2003.
10 June 2010 Twitter prepares to launch own link shortener to boost security Twitter has announced it is another step closer to launching its own web link shortener to boost security, which could push out popular services such as bit.ly and tinyurl.
10 June 2010 YouTube impostor pages serving up malware Taking advantage of recent hot topics like the NBA Playoffs and the BP gulf oil spill, cybercriminals are capitalizing on the YouTube brand to infect user machines with malware.
09 June 2010 Adobe accelerates Flash Player fixes Adobe announced that it will issue an unscheduled security patch to address vulnerabilities found in its Flash Player operating on Windows, Mac, and Linux. The company expects to have this fix ready by June 10.
09 June 2010 Kaspersky details Q1 information security threats Nearly half of all information security threats came from Adobe application exploits over the first quarter of 2010 according to the most recent quarterly analysis from security vendor Kaspersky.
07 June 2010 Adobe warns of critical multi-platform security flaw Adobe has released a major warning over a critical vulnerability in its Flash Player 10.0.45.2 and earlier editions for Windows, Apple Mac, Linux and Solaris platforms.
07 June 2010 Ballmer defends Windows after Jobs' attack Windows will be increasingly modified and optimised for various functions and different types of hardware, says Steve Ballmer, chief executive of Microsoft.
04 June 2010 Outbound spam report reveals scale of ISP problems A report on the issue of outbound spam claims that more than two-thirds of the world's ISPs are experiencing an expensive headache due to the generation of outbound spam on their networks.
04 June 2010 Apple CEO Steve Jobs says Windows in permanent decline Apple chief executive Steve Jobs has predicted that personal computers running Microsoft's Windows operating system are in a permanent decline.
04 June 2010 ISF publishes guidance on converged networks The Information Security Forum has identified potential security vulnerabilities that can occur from the synthesis of multiple networks onto a single internet protocol (IP). In response, the non-profit has issued a report on network convergence security for its membership.
03 June 2010 50% of IT professionals hack own enterprises Research just published shows that 83% of IT professionals consider commercial software to be riddled with security flaws and, as a result, they are making heavy investments in penetration and code testing of their IT resources.
03 June 2010 Google switch from Microsoft could cause security issues Earlier this week, Google announced that its staff will require special permission to install Microsoft operating systems and software on their computers. According to one security expert, however, Google could be raising, rather than reducing its security risk profile.
03 June 2010 Millions of internet users risk attack with aging IE6 browser Microsoft's Internet Explorer 6 browser is still used by more than 25% of internet users, even though it attracts cyber attackers because it lacks up-to-date security features, a study has revealed.
02 June 2010 World Cup spam volumes soar Spam relating to the FIFA 2010 World Cup has soared by about 27% according to security firm, Symantec.
02 June 2010 Facebook users warned about new viral clickjacking worm It may have been Memorial Day weekend in the US, but it seems that Facebook hackers have been out in force, harvesting user credentials using a clickjacking worm that encourages users to click on what appears to be an attractive link.
01 June 2010 Ohio man indicted for involvement with fake anti-virus ring A Cincinnati area resident will face charges for aiding an international fake anti-virus scheme. Also indicted were two foreign-based co-conspirators.
01 June 2010 Security concerns hasten Google’s move off Windows Google is moving away from the Microsoft Windows operating system in favor of the Apple Mac OS and open source Linux because of security concerns after its Chinese operations were hacked in late 2009.
01 June 2010 How to protect your personal information on Facebook Facebook members can protect their personal information by following some basic guidelines, says security firm Symantec.
01 June 2010 Scientology DDoS jail sentence signals turning point It's been something of a busy week for distributed denial of service (DDoS) attacks – as well as CNN reporting that Media Temple, the web hosting provider for a range of blue chip companies, was hit with a sophisticated attack, the Associated Press reported that a Nebraska man has been sentenced to a year in prison for his role in a cyber attack on the Church of Scientology's websites two years ago.
28 May 2010 Apple bigger than Microsoft or Google in market cap Yesterday Apple became the world's biggest IT company by market value, eclipsing Microsoft for the first time since 1989, and even Google.
27 May 2010 Facebook announces open privacy settings As widely reported by the media in the last 24 hours, Facebook has responded to the ongoing criticism regarding the privacy of its members and announced plans to develop a privacy interface for users.
27 May 2010 Mozilla warns of new phishing scam Aza Raskin, a well-known US interface design expert and creative lead on Mozilla's Firefox browser software, has revealed a new type of phishing attack known as `tab napping.'
27 May 2010 $8.94 an hour will rent you your very own botnet The price of online cybercrime has reduced so that criminals can rent bots by the hour. VeriSign's iDefense research operation says the cost is just $8.94 an hour.
25 May 2010 Microsoft looks to enhance security with Hotmail update Recently publicized new features for Hotmail aim to increase security for the Microsoft webmail service.
24 May 2010 Google introduces encrypted search An encrypted beta search service was unveiled by Google late last week. The new search site uses SSL encryption when connecting to Google from users’ internet browsers.
24 May 2010 PlainsCapital settles with former customer in cyber theft incident Texas-based PlainsCapital Bank has reached a settlement agreement with one of its former customers, Hillary Machinery, which had more than $800 000 stolen from its corporate account by cyber criminals.
21 May 2010 Final episode of 'Lost' tapped by hackers to spread fake anti-virus software There's nothing like the final episode in a TV series to bring out people on the Net looking for early copies of the cliffhanger, and 'Lost' looks to be no exception. Unfortunately, PandaLabs reports users' searches are being hijacked to get them to install fake anti-virus software.
20 May 2010 Facebook to simplify privacy tools Facebook has announced that it will release simpler privacy options in the face of a growing storm over the company's drive to encourage more people to publish more information online by default.
20 May 2010 Symantec to pay $1.28bn for VeriSign’s security business Security software group Symantec is to acquire VeriSign's identity and authentication business in a $1.28bn cash deal.
