View Full Version : Security News



  1. Security tools can't keep hackers at bay
  2. Dell acquires Enstratius
  3. Internet Explorer 8 0-Day Update (CVE-2013-1347), (Mon, May 6th)
  4. Security Manager's Journal: Plans and processes are made to be revised
  5. IE8 0-day used in watering hole attacks
  6. Florida restricts use of drones by law enforcement officials
  7. McAfee to acquire firewall maker Stonesoft
  8. McAfee to acquire Stonesoft
  9. Malware you can "live with", but shouldn't
  10. No strategy for data protection?
  11. Cain & Abel 4.9.44 released
  12. Week in review: Google Glass hacked, Bitcoin risks, and why we need security awareness training programs
  13. Pentagon nod shows Android can be as secure as BlackBerry
  14. U.S. Aims to Force Web Services to Compromise Message Encryption
  15. Zero-Day Exploit Enabled Cyber-Attack on U.S. Labor Department
  16. Accused SpyEye creator extradited to the US
  17. The Zero-Day Pendulum Swings, (Sat, May 4th)
  18. Two-Factor Authentication: Myths Versus Reality
  19. BlackBerry Suffers Outage as DOD Approves BlackBerry, Samsung Use
  20. Federal CIOs Fret Over Budget Pressures, IT Talent and Cybersecurity
  21. Chinese 'Comment Crew' hackers emptied QinetiQ of top-secret military data
  22. Spy court OK'd all U.S. wiretap requests it received in 2012
  23. iOS app contains potential malware
  24. Websites compromised as Apple ID phishing emails attempt to steal credit card details
  25. IRC/HTTP based DDoS bot nukes other bots
  26. Top Android AV software fooled by common evasion techniques
  27. Multi-stage exploit attacks for more effective malware delivery
  28. Trojans account for 80% of malware infections
  29. Ex employee hacked into high-voltage power manufacturer's network
  30. Lawsuit halts US bitcoin exchange partnership
  31. Systems manager arrested for hacking former employer's network
  32. Online Activities Related to Elections in Malaysia
  33. Do young people care about privacy?
  34. Google Glass hacked, could be used for spying
  35. Is network monitoring dead?
  36. EiQ Networks launches SOCVue service
  37. Hackers Turned Defense Contractor QinetiQ Into Intelligence Playground
  38. FYI: Anonymous Planning "OpUSA" Attacks on Banks and US Gov't on May 7th. More Info as Relevant to Come., (Thu, May 2nd)
