News

Oracle fixes zero-day database vulnerability that was already ‘fixed’
Oracle fixes zero-day database vulnerability that was already ‘fixed’
After being outed by security researcher Joxean Koret, Oracle has issued a fix for a zero-day database vulnerability that can be remotely exploited. It's a flaw that was supposedly “fixed” in the company’s quarterly security update.
May 1, 2012
Number of vulnerabilities down, malicious attacks up
Number of vulnerabilities down, malicious attacks up
While the number of vulnerabilities decreased by 20%, the number of malicious attacks continued to skyrocket by 81% in 2011, according to Symantec’s annual 'Internet Security Threat Report'.
May 1, 2012
42 blackmail sites -posing as news sites - shut down in China
42 blackmail sites -posing as news sites - shut down in China
Genuine news sites publish information on events – these sites, say the Chinese authorities, promised not to publish information for a fee.
April 30, 2012
Columbia posts faculty social security numbers on the internet
Columbia posts faculty social security numbers on the internet
Columbia University has notified 3,000 faculty members that their names, addresses, social security numbers, and bank account numbers were available on the internet for two years.
April 30, 2012
Europeans exhibit more caution regarding BYOD
Europeans exhibit more caution regarding BYOD
BT conducted a survey of over 2000 IT users and decision makers across 11 countries. The research, released during last week’s Infosecurity Europe show in London, showed that Western European organizations tend to take a more guarded approach to BYOD implementation when compared to their global counterparts.
April 30, 2012
Intruder alert: Star Trek Online account database compromised
Intruder alert: Star Trek Online account database compromised
The studio behind the Star Trek Online game had its user account database breached over a year ago, but is only reporting it now.
April 30, 2012
SOCA and the FBI takedown 36 AVC websites
SOCA and the FBI takedown 36 AVC websites
In a joint exercise between between multiple law enforcement agencies, 36 websites associated with an e-commerce platform known as an automated vending cart (AVC) used to sell stolen credit cards were taken down on Wednesday.
April 27, 2012
Want someone else’s Hotmail account?
Want someone else’s Hotmail account?
A software bug can often lead to a vulnerability that can be exploited with sophisticated exploit code. Or sometimes you can just instal a free add-on that lets you do the same thing with no effort.
April 27, 2012
Infosecurity Europe 2012: The ICO on better regulation and better infosec
Infosecurity Europe 2012: The ICO on better regulation and better infosec
Christopher Graham, the UK Information Commissioner, talks about his role as an information regulator and facilitator at Infosecurity Europe in London
April 26, 2012
Hacker posts VMware source code on internet
Hacker posts VMware source code on internet
A hacker has posted source code for VMware’s ESX virtual machine on the internet, the company has confirmed.
April 26, 2012
Hacker could take over traffic and railroad control systems using backdoor
Hacker could take over traffic and railroad control systems using backdoor
A researcher has uncovered a backdoor in RuggedCom software used to control traffic and railroad systems that could enable a remote attacker to take control of the systems.
April 26, 2012
Infosecurity Europe 2012: defining risk management in the context of information security
Infosecurity Europe 2012: defining risk management in the context of information security
The three companies represented on the keynote panel (G4S Secure Solutions, Steria UK, and Skipton Building Society) are very different; and their CISOs have very different views on the functioning of risk management within infosec.
April 25, 2012