Archive for the ‘News’ Category

Infosec Weekly Round-up October 15-21, 2012

Businesses take 7 months to detect intruders “Corporations are taking an average of seven months to detect system breaches despite most having access to forensic information in their logs, Verizon has warned. According to Bryan Sartin, vice president of Verizon’s Research Investigations Solutions Knowledge (RISK) team, the statistic indicated a need for more security information [...]

Share

Infosec Weekly Round-up October 08-14, 2012

Skype worm spreads, using LOL trick to infect unwary users Skype users are warned to be on their guard, regarding malicious instant messages that have been sent through the service, designed to infect Windows computers. http://nakedsecurity.sophos.com/2012/10/08/skype-worm-spreads/ New TDL4 strain very successful in hiding from AV Last month Damballa stirred up the security community with the discovery [...]

Share

Infosec Weekly Round-up October 01-07, 2012

Millions of Brazilian internet users falling victim to a sustained and silent mass attack “This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained [...]

Share

Infosec Weekly Round-up September 23 – 30, 2012

Data breach at IEEE.org: 100k plaintext passwords “Due to several undoubtedly grave mistakes, the ieee.org account username and plaintext password of around 100,000 IEEE members were publicly available on the IEEE FTP server for at least one month. Furthermore, all the actions these users performed on the ieee.org website were also available. Separately, spectrum.ieee.org visitor [...]

Share

Infosec Weekly Round-up September 09 – 16, 2012

10 Steps to Cyber Security “The actions and measures detailed in each of the advice sheets collectively represent a good foundation for effective information risk management. The degree of implementation of these steps will vary between organizations depending upon the risks to their individual business, however , GCHQ’s recommendation is that Boards should require their [...]

Share

Infosec Weekly Round-up August 19 – 26, 2012

You can’t block Facebook using Windows 8′s hosts file First up for this week is an article about the new operating system by Microsoft windows 8 which includes new protection that prevent writing in the HOSTS file, this file is used by malware editor to prevent windows OS update:  “While you can still add any [...]

Share

Infosec Weekly Round-up June 17 – 24 , 2012

Hacker claims breach of 79 banks, releases customer data “A hacker claiming to have broken into networks of dozens of banks and stolen customer data, has released as proof a file that contains names, addresses, e-mail addresses, and phone numbers in plain text, but no credit card numbers.” http://news.cnet.com/8301-1009_3-57455693-83/hacker-claims-breach-of-79-banks-releases-customer-data/ XSS: Gaining access to HttpOnly Cookie [...]

Share