As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.
NIST releases comprehensive risk assessment guidelines
The US National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines for determining the level of information security risks in IT infrastructure.
Two Leading Hacking Vulnerabilities In Your Mobile Device
This is a guest post by Ryan Corey.Mobile devices including smartphones and tablets are convenient tools used to connect people to professional contacts, friends and family members. While this technology has made life easier for many people, weaknesses…
Veracode goes large with VAST app security testing for cloud, mobile
Application security testing company Veracode has launched the Vendor Application Security Testing (VAST) program to provide independent, automated and outsourced compliance testing for cloud, mobile and outsourced applications, to help enterprises red…
Microsoft: Pre-installed malware not from factory lines
The pre-installed malware found on fresh-from-the-factory PCs by Microsoft’s Digital Crimes Unit was not implemented on the factory line, a Microsoft spokesperson has confirmed.
Peter the Great beats Sun Tzu in cybercrime
Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.
TDSS/TDL4 ‘indestructible botnet’ is back with 250K victims already
Damballa has discovered a new iteration of the TDSS/TDL4 botnet that, at its height last autumn, infected more than 5.5 million victims. Now, it’s back and is utilizing domain generation algorithm (DGA)-based communication for command-and-control (C&C).
Romanian Subway hackers plead guilty to cyber-fraud
Subway restaurant franchises can rest easy: The culprits behind an international electronic fraud ring that targeted point-of-sale (PoS) vulnerabilities at hundreds of US retail locations have pled guilty to cyber-fraud charges.
The cloud: transforming the role of the infosec professional
Infosecurity caught up with John Howie, COO of the Cloud Security Alliance (CSA), at the recent ASIS/(ISC)² Congress in Philadelphia, where he discussed how the cloud is altering the role of security professionals
51% of SMB endpoints infected annually
When it comes to small- and medium-sized business (SMB) applications, the cloud and mobility are on the rise, driving an increased need for comprehensive security, according to a new report from Osterman Research, commissioned by Trend Micro.