Rather than consulting a crystal ball, the Information Security Forum (ISF) looked to experts in the field – including those from its member organizations – to develop a set of security risk predictions for 2012 and beyond. 29 July 2010
A 23-year-old Slovenian man – thought to be the author and creator of the infamous Mariposa (butterfly) botnet – has been arrested by Slovenian police, working in concert with their colleagues from Spain and a team from the FBI. 28 July 2010
Business needs to be more proactive in its approach to security in the face of increased insider threats and customized malware, says Verizon Business. 28 July 2010
If you use e-banking with HSBC, NatWest, RBS, Santander and a growing number of other European and US banks, chances are you'll have been asked to download and install a free copy of Trusteer's Rapport security add-in to your browser. 28 July 2010
A recent study conducted by the Ponemon Institute reveals that, on average, cyber crime costs organizations in the US about $3.8 million per year. 27 July 2010
The increasing automation of online frauds has been extended into the field of fraud effectiveness checks, as virus authors and botmasters are said to be using automated tools to verify the effectiveness of their fraudulent activities. 27 July 2010
Research just published claims to show that, after six months generating vast quantities of spam, the Rustock spambot shows no signs of fading away. 26 July 2010
The back and forth between Google and Microsoft over security vulnerability disclosure has Google calling for a 60-day time frame to patch bugs, while Microsoft has shifted its focus by unveiling what it calls a ‘coordinated vulnerability disclosure’ process. 23 July 2010
Microsoft produced record fourth quarter sales of $16.04bn, 22% up on the same quarter 2009, as demand for PCs running its new operating system, Windows 7, improved worldwide. 23 July 2010
It has been a busy acquisition season in the security sector thus far, with few companies being more active in this sphere than IBM. Members of the IBM security team spoke with Infosecurity about their views on the future of security and the firm’s strategy going forward. 22 July 2010
Security firm McAfee has released two security products for Apple Macs. 22 July 2010
It seems that Dell is giving some users of its PowerEdge 410 servers an unwanted value-add in the shape of malware that comes pre-installed on the system motherboard. 22 July 2010
Research carried out by Sophos claims to show that the zero-day flaw identified by a number of security vendors late last week is being exploited by a new variant of the Stuxnet malware. 22 July 2010
Today Adobe announced a new security feature to the next major release of its popular Reader software the takes advantage of sandboxing technology, whereby the company hopes to implement another security hurdle for malicious-minded attackers. 20 July 2010
Research complied through the Google Postini email security and archiving service shows that obfuscated JavaScript attacks have surged as of late, prompting the team to take steps that identify and filter out this type of spam. 20 July 2010
Spam origination research just released claims that the US hit the top slot in the second quarter of 2010, and the UK rose to number four – from number nine in the last quarter. 20 July 2010
Cloud security specialist Qualys has launched an interactive and online web browser checking service. Known as BrowserCheck, the service has been in development for almost 18 months and under active beta test internally for some three months, Wolfgang Kandek, Qualys' chief technology officer told Infosecurity. 19 July 2010
The latest report from M86 Security, a company specializing in real-time web and e-mail threat protection, has found hackers are using multiple attacks to get around IT security. 15 July 2010
Hard on the heels of a raft of WinXP patches and updates on Tuesday of this week, it seems that a nasty USB-based zero-day flaw is hitting users of the popular operating system. 15 July 2010
Trusteer recently warned that the Zeus (Zbot) financial malware is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs – Verified by Visa and MasterCard SecureCode. 14 July 2010
Researchers from Symantec claim to have seen a back door trojan, Trojan.Sasfis, which is being actively promoted under headings such as Amazon_Tracking_Number and iTunes_certificate. 14 July 2010
Cary, N.C.-based firm GFI Software has acquired Sunbelt Software and, primarily, its VIPRE endpoint malware protection product. 13 July 2010
Barracuda Networks has warned internet surfers to be wary of fake Adobe flash updates, after it uncovered a number of compromised sites in the wild which present unwary visitors with an official-looking Adobe Flash update page. 09 July 2010
The June malware charts from Sunbelt Software show that Conficker has surfaced once again as a security threat, largely as a result of internet users visiting untrusted sites looking for World Cup video streams, says the IT security specialist. 07 July 2010
New botnet malware is attacking Nokia, Samsung and Sony Ericsson smartphones running Symbian operating systems, mobile security firm NetQin has warned. 07 July 2010
Microsoft has announced that an unpatched flaw in Windows XP and Server 2003 – which it routinely alerted users about in the middle of last month – is being actively exploited by hackers in the wild. 06 July 2010
Hacker groups hit several top websites on US Independence Day, but it remains unclear if the malicious efforts were co-ordinated or not, according to US reports. 05 July 2010
Reports have been coming in overnight that a growing number of iTunes' accounts have been hacked, with unauthorised charges appearing on user accounts, as well as a 'take-over' of a number of apps on the iTunes store apparently by a Vietnamese software developer. 05 July 2010
Danish security tracking company Secunia has reported that around half of third-party software applications are failing to use two key Windows security features developed by Microsoft. 02 July 2010
Kaspersky Lab has patented technology in the US which it claims allows the potential scale of malware epidemics to be predicted accurately to stop them from spreading. 02 July 2010
As reported yesterday by Infosecurity, IBM has announced it has agreed to buy BigFix, the Emeryville, California-based corporate software policy control software vendor for an undisclosed sum. 02 July 2010
The latest monthly threat landscape report from IT security vendor Fortinet asserts that obfuscated Javascript attacks are starting to hit internet users again. 01 July 2010
IBM today announced it has entered into an agreement to acquire BigFix, Inc., a privately-held company based in Emeryville, California. 01 July 2010
Results of a recent online behavior survey commissioned by McAfee give rise to concern if you are the parent of a teenager. 30 June 2010
Kaspersky Lab has developed an iPhone app that keeps tech-savvy users up to date with all the latest developments in the technology risk stakes. 30 June 2010
The end-of-May state of spam report from Kaspersky Lab claims that the US maintained its position as the prime distributor of spam – despite a decrease of 2.4% compared to March's figure. 28 June 2010
Cybercriminals are branching out into new areas and, says Orla Cox, security operations manager with Symantec, one of the latest diverse scams involves a 'company' called Online PC Doctors, who initiate the cybercrime by telephoning the victim directly to advise the computer users they have a 'virus' and offer to fix it for a fee. 25 June 2010
Researchers from PandaLabs have unveiled a successful malware infection on a jailbroken iPad that is identical to one previously revealed for the iPhone. 23 June 2010
Mobile malware has been bubbling along in the background of the security world for the last few years but, according to Denis Maslennikov, Kaspersky Lab's mobile research group manager, the rise in smartphone sales is triggering a surge in mobile malware amongst cybercriminals. 21 June 2010
A couple of anti-virus vendors have identified a malware protection update in the recently released Mac OS X 10.6.4 update. But, as one security consultant notes, Apple failed to mention this in the release notes and security advisory. 18 June 2010
After observing the IT security arena for around 20 years, Luis Corrons, Panda Security's technical director, has come to a simple conclusion – you can't trust the internet and, as a result, users should always be distrustful of everything they see on the web. 18 June 2010
