A flaw impacting Apple iOS-based apps has been discovered that, if exploited, could allow an attacker to hijack the server URL from which mobile applications load their data, replacing the served data with his own content.
Attackers Ramp Up Threats to the Energy Sector
The US energy sector experienced the largest number of malware attacks of any industry in the spring and summer of 2012, with the end result being expensive outages at pipelines, oil refineries and drilling platforms. This year, brute-force attacks and…
Building Security In Maturity Model: Version 5 Released
BSIMM-V is effectively a scorecard that can be used by companies to either measure or improve their existing software development security stance. It is not a ‘standard’ in the regulatory sense; it more a practical description of actual best practices.
RSA Europe 2013: The Lessons BT Learnt from Securing London 2012
The lessons learnt from securing the digital infrastructure at the London 2012 Games have given BT a better understanding of how to do cyber defence, said Mark Hughes, CEO of BT Security in his keynote at RSA Europe today
Adobe Breached Users Now Estimated at 38 Million
When news of the Adobe breach emerged at the beginning of October, the company admitted that bank card and other personal information on 2.9 million users had been stolen together with usernames and passwords for an undisclosed number of customers. Tha…
Microsoft SIR Report Highlights Risks of Unsupported Software Ahead of XP Withdrawal
On April 8 2014, Microsoft will withdraw all support from the XP operating system, despite 21% of the worldwide OS marketplace still using it, and 13% of the UK. The results of the latest Microsoft SIR report prove just how vulnerable this will leave u…
Frost & Sullivan Report Positions Women as Future Infosec Leaders
There are two undisputed facts in the information security marketplace: there is a severe skills shortage; and women are dramatically under-represented in the security workforce. A new Frost & Sullivan report argues that a solution to the former can be…
Cisco Patches Remote Code Execution and DoS Flaws in Multiple Products
Cisco has issued three patches to address serious security flaws across a handful of products. Exploitation of the vulnerabilities could give an attacker a way to remotely execute arbitrary code to take over a server, or could lead to a denial-of-servi…
Hackers use Buffer to Send Out Spam on Twitter and Facebook
Buffer, a social media app, allows its users to schedule and automatically post updates to social media sites such as Facebook and Twitter. Over the weekend it started posting weight-loss spam tweets and posts.
Researchers: LinkedIn Intro is a Man-in-the-Middle Attack
LinkedIn has released a new product called Intro, which shows users’ LinkedIn profiles from inside the native iPhone mail client. Members can, at-a-glance, see the profile picture of the person who’s emailing, learn more about their background, and con…