HNS MAIN FEED
Saturday, 08:48 EST
- Hackers can find you by tracking your cellphone
- Cutwail botnet intensifies spam spewing
- Secret ad code allows Google to bypass Safari's "no tracking" settings
- How mobile malware is maturing
- Ransomware impersonates the Italian police
- Open source tool detects videoconferencing equipment vulnerabilities
- Fake Facebook notification delivers keylogger
- New powerful bot spreads by email
- Analyze mobile apps for malware threats
- Cloudify cloud application platform
- Imation secures mobile data, identity and workspaces
- Cloud-based threat monitoring and response service
  ISO 27001 video tutorialsWhy is residual risk so important?Tax payers unaware of identity theft risksVeriSign hack: Reactions from the security communityReview: Network Warrior, 2nd Edition Open source tool detects videoconferencing equipment vulnerabilities Secret ad code allows Google to bypass Safari's "no tracking" settings How mobile malware is maturing Thwarting attacks with genetically-inspired computer configuration systems Apple preparing a safer version of OS X Malicious sites increase 240% Nessus 5.0 vulnerability scanner released The rise of information stealers and pay-per-install malware The escalating cost of US cybersecurity plans Gap in patch priorities vs cybercriminal targets February Patch Tuesday lighter than expected Infosec pros maintain job stability Mobile hacks to increase with SDR adoption Privacy pitfalls of online dating |
Videoconferencing equipment has been in the news for its potential for use by attackers to snoop on confidential company meetings. Qualys released an open source tool that could detect whether a given videoconferencing system is vulnerable to these attacks.
Once again, Google has been caught doing something that it shouldn't be doing: using code in their ads to intentionally bypass the privacy settings of Safari users in order to track their browsing behavior.
Data shows an evolution from sophisticated, complex and deep technical attacks to schemes that are lightweight, social and able to deliver fast profits. As mobile users download more applications than ever before, applications themselves are becoming the "killer app" for hackers and the most popular way to compromise devices.
In the seemingly unending search for computer security solutions that are both reactive and proactive, researchers have occasionally turned to other sciences for ideas. In creating an algorithm that searches for and implements more secure computer configurations, researchers have been inspired by genetics.
The next version of OS X called Mountain Lion will be available this summer. Among the many new features, it will come with Gatekeeper that will help prevent users from unknowingly downloading and installing malicious software.
In 2011, the most significant evolution in the threat landscape was the use of malware networks, or malnets, to launch highly dynamic Web-based attacks. These complex infrastructures drove a 240% increase in the number of malicious sites during the year.
Tenable Network Security announced Nessus 5.0, which delivers introduces enhancements that streamline and optimize each of the major phases of the vulnerability and configuration assessment process.
The fastest growing malware categories in the second half of 2011 were PPI (Pay-Per-Installs) and information stealers that target user credentials enabling the theft of key intellectual property and sensitive data, according to FireEye.
When US President Obama called on the Congress for laws that would protect from cyber threats, it sounded like a welcome call to arms. Unfortunately, what most people didn't immediately realize is that cyber defense is likely to cost a huge amount of money.
According to a new Secunia report, third-party programs rather than programs from Microsoft are almost exclusively responsible for the growth in vulnerabilities, with the share of third-party vulnerabilities on a typical end-point, increasing from 45% in 2006 to 78% in 2011.
It turns out that this February Patch Tuesday is lighter than we had anticipated. Some of the nine bulletins should be less worrisome to IT admins: the Office vulnerability (MS12-015) is in the Visio viewer program, MS12-011 is an XSS vulnerability in Sharepoint and MS12-014 and MS12-012 cover DLL preloading vulnerabilities.
The information security profession offers not only stability but upward mobility, according to the 2012 Career Impact Survey released today by (ISC)2. Only seven percent of information security professionals were unemployed at any point during 2011, with nearly 70 percent reporting a salary increase, and 55 percent expecting to receive an increase in 2012.
Digital Assurance warned that mobile communications operating over radio systems such as GSM, WiMax and DECT are likely to become more heavily targeted as Software Defined Radio (SDR) technology becomes more sophisticated, cheaper and more widely available.
It used to be that you were pretty much anonymous on the Internet if you chose to be, but those halcyon days are now gone. Take dating sites for example. Are you absolutely certain that once you've deleted your profile on one of them your information and your photos are deleted forever? Unfortunately, the answer is no.