Rik Ferguson, senior security advisor with Trend Micro, has uncovered a potentially serious Javascript security attack on users of the Twitter microblogging service. 17 June 2010
Businesses running Windows XP SP2 have been hit by a double-whammy this week. 16 June 2010
We are pleased to announce the addition of Geoff Webb to our list of contributors currently blogging for Infosecurity. 15 June 2010
The company, known primarily for its free anti-virus software, has now ventured into a new area of personal computing protection by offering its AVG LinkScanner to Mac users. 15 June 2010
Sophos has released a free app for the iPhone that is said to allow users to stay on top of latest threats, news and malware information in the IT security-sphere. 15 June 2010
The Conficker worm continues to be a threat and businesses need to be aware of two vulnerabilities it may have introduced to their IT systems, says an industry group set up to combat the malware. 14 June 2010
Some rather amusing news comes our way today courtesy of Symantec, and it does not bode well for the creative prowess of spammers. It appears that one of May’s hottest spam trends was blank email subject lines according to the company’s latest “State of Spam & Phishing” report. 11 June 2010
Adobe has quietly fixed the 'critical' security flaw affecting its Flash and Reader software that it revealed earlier this week. The issue has been fixed in an urgent patch folded in with a raft of updates that are claimed to solve 32 documented problems with Adobe's software. 11 June 2010
An independent security researcher has published exploit code for a zero-day vulnerability in Windows XP and Windows 2003. 10 June 2010
Taking advantage of recent hot topics like the NBA Playoffs and the BP gulf oil spill, cybercriminals are capitalizing on the YouTube brand to infect user machines with malware. 09 June 2010
Reports from Japan are coming in that Olympus has been shipping one of its digital cameras – the Stylus Tough 6010 – with a virus infection on the unit's internal memory card. 09 June 2010
Nearly half of all information security threats came from Adobe application exploits over the first quarter of 2010 according to the most recent quarterly analysis from security vendor Kaspersky. 07 June 2010
The latest monthly statistics on security threats from Sunbelt Software claim there has been a significant increase in Trojan activity, as well as malware designed to channel fake anti-virus products onto a user's machine. 04 June 2010
This week the Pennsylvania State University sent data breach notification letters to 15 806 individuals who at one time had their personal information, including Social Security numbers, stored in a university database. 03 June 2010
Research just published shows that 83% of IT professionals consider commercial software to be riddled with security flaws and, as a result, they are making heavy investments in penetration and code testing of their IT resources. 03 June 2010
Earlier this week, Google announced that its staff will require special permission to install Microsoft operating systems and software on their computers. According to one security expert, however, Google could be raising, rather than reducing its security risk profile. 03 June 2010
Wolfgang Kandek, the chief technology officer of Qualys, has warned Windows XP users that Microsoft's technical support for service pack 2 (SP2) of the popular operating system will cease on July 13. As a result of this, he advises users to install XP SP3 or upgrade to Windows 7. 02 June 2010
Spam relating to the FIFA 2010 World Cup has soared by about 27% according to security firm, Symantec. 02 June 2010
It may have been Memorial Day weekend in the US, but it seems that Facebook hackers have been out in force, harvesting user credentials using a clickjacking worm that encourages users to click on what appears to be an attractive link. 01 June 2010
A Cincinnati area resident will face charges for aiding an international fake anti-virus scheme. Also indicted were two foreign-based co-conspirators. 01 June 2010
Google is moving away from the Microsoft Windows operating system in favor of the Apple Mac OS and open source Linux because of security concerns after its Chinese operations were hacked in late 2009. 01 June 2010
Yesterday Apple became the world's biggest IT company by market value, eclipsing Microsoft for the first time since 1989, and even Google. 27 May 2010
Aza Raskin, a well-known US interface design expert and creative lead on Mozilla's Firefox browser software, has revealed a new type of phishing attack known as `tab napping.' 27 May 2010
Veteran IT security vendor McAfee has announced plans to acquire privately-held Trust Digital, a mobile management and security software specialist. Terms of the deal have not been revealed. 26 May 2010
In what can best be described as an embarrassing situation, IBM apparently distributed USB sticks infected with malware at last week’s Australian Computer Emergency Response Team (AusCERT) conference. 25 May 2010
There's nothing like the final episode in a TV series to bring out people on the Net looking for early copies of the cliffhanger, and 'Lost' looks to be no exception. Unfortunately, PandaLabs reports users' searches are being hijacked to get them to install fake anti-virus software. 20 May 2010
Security software group Symantec is to acquire VeriSign's identity and authentication business in a $1.28bn cash deal. 20 May 2010
Microsoft has issued a security advisory for a canonical display driver (cdd.dll) vulnerability affecting Windows 7 and Windows Server 2008 R2. 19 May 2010
The latest quarterly threat analysis from McAfee shows that, although fewer new threats were reported in the first quarter of 2010, cybercriminals are becoming a lot more inventive as they try and extract revenue from an increasingly security-savvy internet user-base. 18 May 2010
Research just released claims to show that the Avalanche electronic crime syndicate, employing advanced malware, was responsible for two-thirds of all the phishing attacks detected in the second half of 2009. 13 May 2010
Cybercriminals are using Google Groups to distribute rogue anti-virus software and other malware, according to researchers at security firm eSoft. 13 May 2010
Security vendors – including Websense and Sophos – have sent up a red flag about suspect emails targeting human resources staff. The messages apparently contain zip files that, when opened, infect users’ PCs with rouge anti-virus. 12 May 2010
A researcher originally blocked from giving a talk about security in ATMs will go ahead and make his presentation at the Black Hat USA conference this year. 07 May 2010
David Harley of anti-virus vendor ESET recently examined black hat exploits of Apple products and Mac platforms. Despite a commonly held perception that the company’s products are inherently safer from a security perspective, according to Harley, they are hardly the “safe haven” that many believe them to be. 06 May 2010
A website operated by the US Treasury was suspended on Tuesday after the site was hacked. 06 May 2010
A network worm is spreading through Yahoo Instant Messenger, and has aggressively infected systems globally, according to security vendors. 05 May 2010
Symantec, now the largest vendor in the security software marketplace, has agreed to buy PGP and GuardianEdge Technologies for $370 million in cash, and in the process gaining access to technology for protecting e-mails and data. 30 April 2010
IT security professionals in the US believe that their organizations lack proper investment in website application security, even though many of their websites contain ‘mission critical’ applications. This is according to a study conducted by the Ponemon Institute and sponsored by data security firm Imperva and WhiteHat Security, which tests websites for vulnerabilities. 29 April 2010
Security researchers have identified a new version of the Storm worm that plagued the internet three years ago. The new version uses HTTP for command-and-control purposes instead of the original peer-to-peer approach, say reports. 28 April 2010
Microsoft has withdrawn a Windows 2000 Server security patch released on 13 April to fix a flaw in Windows Media Services. 26 April 2010
Reports are coming in that McAfee's popular IT security software is tagging Microsoft Windows system files as malicious, causing serious stability problems, screen freezes and bootup loops for a large number of Windows XP users. 22 April 2010
