View Full Version : Security News



  1. Could the Bitcoin network be used as an ultrasecure notary service?
  2. Twitter's two-step authentication a good start, experts say
  3. U.S. urged to let companies 'hack-back' at IP cyber thieves
  4. Twitter's two-step authentication a good start, experts say
  5. Mac Spyware Bait: Lebenslauf für Praktitkum
  6. Zeus variants are back with a vengeance
  7. Google set to upgrade its SSL certs
  8. Fighting cybercrime is on the right track
  9. IT security pros have trouble communicating with executives
  10. Facebook phishers target Fan Pages owners
  11. Nation's power grid under constant cyberattack, but Congress lax
  12. Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day
  13. IT security vendors seen as clueless on industrial control systems
  14. Google researcher reveals another Windows 0-day
  15. MoVP II, (Thu, May 23rd)
  16. DHS employees' info possibly compromised due to system flaw
  17. SoftBank said to be in talks with US to allay national security fears
  18. Twitter aims to become safer with two-step sign-in
  19. ****s are into online sharing, but are also more privacy-aware
  20. Mac Spyware Bait: Lebenslauf für Praktitkum
  21. The dangers of downloading software from unofficial sites
  22. Mac Spyware Bait: Lebenslauf für Praktitkum
  23. Twitter finally offers 2-factor authentication
  24. Is it time to professionalize information security?
  25. Microsoft decrypts Skype comms to detect malicious links
  26. A spotlight on grid insecurity
  27. Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)
  28. Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)
  29. Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)
  30. Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)
  31. Blue Coat Systems to acquire security analytics firm Solera Networks
  32. New Citadel malware variant targets Payza online payment platform
  33. Event: Cloud Security Alliance EMEA Congress 2013
  34. Growing mobile malware threat swirls (mostly) around Android
  35. Privilege escalation, why should I care?, (Wed, May 22nd)
  36. Review: Logging and Log Management
  37. Mac Spyware: OSX/KitM (Kumar in the Mac)
  38. Commission wants to minimize U.S. IP theft economic impact
  39. Researchers find critical vulnerabilities in popular game engines
  40. Microsoft may be scanning your Skype messages
  41. U.S. power companies under frequent cyberattack
  42. Opinion varies on action against Chinese cyberattacks
  43. Digital strongboxes won't solve whistleblower problem for journalists
  44. Guantanamo cuts off Wi-Fi access due to OpGTMO
  45. Free tool repairs critical Windows configuration vulnerabilities
  46. IT pros focus on cloud security, not hype
  47. Why BYOx is the next big concern of CISOs
  48. Experts highlight top data breach vulnerabilities
  49. NYPD detective accused of hiring email hackers
  50. Blue Coat to acquire Solera Networks
  51. APT1 is back, attacks many of the initial U.S. corporate targets
  52. Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)
  53. Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)
  54. U.S. DOJ accuses journalist of espionage
  55. A closer look at Mega cloud storage
  56. Big Hangover
  57. Aurora attackers were looking for Google's surveillance database
  58. Senate report: Apple claims subsidiaries with no taxing jurisdiction
  59. Successful companies embrace shadow IT
  60. IntegriCell's Aaron Turner: Security managers still don't get mobile security
  61. Pressure mounts for building in security during application development
  62. "NATO vacancies" phishing email also leads to malware
  63. CISOs need to engage with the board
  64. Find TrueCrypt and BitLocker encrypted containers and images
  65. Wi-Fi client security weaknesses still prevalent
  66. Sourcefire goes beyond the sandbox
  67. Safe - Tools, Tactics and Techniques, (Mon, May 20th)
  68. Ubuntu Package available to submit firewall logs to DShield, (Mon, May 20th)
  69. Researchers uncover new global cyberespionage operation dubbed Safe
  70. U.S. Congress has questions about Google Glass and privacy
  71. Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx, (Mon, May 20th)
  72. Jailed hacker designs device to thwart ATM card skimming
  73. Security Manager's Journal: NAC deployment means better access control at last
  74. Chinese hackers master art of lying low
  75. Yahoo Japan says 22 million user IDs may have been stolen
  76. Cyber espionage campaign uses professionally-made malware
  77. Digital Government Strategy progress and challenges
  78. Over 45% of IT pros snitch on their colleagues
  79. Form-grabbing rootkit sold on underground forums
  80. U.S. DOD decides iPhones and iPads can connect to its networks
  81. The CSO perspective on healthcare security and compliance
  82. Large cyber espionage emanating from India
  83. Week in review: Human sensors, IT security jobs, and hacking car charge stations
  84. Port 51616 - Got Packets?, (Sun, May 19th)
  85. Alleged tech support scammers settle FTC charges
  86. Police arrest Anonymous suspects in Italy
  87. Experts ding DHS vulnerability sharing plan as too limited
  88. Researchers uncover new global cyberespionage operation dubbed SafeNet
  89. SSL: Another reason not to ignore IPv6, (Fri, May 17th)
  90. "Get free followers" scam targets Instagram users
  91. New Mac spyware signed with legitimate Apple Developer ID
  92. LulzSec Sentencing in UK
  93. BBC News: LulzSec Hacker Interview
  94. Four former LulzSec members sentenced to prison in the UK
  95. In a sea of malware, viruses make a small comeback
  96. DMARC email standards help prevent brand abuse in phishing campaigns
  97. New Mac spyware found on Angolan activist's computer
  98. Ransomware adds password stealing to its arsenal
  99. A look into the EC Council hack
  100. Targeted data stealing attacks using fake attachments
  101. e-netprotections.su ?, (Fri, May 17th)
  102. Extracting signatures from Apple .apps, (Thu, May 16th)
  103. Booming mobile industry spawning global criminal marketplace
  104. Pushdo botnet is evolving, becomes more resilient to takedown attempts
  105. Four LulzSec hackers handed prison sentences
  106. Thoughts on the need for anonymity
  107. Application vulnerabilities still a top security concern
  108. LulzSec sentencing in UK
  109. Mac Spyware Found at Oslo Freedom Forum
  110. The New Yorker launches anonymous dead-drop tool
  111. Oracle renumbers Java patch updates, confuses users even more
  112. How to keep the feds from snooping on your cloud data
  113. Google allowing Android app vendors to illegally collect user data, lawsuit alleges
  114. Researchers develop industrial systems that watch for security breaches
  115. Testing firm: Internet Explorer tops browsers for malware protection
  116. Syrian Internet service comes back online
  117. Researchers reveal OpUSA attackers' MO
  118. Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability, (Thu, May 16th)
