Myanmar has come out of nowhere to top the list of sources of malicious internet traffic in Akamai’s State of the Internet report, the first time the country has ever appeared on the list.
Anti-virus, firewalls and intrusion detection are no longer enough warns SANS security expert
A leading IT security expert is warning companies that AV, firewalls and IDS technology may no longer be enough to defend company IT resources against attacks.
Smart devices are shipping with security holes, say engineers
Nearly 25% of engineers said they personally knew about security problems in their company’s smart devices that have not been disclosed to their customers and the general public, according to a recent survey by device security firm Mocana.
Visa to waive PCI DSS compliance validation for US merchants that deploy chip-enabled terminals
Effective Oct. 1, 2012, Visa is eliminating the requirement for US merchants to annually validate their compliance with the PCI Data Security Standard (PCI DSS) if 75% of the merchant’s annual Visa transactions originate from chip-enabled terminals.
Cybercriminals steal – from each other
The latest monthly malware and threats report from GFI Labs – the research operation of GFI Software – claims that cybercriminals are now stealing end user credentials from each other, as well as using complex new methodologies when seeking to infect e…
SpyEye trojan is revealed as credit card credential grabbing machine
A security researcher with Computer Associates has carried out an in-depth analysis of the SpyEye trojan and concluded that the malware has been cleverly coded to hide the fact that it is really little more than a clever piece of credential-grabbing co…
Researcher says MBR malware is back in fashion
A Symantec security researcher is reporting that MBR – Master Boot Record – infections are now back in fashion amongst cybercriminals after several years of largely being ignored.
Hampshire school data breach highlights need for multiple passwords
A data breach at Bay House School in Hampshire has highlighted the importance of not using the same password for different websites and applications, say experts.
New CSA registry enables cloud providers to demonstrate security controls
Cloud providers can demonstrate their adherence to industry-standard security practices by applying for listing in the Cloud Security Alliance’s (CSA) new Security, Trust and Assurance Registry (STAR).
Future of SSL in doubt? Researcher Marlinspike unveils alternative to certificate authorities
Noted security researcher and hacker Moxie Marlinspike slammed the certificate authorities at last week’s Black Hat conference in Las Vegas, just before he introduced his own alternative for authenticating secure web communications.