Malicious internet traffic emanating from the US almost doubled between the third and fourth quarters of last year, according to figures released by Akamai this week. 22 April 2010
Trusteer says it has detected a completely new version of the Zeus password stealing trojan that has been designed to steal online banking credentials. 21 April 2010
Anti-malware company Avira has reported an extortion scam designed to scare torrent site users into giving their credit card information to a phishing site. 21 April 2010
Web-based attackers are increasingly targeting PDF files to compromise machines online, according to new figures released by Symantec. In the April version of its Internet Security Threat Report, the company revealed that half of all Web-based attacks in 2009 targeted PDF files, compared to just one in 10 attacks reported the previous year. 21 April 2010
Businesses need to take note of the increase in malicious cyber activity in emerging countries, particularly those offshore and outsourced operations, says Symantec. 20 April 2010
Infosecurity charts the week's news. 20 April 2010
A trojan has appeared posing as an extension to the Google Chrome browser. Delivered via email, the invitation to install the software tempts users with promises of a function to access documents from emails. 20 April 2010
Mac security software provider Intego has issued an alert for a new malware strain affecting Mac OS X. 19 April 2010
Porn sites are still the most likely online destinations to be compromised with malware, in spite of increasing attacks on legitimate non-porn websites, according to a report released by security company Commtouch this week. 19 April 2010
Apple has issued a second security patch for its OS X for the second time in less than a month. This time the company looked to plug alleged security holes in the Safari browser that were uncovered by a researcher at this year’s CanSecWest conference. 16 April 2010
The Zeus botnet continues to spread graciously, according to new data collected by Websense – and other researchers say that it is exploring a recently discovered design flaw in the Adobe PDF file format. 15 April 2010
Brazilian malware writers are making use of a long-available feature within most modern browsers to launch attacks that redirect victims to malicious websites without their knowledge. The feature, known as proxy auto config, is turning up in banking trojans, according to researchers from Kaspersky. 14 April 2010
Games console in the workplace pose an increasingly serious threat to enterprise security, according to new research from Sunbelt Software. The anti-malware vendor said that almost 4 in 10 respondents to the survey had no idea about any of the documented threats relating to online console gaming. 14 April 2010
Infosecurity reviews the week's security news 13 April 2010
BitDefender has discovered a new PC malware spreading mechanism targeting iPhone users who want to jailbreak their devices. 12 April 2010
RootKitAnalytics has made a tool available for discovering hidden alternate data streams. Called StreamArmor, it is designed to analyze a feature of the Windows file system that allows hidden data to be embedded in files. 12 April 2010
The US has lost its place atop the leader board as the chief source of malware in March, as research from Network Box indicates Korea – mainly South Korea – can now claim the top spot when phishing attempts are included in the statistics. 06 April 2010
Ransomware and scareware continue to be huge threats, according to the March 2010 edition of the Fortinet Threatscape report. 01 April 2010
eBay is the victim of a phishing attack that uses its own compromised server, according to email filtering company Red Condor. 01 April 2010
Vietnamese speakers have been targeted in an attack that researchers are describing as politically motivated. 01 April 2010
New research conducted by Panda Security shows that 61% of new threats created in the first quarter of 2010 were trojans. 30 March 2010
Malware adaptation rates are getting faster, according to a report from Blue Coat Systems. The average lifespan of malware dropped to two hours last year, from up to seven hours in 2007, it said, adding that this has had a significant effect on the effectiveness of software patches. 30 March 2010
Apple issued an update to its Leopard and Snow Leopard systems yesterday, comprising numerous security, functionality and compatability fixes. 30 March 2010
Data from McAfee show that the number of fake IRS domains is already at a record level when compared with last year’s numbers, as the security vendor warns last-minute filers not to fall prey to the various methods of identity and data theft that capitalize on tax season. 30 March 2010
Infosecurity covers the last week's news highlights 29 March 2010
Research just released by Symantec claims to show that targeted attacks are on the rise, with email originating from China and RAR attachments being a major source of security problems. 26 March 2010
California's Symantec has taken the wraps off Web Security Monitoring (WSM), a new service for companies to check on their websites and ensure they are not being hacked, or perhaps worse, infecting their internet users. 25 March 2010
Sunbelt Software has updated its Sandbox automated dynamic malware analysis utility to deal with the increasing problem of zero-day targeted internet attacks. 25 March 2010
Realtors love to wave lists of the top cities in the US for crime, and tell you that your potential new home is not on the list, but what about the top 10 cities for electronic crime? Symantec has stepped up to the plate and come up with just such a list. 24 March 2010
McAfee has taken the wraps off its Cloud Secure program, which seeks to allow the growing number of software-as-a-service (SaaS) providers with additional layers of security for their cloud deployments. 23 March 2010
A security expert at Sophos has unveiled fake antivirus software targeting the new Windows 7 operating system. 23 March 2010
When the number one seed in this year’s NCAA basketball tournament fell to the University of Northern Iowa over the weekend, black hats wasted little time playing the SEO game and thereby poising search engine results with malware-infected pages. 22 March 2010
An attack that scammed Facebook users into divulging their passwords was the sixth most popular piece of malware on the internet this week, according to McAfee. 18 March 2010
You've heard about Apple potentially bricking iPhones, but that's small potatoes, compared to remotely disabling whole fleets of cars using centrally controlled computer systems. That's just what a 20-year-old employee for a Texas auto dealership is being accused of doing after he was laid off last month. 18 March 2010
Sunbelt Software has updated its products on all fronts, refreshing its anti-malware and anti-spyware software lines, in addition to its central control tools. 17 March 2010
Infosecurity rounds up the week's security news. 16 March 2010
Researchers claim to have broken 1024-bit RSA encryption in the OpenSSL cryptography library, although the hardware-focused attack is difficult to carry out and involves disrupting power supplies. 16 March 2010
The US plays host to the largest number of malicious web servers, according to a study released by anti-malware company AVG. 13 March 2010
Researchers from web security firm Websense warned Facebook users earlier today to refrain from clicking on URLs posted on the pages of some famous celebrities – or even people on their friend list – as links to alleged videos were actually portals to malware infection. 12 March 2010
The latest monthly spam report shows that, regardless of the world economy, there is one item that is particularly hot this winter: Russian mail-order brides. This is according to newly released figures from McAfee. 11 March 2010
Yet another botnet suffered severe losses to its functionality this week, in what appears to be a growing campaign among the white hat community to take down these virulent networks. Troyak-AS, which was the upstream provider for the six worst Zeus hosting ISPs, has been taken offline. 11 March 2010
Infosecurity US rounds up the significant events from the last week. 08 March 2010
Hard on the heels of announcing a free website infection scanning service, Qualys has teamed up with fellow IT security vendor Imperva to integrate some of their respective software offerings. 03 March 2010
Gerhard Eschelbeck, CTO of Webroot, tells Infosecurity’s Eleanor Dallaway that “2010 is the right time to engage in cloud computing”, as they catch up in Silicon Valley. 01 March 2010
