Trojan uses steganography to hide itself in image files
“The Dell SecureWorks CTU research team has recently analyzed a piece of malware that uses digital steganography to hide part of its malicious code. Stegoloader, as they …
Stolen Foxconn certs used to sign malware used in Kaspersky Lab attack
“After last week’s revelation that their corporate network has been hit by APT actors wielding a newer version of the infamous, Stuxnet-related Duqu attack …
Emojis instead of PIN codes as an alternative for forgetful users
For years now companies have been trying to come up with alternatives to passwords and passcodes that will be easier to remember (for users) and more difficult to guess or …
Rethinking security: Securing activities instead of computers
For many people involved in the infosecurity community, the notion of security is too often tied to the quality of code (resistance to specific classes of bug, for example) …
Stronger data protection rules for Europe
More than 90% of Europeans are concerned about mobile apps collecting their data without their consent. Today, an important step was taken to finalize EU data protection rules …
OPM hack: Vast amounts of extremely sensitive data stolen
The extent of the breach suffered by the US Office of Personnel Management has apparently widened. Reports are coming in that the hackers have not only accessed Social …
Week in review: Windows 10 security, developing honeypots, IoT security holes
Here’s an overview of some of last week’s most interesting news, podcasts and articles:Brain’s reaction to certain words could replace passwordsYou might not …
Malware attacks give criminals 1,425% return on investment
Trustwave released a new report which reveals the top cybercrime, data breach and security threat trends from 2014. They gathered the data from 574 breach investigations the …
Microsoft flags Ask toolbar as unwanted and dangerous
From this month on, all versions of Ask.com’s infamous browser toolbar except the very last will be detected as unwanted software by Microsoft security products and …
New OpenSSL versions squash LogJam bug
The OpenSSL Project has pushed another update for the eponymous open-source cryptographic library. This one plugs several moderate bugs, one low one, and LogJam …
Privacy profession: An equal playing field for men and women?
In the midst of the public debate around the lingering gender gap in salary and professional achievement, the International Association of Privacy Professionals (IAPP) …
FIRST announces CVSS version 3
The Forum of Incident Response and Security Teams (FIRST) has announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). The new system is the …