  39. Apple, Verizon, Amazon Score Low Marks on User Data Protection
  40. Despite hack, security experts urge no fear of Google Glass
  41. Dutch bill seeks to give law enforcement hacking powers
  42. Verizon, MySpace Fail Data Protection Test: EFF
  43. A primer on Bitcoin risks and threats
  44. Fake AV scammers impersonate Microsoft
  45. Serious website vulnerabilities continue to decrease
  46. U.S. Department of Labor website infected with malware
  47. Australia mulls data breach notification law, but details are secret
  48. FinFisher spy kit's C&C servers are popping up around the world
  49. D-Link publishes beta patches for IP camera vulnerabilities
  50. Army Corps database on dams compromised
  51. Review: Codeproof for iOS
  52. Which companies help protect your data from the government?
  53. The insecurity of the component lifecycle
  54. IT security risks of features in connected cars
  55. New mobile security practice from Trustwave
  56. 1010data updates big data analytics platform
  57. Stealthy Apache Exploit Redirects Victims to Blackhole Malware
  58. U.S. Seeks Power to Wiretap Web Services, Including Google, Facebook
  59. The 7 elements of a successful security awareness program
  60. LivingSocial breach scope widens on finding of 60% sharing logins
  61. Google Play changes bring cautious optimism on Android security
  62. Novell Filr Secures Mobile File Sharing for the Enterprise
  63. How do you protect yourself in the event of a data breach?
  64. The cost of cleaning up, (Wed, May 1st)
  65. BYOD Growth to Continue Through 2017: Gartner
  66. Mozilla moves to stop spyware company from spoofing Firefox
  67. Aging networking protocols abused in DDoS attacks
  68. Hackers challenged to crack unhackable secure messaging app
  69. Combat phishing attacks from all email domains
  70. AWS cloud computing pros get certification program
  71. Password Reuse Remains a Danger After Living Social Breach
  72. Apache servers ambushed by sophisticated backdoor attacks
  73. Supply chain 2013: Stop playing whack-a-mole with security threats
  74. Online monitoring scheme bad news for security, opponents say
  75. Control and security of corporate open-source projects proves difficult
  76. Apache binary backdoor adds malicious redirect to Blackhole, (Tue, Apr 30th)
  77. Fake PayPal "Reset your password" request leads to malware
  78. APT1 cyber espionage group is back to their old tricks
  79. FBI wants to fine companies not complying with wiretap orders
  80. New Splunk App for Enterprise Security released
  81. Facebook is Testing Tags For "What"
  82. Scammy Profile Viewer app is now "offered" by Facebook
  83. Detector finds smuggled cellphones even without batteries or SIM cards
  84. D-Link firmware flaws could allow IP video stream spying
  85. UK banks targeted with Trojans and social engineering
  86. New Linksys Smart Wi-Fi Routers with AC technology
  87. Poor password practices put UK businesses at risk
  88. Why we need security awareness training programs
  89. The Fog of Cyber Defence
  90. The Fog of Cyber Defence
  91. Free firewall configuration search tool
  92. Spamhaus DDoS Attack Investigation Results in Arrest of Dutch Man
  93. Fortinet Debuts Secure Wireless LAN Platform
  94. Cyber-Conflict Escalates in Midst of North Korean Tensions
  95. Report Fake Tech Support Calls submission form reminder, (Mon, Apr 29th)
  96. Google pays record $31K bounty for Chrome bugs
  97. Designing your digital legacy
  98. LivingSocial gets hacked, 50 million users told to reset passwords
  99. Poor Skype account verification allows account hijacking
  100. How cybercriminals can target you on public networks
  101. AT&T Enters Home Security Market With IP-Based Digital Life
  102. Self-updating apps are now banned from Google Play
  103. Sophisticated Apache backdoor in the wild
  104. How secure is your confidential data?
  105. Spanish police say DDoS suspect used a van as a mobile office
  106. SpamHaus DDoS suspect arrested in Spain
  107. Info of 50M LivingSocial customers compromised following breach
  108. Reported DDoS attacks up 200 percent
  109. Week in review: CISPA, AP Twitter account hijacking and real-world consequences
  110. SANS's Alan Paller discusses the threat of cyberterrorism on CNN, (Sun, Apr 28th)
  111. Dutchman arrested in connection with large DDoS attack on Spamhaus
  112. Facebook used as billboard for malware
  113. LivingSocial gets hacked, 50 million users told to reset passwords
  114. CISPA appears doomed in Senate
  115. Phishers Breaking Into Web Hosting Servers to Launch Mass Attacks
  116. Hackers increasingly target shared Web hosting servers for use in mass phishing attacks
  117. VMware security updates - vCenter Server - https://www.vmware.com/security/advisories/VMSA-2013-0006.html, (Fri, Apr 26th)
