View Full Version : Security News



  1. Email spam campaign distributes Android scareware
  2. Google plan to thwart government surveillance with encryption raises stakes
  3. Watchdog raps DARPA over 'systemic contracting concerns'
  4. EU politicians want to suspend banking data-sharing program
  5. Is BEAST still a threat?
  6. New gTLD security implications
  7. Adobe September 2013 Black Tuesday Overview, (Tue, Sep 10th)
  8. Fake AVG AV apps offered on Google Play
  9. Phishers use free iPhone 5S as lure ahead of launch
  10. EU politicians call for suspension of data-sharing deal amid new NSA spying allegations
  11. Facebook, Google, Yahoo and Microsoft petition US over surveillance requests
  12. Limit Exposure to Facebook Friends of Friends
  13. Security heavyweights to keynote HITB conference in Malaysia
  14. Timing is an influential risk-factor for cyber attacks
  15. Appthority unveils app risk and policy management solution
  16. HyTrust Appliance gets role-based monitoring
  17. ISC StormCast for Tuesday, September 10th 2013
  18. Executives, IT officers most concerned about malicious insiders
  19. Report: UK and US spies have cracked BlackBerry's BES encryption
  20. With crypto being insecure, whom do you trust?
  21. Security experts question if Google's Chrome Apps is worth the risk
  22. SSL is broken. So what?, (Mon, Sep 9th)
  23. Vulnerability Reported in Sophos Web Appliance, (Mon, Sep 9th)
  24. Fake emails saying US is bombing Syria lead to malware
  25. McAfee releases 2014 core PC security products
  26. How important is penetration testing?
  27. Exploring attacks against PHP applications
  28. Free asset tracking for SMBs
  29. SpydrSafe Mobile Security 2.0 released
  30. Anonymous user authentication from LaunchKey
  31. Week in review: FinFisher's spying capabilities, and NSA's quest to subvert encryption
  32. ISC StormCast for Monday, September 9th 2013
  33. Microsoft September Patch Pre-Announcement, (Sat, Sep 7th)
  34. Android Trojans gain botnet distribution, new code
  35. Yahoo: More than 12,000 US data requests led to disclosures more than 11,000 times
  36. Encryption still best way to protect data -- despite NSA
  37. Here's how to best secure your data now that the NSA can crack almost any encryption
  38. Schneier on NSA's encryption defeating efforts: Trust no one
  39. Microsoft's picture-authentication welcomed given password fatigue
  40. Backdoor brute-forces Joomla and WordPress sites
  41. NSA's quest to subvert encryption, install backdoors
  42. Massive spike of Tor users caused by Mevade botnet
  43. Google fights to kill email-scanning lawsuit brought by Gmail users
  44. EU Parliament told to expect more revelations about NSA spying
  45. Report: NSA defeats many encryption efforts
  46. Is eBay warming up to Bitcoin?
  47. Microsoft to patch dangerous Outlook hack-by-preview bug next week
  48. Facebook updated privacy policy likely next week
  49. Fast USB 3.0 flash drives from Toshiba
  50. Microsoft to release 14 bulletins patching Office, Windows, IE and .NET
  51. Understanding and defending against Denial of Service attacks
  52. Is mobile privacy a bigger concern than a phone's brand?
  53. Protect yourself and don't regret using social media
  54. NSA announces new schools for cyber initiative
  55. Lookout enters strategic partnership with Samsung
  56. GFI MAX gets a remote command line
  57. ISC StormCast for Friday, September 6th 2013
  58. PayPal unblocks MailPile's account
  59. NIST Cyber Security Framework proposal provides no 'measurable cybersecurity assurance'
  60. Samsung fortifies enterprise security on its Android phones
  61. Botnet likely caused spike in number of Tor clients
  62. PayPal freezes MailPile's account
  63. Sykipot-wielding attackers now targeting US civil aviation firms
  64. EU Parliament Civil Liberties Committee on US Surveillance
  65. Privacy groups ask FTC to oppose Facebook's policy changes
  66. Almost 90 percent of Internet users have taken steps to avoid surveillance, survey finds
  67. FTC: Negligence by security camera vendor harms customers' privacy
  68. 'Hash Hunters' Web service cracks password hashes for bitcoins
  69. New discovery will allow large-scale quantum cryptography networks
  70. New advanced banking Trojan in the wild
  71. Review: Placing the Suspect Behind the Keyboard
  72. Intel releases new technologies for cloud datacenters
  73. NCP engineering enhances Android VPN clients
  74. ManageEngine enhances Firewall Analyzer and EventLog Analyzer
  75. 61% of IT pros donít report security risks to executives
  76. Secunia CSI 7.0 released
  77. ISC StormCast for Thursday, September 5th 2013
  78. Two sentenced to prison for point-of-sale credit card theft
  79. Replacing passwords and PINs with your heartbeat
  80. Fake Facebook "Pages you might like" emails deliver malware
  81. Whatever Happened to Facebook Likejacking?
  82. Lookout security for Samsung Knox smartphones
  83. Amazon hiring 'top secret' IT staff as it fights for CIA work
  84. FinFisher Range of Attack Tools
  85. Researcher claims $12,500 reward for finding Facebook photo bug
  86. NSA-resistant Android application 'burns' sensitive messages
  87. GitHub adds two-factor authentication option
  88. Barracuda launches Barracuda Firewall X100 and X101
  89. FireEye introduces real time, continuous protection platform
  90. Head of INTERPOL on the key to protecting cyberspace
  91. Email data protection through a mobile app
  92. Neohapsis and Arxan protect sensitive apps
  93. Online backup for mobile devices: Key factors to consider
  94. Packet captures and log files for Port 14566, (Wed, Sep 4th)
  95. ISC StormCast for Wednesday, September 4th 2013
  96. Hand of Thief Linux Trojan fails to work as promised
  97. Syrian hackers attempt PsyOps campaign against U.S. Marine Corps
  98. AT&T's massive call detail record database accessible to DEA agents
  99. Is "Reputation Backscatter" a Thing?, (Tue, Sep 3rd)
  100. Arbor Networks acquires Packetloop
  101. Persistent adversaries can identify Tor users
  102. NetTraveler APT group is back, adds watering hole attacks to its arsenal
  103. Training: The Art of Exploiting Injection Flaws
  104. Privacy case makes your phone untrackable
  105. Login and password troubles revealed
  106. ISC StormCast for Tuesday, September 3rd 2013
  107. Multiple Cisco Security Notice, (Mon, Sep 2nd)
  108. The TAO of NSA
  109. [OT] Happy Labo(u)r Day USA and Canada!, (Mon, Sep 2nd)
