Late on Friday afternoon Twitter announced that it had been breached and that attackers may have had access to usernames, email addresses, session tokens and encrypted/salted versions of passwords for approximately 250,000 users.
Red October cyber-espionage campaign used highly sophisticated infiltration techniques
Red October (Rocra), the high-level cyber-espionage campaign that successfully infiltrated computer networks at diplomatic, governmental and scientific research organizations worldwide, has a more shadowy persona than the typical APT, security research…
Google submits anti-trust proposals to EU
Google has submitted anti-trust proposals to the European Union anti-trust regulator to stave off action that could potentially lead to a $4 billion fine.
ISACA launches security audit programs for BYOD, data privacy and outsourcing
Getting in on the triple zeitgeist of IT consumerization and the bring-your-own-device (BYOD) phenomenon, data privacy, and how to stay secure while taking on business partners, ISACA has developed three fresh IT audit/assurance programs for each subje…
Identity and access management in the cloud
The growing prevalence of shadow IT caused by BYOD and remote working is making an existing security problem much worse: how do you protect an increasing number of passwords used for an increasing number of cloud applications?
NY Times points blame for 4-month hack at Chinese government
In a development that appears to be as politically motivated as the kidnapping of embedded investigative journalists in the Middle East, the New York Times said that it has uncovered a four-month-long hacking effort on the part of Chinese hackers.
Financial skulduggery and email hackery
Buried in all the financial reporting on the battle for control of Indonesian coal mining company Bumi is the small matter of whistleblowing and email hacking.
Cross-site scripting attacks up 160% in Q4 2012
Cross-site scripting (XSS) is increasingly common in the cloud computing world, up more than 160% in the fourth quarter of 2012 from the previous three months, a security firm is warning.
Worldwide communications infrastructure faces APTs, bots, DDoS; mobile networks weakest
Communications service providers and network operators are a potential weak link when it comes to security. Their networks carry every app, connect every mobile device and provide all of us with on-ramps to the internet. In short, we couldn’t communica…
From hackers to obituary-readers, identity theives have many personae
From dumpster divers to pickpockets, identity thieves come in many varieties. But while identity theft continues to be one of the greatest security issues for consumers (the US Federal Trade Commission estimates that about 15 million Americans fall vic…