  118. Locked and loaded, online gamers draw phishing attackers
  119. What is "up to date anti-virus software"?, (Fri, Apr 26th)
  120. U.S. judge says FBI can't hack crime suspect's computer
  121. Judge rejects FBI's bid to hack computer of suspect in attempted cyberheist
  122. Could Privacy Protection Bills Hinder Law Enforcement?
  123. Who to call when hit by a DDoS attack
  124. How to Recover From a Twitter Hack
  125. Senate committee limits government electronic surveillance
  126. Cybersecurity strikeback will strike out in the private sector
  127. Samsung delays launch of Knox Android security software until 'later date'
  128. Security of hosted services is top priority for Adobe's first CSO
  129. CISPA is (practically) dead, says Senate representative
  130. 35% of businesses experienced a DDoS attack in 2012
  131. U.S. government doesn't need CISPA to monitor communications
  132. Data breaches increase IT budgets
  133. Hosted virtual desktops can increase security
  134. Software for complex Android device security needs
  135. Phishing attacks skyrocketing
  136. GFI Software adds patch management to GFI Cloud
  137. AT&T Launches Digital Life Home Security System in 15 Markets
  138. Consumers Unhappy, Frustrated with Password Security: Survey
  139. CipherCloud Update Helps Admins Handle 'Rogue IT'
  140. ICANN Blog: How to Report a DDoS Attack? A worthwhile read: http://blog.icann.org/2013/04/how-to-report-a-ddos-attack/, (Thu, Apr 25th)
  141. Anti-Phishing Workgroup Publishes 2012 Global Phishing Report. Download here: http://docs.apwg.org/reports/APWG_GlobalPhishingSurvey_2H2012.pdf, (Thu, Apr 25th)