20 May 2010 Apple releases Java security updates Apple has issued two Java security patches for Mac OS X 10.5 and 10.6.
20 May 2010 Majority of Facebook members consider quitting over privacy issues The security and privacy scares surrounding Facebook appear to have left their mark with users, as a survey carried out by Sophos claims to show that 60% of users would consider quitting the social networking site over the ongoing privacy issues.
19 May 2010 Security hole found in Windows 7 display driver Microsoft has issued a security advisory for a canonical display driver (cdd.dll) vulnerability affecting Windows 7 and Windows Server 2008 R2.
19 May 2010 iPad gets secure remote access for free Unlike the iPhone, there is every sign that the Apple iPad will be adopted by companies looking for alternatives to laptops and netbooks, but when it comes to remote authentication, iPad support is a bit thin on the ground. Until now, however, as Astaro has developed a secure remote access solution for iPad users.
19 May 2010 McAfee quarterly threat analysis shows increased hacker intelligence The latest quarterly threat analysis from McAfee shows that, although fewer new threats were reported in the first quarter of 2010, cybercriminals are becoming a lot more inventive as they try and extract revenue from an increasingly security-savvy internet user-base.
18 May 2010 Phishing scam hits thousands on Twitter A phishing scam is targeting thousands of Twitter users hoping to increase their number of followers.
17 May 2010 Facebook identifies hacker selling 1.5 million accounts Reports are coming in that Facebook has identified the self-proclaimed hacker who was offering to sell batches of 1000 Facebook accounts – up to 1.5 million in total – and it appears that the Russian hacker was wildly overstating the account numbers.
17 May 2010 US military considers responses to cyber attack The US military is to consider a military response in cases of cyber attacks against the US, according to a Pentagon official.
14 May 2010 Facebook adds security tools amid growing privacy storm Facebook has added new security tools to prevent hacking and held a staff meeting amid a growing storm about privacy at the social networking company.
14 May 2010 Cybercriminals exploit Google Groups Cybercriminals are using Google Groups to distribute rogue anti-virus software and other malware, according to researchers at security firm eSoft.
13 May 2010 Microsoft patches address two vulnerabilities Microsoft issued two security bulletins on Tuesday for what the company called “critical” patches to the Windows OS, Office suite, and Visual Basic.
12 May 2010 Hackers use web servers to deliver more powerful DDoS attacks Cyber criminals are using a new type of distributed denial of service (DDoS) attack that is more powerful and elusive than any predecessors, says security firm Imperva.
12 May 2010 Security firms warn of bogus job search emails Security vendors – including Websense and Sophos – have sent up a red flag about suspect emails targeting human resources staff. The messages apparently contain zip files that, when opened, infect users’ PCs with rouge anti-virus.
12 May 2010 Researcher uncovers flaw in Apple’s Safari browser A security researcher from Poland has discovered what is being called a “highly critical” zero-day flaw in the Apple Safari browser that would allow for remote code execution.
10 May 2010 Twitter accounts being compromised by new service Reports are coming in that large numbers of Twitter account holders have had their online accounts compromised, with the accounts apparently generating messages advertising a website that claims to help users attract more followers.
10 May 2010 Facebook security under fire again – this time over leaky IP addresses Facebook is under fire from the security industry for the third time this month and this time over an allegation that its notifications are leaking IP addresses.
10 May 2010 Facebook bolsters team in response to increased privacy scrutiny Facebook has hired former US Federal Trade Commission chairman Tim Muris in the face of increased government scrutiny of the social networking site's privacy policies.
10 May 2010 Facebook under fire for stealth app installs Fresh from its security problems of earlier in the week when members' chat sessions were visible to third-party users, Facebook has come under fire for allegedly installing applications on users' Facebook areas by stealth.
07 May 2010 ISPs set to oppose US regulator’s attempts to impose greater controls US internet service providers are gearing up for battle after the US media regulator announced plans for stricter controls on the sector that will open the way for net neutrality.
07 May 2010 Louisville hospital loses nearly 25 000 patient records Our Lady of Peace psychiatric hospital in Louisville has notified the public of the loss of a flash drive containing the personal information of 24 600 patients.
07 May 2010 Root zone switches to DNSSEC The last of the internet's 13 root servers has been switched to a secure version off the Domain Name System (DNS). This means that the entire root zone for the internet is now operating using DNSSEC.
07 May 2010 US Treasury website hacked A website operated by the US Treasury was suspended on Tuesday after the site was hacked.
06 May 2010 Facebook publishes chat messages by mistake Social networking giant Facebook temporarily shut down its live chat service this week, after a security flaw caused the site to begin showing some users' chat messages to their other contacts.
06 May 2010 Cybercriminals trading in large volumes of Facebook accounts, say researchers Cybercriminals are selling fake and stolen accounts on social networking site Facebook in bulk in the underground economy, according to security researchers.
05 May 2010 Kernell convicted of Palin hack David Kernell, the college student who hacked into former Alaska governor and vice presidential candidate Sarah Palin's email account, has been convicted by a federal jury, and faces up to 21 years in jail.
05 May 2010 IM worm runs wild online A network worm is spreading through Yahoo Instant Messenger, and has aggressively infected systems globally, according to security vendors.
05 May 2010 Pump and dump scammers convicted Two pump and dump scammers were convicted by a federal jury this week. G. David Gordon and Richard Clark, both of Tulsa, Oklahoma, will be sentenced for stock trading offenses committed between 2004 and 2006.
05 May 2010 Congressional Library won't store deleted Tweets The US government has released further information about its plans to store every Twitter post ever produced, for perpetuity, in the Library of Congress.
03 May 2010 Weekly Brief - May 3 2010 According to reports in the Virginia Pilot, investigators still have no idea who breached a statewide prescription drug database a year after the event. However, not all online criminals are as smart. Mesquite, Texas-based David Anthony Edwards is pleading guilty to charges of building a custom botnet. Charges allege that he and an accomplice attacked a computer posted by popular ISP The Planet as a demonstration to a potential botnet customer.
