When it comes to trends in security for 2012 so far, the landscape has seen a sharp increase in browser-related exploits, like recent ones for Internet Explorer and Java, along with renewed concerns around social media password security and continued d…
An analysis of DDoS attack methodologies
What stands out most from Imperva’s new analysis of DDoS attack methodologies, is that DDoS is easy, growing in use and probably more prevalent than commonly perceived.
ICO and Ofsted agree encryption needed in schools
As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.
NIST releases comprehensive risk assessment guidelines
The US National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines for determining the level of information security risks in IT infrastructure.
Two Leading Hacking Vulnerabilities In Your Mobile Device
This is a guest post by Ryan Corey.Mobile devices including smartphones and tablets are convenient tools used to connect people to professional contacts, friends and family members. While this technology has made life easier for many people, weaknesses…
Veracode goes large with VAST app security testing for cloud, mobile
Application security testing company Veracode has launched the Vendor Application Security Testing (VAST) program to provide independent, automated and outsourced compliance testing for cloud, mobile and outsourced applications, to help enterprises red…
Microsoft: Pre-installed malware not from factory lines
The pre-installed malware found on fresh-from-the-factory PCs by Microsoft’s Digital Crimes Unit was not implemented on the factory line, a Microsoft spokesperson has confirmed.
Peter the Great beats Sun Tzu in cybercrime
Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.
TDSS/TDL4 ‘indestructible botnet’ is back with 250K victims already
Damballa has discovered a new iteration of the TDSS/TDL4 botnet that, at its height last autumn, infected more than 5.5 million victims. Now, it’s back and is utilizing domain generation algorithm (DGA)-based communication for command-and-control (C&C).
Romanian Subway hackers plead guilty to cyber-fraud
Subway restaurant franchises can rest easy: The culprits behind an international electronic fraud ring that targeted point-of-sale (PoS) vulnerabilities at hundreds of US retail locations have pled guilty to cyber-fraud charges.