A 23-year-old Slovenian man – thought to be the author and creator of the infamous Mariposa (butterfly) botnet – has been arrested by Slovenian police, working in concert with their colleagues from Spain and a team from the FBI. 28 July 2010
Cyber criminals are using a new type of distributed denial of service (DDoS) attack that is more powerful and elusive than any predecessors, says security firm Imperva. 12 May 2010
A North Carolina man has been accused of trying to hack into an automated teller machine and change its password, according to a complaint filed by the FBI. 06 May 2010
David Kernell, the college student who hacked into former Alaska governor and vice presidential candidate Sarah Palin's email account, has been convicted by a federal jury, and faces up to 21 years in jail. 05 May 2010
A network worm is spreading through Yahoo Instant Messenger, and has aggressively infected systems globally, according to security vendors. 05 May 2010
Security researchers have identified a new version of the Storm worm that plagued the internet three years ago. The new version uses HTTP for command-and-control purposes instead of the original peer-to-peer approach, say reports. 28 April 2010
The National Security Agency is holding the latest in a series of annual cyber defense 'boot camps' designed to test the skills of its staff. For the first time, the NSA is including a 'grey' user in its team, to simulate an uneducated user who clicks on all of the links sent to them, regardless of how suspicious they are. 26 April 2010
Rapid7 has introduced a new version of its Metasploit penetration testing tool designed for organizations with limited time and budget. 23 April 2010
A Google insider has revealed that the losses incurred by cyber attacks on the firm, disclosed in January, included a password system that controls access to almost all Google web services. 20 April 2010
A Websense researcher has released a forensics tool designed to identify malicious web content from within the Firefox browser. Called Fireshark, the plug-in was released on Wednesday at the Black Hat security conference by Stephan Chenette, a principal security researcher at Websense. 15 April 2010
The website for the open source Apache Web server at Apache.org was compromised this month by a targeted attack, said the Apache Software Foundation, which has provided a detailed blow-by-blow account of the hack. 15 April 2010
Infosecurity reviews the week's security news 13 April 2010
EviGator has released TAG Examiner, a tool for examining large quantities of image files to recover metadata. 12 April 2010
The Chinese government is strongly denying any involvement with a cyber-espionage network that was discovered by Canadian researchers and unveiled in a report this week. 09 April 2010
Kaspersky has successfully patented technology that enables analysts to trace the activity of software code without infringing upon intellectual property. 09 April 2010
Content watermarking firm Civolution has signed an expanded long-term agreement with online music database firm Gracenote to jointly market an audio and video content identification platform that lets content owners and service providers filter and monitor content. 08 April 2010
More than seven in ten IT executives have no idea what files are moving out of their organizatiocns, according to a survey conducted at the RSA onference by Ipswitch earlier this month. 30 March 2010
Security software company Codenomicon has released a network analysis tool that lets administrators visualize network traffic. 30 March 2010
Google has launched a security tool called skipfish, designed to help web developers scan their applications for vulnerabilities. 22 March 2010
You've heard about Apple potentially bricking iPhones, but that's small potatoes, compared to remotely disabling whole fleets of cars using centrally controlled computer systems. That's just what a 20-year-old employee for a Texas auto dealership is being accused of doing after he was laid off last month. 18 March 2010
Ipswitch has launched the WhatsUp Event Log Management Suite, including its newly acquired WhatsUp Event Rover 3.0, two tools that it hopes will make it easier for customers to manage their networks by logging security events, while protecting files for forensic investigations. 17 March 2010
DVD rental company Netflix has quietly cancelled a sequel to its Netflix Prize, a contest to enhance its movie recommendation technology using anonymous user data. 16 March 2010
The St. Louis Metropolitan Police Department is investigating a cyber attack that may have compromised the information of 24 people. 16 March 2010
Researchers have used solid-state disk drives (SSDs) to crack passwords 100 times faster than using conventional hard drives. 15 March 2010
The US plays host to the largest number of malicious web servers, according to a study released by anti-malware company AVG. 13 March 2010
Yet another botnet suffered severe losses to its functionality this week, in what appears to be a growing campaign among the white hat community to take down these virulent networks. Troyak-AS, which was the upstream provider for the six worst Zeus hosting ISPs, has been taken offline. 11 March 2010
Infosecurity US rounds up the significant events from the last week. 08 March 2010
Active network forensics company Solera Networks announced its partnership with EMC at RSA Conference 2010 on March 2 in San Francisco. 03 March 2010
In his keynote address at the RSA Conference 2010 in San Francisco, Scott Charney, corporate vice president of Microsoft’s Trustworthy Computing Group, outlined how Microsoft will apply its end to end trust vision to cloud computing. 02 March 2010
Qualys has become the first on-demand network and site vulnerability company to launch a free malware detection service, designed to protect websites from malicious activities and stop visitors from being infected by malware. 01 March 2010
Researchers have combined stolen web browser history data with membership of social networking groups to identify large numbers of users who would otherwise be anonymous, it was revealed this week. 25 February 2010
Intel was the target of a concerned cyberattack in January – around the same time that Google identified the Operation Aurora attack, according to a 10-K filing that the chip maker made to the SEC. 24 February 2010
A Nevada man had his appeal of a child pornography conviction denied last week by the 9th Circuit Court in San Francisco. The defendant, Charles A. Borowy, claimed that his fourth amendment right prohibiting unlawful search and seizure was violated by an FBI agent who downloaded and viewed files from the man’s computer using the LimeWire P2P service. 23 February 2010