03 May 2010 Infosecurity Europe 2010: Symantec acquires PGP and GuardianEdge Symantec, now the largest vendor in the security software marketplace, has agreed to buy PGP and GuardianEdge Technologies for $370 million in cash, and in the process gaining access to technology for protecting e-mails and data.
30 April 2010 Infosecurity Europe 2010: Organizations fall short on securing website applications IT security professionals in the US believe that their organizations lack proper investment in website application security, even though many of their websites contain ‘mission critical’ applications. This is according to a study conducted by the Ponemon Institute and sponsored by data security firm Imperva and WhiteHat Security, which tests websites for vulnerabilities.
29 April 2010 Infosecurity Europe 2010: The human factors in security vulnerability As many in the security profession know, not all hacking involves computers, and, further, not all information security lies in networks. In fact, it may be the case that the most vulnerable element of security includes the people who are tasked with protecting information.
28 April 2010 Microsoft withdraws security patch for Windows Media Services Microsoft has withdrawn a Windows 2000 Server security patch released on 13 April to fix a flaw in Windows Media Services.
26 April 2010 Israel lifts Apple iPad ban Israel has lifted a ban on imports of Apple's iPad, which was imposed because authorities said the device's Wi-Fi system was incompatible with Israel's wireless standard.
26 April 2010 Blippy suffers credit card number leak Shoppers’ social networking service Blippy suffered a security flaw late last week, after some of its users’ credit card numbers began appearing in search results.
26 April 2010 NSA holds cyber boot camp The National Security Agency is holding the latest in a series of annual cyber defense 'boot camps' designed to test the skills of its staff. For the first time, the NSA is including a 'grey' user in its team, to simulate an uneducated user who clicks on all of the links sent to them, regardless of how suspicious they are.
26 April 2010 Sarah Palin takes stand in email hacking case Two days after her daughter Bristol testified about harassment she was subjected to in the wake of her mother’s email account being hacked, Sarah Palin gave her version of the incident at a US District Court in Tennessee on Friday.
23 April 2010 McAfee blames QA process change for faulty update Companies around the world have been forced to clean up thousands of computers after the flawed McAfee anti-virus update released on Wednesday caused chaos.
23 April 2010 Flash-based client device identification on the way out Gartner has warned that the use of Flash local storage as a means of verifying end-user devices for security purposes is coming to an end.
23 April 2010 Palin kin testifies in email hacking case Bristol Palin, the daughter of Republican party darling Sarah Palin, testified yesterday at the trial of a former Tennessee college student who has been indicted for hacking into the email account of the former vice presidential candidate.
22 April 2010 McAfee security software flags Windows kernel code as malware Reports are coming in that McAfee's popular IT security software is tagging Microsoft Windows system files as malicious, causing serious stability problems, screen freezes and bootup loops for a large number of Windows XP users.
22 April 2010 US malicious internet traffic doubled, says Akamai Malicious internet traffic emanating from the US almost doubled between the third and fourth quarters of last year, according to figures released by Akamai this week.
22 April 2010 Trusteer detects rapid spread of new polymorphic Zeus trojan Trusteer says it has detected a completely new version of the Zeus password stealing trojan that has been designed to steal online banking credentials.
21 April 2010 Hackers stole Google password program The hackers responsible for the Operation Aurora attack against Google also managed to compromise its single sign-on password system, according to a report in the New York Times this week. The attack, which happened in December, targeted a highly secretive system operated by the search engine giant called Gaia last December.
21 April 2010 Extortion trojan targets torrent site users Anti-malware company Avira has reported an extortion scam designed to scare torrent site users into giving their credit card information to a phishing site.
21 April 2010 PDF attacks skyrocket, says Symantec Web-based attackers are increasingly targeting PDF files to compromise machines online, according to new figures released by Symantec. In the April version of its Internet Security Threat Report, the company revealed that half of all Web-based attacks in 2009 targeted PDF files, compared to just one in 10 attacks reported the previous year.
21 April 2010 Malicious activity in emerging regions a threat to all business, says Symantec Businesses need to take note of the increase in malicious cyber activity in emerging countries, particularly those offshore and outsourced operations, says Symantec.
20 April 2010 Weekly brief, April 20, 2010 Infosecurity charts the week's news.
20 April 2010 Lower Merion School District in voyeur scrape over webcam Administrators at Pennsylvania-based Harriton High School downloaded over 400 screenshots and webcam pictures of student Blake Robbins rather than the one or two previously estimated, according to a new motion filed in the court case between Robbins' family and the lower Merion School District. They also downloaded many images of other students, the District has admitted.
20 April 2010 Google Chrome used as trojan bait A trojan has appeared posing as an extension to the Google Chrome browser. Delivered via email, the invitation to install the software tempts users with promises of a function to access documents from emails.
20 April 2010 Cyber attack on Google hit password system A Google insider has revealed that the losses incurred by cyber attacks on the firm, disclosed in January, included a password system that controls access to almost all Google web services.
20 April 2010 FBI director requests more cybersecurity staff The FBI has submitted its fiscal year 2011 budget demands to Congress, requesting additional resources for several cybersecurity concerns, including computer intrusions and counterintelligence.
19 April 2010 Porn sites top drive-by download list Porn sites are still the most likely online destinations to be compromised with malware, in spite of increasing attacks on legitimate non-porn websites, according to a report released by security company Commtouch this week.
19 April 2010 Researchers reveal Internet Explorer 8 XSS filtering flaw A pair of security researchers have identified a way to use security tools within Internet Explorer 8 to compromise a website. The attack uses cross-site scripting filters implemented in the latest version of the Microsoft browser to execute cross-site scripting attacks on sites that would normally be invulnerable to them.
18 April 2010 Researcher releases malware hub forensics tool for Firefox A Websense researcher has released a forensics tool designed to identify malicious web content from within the Firefox browser. Called Fireshark, the plug-in was released on Wednesday at the Black Hat security conference by Stephan Chenette, a principal security researcher at Websense.
