View Full Version : Security News



  1. Can mobile devices be more secure than PCs?
  2. Car and electronics shoppers at risk of escrow fraud
  3. Open source NAC PacketFence 4.0 released
  4. Week in review: Malware you can "live with", but should't, and backdoor targeting popular web servers
  5. BYOD Policy: Employee Right to Social Media Privacy Is Paramount
  6. Bank security weaknesses led to cyber looting of $45M from ATMs
  7. Microsoft and Adobe Patch Tuesday Pre-Release, (Fri, May 10th)
  8. Google's five-year plan for authentication: It's complicated
  9. What's old is new again: Spammers revived old schemes in March quarter
  10. Academic institutions urged to take steps to prevent DNS amplification attacks
  11. Webinar: Monday, May 13th
  12. Bill would put mobile app vendors on the hook for privacy
  13. 10 great technologies to secretly install on Mom's PC
  14. Academic institutions urged to improve network and DNS configurations
  15. PayPal Says It's Time to Ditch Passwords and PINs
  16. Microsoft Patch Tuesday targets multitude of Internet Explorer faults
  17. US lawmakers introduce apps privacy bill
  18. The Onion explains how its Twitter account was hacked
  19. Hacking back: Digital revenge is sweet but risky
  20. Payment card processors hacked in $45 million fraud
  21. Eight indicted in $45M cybercrime campaign
  22. Bringing networking and security together through network automation
  23. Hijacking Facebook accounts via expired Hotmail accounts
  24. Microsoft to release 10 bulletins
  25. India has a new National Cyber Security Policy
  26. Windows XP migration worries exaggerated by 'dead' applications
  27. Adobe warns customers of unpatched critical flaw in ColdFusion
  28. Encrypt and secure data in the Amazon big data cloud service
  29. Lesson from the Google office hack: Do not trust third-parties
  30. Security practices wanting in virtual machine world, survey finds
  31. Microsoft releases fix-it for Internet Explorer 8 vulnerability
  32. Researchers find hundreds of insecure building control systems
  33. Name.com forces customers to reset passwords following security breach
  34. Adobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html, (Thu, May 9th)
  35. Spamhaus DDoS suspect extradited to his home country
  36. Name.com breach just one of many executed by HTP hackers?
  37. Spamhaus DDoS suspect extradited to the Netherlands
  38. Senators want sanctions against countries supporting cyberattacks
  39. Hacker leaks part of Candace Bushnell's unpublished book
  40. The CSO perspective on risk management
  41. Healthcare leaders streamline third party assessment process
  42. Phishers taking over accounts of telecommunication customers
  43. "De Flashing" the ISC Web Site and Flash XSS issues, (Wed, May 8th)