The Waledec network is down – at least temporarily – thanks to an injunction sought by Microsoft and awarded by a federal judge, forcing registrars to shut down command-and-control domains. 26 February 2010
Infosecurity rounds up some of the week's security news 23 February 2010
Researchers have identified Spybot.AKB, a worm that spreads across P2P networks and email systems. 22 February 2010
The same criminal gang that targeted government and military computers with its malware has also infected 75 000 computers in almost 200 countries with a virulent strain of the banking trojan, according to research from network monitoring company NetWitness. 18 February 2010
Rebounding spam traffic, increased use of shortened URLs to deliver malicious payloads, and continued vulnerabilities among some of the most popular software applications were among the most serious security threats over the last six months 2009 according to data from M86 Security. 18 February 2010
Yesterday’s outage of Windows Live caused a disruption in the web-based Hotmail email service. This presented a golden opportunity for online crooks to poison search results related to the incident. 17 February 2010
At the RSA security show next month, Symantec will unveil a data indexing technology designed to identify the owners of files by querying enterprise storage systems. Called Data Insight, the product will have multiple applications, including cost reduction, data leakage prevention, and even IT forensics. 16 February 2010
Infosecurity covers the news that didn't make it into our top stories last week. 16 February 2010
Some rather industrious spammers have targeted military and intelligence employees for the second time in a week. But this time they used the pretense of the previous attack in an attempt to deliver the Zeus trojan. 15 February 2010
As is often the case around major holidays, especially those where giving gifts seems compulsory, most major security vendors are warning about scam emails focused on Valentine’s Day. 11 February 2010
The Nigerian Government is working with Microsoft on a public awareness program that uses music to fight cybercrime in the country. 11 February 2010
Fewer botnets are becoming responsible for more infected machines, according to a report from McAfee. 11 February 2010
Researchers have identified another example of a botnet that attempts to neutralize other botnet software. Peter Coogan, a researcher at Symantec, noticed a crimeware toolkit from Russia called SpyEye, which appears to neutralize the competing Zeus crimeware kit. 11 February 2010
Defense and intelligence agencies in the US and UK were among the intended targets of a Zeus trojan campaign, according to findings by Websense. 10 February 2010
Identity fraud in the United States has risen to an all time high, according to a report from Javelin Strategy and Research. The 2010 Identity Fraud Survey Report reveals that the number of identity fraud victims in the country has risen by the highest amount in a single year since the survey started seven years ago. 10 February 2010
Researchers at Penn State University have devised an algorithm designed to slow down the kind of rapidly-spreading network worm that can infect large portions of the internet quickly. 08 February 2010
Security firm eSoft is warning clients about an IRS phishing con that is specifically targeting businesses and corporate email accounts. 08 February 2010
A report from security vendor Kaspersky Lab shows that malware originating from China topped its monthly report of digital pollution providers, broken down by country of origin, for January 2010. 08 February 2010
Mozilla has had to pull two experimental add-ons for the Firefox browser from its website. The add-ons, which somehow made it through the quality control process, target Windows users with trojan malware. 05 February 2010
Infosecurity is pleased to report that a prestigious array of presenters have been lined up for the latest virtual conference, due to take place on February 25. 05 February 2010
Information security and data protection vendor Sophos has released a list of the top 10 countries hosting malware. The report reveals that websites in the US are accountable for hosting 37.4% of malware worldwide. 04 February 2010
Compliance and security service provider Trustwave has released its 2010 Global Security Report. The company has found that companies are still suffering from attacks using familiar exploit types that have been around for years. Organizations are implementing new technologies without securing existing ones, the report found. 02 February 2010
An anonymous researcher has posted a proof-of-concept attack that fakes a trusted root certificate on the iPhone. Researchers have confirmed that the attack works, making it possible for anyone to create a web page that is deemed to be trusted by Apple. 02 February 2010
George Hotz, the first iPhone cracker – and who reportedly spent more than 500 hours developing the first jailbreak application for the Apple's iPhone back in 2007 – has apparently cracked the Sony Playstation 3. 29 January 2010
The website of the Oklahoma Tax Commission was the apparent victim of a hack yesterday, one in which visitors to the website were prompted to accept an Adobe license agreement and download software. The hack could not come a worse time for the Commission, whose site is undoubtedly experiencing an uptick in visitors as tax season approaches. 28 January 2010
An annual report from security software provider Intego acknowledges it was a busy year for security threats to Apple devices, including the Mac OS X and iPhones. And while the Mac OS may be a less frequent target of malware authors, security threats to Apple products are proliferating as these devices land in the hands of more and more users. 27 January 2010
Reports in the Christian Science Monitor suggest that at least three large US oil companies have been the victims of targeted attacks. The custom-made spyware used in the attack appears to have sent the information to China, at least in one case. 26 January 2010
Recent reports indicate that IT spending is set to increase in 2010. This comes on the heels of 2009, which saw negative IT spending growth worldwide and may have been the worst year on record for IT spending. 26 January 2010
Infosecurity US magazine is excited to announce the 2010 virtual conference on endpoint security, to be held on February 25, 2010. This one-day event brings a series of topical keynote sessions direct to your computer, giving you the flexibility to learn about the latest information security trends and challenges from wherever you are in the world. 26 January 2010
Infosecurity rounds up the week's news 25 January 2010
Prices for male impotency drugs sold by spammers aren't as stiff as they once were, according to a new report from Messagelabs. The asking price for 'little blue pills' have softened up, as the economy has lost its staying power. 25 January 2010
Anti-virus company ESET has discovered what it thinks is a prank gone wrong. The company suspects that Win32/Zimuse, which has swept the US, was originally intended as a localized malware attack against a group of Slovakian bikers. 22 January 2010
Hydraq, the trojan delivered by the Operation Aurora attackers, uses VNC techniques to stream live video from victims' machines, said Symantec in an analysis of the malware. 22 January 2010
Websense has relaunched a spam protection service with a new feature set that protects Facebook users against malware. 21 January 2010
Microsoft has scheduled an out-of-band patch for the zero-day vulnerability in Internet Explorer, just as other fixes for the problem began to surface. The company has also admitted for the first time that the attack could be used to compromise a computer using Microsoft Office. 20 January 2010
Security appliance company FireEye has said that its products can detect the latest zero-day vulnerability in Internet Explorer without any software patches. 18 January 2010
Evidence of further targeted attacks are surfacing, just days after Google and other technology companies announced that they had been the victims of a concerted campaign. This time, the attacks targeted PDFs of those in the US defense community, and occurred more recently. 18 January 2010
The Internet Explorer exploit code used in the Operation Aurora attack against Google and other technology companies has made it into the public domain, and has been incorporated into the Metasploit penetration testing tool, it was revealed this weekend. 18 January 2010