15 April 2010 Apache.org hit by XSS attack The website for the open source Apache Web server at Apache.org was compromised this month by a targeted attack, said the Apache Software Foundation, which has provided a detailed blow-by-blow account of the hack.
15 April 2010 New Zeus attack uses Adobe design flaw The Zeus botnet continues to spread graciously, according to new data collected by Websense – and other researchers say that it is exploring a recently discovered design flaw in the Adobe PDF file format.
15 April 2010 Americans uneasy about identity theft and security of online transactions A semi-annual report from Unisys shows that, when it comes to overall security, Americans are chiefly concerned about the unauthorized use of banking card information and identity theft.
15 April 2010 Attackers use PAC feature to redirect browsers Brazilian malware writers are making use of a long-available feature within most modern browsers to launch attacks that redirect victims to malicious websites without their knowledge. The feature, known as proxy auto config, is turning up in banking trojans, according to researchers from Kaspersky.
14 April 2010 Game consoles at work threaten corporate security Games console in the workplace pose an increasingly serious threat to enterprise security, according to new research from Sunbelt Software. The anti-malware vendor said that almost 4 in 10 respondents to the survey had no idea about any of the documented threats relating to online console gaming.
14 April 2010 Feds lagging on FDCC, watchdog says Federal agencies are lagging behind in the implementation of the Federal Desktop Core Configuration (FDCC) requirements, according to the US Government Accountability Office.
14 April 2010 Network Solutions fixes WordPress installations Web hosting company Network Solutions has deployed a massive fix for a configuration flaw that led to hundreds of WordPress blogs being compromised.
13 April 2010 Symantec upgrades key products Symantec announced a range of new products today designed to lock down business IT assets. It unveiled version 10 of its Control Compliance Suite, Data Loss Prevention Suite 10.5, Altiris IT Management Suite 7.0, and its Symantec Protection Suites.
13 April 2010 Weekly Brief, April 13, 2010 Infosecurity reviews the week's security news
13 April 2010 Microsoft to fix F1 bug Microsoft plans to fix the 'F1' security bug that has been plaguing Internet Explorer users for six weeks in its monthly set of security patches tomorrow.
12 April 2010 New York resident sentenced in Charles Schwab hacking scam A Manhattan resident was sentenced last week for his part in an international money laundering and data theft scheme that hacked into accounts at brokerage firm Charles Schwab.
12 April 2010 Alternate data stream tool launched RootKitAnalytics has made a tool available for discovering hidden alternate data streams. Called StreamArmor, it is designed to analyze a feature of the Windows file system that allows hidden data to be embedded in files.
12 April 2010 ISACA survey reveals uncertainty over cloud computing security risks Nearly half of US IT professionals surveyed by ISACA said they believe that the security risks of cloud computing outweigh the potential benefits.
09 April 2010 China denies Shadow network ties The Chinese government is strongly denying any involvement with a cyber-espionage network that was discovered by Canadian researchers and unveiled in a report this week.
09 April 2010 70 arrested in Romania in cybercrime ring Seventy people were arrested in Romania this week as part of an investigation of three organised criminal groups connected with cybercrime.
09 April 2010 Gracenote, Civolution in UGC fingerprinting deal Content watermarking firm Civolution has signed an expanded long-term agreement with online music database firm Gracenote to jointly market an audio and video content identification platform that lets content owners and service providers filter and monitor content.
08 April 2010 Riverbed and McAfee in optimization deal McAfee has signed a deal with IT performance optimisation company Riverbed Technology to embed its firewall technology in the Riverbed Steelhead WAN optimisation appliance.
08 April 2010 Weekly brief, April 6, 2010 Infosecurity rounds up the week's news
06 April 2010 Researcher makes PDF files worm-able A security researcher has come up with a proof-of-concept attack that enables malicious executables to be remotely injected into clean PDF files.
06 April 2010 Companies lag behind on cloud security Enterprise customers are lagging behind on cloud security, according to a study released by Symantec and the Ponemon Institute.
06 April 2010 Fortinet: Scammers shifting to ransomware Ransomware and scareware continue to be huge threats, according to the March 2010 edition of the Fortinet Threatscape report.
01 April 2010 eBay comes under attack, says Red Condor eBay is the victim of a phishing attack that uses its own compromised server, according to email filtering company Red Condor.
01 April 2010 IBM and FAA working together on security project IBM is working with the US Federal Aviation Administration on research to secure the US civilian aviation system from electronic attack.
01 April 2010 Social gamers are ideal spammer targets, says BitDefender Social gaming networks are becoming a fruitful space for spammers thanks to socially promiscuous users, according to research published by anti-malware company BitDefender.
01 April 2010 Botnet targets Vietnamese speakers Vietnamese speakers have been targeted in an attack that researchers are describing as politically motivated.
01 April 2010 Social networking site users failing on privacy says Webroot Research commissioned by internet security specialist Webroot has revealed that 37% of social networkers have blocked search engines from showing their profiles to people they do not know.
31 March 2010 Trojans continue to top malware list New research conducted by Panda Security shows that 61% of new threats created in the first quarter of 2010 were trojans.
30 March 2010 Malware lifespan continues to shorten, says Blue Coat Malware adaptation rates are getting faster, according to a report from Blue Coat Systems. The average lifespan of malware dropped to two hours last year, from up to seven hours in 2007, it said, adding that this has had a significant effect on the effectiveness of software patches.
30 March 2010 Apple releases massive round of OS X patches Apple issued an update to its Leopard and Snow Leopard systems yesterday, comprising numerous security, functionality and compatability fixes.
30 March 2010 Record season for tax, IRS phishing scams Data from McAfee show that the number of fake IRS domains is already at a record level when compared with last year’s numbers, as the security vendor warns last-minute filers not to fall prey to the various methods of identity and data theft that capitalize on tax season.
30 March 2010 Microsoft releases another out-of-band IE patch Microsoft has notified customers of an out-of-band patch to be issued on Tuesday. The patch is designed to rectify a zero-day vulnerability in Internet Explorer that enables remote code to be arbitrarily executed on a victim's system.