  44. Highly critical vulnerability fixed in Nginx Web server software
  45. Passwords: You're doing it wrong. Here's how to make them uncrackable.
  46. Experts wary of Pentagon cybersecurity report fingering China
  47. Use of 'honeywords' can expose password crackers
  48. Welcome sign for hijackers on 24-7 for 30% of social networkers
  49. U.S. senators introduce new bill to fight cyber theft
  50. Backdoor targeting Apache servers spreads to nginx, Lighttpd
  51. Organizations failing to secure primary attack target
  52. Proposed U.S. law aims to counter cybertheft with import bans
  53. Stealthy Web server malware spreads further
  54. FTC sends warning letters to 10 data brokers
  55. Is your social network built enterprise tough?
  56. AutoIt scripting increasingly used by malware developers
  57. Anonymous' OpUSA is under way
  58. Phishers target eBay customers via live chat support
  59. Review: Blackhatonomics: An Inside Look at the Economics of Cybercrime
  60. Seagate unveils complete SSD product line
  61. IT executives believe the cloud increases data security
  62. Beware of fake AV and ransomware combo
  63. Syria drops from Internet 7th May 2013, (Wed, May 8th)
  64. Are there any websites that are NOT compromised?, (Wed, May 8th)
  65. NGINX updates address buffer overflow (CVE-2013-2028) see http://nginx.org/en/CHANGES-1.4, (Tue, May 7th)
  66. Cyberattack highlights software update problem in large organizations
  67. Cisco gets tough: Details ruggedized switches for harsh environments
  68. HIPAA rules, outdated tech cost U.S. hospitals $8.3B a year
  69. Pentagon report accuses China military of cyber espionage
  70. The importance of secure coding
  71. Why wiping decommissioned IT assets should be a must
  72. Twitter's Password Fails
  73. May 2013 OUCH! - Strong Passwords: Passphrases, Using Passwords Securely, (Tue, May 7th)
  74. Attackers breach and encrypt TV station's email server
  75. Old Java exploit kit taught new tricks
  76. Google left heating, cooling system open to hackers
  77. Pentagon accuses China government, military of cyberattacks
  78. U.S. media sites compromised, lead to malware
  79. A radical shift in security needs
  80. Increase Facebook privacy with Safe Profile
  81. Malwarebytes backup service prevents malware uploads
  82. Analyzing 450 million lines of software code
  83. Many social accounts are still in danger
  84. 10 Disruptive Online Services Enterprises Should Ban From the Network
  85. Is there an epidemic of typo squatting?, (Tue, May 7th)
  86. McAfee Buys Stonesoft to Bolster Content-Aware Firewall Security
  87. Women leaders in security recognized
  88. Security tools can't keep hackers at bay
  89. Dell acquires Enstratius
  90. Internet Explorer 8 0-Day Update (CVE-2013-1347), (Mon, May 6th)
  91. Security Manager's Journal: Plans and processes are made to be revised
  92. IE8 0-day used in watering hole attacks
  93. Florida restricts use of drones by law enforcement officials
  94. McAfee to acquire firewall maker Stonesoft
  95. McAfee to acquire Stonesoft
  96. Malware you can "live with", but shouldn't
  97. No strategy for data protection?
  98. Cain & Abel 4.9.44 released
  99. Week in review: Google Glass hacked, Bitcoin risks, and why we need security awareness training programs
  100. Pentagon nod shows Android can be as secure as BlackBerry
  101. U.S. Aims to Force Web Services to Compromise Message Encryption
  102. Zero-Day Exploit Enabled Cyber-Attack on U.S. Labor Department
  103. Accused SpyEye creator extradited to the US
  104. The Zero-Day Pendulum Swings, (Sat, May 4th)
  105. Two-Factor Authentication: Myths Versus Reality
  106. BlackBerry Suffers Outage as DOD Approves BlackBerry, Samsung Use
  107. Federal CIOs Fret Over Budget Pressures, IT Talent and Cybersecurity
  108. Chinese 'Comment Crew' hackers emptied QinetiQ of top-secret military data
  109. Spy court OK'd all U.S. wiretap requests it received in 2012
  110. iOS app contains potential malware
  111. Websites compromised as Apple ID phishing emails attempt to steal credit card details
  112. IRC/HTTP based DDoS bot nukes other bots
  113. Top Android AV software fooled by common evasion techniques
  114. Multi-stage exploit attacks for more effective malware delivery
  115. Trojans account for 80% of malware infections
  116. Ex employee hacked into high-voltage power manufacturer's network
  117. Lawsuit halts US bitcoin exchange partnership
  118. Systems manager arrested for hacking former employer's network
  119. Online Activities Related to Elections in Malaysia
  120. Do young people care about privacy?
  121. Google Glass hacked, could be used for spying
  122. Is network monitoring dead?
  123. EiQ Networks launches SOCVue service
  124. Hackers Turned Defense Contractor QinetiQ Into Intelligence Playground
  125. FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come., (Thu, May 2nd)
  126. Apple, Verizon, Amazon Score Low Marks on User Data Protection
  127. Despite hack, security experts urge no fear of Google Glass
  128. Dutch bill seeks to give law enforcement hacking powers
  129. Verizon, MySpace Fail Data Protection Test: EFF
  130. A primer on Bitcoin risks and threats
  131. Fake AV scammers impersonate Microsoft
  132. Serious website vulnerabilities continue to decrease
  133. U.S. Department of Labor website infected with malware
  134. Australia mulls data breach notification law, but details are secret
  135. FinFisher spy kit's C&C servers are popping up around the world
  136. D-Link publishes beta patches for IP camera vulnerabilities
  137. Army Corps database on dams compromised
  138. Review: Codeproof for iOS
  139. Which companies help protect your data from the government?
  140. The insecurity of the component lifecycle
  141. IT security risks of features in connected cars
  142. New mobile security practice from Trustwave
  143. 1010data updates big data analytics platform
  144. Stealthy Apache Exploit Redirects Victims to Blackhole Malware
  145. U.S. Seeks Power to Wiretap Web Services, Including Google, Facebook
  146. The 7 elements of a successful security awareness program
  147. LivingSocial breach scope widens on finding of 60% sharing logins
  148. Google Play changes bring cautious optimism on Android security
  149. Novell Filr Secures Mobile File Sharing for the Enterprise
  150. How do you protect yourself in the event of a data breach?