The internal security risk issue is fast becoming a boardroom topic in most organizations, especially now that relatively rare road warriors have given way to a truly mobile workforce, able to work from almost anywhere, in most businesses. 18 January 2010
Infosecurity rounds up the security news from the past week. 17 January 2010
Proving that there is no situation too tragic to exploit, cyber scofflaws have been quick to capitalize on the world’s interest in the recent earthquake in Haiti. With so many people looking to reach out and donate to victims of the tragedy, one group of black hats are attempting to rake in some of that cash by exploiting search engine optimization (SEO) techniques. 15 January 2010
Facebook has signed McAfee as a supplier to help protect its user base. The two companies have worked on a custom scanning and repair tool, along with education materials that will target the social networking giant's 350 million users. 13 January 2010
Infosecurity rounds up the week's security news 11 January 2010
The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results. 08 January 2010
A PandaLabs report claims that 2009 will go down as perhaps the most prolific in malware history. In 2009, malware creators tapped into search tools used by the majority of web surfers, and exploited current events and popular culture. 07 January 2010
Vendors of encrypted USB drives are recalling their NIST-certified products and issuing security updates after a fundamental flaw was found in the way that information is accessed. The flaw enables attackers to access encrypted data without trying to tackle the AES256 encryption algorithm used by the drives. 06 January 2010
More details are emerging of a zero-day attack on Adobe's PDF reader and Acrobat applications, and security experts are calling it highly sophisticated. Moreover, anti-malware tools have been woefully poor at spotting it. 05 January 2010
Applications that blur the boundaries between online and offline software will be a primary hacker target this year, according to McAfee. 04 January 2010
Infosecurity rounds up the information security news from the holiday season. 03 January 2010
Infosecurity rounds up the week's information security news. 21 December 2009
The number of known vulnerabilities in VoIP products have almost tripled since 2006, according to a report from McAfee. 21 December 2009
The Conficker worm is still thriving on networks in India, Chile, Russia and the Ukraine, where infection rates are up to 16%. 21 December 2009
Rogue anti-virus programs will become far less prevalent next year as other technologies such as Google Wave attract malware vendors' attention, said a forecast from Kaspersky this week. 17 December 2009
The number of computers infected by botnet malware has almost quadrupled each year since 2004, according to a report to be released by Project Honey Pot next week. 16 December 2009
Unified threat management company Fortinet is shipping two new secure email appliances. The appliances, called FortiMail-5001A and -2000B, are aimed at high-volume carrier and managed service provider companies. 15 December 2009
A Webroot researcher has documented the process that the Koobface malware uses to create malicious Google Reader pages. 15 December 2009
One year after the McColo shutdown, spam volumes have not only recovered, but have grown beyond what they were before the rogue ISP was taken offline. 15 December 2009
Infosecurity sums up the week's information security news. 14 December 2009
Infosecurity magazine reviews the past week`s information security news. 07 December 2009
Malware has rebounded to become the biggest cause of data loss in organizations, according to a report from the Computer Security Institute (CSI). Malware infections far exceed the next most common cause - laptop and mobile hardware theft - said the 2009 CSI Computer Crime and Security Survey. 04 December 2009
Online criminals are stepping up their campaign to infectInternet users with the Zeus trojan, according to new research published by Atlanta-based managed security firm SecureWorks. Email campaigns in particular are on the rise, the company has said. 04 December 2009
URL shortening service Bit.ly has announced that it will be using three new services to help secure its service from spam and malware. 02 December 2009
The inevitable H1N1 flu trojan attacks have started. Yesterday, McAfee detected a new H1N1-related spam campaign, spoofing emails from the Center for Disease Control (CDC) and asking victims to fill out a 'vaccination profile' as part of a state-wide flu vaccination program. 02 December 2009
Anti-malware firm Prevx has apologized to Microsoft after admitting that the 'black screen of death' - a condition that renders Windows unusable after bootup - was not caused by faulty system patches after all. 02 December 2009
Infosecurity reports on the past week's news 01 December 2009
A third piece of iPhone malware has appeared, pushing the envelope further than ever before by creating a botnet of infected devices and acting as a banking trojan. 24 November 2009
Another round of SEO attacks has been discovered targeting Google. Criminals are crafting custom rogue blogs designed to target the 'long tail' of obscure Google searches to avoid having to compete with more popular searches in Google results, according to cyber intelligence company Cyveillance. 20 November 2009
The Gumblar botnet has moved into overdrive, changing its operating model to dramatically increase its infection rates, according to the latest monthly threat report from ScanSafe. 19 November 2009
Lockheed Martin has formed an information security alliance with a collection of technology providers that will focus on self-healing systems to help solve information security problems. 18 November 2009
Nations are secretly stockpiling tools and techniques in preparation for sophisticated cyberwarfare against each other, McAfee said in its annual Virtual Criminology report yesterday. 18 November 2009
Poorly configured cable and DSL modems are leaving the internet open to distributed denial of service (DDoS) attacks based on rogue DNS queries, according to research to be released this week by Infoblox. 17 November 2009
Infosecurity rounds up this week's information security news. 16 November 2009
Spam sent by the Mega-D botnet has almost entirely disappeared, after US-based anti-malware appliance firm FireEye took it down. 13 November 2009
Just days after an iPhone worm was discovered in the wild, Mac security firm Intego has discovered a hacker tool targeting the iPhone that exploits the same vulnerability. 12 November 2009
Only half of the federal government's agencies feel that they have an adequate security budget, according to a report released this week. And yet, cybersecurity incidents are on the rise. 12 November 2009
Phishers are gearing up for the Christmas holiday season, according to the latest report from Symantec. Phishing attacks were up 17% in October compared to the previous month, and phishers continue to automate their attacks by increasingly resourcing to phishing toolkits. 11 November 2009
Botnet controllers have been using cloud based systems such as the Google cloud platform as command and control nodes for infected PCs, said a researcher at Arbor Networks. 10 November 2009
Breaches, Certifications, Charges, Vulnerabilities, and Acquisitions. Infosecurity sums up the past week's news. 09 November 2009
The closure of the popular Pirate Bay torrent tracking service earlier this year created a flood of alternative illegal file sharing sites and malware distribution hubs, according to a report released by McAfee. 08 November 2009
The FBI has slammed poor security in financial institutions, after identifying a drastic rise in money being stolen from small to medium-sized businesses via spearphishing emails, it said in an intelligence note early this week. 06 November 2009
Anti-virus companies are failing to get the joke after the release of a free arcade game for the Mac that deletes the users' files during play. Lose/Lose warns 'victims' that it is about to delete files on their hard drives before they begin playing, and it keeps its word. 06 November 2009
Network worms are on the rise again thanks to poor IT management in the enterprise, according to the latest Security Intelligence Report (SIR) from Microsoft. Dramatic successes among worms in enterprises have caused this category of malware to move from fifth place to second place worldwide. 06 November 2009