At the RSA security show next month, Symantec will unveil a data indexing technology designed to identify the owners of files by querying enterprise storage systems. Called Data Insight, the product will have multiple applications, including cost reduction, data leakage prevention, and even IT forensics. 16 February 2010
Moscow-based password cracking software company ElcomSoft has released a password breaker for iPhone backups. 05 February 2010
Infosecurity US magazine is excited to announce the 2010 virtual conference on endpoint security, to be held on February 25, 2010. This one-day event brings a series of topical keynote sessions direct to your computer, giving you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world. 26 January 2010
Hydraq, the trojan delivered by the Operation Aurora attackers, uses VNC techniques to stream live video from victims' machines, said Symantec in an analysis of the malware. 22 January 2010
Suffolk County National Bank received a nasty Christmas present on December 24th after discovering a hack that saw over 8,000 customers' accounts compromised. The breach is estimated to have cost $351 000, it warned investors. 13 January 2010
Infosecurity magazine reviews the past week`s information security news. 07 December 2009
The federal government is tightening up hiring policies for cybersecurity professionals by launching cybersecurity competency models for its employees. 02 December 2009
Spam king Alan Ralsky was sentenced to four years in jail this week, for pump-and-dump stock spamming. Nine other spammers were also sent to jail for the same crime. 25 November 2009
Infosecurity rounds up this week's information security news. 16 November 2009
Security and PCI compliance tools vendor Trustwave has launched an Incident Readiness Service to prepare and help protect organizations from security incidents, and help test incident response plans. 13 November 2009
Spam sent by the Mega-D botnet has almost entirely disappeared, after US-based anti-malware appliance firm FireEye took it down. 13 November 2009
The US Federal Bureau of Investigation (FBI) and the UK Serious Organised Crime Agency (Soca) have called for greater collaboration with the IT security industry in fighting cybercrime. 26 October 2009
Deviousness, Defenses, and Disappointments - read all about the week's security news in our weekly brief. 05 October 2009
As the recession continues to chew into budgets, and cybercriminals see increased opportunity for looting, CISOs need to ensure that their information security defences remain strong but affordable. Find out more for free! 07 September 2009
In this week’s information security news: Trojan eavesdrops on Skype; Snow Leopard only recognizes two Trojans; private messages are sent to wrong recipients; search warrants are needed for digital data; and more… 01 September 2009
The programme for Infosecurity Magazine’s Virtual Conference on Information Security 2009 is now available with an exciting line-up of speakers from the IT security industry. 03 August 2009
Techniques, Tools, Concerns, Crimes, and Crashes 05 July 2009
Danny Bradbury documents Tools, Twitter, Law, Hacked, Patched, and the Totally Whacked this week. 22 June 2009
Vision Solution’s explores the data protection, recovery and optimization technologies and strategies for running AIX and IBM i (i5/OS) environments in its white paper State of Resilience & Optimization on IBM Power Systems. 16 June 2009
LockLizard explores the pitfalls of PDF security in its white paper 10 Things You Really Wished You Had Known About PDF Security. 09 June 2009
Splunk, the vendor who calls itself “the google for data centres” are seeing an increase in sales due to the high crime that comes hand in hand with an economic downturn. 06 May 2009
It's not often that firms supplying specialist network forensics technology to US government agencies are allowed to supply their systems software to civilian companies, especially outside of the United States, but Utah-based Solera Networks has achieved this. 01 May 2009
Endpoint security company Lumension teamed up with Microsoft at the RSA show to launch a software whitelisting service. The move, which sees the companies sharing information about legitimate software applications, lends increasing credence to the idea that blacklisting malicious software by signature is becoming less tenable as the number of malware variants increases. 22 April 2009
Government, Twitter, Tools and the law. 20 April 2009
Powerpoint, Porn and Twitter 14 April 2009
Infosecurity magazine are now on Twitter. Please ‘follow’ us to receive our latest news, views and industry comments. 08 April 2009
Bugs, browsers, bureaucracy, backtracks and busts. 23 March 2009
Arrests A Chinese official has reportedly been arrested for taking backhanders to help one local anti-virus company disrupt the business of another. Yu Bing, director of the internet monitoring department of Beijing’s Public Security Bureau, allegedly took 4.5m Yuan ($657,000) to frame executives at antivirus company Micropoint and stop its products reaching the market. The money was said to have come from antivirus firm Rising, according to reports. 02 March 2009
Karen Todner, solicitor for NASA hacker Gary McKinnon has issued a statement disclosing that the Office of the Director of Public Prosecutions (DPP) “do not consider that they have sufficient evidence before them to prosecute Mr McKinnon in the United Kingdom.” 27 February 2009
Payment processing company Heartland Payment Systems was red-faced last week after the disclosure of a data breach that took place in 2008. 26 January 2009
'NASA hacker' Gary McKinnon has won permission from the High Court to apply for a judicial review against his extradition to the United States. 23 January 2009
According to his lawyer, Karen Todner, Gary McKinnon, who may be facing extradition after confessing to hacking into US military computers, was told yesterday that the UK High Court would delay his hearing until the director for public prosecutions had considered the case following McKinnon's diagnosis with Asperger's syndrome; a procedure which is expected to take four weeks. 21 January 2009
At the time of writing, the NASA hacker Gary McKinnon, who reportedly perpetrated the biggest military hack on record, was awaiting a decision from the Crown Prosecution Service on whether a recent signed confession, along with his diagnosis with Asperger’s syndrome, would help him to avoid extradition to the US and a potential 70 year prison sentence. 16 January 2009
Gary McKinnon, the notorious ‘NASA hacker’ has signed a confession relating to a charge under the Misuse of Computers Act in an attempt to remain in the UK. 12 January 2009
Email Address
Password
Forgotten login?