  151. The cost of cleaning up, (Wed, May 1st)
  152. BYOD Growth to Continue Through 2017: Gartner
  153. Mozilla moves to stop spyware company from spoofing Firefox
  154. Aging networking protocols abused in DDoS attacks
  155. Hackers challenged to crack unhackable secure messaging app
  156. Combat phishing attacks from all email domains
  157. AWS cloud computing pros get certification program
  158. Password Reuse Remains a Danger After Living Social Breach
  159. Apache servers ambushed by sophisticated backdoor attacks
  160. Supply chain 2013: Stop playing whack-a-mole with security threats
  161. Online monitoring scheme bad news for security, opponents say
  162. Control and security of corporate open-source projects proves difficult
  163. Apache binary backdoor adds malicious redirect to Blackhole, (Tue, Apr 30th)
  164. Fake PayPal "Reset your password" request leads to malware
  165. APT1 cyber espionage group is back to their old tricks
  166. FBI wants to fine companies not complying with wiretap orders
  167. New Splunk App for Enterprise Security released
  168. Facebook is Testing Tags For "What"
  169. Scammy Profile Viewer app is now "offered" by Facebook
  170. Detector finds smuggled cellphones even without batteries or SIM cards
  171. D-Link firmware flaws could allow IP video stream spying
  172. UK banks targeted with Trojans and social engineering
  173. New Linksys Smart Wi-Fi Routers with AC technology
  174. Poor password practices put UK businesses at risk
  175. Why we need security awareness training programs
  176. The Fog of Cyber Defence
  177. The Fog of Cyber Defence
  178. Free firewall configuration search tool
  179. Spamhaus DDoS Attack Investigation Results in Arrest of Dutch Man
  180. Fortinet Debuts Secure Wireless LAN Platform
  181. Cyber-Conflict Escalates in Midst of North Korean Tensions
  182. Report Fake Tech Support Calls submission form reminder, (Mon, Apr 29th)
  183. Google pays record $31K bounty for Chrome bugs
  184. Designing your digital legacy
  185. LivingSocial gets hacked, 50 million users told to reset passwords
  186. Poor Skype account verification allows account hijacking
  187. How cybercriminals can target you on public networks
  188. AT&T Enters Home Security Market With IP-Based Digital Life
  189. Self-updating apps are now banned from Google Play
  190. Sophisticated Apache backdoor in the wild
  191. How secure is your confidential data?
  192. Spanish police say DDoS suspect used a van as a mobile office
  193. SpamHaus DDoS suspect arrested in Spain
  194. Info of 50M LivingSocial customers compromised following breach
  195. Reported DDoS attacks up 200 percent
  196. Week in review: CISPA, AP Twitter account hijacking and real-world consequences
  197. SANS's Alan Paller discusses the threat of cyberterrorism on CNN, (Sun, Apr 28th)
  198. Dutchman arrested in connection with large DDoS attack on Spamhaus
  199. Facebook used as billboard for malware
  200. LivingSocial gets hacked, 50 million users told to reset passwords
  201. CISPA appears doomed in Senate
  202. Phishers Breaking Into Web Hosting Servers to Launch Mass Attacks
  203. Hackers increasingly target shared Web hosting servers for use in mass phishing attacks
  204. VMware security updates - vCenter Server - https://www.vmware.com/security/advisories/VMSA-2013-0006.html, (Fri, Apr 26th)
  205. Locked and loaded, online gamers draw phishing attackers
  206. What is "up to date anti-virus software"?, (Fri, Apr 26th)
  207. U.S. judge says FBI can't hack crime suspect's computer
  208. Judge rejects FBI's bid to hack computer of suspect in attempted cyberheist
  209. Could Privacy Protection Bills Hinder Law Enforcement?
  210. Who to call when hit by a DDoS attack
  211. How to Recover From a Twitter Hack
  212. Senate committee limits government electronic surveillance
  213. Cybersecurity strikeback will strike out in the private sector
  214. Samsung delays launch of Knox Android security software until 'later date'
  215. Security of hosted services is top priority for Adobe's first CSO
  216. CISPA is (practically) dead, says Senate representative
  217. 35% of businesses experienced a DDoS attack in 2012
  218. U.S. government doesn't need CISPA to monitor communications
  219. Data breaches increase IT budgets
  220. Hosted virtual desktops can increase security
  221. Software for complex Android device security needs
  222. Phishing attacks skyrocketing
  223. GFI Software adds patch management to GFI Cloud
  224. AT&T Launches Digital Life Home Security System in 15 Markets
  225. Consumers Unhappy, Frustrated with Password Security: Survey
  226. CipherCloud Update Helps Admins Handle 'Rogue IT'
  227. ICANN Blog: How to Report a DDoS Attack? A worthwhile read: http://blog.icann.org/2013/04/how-to-report-a-ddos-attack/, (Thu, Apr 25th)
  228. Anti-Phishing Workgroup Publishes 2012 Global Phishing Report. Download here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2012.pdf, (Thu, Apr 25th)
  229. It's privacy versus cybersecurity as CISPA bill arrives in Senate
  230. Infosec 2013: cyber security sector failing to attract new talent
  231. Big data can be a big headache for data defenders
  232. Online security: your two-factor authorization checklist
  233. Take steps to secure what little online privacy you still have
  234. Fake "New incoming fax" notification carries malware
  235. SANS 2013 Forensics Survey - https://www.surveymonkey.com/s/2013SANSForensicsSurvey, (Thu, Apr 25th)
  236. Travelers to Israel can get their emails searched on entry
  237. Another Do***ent Targeting Uyghur Mac Users
  238. Two-step authentication for Twitter accounts coming soon
  239. Ubuntu Server 13.04 released
  240. New professional certification for cloud security
  241. Ubuntu Server 13.04 released
  242. EU parliament committee votes against air passenger data sharing bill
  243. Twitter Plans Two-Step Authentication to Prevent Hacks
  244. Senator rips self-regulatory do-not-track efforts
  245. Mt. Gox delays plan to support virtual currency litecoin
  246. Vulnerable terminal servers could let bad guys hack stoplights, gas pumps
  247. Dutch DigiD e-signature system under DDoS attack
  248. Photos: Security BSides London 2013
  249. Cyber attacks on trust expose companies to millions in losses
  250. Adults taking online password security risks