  119. Info-stealing Dorkbot worm spreading on Facebook
  120. Review: The Hacker's Guide to OS X: Exploiting OS X from the Root Up
  121. Intelligent vulnerability management from CORE Security
  122. Call for Papers - 4th annual Forensics and Incident Response Summit EU, (Wed, May 15th)
  123. Mobile adware networks given 45 days to stop misbehaving by security firm
  124. FBI briefs US bank executives on wave of cyberattacks
  125. Health care breach victims plummet
  126. Researchers uncover large cyberfraud operation targeting Australian bank customers
  127. Private messages of Bloomberg clients end up online
  128. Is Microsoft reading your Skype communications?
  129. Is Microsoft is reading your Skype communications?
  130. Download: Mobile Threat Report Q1 2013
  131. Android threats growing in number and complexity, report says
  132. Facebook attacked with credential-harvesting malware
  133. Adobe releases critical security updates for Reader, Flash Player and ColdFusion
  134. Microsoft rushes Explorer 8 patch release
  135. IT security jobs: What's in demand and how to meet it
  136. Mobile crimeware and the global criminal marketplace
  137. First California lawsuit over mobile privacy issues crashes
  138. State social media privacy laws a mixed bag for businesses
  139. Password meters actually work
  140. Internet scams that dominated in 2012
  141. Hacking charge stations for electric cars
  142. Tips for validating DDoS defenses
  143. Belkin releases secure switch for government agencies
  144. New 2-factor authentication for the finance industry
  145. CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)
  146. Microsoft Security Advisory 2846338, (Tue, May 14th)
  147. Adobe May 2013 Black Tuesday Overview, (Tue, May 14th)
  148. Microsoft fixes 33 vulnerabilities
  149. Feds' offensive fueling hacker underground, report says
  150. China still safe for IT outsourcing, despite US security concerns, says vendor
  151. Companies, government unprepared for new wave of cybersabotage
  152. Online gaming company recounts fighting for survival vs. DDoS attacks
  153. View from inside Verizon's security SWAT team
  154. Firefox & Thunderbird released, (Tue, May 14th)
  155. Microsoft May 2013 Black Tuesday Overview, (Tue, May 14th)
  156. Researcher refuses to help Saudi telco to spy on people
  157. Internet Explorer best at blocking malware
  158. Fraudster who hired hackers to manipulate stock prices goes to prison
  159. U.S. govt secretly obtains AP phone records
  160. McAfee launches security service with facial and voice recognition
  161. Intel's McAfee brings biometric authentication to cloud storage
  162. Verizon Enterprise chief: We're headed for cloud computing's A-list
  163. Using security skills for charitable cause
  164. It's better to call ahead before sending malware, Symantec finds
  165. Phishing gang jailed for plundering woman's £1 million life savings
  166. Human sensors: How encouraging user reporting strengthens security
  167. Should the G20 forum discuss Internet security?
  168. GFI MailArchiver 2013 released
  169. Event: VB2013 - 23rd Virus Bulletin International Conference
  170. The top three threats facing enterprises
  171. How employees use business email
  172. Android malware continues to rise
  173. So what passwords are those ssh scanners trying?, (Tue, May 14th)
  174. U.S. government tops list of malware buyers
  175. Lookout will intercept privacy-invading mobile ad networks, apps
  176. Webinar: Embedded
  177. In legal fog, Kim Dotcom removes 3D gun design
  178. Malicious browser extensions are hijacking Facebook accounts
  179. Scammers combine fake AV and bogus support calls
  180. Police unable to decrypt iPhones, asks Apple to do it
  181. Font apps on Google Play deliver spyware
  182. Can mobile devices be more secure than PCs?
  183. Car and electronics shoppers at risk of escrow fraud
  184. Open source NAC PacketFence 4.0 released
  185. Week in review: Malware you can "live with", but should't, and backdoor targeting popular web servers
  186. BYOD Policy: Employee Right to Social Media Privacy Is Paramount