30 March 2010 Codenomicon releases network analysis tool Security software company Codenomicon has released a network analysis tool that lets administrators visualize network traffic.
30 March 2010 Weekly brief, March 29, 2010 Infosecurity covers the last week's news highlights
29 March 2010 Symantec reveals China and RAR files are a rising threat Research just released by Symantec claims to show that targeted attacks are on the rise, with email originating from China and RAR attachments being a major source of security problems.
26 March 2010 Mozilla issues early update to patch Firefox flaw A security researcher has uncovered a vulnerability in the latest version of the Firefox browser, prompting Mozilla to issue an update ahead of schedule.
25 March 2010 Man who hacked President Obama's Twitter account arrested The man behind some of the most famous Twitter hacking events, including breaking into the account of President Obama, has been arrested in France.
25 March 2010 Symantec intros web security monitoring service California's Symantec has taken the wraps off Web Security Monitoring (WSM), a new service for companies to check on their websites and ensure they are not being hacked, or perhaps worse, infecting their internet users.
25 March 2010 Strings.com intros extends tracker service to Twitter Washington state-based Strings.com has extended its just-launched web tracking service to include Twitter, the microblogging portal and internet service.
24 March 2010 Symantec reports on 10 riskiest US cities for electronic crime Realtors love to wave lists of the top cities in the US for crime, and tell you that your potential new home is not on the list, but what about the top 10 cities for electronic crime? Symantec has stepped up to the plate and come up with just such a list.
24 March 2010 Cybercriminals becoming more and more specialized says FBI If ever proof were needed that cybercriminals are using complex attack methodologies, it came from an unlikely source this week: the FBI.
24 March 2010 Google China redirecting search service to Hong Kong Numerous reports over the last few weeks pointed toward a complete withdrawal of Google’s search business in China, but the search giant has confounded expectations by simply redirecting its Google.cn site to a server in Hong Kong.
23 March 2010 eSoft unveils SiteFilter 3.0 for OEMs eSoft has taken the wraps off a major update to its secure web filtering service, Sitefilter 3.0, which is used as a 'white label' facility by a number of third-party organizations.
23 March 2010 New phishing scam hits Twitter Another phishing scam is reportedly hitting Twitter, the social networking site and service. This latest one involves private messages being exchanged between members of the microblogging service, which then attempt to extract users' IDs and passwords.
23 March 2010 McAfee unveils Cloud Secure program McAfee has taken the wraps off its Cloud Secure program, which seeks to allow the growing number of software-as-a-service (SaaS) providers with additional layers of security for their cloud deployments.
23 March 2010 Sophos identifies fake antivirus software targeting Windows 7 A security expert at Sophos has unveiled fake antivirus software targeting the new Windows 7 operating system.
23 March 2010 Google unveils website security tool Google has launched a security tool called skipfish, designed to help web developers scan their applications for vulnerabilities.
22 March 2010 Network Box changes pricing model Network Box USA has announced a change in the way that it sells unified threat management appliances. It is switching to a managed service model, and is no longer charging for its hardware.
22 March 2010 Facebook to establish digital trust fund in court settlement Facebook is to set up a non-profit foundation to promote and develop the online privacy movement under a legal settlement reached this week.
19 March 2010 Legislators attempt to moderate presidential power over internet US legislators have reworded a bill that would originally have given the president sole discretion over which networks can connect to the internet.
19 March 2010 Facebook phishing attack sweeps social network users An attack that scammed Facebook users into divulging their passwords was the sixth most popular piece of malware on the internet this week, according to McAfee.
18 March 2010 Disgruntled employee accused of remotely disabling over 100 cars You've heard about Apple potentially bricking iPhones, but that's small potatoes, compared to remotely disabling whole fleets of cars using centrally controlled computer systems. That's just what a 20-year-old employee for a Texas auto dealership is being accused of doing after he was laid off last month.
18 March 2010 Sunbelt upgrades Vipre, CounterSpy Sunbelt Software has updated its products on all fronts, refreshing its anti-malware and anti-spyware software lines, in addition to its central control tools.
17 March 2010 FCC presents National Broadband Plan to lawmakers The Federal Communications Commission unveiled its new National Broadband Plan to the public yesterday, and shortly thereafter submitted its recommendations to the US Congress.
17 March 2010 Kaspersky gets into password management business Kaspersky has launched a one-click password manager designed to help users protect and maintain strong passwords across the online services that they use.
16 March 2010 Trend Micro upgrades hosted email security service Trend Micro has updated its hosted email security service with a range of new features targeting both small and large customers.
16 March 2010 Apple rolls out updated Safari browser Apple has issued version 4.0.5 of its Safari web browser – for both Mac OS X and Windows – with 16 security updates.
16 March 2010 Weekly brief, March 16, 2009 Infosecurity rounds up the week's security news.
16 March 2010 Google on the cusp of pulling search business from China The ongoing saga between Google and the Chinese government appears to have reached a tipping point, as a recent report indicates the company may be withdrawing its search business from the world’s fastest growing internet market.
15 March 2010 US internet crime losses doubled last year Lawsuits from online crime more than doubled between 2008 and 2009, according to the latest figures released by the Internet Crime Complaint Center (IC3). The organization also received 22.3% more complaints about Internet crime in 2009, indicating that the average money lost in a single fraud case has increased.
15 March 2010 Solid-state disk drives crack passwords 100 times faster Researchers have used solid-state disk drives (SSDs) to crack passwords 100 times faster than using conventional hard drives.
15 March 2010 US is malicious server leader, says AVG The US plays host to the largest number of malicious web servers, according to a study released by anti-malware company AVG.
13 March 2010 Aetna boots data breach class action suit Health insurer Aetna has succeeded in having a class-action lawsuit over an alleged security breach dismissed.
12 March 2010 Facebook users subject to yet another malware attack Researchers from web security firm Websense warned Facebook users earlier today to refrain from clicking on URLs posted on the pages of some famous celebrities – or even people on their friend list – as links to alleged videos were actually portals to malware infection.