Twitter is failing to block malicious websites that are being posted to it via URL shortening services, according to researchers from Kaspersky, who have applied their own back-end service to help solve the problem. 30 October 2009
The director of the FBI and the man charged with protecting the US from cyberthreats, Rober Mueller, has given up online banking after a phishing scare. 28 October 2009
Information security: Breaches, walls, charges, tools, and deals. 26 October 2009
The US Federal Bureau of Investigation (FBI) and the UK Serious Organised Crime Agency (Soca) have called for greater collaboration with the IT security industry in fighting cybercrime. 26 October 2009
Rapid7, the vulnerability management security specialist, has acquired Metasploit, the ongoing open source security project that developed the Metasploit Framework. The move is billed as allowing Rapid7 to enhance its penetration testing technologies. 21 October 2009
Research just published by Symantec claims to show that users are increasingly being fooled into installing fake anti-virus software - aka scamware - onto their machines. 20 October 2009
More than 1.5 million Windows users downloaded Microsoft's free anti-virus and anti-malware tool, Security Essentials in the week after it was released, the software firm has claimed. 19 October 2009
US$4000 lost in Facebook scam; Michigan's airport website closed due to malware; the first Windows 7 security patches appear; and more. We report on the IT security news... 19 October 2009
The third quarter security trends report from Commtouch and its security alliance partners suggests that phishing is now on the decline, after peaking in the summer. 14 October 2009
Trends, Tussles, Tools, and Attacks: We round up the last week's information security news. 13 October 2009
Comcast is piloting a service that will notify customers that have been infected with malware, the company said this week. 09 October 2009
Deviousness, Defenses, and Disappointments - read all about the week's security news in our weekly brief. 05 October 2009
Business in rogue anti-virus software is booming, according to a new report from the Anti Phishing Working Group (APWG). In the first half of this year, the number of such programs plaguing internet users increased by 585%. 05 October 2009
Microsoft officially shipped Microsoft Security Essentials, its free anti-virus product, yesterday. The product, which had been beta tested under the codename Morro, is designed as a free software offering specifically for home users. 30 September 2009
Takedowns, Tools, Threats, and Tsk, Tsk! We review the week's information security news. 28 September 2009
Popular websites have been made to serve up malware via malicious advertising delivered by advertising banner services. 25 September 2009
The New York Times has admitted it has been the victim of a complex scam, in which a group of hackers purchased ad space on the famous publisher's website, then posed as internet telephony company Vonage, to infect users with malware. 24 September 2009
RSA, the security division of EMC has discovered a phishing attack it calls ‘chat-in-the-middle’, which targets online banking customers tricking them into divulging username and passwords. 23 September 2009
Talk, Tools, Techniques, Trials, and Traps - get the lowdown on the week's security news in our weekly brief. 21 September 2009
IT managers are focusing on the wrong security threats, according to a report from the SANS Institute. 16 September 2009
Breaches, threats, protections and security directions - we summarise what's been happening in the world of information security over the past week. 15 September 2009
RideMatch.info, a website used by several California-based companies and transportation boards to match commuters on similar routes, has been found to be potentially vulnerable to massive SQL injections that could result in the disclosure of users' personal data. 14 September 2009
This week promises to be an exciting one for Infosecurity and its readers as, while President Obama is reportedly close to appointing a Frank Kramer, former assistant defense secretary under President Bill Clinton, as his new cybersecurity chief, we will be hosting a topical IT security webinar looking at how to protect your critical data on a budget. 14 September 2009
Online scams related to holidays, global events, and popular news stories are common, but September 11 scammers really scraped the bottom of the moral barrel last week. Scareware scammers are using the eighth anniversary of the September 11 attacks to sell their fake anti-virus software to unsuspecting users. 13 September 2009
Astaro Corp., has released a free business firewall for the VMware environment. The IT security vendor says that the firewall - which offers the base functionality of its Astaro Security Gateway Virtual Appliance by using a special license key - will allow organizations with virtual environments to secure their network from external threats. 10 September 2009
In this week’s information security news: Marshal8e6 rebrands as M86 Security; Australian federal police mock hackers - and are hacked in return; Raytheon releases industry's fastest cross-domain sharing solution; and more... 07 September 2009
As the recession continues to chew into budgets, and cybercriminals see increased opportunity for looting, CISOs need to ensure that their information security defences remain strong but affordable. Find out more for free! 07 September 2009
Whilst threats against business critical data have been rising steadily in recent times, almost all companies have had their IT security budgets cut or placed under intense scrutiny. 05 September 2009
In this week’s information security news: Trojan eavesdrops on Skype; Snow Leopard only recognizes two Trojans; private messages are sent to wrong recipients; search warrants are needed for digital data; and more… 01 September 2009
The American Civil Liberties Union has called on the UK foreign secretary to review the "lopsided" extradition treaty to prevent people like UFO hacker Gary McKinnon being "unfairly" removed from their home country to stand trial abroad. 28 August 2009
In this week’s information security news: Microsoft patch exploited by hackers; Office 2010 sandbox security welcomed by security industry; hackers get their revenge on police; and more… 24 August 2009
The National Cyber Security Alliance (NCSA) - one of the primary promoters of National Cyber Security Awareness Month each October - has launched a website to encourage broad-based participation in education and awareness activities on cybersecurity this year. 17 August 2009
Campaign Monitor, the Australia-based email marketing software developer, has warned users of compromise to its servers that took place over last weekend. 17 August 2009
If you want to hear an eclectic mix of views on recent events in the world of IT security, you could do worse that visit the Bigfix blog site, where Amrit Williams, the firm's chief technology officer, has been talking with industry luminary Ryan Russell in his latest podcast. 17 August 2009
In its second quarterly report on IT security threats of 2008, software-as-a-service (SaaS) specialist ScanSafe reported that web-based malware had surged by over a third when compared to the first quarter of the year. 17 August 2009
Regulation could protect businesses and governments from poor IT implementations that have cost billions of dollars. But at present, software is generally shipped with a disclaimer which states that the manufacturer does not guarantee it will work, unlike regulated industries such as pharmaceuticals where the supplier is held accountable for a failure in manufacturing. 11 August 2009
Koobface, the first - and arguably the most successful of the social networking worms - is back, having been significantly tweaked by black hat hackers on the internet, reports Kaspersky Lab, the anti-malware and IT security vendor. 10 August 2009
In this week's information security briefs: ISPs team up in bid to tackle botnet problem; Former superhacker Kevin Mitnick dumped by ISP; US cyber-security tsar steps down; US military worried over Twitter security and more... 10 August 2009
Research just released by Symantec shows that phishing attacks rose 52% in July while spam - as a percentage of all email - stayed about the same compared as the previous month. 07 August 2009
After 27 years in the online and IT world, Symantec is moving into the offline/off-computer world thanks to a partnership with LifeLock Inc., a proactive provider of identify theft protection. 06 August 2009
