Analysis of Equation Group’s espionage platform discovers another link to the NSA
Kaspersky Lab researchers continue to analyze the software and digital artifacts tied to the Equation Group, a nation-state threat actor that has been active for almost twenty …
How much pressure do infosec professionals face?
Businesses were under increased pressure to secure their organizations in 2014 and expect that pressure to increase in 2015, according to Trustwave. Survey respondents also …
As confidence sinks, cyber attacks rise
While IT security spending is increasing, confidence is falling. In surveying more than 800 security decision makers and practitioners, the CyberEdge Group found that more …
False positive free online web application security scanner from Netsparker
Netsparker launched their new enterprise online service offering Netsparker Cloud, which enables organizations to simultaneously scan hundreds and thousands of websites for …
Microsoft patches flaw exploited by Stuxnet – again
Among the vulnerabilities patched by Microsoft in this month’s Patch Tuesday is one that was supposedly patched back in 2010. The Windows Shell Shortcut Icon Loading …
Flaw in Dropbox SDK for Android lets attackers steal data sent to users’ account
Researchers from IBM’s security team have discovered an authentication flaw in the Dropbox Software Development Kit (SDK) for Android that can be exploited to capture …
Unpatched security vulnerabilities affecting Facebook
A web security researcher from Portugal has discovered several vulnerabilities affecting Facebook that he considers to be serious, but hasn’t had much success convincing …
Transport for London adopts ultra-secure USB drives
Transport for London (TfL) has adopted ultra-secure USB flash drives to ensure that its data is protected in the event of the loss or theft of portable devices. DatAshur USB …
Apple Watch scams target Twitter and Facebook users
It didn’t take long for spammers to jump on the Apple Watch bandwagon – they set up a Twitter account named “Apple Giveaways”, and began spamming out …
Core Infrastructure Initiative kickstarts OpenSSL audit
Cryptography Services, a team of consultants from several security research firms, have announced that they have been tasked with auditing OpenSSL, the popular and widely used …
Cloud security and adoption trends
CloudPassage issued a survey to more than 250,000 members of LinkedIn’s Information Security Group and represents a broad cross section of company sizes, cloud adoption …
Microsoft patches Windows, IE, Office, SharePoint
This month Microsoft has released 14 new bulletins, 5 of which are rated as Critical, 9 as Important. As a déjà vu from last month, a critical remote code execution …