  110. Microsoft and Google continue to press US government over transparency
  111. Leaked FinFisher presentation details toolkit's spying capabilities
  112. Indian bureaucrats may be asked not to use private email services for official work
  113. Most security managers don't trust their apps
  114. Week in review: Smart building security, Tor usage doubles, and how Snowden stole NSA documents
  115. Government employees realize the importance of cyber security
  116. Fraud and ATM attacks hit Germany hard
  117. Android Malware goes SMTP
  118. Microsoft: Talks with US gov't on surveillance transparency break down
  119. Microsoft will move forward with litigation over NSA data collection
  120. Facebook legal skirmish highlights user privacy risks
  121. Tor Use Uptick, (Fri, Aug 30th)
  122. Filtering Signal From Noise (Part2), (Fri, Aug 30th)
  123. Apple remote-mobile device management patent raises red flags
  124. Facebook's new face recognition policy astonishes German privacy regulator
  125. Leaked US spying budget reveals investments in 'groundbreaking' cryptanalysis
  126. Detailed US intelligence community's $52.6 billion budget leaked
  127. Medical lab allegedly exposed consumer info on P2P network
  128. FinFisher range of attack tools
  129. Many major brand mobile apps not secure on Android, says study
  130. Critic: NTIA's mobile privacy push has failed
  131. vBulletin users warned of potential exploit
  132. NIST subjects draft cybersecurity framework to more public scrutiny
  133. US to release annual figures on spying orders and people affected
  134. Under legal pressure, Facebook clarifies how it uses your data
  135. U.S. appetite for Internet user data not unique
  136. VMware ESXi and ESX address an NFC Protocol Unhandled Exception, (Fri, Aug 30th)
  137. Australian who boasted of hacking to plead not guilty to charges stemming from raid
  138. Fraud and identity theft camouflaged by DDoS attacks
  139. Five ways to get the most out of your sandbox
  140. Banking Trojans dominate malware in e-mail traffic
  141. Three factors will impact enterprise cloud adoption
  142. Australian organizations are not effectively managing IT risks
  143. WatchGuard updates email and web security appliance
  144. Office 2003's burial will resurrect hacker activity
  145. FTC: Medical lab lost patient info on peer-to-peer network
  146. Confidential Data Is Leaving on Workers' Mobile Devices
  147. French prosecutor starts preliminary inquiry into Prism privacy violations
  148. New York Times hack highlights weakness in registrar security
  149. Cisco cracks down on security vulnerability
  150. Massive Delta IV rocket launches classified satellite
  151. Hacker points Syrian telecom website to AT&T, T-Mobile
  152. Three types of DNS attacks and how to deal with them
  153. New York Times site hack shifts attention to registry locks
  154. Social engineering: Study finds Americans willingly open malicious emails
  155. Facebook spamming is a hugely lucrative business
  156. Developers hack Dropbox, show how to access user data
  157. Tor usage more than doubles
  158. Pity Team Lokki, They Have No Time to Enjoy the Sun
  159. Would you publicly report a security breach?
  160. Fake "Secure Document" notice will compromise your email account
  161. Smart building security: Threats, tips and tricks
  162. Got malware?
  163. New protection mechanism prevents mobile cross-app content stealing
  164. HP releases Fortify Static Code Analyzer 4.0
  165. Xceedium extends security capabilities to VMware vShield and vCloud
  166. MS13-056 (false positive)? alerts, (Wed, Aug 28th)
  167. Privacy campaigners want review of Irish Facebook, Prism decisions
  168. Toyota Goes All-in With Social Media Monitoring
  169. Half of organizations targets of cyberattack in last year
  170. Spear phishing led to DNS attack against the New York Times, others
  171. Federal CIOs Face BYOD, Mobile App Security Challenges
  172. Researchers detail attacks for compromising Dropbox user accounts
  173. Facebook Transparency
  174. Review: Computation and Storage in the Cloud: Understanding the Trade-Offs
  175. Hacker admits to selling access to company networks, supercomputers
  176. Video: Government-Endorsed Surveillance
  177. NYT, Twitter, HuffPo sites disrupted by Syrian hacker group
  178. Shielding targeted applications
  179. Facebook got 25,000 government requests about users