Seattle-based WatchGuard Technologies - the unified threat management (USM) security vendor - has announced plans to buy privately-held BorderWare Technology, which employs around 90 staff, for an undisclosed sum. 05 August 2009
Researchers with Radware were busy over the weekend showing a Defcon audience how a classic man-in-the-middle attack could be engineered when notebook computers attempt to seek out updates for their software across public access WiFi networks. 04 August 2009
Researchers have been busy over the last few days tracing where the Zeus botnet is being controlled from, following investigations by the University of Alabama in the US, which tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the internet. 04 August 2009
In this week's information security briefs: AVG flags up iTunes as malware; hackers score $219 000 from city; Microsoft's sandboxing criticised, and more... 03 August 2009
The programme for Infosecurity Magazine’s Virtual Conference on Information Security 2009 is now available with an exciting line-up of speakers from the IT security industry. 03 August 2009
The UK hacker Gary McKinnon who became famous for hacking US military and NASA computers in 2001 and 2002 looking for evidence of UFOs, has lost his appeal against extradition to the USA. 31 July 2009
At the Black Hat security conference in Las Vegas, researchers have revealed how the security of San Francisco's plans to become a showcase for the US on computerised parking has been compromised. 31 July 2009
You could never describe the Apple iPhone as totally secure, given the number of jailbreaks that crackers have developed to unlock the popular handset from its partner networks, but researchers at the Black Hat security conference are scheduled to reveal a serious chink in the mobile's armour today. 30 July 2009
IBM has acquired another IT security development firm - Ounce Labs - to add to its ITsec research and development efforts. 29 July 2009
Symantec has joined the growing ranks of IT security vendors that are offering their pooled information on the latest ITsec threats as a value-added outsourced option for major corporates. 29 July 2009
The Computer forensics department at the University of Alabama has tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the Internet. 28 July 2009
Information security: Fox News, Eugene Kaspersky reveals all, Marshal8e6's new hosted email service and more... 27 July 2009
Cambridge academics have revealed that social networks that promote their security controls are likely to deter users from joining, and as a result privacy guidelines are inaccessible. 24 July 2009
Information security: Microsoft, South Korea, China, Twitter, Facebook in the news... 20 July 2009
A mobile phone worm called Sexy Space has been spotted by Trend Micro and is the first, the IT security vendor says, to spread itself by spamming text (SMS) messages. 20 July 2009
The USA continued to be the top email spam country in the second quarter of 2009 making up 15.6% of global spam traffic, according to a report on the latest trends in spam from IT security and data protection firm Sophos. 20 July 2009
Based on an analysis of two billion emails and internet transactions processed by its OEM anti-spam and anti-malware customers every day, CommTouch says that millions of email-borne malware such as Trojans and viruses bypassed several major anti-virus engines during the second quarter of 2009. 17 July 2009
Online criminals are using state of the art business strategies to commit cybercrimes, says network equipment maker Cisco. 16 July 2009
IT security administrators will have to deal with more than 10 security patches from Oracle and nine from Microsoft this week. 16 July 2009
The reputation of Mozilla's popular Firefox web browsing software - now into version 3.5 - took a battering this week as the Secunia security research advisory team revealed a flaw in the way the browser handles Javascript calls. 15 July 2009
As Google announced the future launch of its Google Chrome operating system (OS) based on an open source Linux kernel, it also claimed that “users don’t have to deal with viruses, malware and security updates. It should just work”, but is that possible? 13 July 2009
Researchers with Russian IT security vendor Kaspersky Lab say they detected 575 new variants of the Koobface worm during June. 13 July 2009
Network Box, the managed security internet service provider, has published a free guide explaining - in plain English - a guide to spotting common hoaxes, hacks and other internet horrors. 10 July 2009
The team behind the Waledec botnet mounted a new malware campaign over the July 4 weekend that has infected thousands of PCs. 07 July 2009
Worlwide IT spending could fall 6% to US$3.2 trillion in 2009, according to Connecticut-based IT research and advisory company Gartner. 07 July 2009
Techniques, Tools, Concerns, Crimes, and Crashes 05 July 2009
A nasty new trojan that triggers multiple click-throughs on Google AdSense - the pay-per-click sponsored web search service operated by Google - has been discovered by SecureWorks. 02 July 2009
Never one to miss a trick, the blackhat community capitalised on the death of Michael Jackson over the weekend by seeding the web with spam and malware designed to steal email addresses and join the troubled star's fans to botnets. 30 June 2009
Danny Bradbury explores some of the more interesting stories in the security field from the last week. 30 June 2009
The US Department of Justice (DoJ) wants more time to consider Oracle's $7.4bn Sun deal before giving its approval. 30 June 2009
The malware that has been infecting automated teller machines in eastern Europe could be about to spread to other places in the world, according to the company that uncovered the fraud. Experts at SpiderLab, the research arm of security firm Trustwave, say that there is "increased activity" around this particular strain of malware in other parts of the world. 23 June 2009
Chief information security officers are still ignoring the need for deperimeterization, according to a survey carried out by security firm Netwitness, and the MIS Training Institute. 23 June 2009
Danny Bradbury documents Tools, Twitter, Law, Hacked, Patched, and the Totally Whacked this week. 22 June 2009
Searching for ‘Brad Pitt’ is riskier than searching for ‘Hugh Jackman’ according to a McAfee study on the most dangerous search terms online. 19 June 2009
Security researchers with Finjan have uncovered a highly sophisticated online botnet, malware and hacker exchange network for buying and selling access to infected PCs. 17 June 2009
Researchers at the University of Michigan have criticized an alleged initiative by the Chinese government to protect the public's computers from malware, arguing that it creates significant vulnerabilities on users' machines. 16 June 2009
Vision Solution’s explores the data protection, recovery and optimization technologies and strategies for running AIX and IBM i (i5/OS) environments in its white paper State of Resilience & Optimization on IBM Power Systems. 16 June 2009
Information Security - Tools, Law, Techniques, Attacks, and Defenses 15 June 2009
Apple Computer has released v 4.0 of its increasingly popular Safari web browser for Windows and Mac OSX-based computers. The release counters the recent security flaws reported in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and webKit 10 June 2009
LockLizard explores the pitfalls of PDF security in its white paper 10 Things You Really Wished You Had Known About PDF Security. 09 June 2009
Information security: Privacy, enforcement, attacks, and defenses 08 June 2009
Information security: Tools, Techniques, Law, Attacks and Defenses 01 June 2009
A worm on Twitter is tricking users into giving up their user details at the same time as redirecting victims to a dating website where the aggregate number of views result in affiliate revenue. 01 June 2009
Malware attacks are becoming more targeted and more focused on social networks, according to a researcher at Kaspersky, who slammed Facebook for problems with its application certification process. 29 May 2009
Anti-malware efforts took a significant step forward this week with the announcement of an initiative to try and bring legitimate software businesses together and lock out malware writers. 22 May 2009
McAfee will acquire Solidcore Systems, a whitelisting specialist, in a US$33m deal which will allow McAfee to integrate Solidcore's technology into its blacklisting malware detection and prevention products, as well as to bolster its high-end corporate IT security offerings. 20 May 2009