  142. It's privacy versus cybersecurity as CISPA bill arrives in Senate
  143. Infosec 2013: cyber security sector failing to attract new talent
  144. Big data can be a big headache for data defenders
  145. Online security: your two-factor authorization checklist
  146. Take steps to secure what little online privacy you still have
  147. Fake "New incoming fax" notification carries malware
  148. SANS 2013 Forensics Survey - https://www.surveymonkey.com/s/2013SANSForensicsSurvey, (Thu, Apr 25th)
  149. Travelers to Israel can get their emails searched on entry
  150. Another Do***ent Targeting Uyghur Mac Users
  151. Two-step authentication for Twitter accounts coming soon
  152. Ubuntu Server 13.04 released
  153. New professional certification for cloud security
  154. Ubuntu Server 13.04 released
  155. EU parliament committee votes against air passenger data sharing bill
  156. Twitter Plans Two-Step Authentication to Prevent Hacks
  157. Senator rips self-regulatory do-not-track efforts
  158. Mt. Gox delays plan to support virtual currency litecoin
  159. Vulnerable terminal servers could let bad guys hack stoplights, gas pumps
  160. Dutch DigiD e-signature system under DDoS attack
  161. Photos: Security BSides London 2013
  162. Cyber attacks on trust expose companies to millions in losses
  163. Adults taking online password security risks
  164. Secured privileged accounts reduce APT exposure
  165. Free tool to identify risks in secure shell environments
  166. CISPA Passage in U.S. House Sets Off Battle Over Info Sharing, Privacy
  167. Apple's Root Certs Include the DoD
  168. More malware discovered from drone cyberattacks
  169. Recently patched Java flaw already targeted in mass attacks, researchers say
  170. Infosec 2013: There is no such thing as information security risk
  171. Assess risk before you ascend to the cloud
  172. Interesting Credit Card transactions, are you seeing similar?, (Wed, Apr 24th)
  173. Alleged LulzSec leader arrested and charged in Australia
  174. Fake Facebook "account blocked" notice doing rounds
  175. UK govt gives money to SMEs for improving their cyber security
  176. CVE-2013-2423 Java Vulnerability Exploit ITW
  177. Checking the security of mobile apps
  178. FireEye finds Gh0stRAT cyberespionage campaigns continue
  179. AP Twitter hack prompts fresh look at cybersecurity needs
  180. Australia charges man claiming to be LulzSec leader
  181. Social engineering in penetration tests: 6 tips for ethical (and legal) use
  182. AP Twitter Hijacking Proves Need for Better Authentication, Encryption
  183. Microsoft re-releases 'Blue Screen of Death' patch
  184. AP's Twitter account hacked; false 'Obama injured' tweet sent
  185. Business students to get HP-designed technical course for cloud, mobile, security issues
  186. Amazon looks to move security appliances to the cloud, says CISO
  187. Is your company ready for a big data breach?
  188. The global nature of advanced cyber attacks
  189. Analysis of 5 million scans on 53 million hosts
  190. Hijacked AP Twitter account spreads fake news, fells Dow Jones
  191. File protection in the cloud with DigitalQuick
  192. Remote users expose companies to cybercrime
  193. Free Android mobile security app
  194. AP News Service Hacked, Fake Tweet Says White House Attacked
  195. Reddit was downed by record DDoS attack, motive is unknown
  196. Health Care Point-of-Sale Breaches a Rising Concern: Verizon
  197. Verizon Data Breach report has been released, (Tue, Apr 23rd)
  198. MS13-036 has been re-released, (Tue, Apr 23rd)
  199. Hadoop Poses a Big Data Security Risk: 10 Reasons Why
  200. Exploit for recently patched Java flaw added to CrimeBoss exploit kit
  201. Serious flaw present in latest Java Runtime Environment for desktops and servers, researchers say
  202. Malware hijacks Twitter accounts to send dangerous links
  203. Huawei: US market no longer focus for its carrier business
  204. Bogus ad network marks new twist on Android malware
  205. Reuters fires social media editor accused of collaborating with Anonymous
  206. Hactivistists Change Tactics From Data Breaches to Disruption: Verizon
  207. Review: Cloud storage and sharing with MediaFire
  208. CVE-2013-2423 Java Vulnerability Exploit ITW
  209. Cyber Attacks Growing More Sophisticated, Targeting IT Firms
  210. Researchers discover more BadNews on Google Play
  211. Boeing technology offers secure, efficient way to tie together business, industrial nets
  212. Botnets target social networks with spam
  213. New Microsoft campaign promotes privacy prowess
  214. Schmidt says Google Glass still a year away
  215. IDC: SAP and Oracle winners as software growth slows
  216. Why security is in denial about awareness
  217. BYOD Lawsuits Loom as Work Gets Personal
  218. Data thieves and their motives
  219. Financial malware hijacking Twitter accounts
  220. Wireless hack attacks target critical infrastructure
  221. Dangerous CSRF attacks up 132%
  222. The importance of crowd-sourced threat intelligence
  223. ForeScout and FireEye team for APT mitigation
  224. SafeNet releases first crypto hypervisor
  225. Microsoft's Security Intelligence Report (SIRv14) released, (Tue, Apr 23rd)
  226. Malwarebytes Revamps Definition Updates After False-Positive Misstep
  227. The fight for users' right to know what companies do with their data
  228. Germans fine Google for gathering personal data with Street View cars
  229. The dangers of CISPA
  230. 'Aurora' Cyber Attackers Were Really Running Counter-Intelligence
  231. 108,000+ account details of Sims players leaked
  232. Event: Black Hat USA 2013
  233. Event: ACSAC 2013
  234. Event: VizSec 2013
  235. Event: TrustED 2013
  236. Wired on Cyberwar. In 1996.
  237. World's largest bitcoin exchange under DDoS attack
  238. CyberReveal: A new approach to security intelligence
  239. Big data, analytics, and cloud drive software growth
  240. Reliance on passwords inhibits online business
  241. Security Manager's Journal: A little housecleaning
  242. Largest bitcoin exchange, Mt. Gox, 'throttles' trading to tame price swings
  243. Our Internet privacy is at risk -- but not dead (yet)
  244. The age of information highway robbery
  245. Qualys and FireMon enable real-time network risk visibility
  246. Week in review: WordPress sites under attack, Android Trojan downloaded by millions, pass-thought s instead of passwords
  247. New Version of Sendmail v8.14.7 is available for download: ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.14.7.tar.gz, (Sun, Apr 21st)
  248. A Chargen-based DDoS? Chargen is still a thing?, (Sun, Apr 21st)
  249. 10 tips to secure funding for a security program
  250. Large Botnets Exploit Boston Marathon Bombing, Texas Factory Explosion