12 March 2010 Russian brides attempt to thaw the ice for winter spammers The latest monthly spam report shows that, regardless of the world economy, there is one item that is particularly hot this winter: Russian mail-order brides. This is according to newly released figures from McAfee.
11 March 2010 Provider takedown guts Zeus infrastructure Yet another botnet suffered severe losses to its functionality this week, in what appears to be a growing campaign among the white hat community to take down these virulent networks. Troyak-AS, which was the upstream provider for the six worst Zeus hosting ISPs, has been taken offline.
11 March 2010 Lack of precise definitions plagues cybersecurity legislation According to one security expert, anywhere from 14 to 35 pieces of legislation aiming to effect cybersecurity are in the works, depending on how one defines its role within the genre. These bills range from comprehensive to very focused, but, as some security experts claim, they all have common drawbacks.
10 March 2010 Twitter launches anti-phishing offensive Popular micro blogging site Twitter has launched a service designed to stop phishing scams from victimizing its users.
10 March 2010 RSA: IdentityFinder announces social networking ID theft product IdentityFinder, the identity theft prevention company, are set to offer protection for social networking sites later this year.
10 March 2010 Brocade: Half of network solutions only stop one in four network attacks Almost one in five participants at the RSA conference last week believe that their companies' security policies are being effectively enforced, according to figures released by data center fabric company Brocade. That said, at least half of them seem to be unhappy with their companies' security technology solutions.
10 March 2010 Weekly Brief, March 8, 2010 Infosecurity US rounds up the significant events from the last week.
08 March 2010 RSA rewind: National security heavyweights talk cybersecurity In what may have been the most star-studded event of last week’s RSA Conference in San Francisco, a panel of experts gathered during one keynote to discuss how governments can come together to combat cybersecurity threats without compromising individual liberties.
08 March 2010 Hot topic at RSA: The pitfalls and promise of social networking A unique panel session convened at the RSA Conference in San Francisco today to discuss the pros and cons of social networking on the job, specifically by the under-30 set.
02 March 2010 RSA: Schmidt announces transparent national US cybersecurity strategy Howard Schmidt, Cyber security advisor to President Obama, announced the revision of the classification guidance for the Comprehensive National Cybersecurity Initiative (or CNCI), during his keynote at RSA conference 2010 in San Francisco.
02 March 2010 RSA: Microsoft reveal plans for a safer internet In his keynote address at the RSA Conference 2010 in San Francisco, Scott Charney, corporate vice president of Microsoft’s Trustworthy Computing Group, outlined how Microsoft will apply its end to end trust vision to cloud computing.
02 March 2010 RSA: Securing cloud computing is industry responsibility says Art Coviello In his keynote at RSA 2010, San Francisco, RSA President Art Coviello spoke of the industry’s latest and greatest challenge: securing cloud computing.
02 March 2010 RSA: Check Point unveils secure USB drive technology Check Point Software Technologies has taken the wraps off a secure USB drive system. Known as Abra, the unit is designed to offer PC or Windows-based terminal users a secure virtualised workspace that is highly portable between machines.
02 March 2010 Time for cloud computing says Webroot CTO Gerhard Eschelbeck, CTO of Webroot, tells Infosecurity’s Eleanor Dallaway that “2010 is the right time to engage in cloud computing”, as they catch up in Silicon Valley.
01 March 2010 Mykonos to launch counter-hacker tool Web application security company Mykonos Software has launched an appliance designed to watch what hackers are doing and take counter measures to confuse and divert them.
26 February 2010 Microsoft topples Waledec botnet, for now The Waledec network is down – at least temporarily – thanks to an injunction sought by Microsoft and awarded by a federal judge, forcing registrars to shut down command-and-control domains.
26 February 2010 X-Force: Document vulnerabilities on the rise Adobe's PDF document format continued to take a bashing this week, after a report from IBM's X-Force security consulting arm singled out readers supporting the software company's de facto standard document format as a particular security worry.
26 February 2010 FTC warns organizations about data breach risks from P2P file sharing The Federal Trade Commission sent letters to nearly 100 organizations this week, warning them that customer and/or employee data are currently available on P2P networks according to its recent probe.
25 February 2010 Researchers identify anonymous users through web browser history and social networks Researchers have combined stolen web browser history data with membership of social networking groups to identify large numbers of users who would otherwise be anonymous, it was revealed this week.
25 February 2010 Comcast will transition to DNSSEC Following an 18-month testing period, giant US ISP Comcast has announced plans to transition to the DNSSEC secure DNS standard by the end of next year.
25 February 2010 Adobe fixes Adobe Download Manager flaw – by deleting the software Adobe has taken the easy option to fix the zero-day remote execution flaw discovered in its Adobe Download Manager last week. It advised users to simply delete the software so that it wouldn't come back again.
24 February 2010 Intel targeted by January cyberattack Intel was the target of a concerned cyberattack in January – around the same time that Google identified the Operation Aurora attack, according to a 10-K filing that the chip maker made to the SEC.
24 February 2010 Weekly brief February 22, 2009 Infosecurity rounds up some of the week's security news
23 February 2010 Pennsylvania school district hit by injunction, FBI investigation after web cam incident A federal judge has ordered a suburban Philadelphia school not to reactivate a security system that enabled it to monitor students in their homes without their knowledge. The judge made the emergency ruling after a student sued the school, alleging an invasion of privacy after someone at the school took a picture of him in his home.
22 February 2010 Fortify and HP attack hybrid web software testing market Fortify Software and HP have teamed up to release Hybrid 2.0, a tool designed to test web applications for security flaws.
22 February 2010 Adobe download manager row escalates with new vulnerability Adobe continued to fight fires on the security front last week, as a researcher discovered a second flaw in its Adobe Download Manager software tool.
22 February 2010 School linked to Operation Aurora attack is tied indirectly to hacktivist group Two schools in China have been linked to the Operation Aurora attack that targeted Google and other companies last year – and one of them has been tied to a national network of hacktivist groups.