  187. Bank security weaknesses led to cyber looting of $45M from ATMs
  188. Microsoft and Adobe Patch Tuesday Pre-Release, (Fri, May 10th)
  189. Google's five-year plan for authentication: It's complicated
  190. What's old is new again: Spammers revived old schemes in March quarter
  191. Academic institutions urged to take steps to prevent DNS amplification attacks
  192. Webinar: Monday, May 13th
  193. Bill would put mobile app vendors on the hook for privacy
  194. 10 great technologies to secretly install on Mom's PC
  195. Academic institutions urged to improve network and DNS configurations
  196. PayPal Says It's Time to Ditch Passwords and PINs
  197. Microsoft Patch Tuesday targets multitude of Internet Explorer faults
  198. US lawmakers introduce apps privacy bill
  199. The Onion explains how its Twitter account was hacked
  200. Hacking back: Digital revenge is sweet but risky
  201. Payment card processors hacked in $45 million fraud
  202. Eight indicted in $45M cybercrime campaign
  203. Bringing networking and security together through network automation
  204. Hijacking Facebook accounts via expired Hotmail accounts
  205. Microsoft to release 10 bulletins
  206. India has a new National Cyber Security Policy
  207. Windows XP migration worries exaggerated by 'dead' applications
  208. Adobe warns customers of unpatched critical flaw in ColdFusion
  209. Encrypt and secure data in the Amazon big data cloud service
  210. Lesson from the Google office hack: Do not trust third-parties
  211. Security practices wanting in virtual machine world, survey finds
  212. Microsoft releases fix-it for Internet Explorer 8 vulnerability
  213. Researchers find hundreds of insecure building control systems
  214. Name.com forces customers to reset passwords following security breach
  215. Adobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html, (Thu, May 9th)
  216. Spamhaus DDoS suspect extradited to his home country
  217. Name.com breach just one of many executed by HTP hackers?
  218. Spamhaus DDoS suspect extradited to the Netherlands
  219. Senators want sanctions against countries supporting cyberattacks
  220. Hacker leaks part of Candace Bushnell's unpublished book
  221. The CSO perspective on risk management
  222. Healthcare leaders streamline third party assessment process
  223. Phishers taking over accounts of telecommunication customers
  224. "De Flashing" the ISC Web Site and Flash XSS issues, (Wed, May 8th)
  225. Highly critical vulnerability fixed in Nginx Web server software
  226. Passwords: You're doing it wrong. Here's how to make them uncrackable.
  227. Experts wary of Pentagon cybersecurity report fingering China
  228. Use of 'honeywords' can expose password crackers
  229. Welcome sign for hijackers on 24-7 for 30% of social networkers
  230. U.S. senators introduce new bill to fight cyber theft
  231. Backdoor targeting Apache servers spreads to nginx, Lighttpd
  232. Organizations failing to secure primary attack target
  233. Proposed U.S. law aims to counter cybertheft with import bans
  234. Stealthy Web server malware spreads further
  235. FTC sends warning letters to 10 data brokers
  236. Is your social network built enterprise tough?
  237. AutoIt scripting increasingly used by malware developers
  238. Anonymous' OpUSA is under way
  239. Phishers target eBay customers via live chat support
  240. Review: Blackhatonomics: An Inside Look at the Economics of Cybercrime
  241. Seagate unveils complete SSD product line
  242. IT executives believe the cloud increases data security
  243. Beware of fake AV and ransomware combo
  244. Syria drops from Internet 7th May 2013, (Wed, May 8th)
  245. Are there any websites that are NOT compromised?, (Wed, May 8th)
  246. NGINX updates address buffer overflow (CVE-2013-2028) see http://nginx.org/en/CHANGES-1.4, (Tue, May 7th)
  247. Cyberattack highlights software update problem in large organizations
  248. Cisco gets tough: Details ruggedized switches for harsh environments
  249. HIPAA rules, outdated tech cost U.S. hospitals $8.3B a year
  250. Pentagon report accuses China military of cyber espionage