  180. New York Times site outage caused by attack on domain registrar, company says
  181. Cybercrime service automates creation of fake scanned IDs, other identity verification documents
  182. Tesla?s Model S vulnerable to hackers, kind of
  183. DNS hack in Australia hits marquee US sites
  184. Bitcoin offers privacy -- as long as you don't cash out or spend it
  185. Kelihos botnet: What victims can expect
  186. Event: IFINTEC 2014
  187. Compliance and security vulnerabilities are top concerns for POS systems
  188. The current state of application security
  189. Layer 7 updates mobile access gateway solution
  190. SSLI SDK for security solution providers
  191. NY Times DNS Compromised, (Tue, Aug 27th)
  192. Microsoft Releases Revisions to 4 Existing Updates, (Tue, Aug 27th)
  193. G-20 themed emails deliver spying malware to EU, Canadian officials
  194. Trojan targets Craigslist users with spam
  195. Open source encrypted email service reaches crowdfounding goal
  196. Android Malware: Pincer's Author
  197. How did Snowden steal the NSA documents and cover his tracks?
  198. US regulators explore rules for Bitcoin
  199. Sept. 23 deadline looms for business compliance with HITECH Act on patient privacy
  200. Group behind attack on New York Times linked to G20 phishing attack
  201. Microsoft will craft XP patches after April '14, but not for you
  202. Poorly redacted court filing reveals Google contested NSL gag order
  203. Cloud emulation sandboxing service tackles zero-day attacks
  204. Social networks: Can robots violate user privacy?
  205. AirWatch and Appthority partner for mobile app risk analysis
  206. McAfee protects workloads on private and public clouds
  207. Citrix releases NetScaler Control Center for VMware
  208. Red Hat Certificate of Expertise released
  209. Kingston introduces new enterprise SSD
  210. Patch Management Guidance from NIST, (Tue, Aug 27th)
  211. Event: World Congress on Internet Security (WorldCIS-2013)
  212. NSA Revelations Prompt Tech Industry to Call for Privacy Safeguards
  213. Report: NSA broke into UN video teleconferencing system
  214. Unisys going on offense in server and security markets
  215. Tech companies received millions for PRISM compliance costs
  216. Data Security Lagging at Midmarket Industrial Firms
  217. Largest DDoS attack ever disrupts China's Internet
  218. Leaked info of Federal Reserve employees was stolen during earlier breach
  219. PHDVirtual releases virtual backup and disaster recovery software
  220. NSA spied on UN officials after cracking encryption on UN teleconferencing system
  221. Wi-Fi Honeypots and MAC Address Surveillance
  222. There are no winners in the blame game
  223. Fear of NSA snooping could hurt U.S. cloud vendors
  224. HyTrust enforces two-person approval for VMware security
  225. HyTrust enforces two-person approval for VMware security
  226. There are no winners in the blame game
  227. Fear of NSA snooping could hurt U.S. cloud vendors
  228. WatchGuard partners with NCP engineering for IPsec VPN access
  229. Week in review: Cybercrime-as-a-service, Groklaw shutdown, WIn8 unfit for govt computers
  230. When does your browser send a "Referer" header (or not)?, (Sun, Aug 25th)
  231. Software piracy discovered at the IRS
  232. CyanogenMod announces secure phone locating, remote wiping service
  233. Mozilla considers rejecting long-lived digital certificates following similar decision by Google
  234. PHP and VMWare Updates, (Fri, Aug 23rd)
  235. How encryption and tokenization help with cloud services adoption
  236. We Need To Talk, Google
  237. NASDAQ's Community Forum
  238. Android Malware goes SMTP
  239. Windows 8 shouldn't be used on government computers, say IT experts
  240. Mozilla 'Plug-n-Hack' project aims for tighter security tool integration
  241. Popular download management program has hidden DDoS component, researchers say
  242. Deep cyberattacks cause millions in losses for US banks
  243. Failed data feed system shutters Nasdaq trading
  244. Privacy groups criticize proposed $8.5 million Google settlement
  245. Popular Windows downloader has secret DDoS capability
  246. Fingerprint algorithm for Android devices
  247. Disaster recovery for public, private and hybrid clouds
  248. Read of the Week: A Fuzzy Future in Malware Research, (Thu, Aug 22nd)
  249. Chrome 29.0.1547.57 released http://goo.gl/mUJYdH, (Thu, Aug 22nd)
  250. Ruling shows NSA misled the FISC about data collection volume and scope