To help IT auditors stay up to date with the latest organizational requirements, ISACA has published three new customizable IT audit/assurance programs. They cover cybercrime detection and prevention, the use of biometrics, e-commerce security, and the…
Financial trading security should take a ‘nuclear’ approach
Cyber-trading and financial security systems can take a page from the nuclear industry, according to a new report from Foresight. While the report does not make policy recommendations, it defines fundamental questions that the authors believe should be…
World of Warcraft maker hit with lawsuit over data breach, authentication
World of Warcraft creator, Blizzard, has been slapped with a class-action lawsuit initiated by two gamers who feel that the company’s security policies are geared to be for-profit and “deceptive” in terms of users understanding just how secure – or ins…
New cyber-espionage bug moved from Palestinian to Israeli targets
Recently, it came to light that a new cyber-espionage APT dubbed XtremeRAT was targeting Israeli government and police entities. While not advanced, the threat is most certainly persistent: New analysis shows that the threat has been around much longer…
Torrent DDoSer annoys everyone: is he vigilante or spoilt child?
Torrent site what.cd reported on Friday, 9 November (via Twitter) that, “The site, tracker and IRC will be down while we sort out this DDOS…” As of writing (Monday, 12 November), the site is still down, with the finger being pointed at Zeiko.
Microsoft to fix 19 vulnerabilities in six patch bulletins on Tuesday
Four of the six patch bulletins are rated ‘critical’, one is ‘important’ and one is ‘moderate’. Three of the updates will require a system restart, while the remaining three may require a restart. Admins should therefore be prepared for a disruptive ti…
70% of cloud data centers keep customers in the dark about storage locations
As more companies turn to the cloud to provide redundancy and back-up services for mission-critical business functions, connectivity and applications, new research has revealed that a full 70% of cloud backup providers do not inform customers of where …
Security experts increasingly question ‘digital Pearl Harbor’ claims
Ever since Defense Secretary Leon Panetta’s claim that the US was facing a digital Pearl Harbor, a growing number of security experts have begun to question the reality of such threats.
RIM’s BB10 gets a security boost with FIPS 140-2
One day after Research in Motion’s share price tumbled after damning comments from an analyst, the company announced that it has received FIPS 140-2 security certification allowing the BB10 to be deployed by government agencies.
Citadel crimeware kit offers professional-grade theft tools – for a price
Call it malicious software on a hill: a new version of Citadel, the crimeware kit, has emerged to inspire hackers everywhere. That is, if they can infiltrate the Russian underground far enough to locate it and pay the $3,000 entry fee.