19 February 2010 PleaseRobMe gathers web 2.0 data to make a point A playful new website is trying to raise awareness about personal and home security issues online. PleaseRobMe gathers location information from web 2.0 websites that geotag content for mobile users, presenting them as a list of users who are not at home.
18 February 2010 Zeus gang hits 75 000 computers The same criminal gang that targeted government and military computers with its malware has also infected 75 000 computers in almost 200 countries with a virulent strain of the banking trojan, according to research from network monitoring company NetWitness.
18 February 2010 Spam, shortened URLs, and software vulnerabilities highlight latest security threat report Rebounding spam traffic, increased use of shortened URLs to deliver malicious payloads, and continued vulnerabilities among some of the most popular software applications were among the most serious security threats over the last six months 2009 according to data from M86 Security.
18 February 2010 US loses cyberwarfare game A simulated cyber attack has shown once again that the US is unprepared for cyberwarfare, a year after the federal government conducted an extensive review of its cyber security stance.
18 February 2010 Hotmail outage leads to contaminated search results Yesterday’s outage of Windows Live caused a disruption in the web-based Hotmail email service. This presented a golden opportunity for online crooks to poison search results related to the incident.
17 February 2010 Comodo unveils Chromium-based browser Internet security software and whitelisting firm Comodo has unveiled a secure browser designed to compete with Google's Chrome.
16 February 2010 Symantec to unveil data indexing technology At the RSA security show next month, Symantec will unveil a data indexing technology designed to identify the owners of files by querying enterprise storage systems. Called Data Insight, the product will have multiple applications, including cost reduction, data leakage prevention, and even IT forensics.
16 February 2010 Weekly brief February 16, 2009 Infosecurity covers the news that didn't make it into our top stories last week.
16 February 2010 Military and intelligence personnel targeted again by Zeus trojan Some rather industrious spammers have targeted military and intelligence employees for the second time in a week. But this time they used the pretense of the previous attack in an attempt to deliver the Zeus trojan.
15 February 2010 Google Buzz attacked for privacy violation Google was fighting security, privacy, and censorship issues this week following the launch of Buzz, its social networking service. As Iran reportedly shut down Gmail, others reported that the service was revealing who Buzz users had the most contact with, leading to potential personal security issues.
12 February 2010 Warnings issued for Valentine’s spam and malware As is often the case around major holidays, especially those where giving gifts seems compulsory, most major security vendors are warning about scam emails focused on Valentine’s Day.
11 February 2010 Pump-and-dump hacker pleads guilty An Indian resident has pleaded guilty to conspiracy and aggravated identity theft after engineering an international fraud scheme to hack online brokerage accounts in the US.
11 February 2010 Nigerian government uses music in cybercrime fight The Nigerian Government is working with Microsoft on a public awareness program that uses music to fight cybercrime in the country.
11 February 2010 Three botnets responsible for half of all computer infections Fewer botnets are becoming responsible for more infected machines, according to a report from McAfee.
11 February 2010 SpyEye continues battle of the botnets Researchers have identified another example of a botnet that attempts to neutralize other botnet software. Peter Coogan, a researcher at Symantec, noticed a crimeware toolkit from Russia called SpyEye, which appears to neutralize the competing Zeus crimeware kit.
11 February 2010 Government employees targeted by Zeus trojan Defense and intelligence agencies in the US and UK were among the intended targets of a Zeus trojan campaign, according to findings by Websense.
10 February 2010 Identity fraud soars in US as criminals get more sophisticated Identity fraud in the United States has risen to an all time high, according to a report from Javelin Strategy and Research. The 2010 Identity Fraud Survey Report reveals that the number of identity fraud victims in the country has risen by the highest amount in a single year since the survey started seven years ago.
10 February 2010 Stakkato to be tried in Sweden for Cisco hack The US Government has handed over responsibility for the trial of a young hacker accused of stealing Cisco source code to Sweden, his home country.
10 February 2010 Penn State researchers hinder worm propagation Researchers at Penn State University have devised an algorithm designed to slow down the kind of rapidly-spreading network worm that can infect large portions of the internet quickly.
08 February 2010 Research shows China was the internet’s largest malware source in January A report from security vendor Kaspersky Lab shows that malware originating from China topped its monthly report of digital pollution providers, broken down by country of origin, for January 2010.
08 February 2010 Weekly Brief, February 8, 2009 Infosecurity rounds up the week's news
08 February 2010 Infosecurity virtual conference on end point security offers a range of expert viewpoints Infosecurity is pleased to report that a prestigious array of presenters have been lined up for the latest virtual conference, due to take place on February 25.
05 February 2010 Post reports on partnership between Google and the NSA to prevent cyberattacks An article in today’s Washington Post uncovers a somewhat hush-hush collaboration between Google and the National Security Agency in an effort to prevent future cyberattacks.
04 February 2010 US named country with most malware Information security and data protection vendor Sophos has released a list of the top 10 countries hosting malware. The report reveals that websites in the US are accountable for hosting 37.4% of malware worldwide.
04 February 2010 US ill-equipped to cope with mounting cyberattack threat The US is at risk of a crippling cyberattack and is currently unable to defend itself adequately, according to testimony given before Congress yesterday.
04 February 2010 New Internet Explorer bug allows personal information to be stolen Microsoft has discovered another flaw in Internet Explorer. The latest vulnerability could allow attackers to harvest any files from a victim's hard drive.
04 February 2010 Researchers develop way to catch online gaming cheats Researchers have formulated a way to identify cheating in online games in a discovery that could revolutionize the growing market for virtual gaming assets.
03 February 2010 Internet Explorer 8 reaches top browser spot Internet Explorer 8 is now the world's most-used browser, according to the latest figures from Network Applications.
03 February 2010 Weekly brief February 2, 2010 Infosecurity rounds up the week's news
02 February 2010 US House websites hacked after state of the union Websites for 49 members of the US House of Representatives were hacked shortly after President Obama’s State of the Union address last Wednesday night. The attacks appear to have been carried out by the Red Eye Crew according to researchers at security consultant Praetorian Security Group.