A modified attack that alters Google searches is taking the web by storm according to security researchers, who have identified more malware domains being used in the attack. 20 May 2009
Infections, Intrusions, Protections and Misdirections 18 May 2009
An unlimited online backup solution, which works automatically in the background, has been launched by Finnish IT security service provider F-Secure. 15 May 2009
Worldwide software piracy is on the rise, according to a study by the Business Software Alliance and analyst firm IDC. 13 May 2009
Danny Bradbury rounds up the most important news in the security space from the last week. 11 May 2009
Hackers are starting to create fake search engine sites to divert hapless internet users to malware infected websites, says PandaLabs, the research operation of Panda Security. 07 May 2009
The Conficker worm and attackers’ social engineering techniques exploiting users on Facebook, Myspace and Twitter, dominated the email threats in the first quarter (Q1) of 2009, according to identity-based unified threat management (UTM) solutions provider Cyberoam and its Israeli messaging and web security partner Commtouch. 05 May 2009
Last week, Infosecurity Magazine was at the RSA show in San Francisco. A variety of vendors launched new products. 27 April 2009
Endpoint security company Lumension teamed up with Microsoft at the RSA show to launch a software whitelisting service. The move, which sees the companies sharing information about legitimate software applications, lends increasing credence to the idea that blacklisting malicious software by signature is becoming less tenable as the number of malware variants increases. 22 April 2009
Finjan has uncovered what appears to be one of the largest bot networks controlled by a single cybercrime gang, with 1.9 million infected zombie computers forming the swarm. 22 April 2009
In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape. 22 April 2009
Director of NSA, Lieutenant General Keith B Alexander, congratulated the information security industry on its excellent work in his keynote address to RSA conference attendees in San Francisco on 21 April 2009. 21 April 2009
Security provider, Symantec, found that malicious code activity continued to grow at a record pace throughout 2008, with the most prominent target being confidential information, according to the Symantec Internet Security Threat Report Volume XIV. 15 April 2009
Powerpoint, Porn and Twitter 14 April 2009
Paul McCartney's site was serving up the Zeus trojan for three days, according to UK security firm ScanSafe. The attack, in which paulmccartney.com was compromised with malicious Javascript, appears to have been tailored to coincide with interest in his New York reunion concert last weekend. 08 April 2009
Infosecurity magazine are now on Twitter. Please ‘follow’ us to receive our latest news, views and industry comments. 08 April 2009
Ghost in the machine The Information Warfare Monitor published a report on GhostNet, a cyber-espionage network that it discovered after conducting a security audit for the Dalai Lama's Tibetan Government in Exile. Almost 1300 machines were discovered in a micro-botnet controlled from servers mainly in Chinese IP blocks. The 30% of machines that it identified were of high importance to Chinese interests, it found. The Dalai Lama has condemned the whole affair, and the Chinese government is denying everything. 06 April 2009
Conflicker, Congress and Pink Floyd 30 March 2009
Bugs, browsers, bureaucracy, backtracks and busts. 23 March 2009
More worm activity has been spotted targeting a recently discovered Windows flaw. 20 March 2009
Cyber intelligence There were big shakeups afoot in the US cyberintelligence community. Rod Beckström, last year's controversial pick for head of the secretive National Cybersecurity Center, resigned amid stormy allegations of bureacratic roadblocks. 09 March 2009
An employee of the human-powered search engine Mahalo[http://www.mahalo.com/] was sentenced to four years in prison this week for operating a botnet. 06 March 2009
Conficker continued to garner attention from security vendors this month as it spread across the internet. 05 March 2009
Damballa has updated its botnet detection product with a host of new features, while slamming other anti-virus vendors for failing to spot large percentages of malware. 03 March 2009
Arrests A Chinese official has reportedly been arrested for taking backhanders to help one local anti-virus company disrupt the business of another. Yu Bing, director of the internet monitoring department of Beijing’s Public Security Bureau, allegedly took 4.5m Yuan ($657,000) to frame executives at antivirus company Micropoint and stop its products reaching the market. The money was said to have come from antivirus firm Rising, according to reports. 02 March 2009
Black Hat DC This week, Black Hat DC was on in Arlington, VA. Moxie Marlinspike announced a new attack against SSL that forces HTTPS traffic into HTTP to allow a man in the middle attack. Dan Kaminsky, who discovered the infamous DNS flaw last year and criticized SSL at the the time, reacts here. He also resolved at the conference to take two months off work to promote the adoption of DNSSEC - a more secure DNS standard that has not been widely implemented. 23 February 2009
Microsoft's Conficker Cabal has been steadily registering domain names targeted by the Downadup/Conficker worm in a bid to choke off its update mechanism. 18 February 2009
In a fresh case of social engineering, ever-resourceful hackers in the US have found a new way to direct unsuspecting users into downloading a virus, through fake parking tickets. 10 February 2009
Malware writers must be celebrating the 25th anniversary of the Mac. Intego, which produces antivirus software for the OS X. platform, noticed two Trojan programs circulating in the past week on peer-to-peer sites, buried within pirated copies of high-value Mac programs. 04 February 2009
Cyber-criminals are exploiting the economic downturn to scam users, according to the 2009 threat report from security firm McAfee. 26 January 2009
Two new botnets have emerged in the past few weeks, and at least one shows signs of being an upgrade to a previous botnet that wreaked havoc in the wild. 16 January 2009
More evidence has appeared of the spread of a network work based on the RPC vulnerability that was found in Microsoft Windows in October. The network worm Downadup has failed to gain much traction on the open internet, according to anti-virus firm F-Secure, but is getting into corporate networks on a consistent basis. 12 January 2009
Apple's own announcements at the MacWorld show last week may have been relatively underwhelming, but several companies rolled out new security technologies at the event. A stolen computer tracker accompanied a two-factor authentication system for the iPhone. 12 January 2009
The Federal Trade Commission has filed a complaint against two companies that it says operate 'scareware' scams that have scammed users into buying their software. 12 December 2008
As the holiday season approaches, millions of Americans are making their travel preparations, so it's hardly surprising that a large number have `clicked through' on an email that purports to be an airline e-ticket and boarding pass. 24 October 2008
Officials with the Texas National Guard took their Web site offline overnight on Thursday, after it became clear the site had been hacked and was being used to offer fake (and possibly infected) IT security software, as well as planting rootkits on unsuspecting visitor's PCs. 22 September 2008
This week the media spotlight was turned towards “spam kings.” One was sent to jail while another escaped from his minimum security prison before killing his family and himself. 25 July 2008
Network operators and ISPs from around the world are working together to address issues that will help block botnet-induced spam. 27 June 2008
Targeted social engineering attacks, also referred to as spear phishing, are on the rise. 13 June 2008
The FBI have revealed that the US government has purchased counterfeit networking equipment that could jeopardize the security of its military and other government systems. 19 May 2008
BT’s security expert Bruce Schneier was scathing about lots of security software calling it “snake oil” in an interview this week. 24 April 2008
A US Department of Homeland Security-funded research program will help deliver Endeavor Security’s new method of targeting botnet and malware attacks before hosts are infected. 22 February 2008
Email Address
Password
Forgotten login?