01 February 2010 Google and Neustar propose security fix for DNS geolocation technology Google and DNS provider Neustar have jointly proposed an extension to the DNS protocol that would fix many of its security problems.
01 February 2010 EFF launches web browser entropy tool A new tool released by privacy advocacy group EFF is designed to help users find out how identifiable their web browsers are online.
01 February 2010 Facebook users plagued by rogue application Facebook was plagued by security and privacy issues both real and imagined in the last week, as a real-life worm battled with an imaginary one in a competition to see which could petrify the service's users the most.
29 January 2010 Google Chrome web browser gets more security features Google Chrome, the internet browser launched in late 2008, has been enhanced with a selection of new security features designed to make it harder for malware writers to infect client machines.
29 January 2010 iPhone cracker repeats exploit on Playstation 3 George Hotz, the first iPhone cracker – and who reportedly spent more than 500 hours developing the first jailbreak application for the Apple's iPhone back in 2007 – has apparently cracked the Sony Playstation 3.
29 January 2010 Oil and gas companies hit hardest by cyberwarfare The oil and gas sector has been the hardest hit by stealthy infiltration, according to a report from the Center for Strategic and International Studies (CSIS). The sector was hit by stealth attacks 17% more than the cross-sector average, with almost three oil companies in four having had hackers fly under their radar.
28 January 2010 PlainsCapital bank sues customer in liability over account security A legal case filed by a bank against a customer in the US promises to test the liability of customers in the event of security breaches. Dallas, Texas-based PlainsCapital bank is suing a business customer, Hillary Machinery, for not taking adequate measures to protect its banking details.
28 January 2010 All is not OK in Oklahoma: State tax website victim of hack The website of the Oklahoma Tax Commission was the apparent victim of a hack yesterday, one in which visitors to the website were prompted to accept an Adobe license agreement and download software. The hack could not come a worse time for the Commission, whose site is undoubtedly experiencing an uptick in visitors as tax season approaches.
28 January 2010 Software and application evaluator WhatApp nears public release This spring, a project under development to help assess the security and privacy of software applications will go public. WhatApp, an online resource where experts and the public alike can rate applications based on how well-behaved they are, will help consumers to exercise their privacy rights, said its project manager.
28 January 2010 Security and malware threats to Mac and Apple products are on the rise An annual report from security software provider Intego acknowledges it was a busy year for security threats to Apple devices, including the Mac OS X and iPhones. And while the Mac OS may be a less frequent target of malware authors, security threats to Apple products are proliferating as these devices land in the hands of more and more users.
27 January 2010 US oil companies hacked; report links attack to sources within China Reports in the Christian Science Monitor suggest that at least three large US oil companies have been the victims of targeted attacks. The custom-made spyware used in the attack appears to have sent the information to China, at least in one case.
26 January 2010 Healthcare hacks on the rise Attempts to hack healthcare organizations doubled in the fourth quarter of last year, according to Atlanta-based managed security firm SecureWorks, setting the sector aside from others.
26 January 2010 Technology site TechCrunch hacked Technology pundit site TechCrunch was victim of a hack over the weekend by attackers who defaced it, just days before Apple's release of its tablet device – arguably the most anticipated product in recent history.
26 January 2010 Mixed predictions on anticipated IT spending for 2010 Recent reports indicate that IT spending is set to increase in 2010. This comes on the heels of 2009, which saw negative IT spending growth worldwide and may have been the worst year on record for IT spending.
26 January 2010 2010 Virtual Conference on Endpoint Security - Beyond the Perimeter - Full conference programme revealed Infosecurity US magazine is excited to announce the 2010 virtual conference on endpoint security, to be held on February 25, 2010. This one-day event brings a series of topical keynote sessions direct to your computer, giving you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world.
26 January 2010 Kaspersky inadvertently blocks Google ads Kaspersky provoked a flurry of complaints from irate users after its anti-malware tool began blocking sites with Google advertisements yesterday.
25 January 2010 Weekly brief, January 25, 2010 Infosecurity rounds up the week's news
25 January 2010 Economy forces down prices for dodgy Viagra Prices for male impotency drugs sold by spammers aren't as stiff as they once were, according to a new report from Messagelabs. The asking price for 'little blue pills' have softened up, as the economy has lost its staying power.
25 January 2010 Prank malware spreads across internet Anti-virus company ESET has discovered what it thinks is a prank gone wrong. The company suspects that Win32/Zimuse, which has swept the US, was originally intended as a localized malware attack against a group of Slovakian bikers.
22 January 2010 More details emerge on Hydraq trojan Hydraq, the trojan delivered by the Operation Aurora attackers, uses VNC techniques to stream live video from victims' machines, said Symantec in an analysis of the malware.
22 January 2010 Websense protects Facebook users against malware Websense has relaunched a spam protection service with a new feature set that protects Facebook users against malware.
21 January 2010 Microsoft, Marlinspike threaten Google data gathering policy Google faced challenges to its search engine's data gathering policy this week from two sides. Microsoft bettered the search engine giant by revising its own search privacy policy, while security researcher Moxie Marlinspike delivered a service that allows users to bypass Google's data gathering procedures altogether.
21 January 2010 RockYou users display poor password skills Social media site RockYou may be the subject of a lawsuit from disgruntled customers after it allowed 32 million of their accounts to be compromised, but new data suggest that many of its users are equally unsavvy when it comes to security, especially password security.
21 January 2010 Further evidence links Aurora attack to China Further evidence has emerged suggesting that the Operation Aurora attack exploiting a zero-day flaw in Internet Explorer came from within the People's Republic of China.
21 January 2010 Internet Explorer zero-day vulnerability spreads to Microsoft Office as fixes surface Microsoft has scheduled an out-of-band patch for the zero-day vulnerability in Internet Explorer, just as other fixes for the problem began to surface. The company has also admitted for the first time that t