Special focus: IT security

Cybercriminals cast a wide net in January

Network security company GFI Software released its VIPRE report showcasing the ten prevalent threat detections encountered by its GFI VIPRE Antivirus users in January 2012. The malware attacks target a range of victims including gamers, small businesses and government organisations.

Voice biometrics plays key role in security

A report from fraud prevention company ValidSoft and research house Opus Research predicts that the global number of registered voiceprints will increase from 10 million to over 25 million in 2015.

Children's websites targeted by hackers

Anti-virus company Avast has revealed hackers are now targeting children’s gaming websites to spread malware and hack into the home network.

Firefox ‘silent’ update ‘gives access’ to hackers

Mozilla’s reported plan to implement ‘silent’ background updates in the upcoming version of Firefox 10 has been questioned by security company Lieberman Software.

Over half of all spam messages come from Asia

IT security firm Sophos has revealed the top twelve countries responsible for spam messages from its Q3 2011 report, the ‘Dirty Dozen'.

Malware attacks follow Gaddafi death interest

The death of Libyan dictator Muammar Gaddafi is driving huge public interest in viewing photos and videos of his last moments - and providing cybercriminals with an opportunity to ensnare the morbidly curious surfers.

Promoted Tweets are exploited, claims Sophos

Spammers will take advantage of Twitter’s enablement of user targeting by UK brands, warns information security firm Sophos.

Brooklands College tackles Conficker outbreak with Sophos

Brooklands College will be using IT security firm Sophos for its two-site network in Surrey and Kent against an increase in viruses and malware threats.

Workplace social networking ‘risk to personal security’ say employees

Seventeen per cent of UK employees consider accessing social networks from the workplace ‘a major risk’ to enterprise security – and many are calling for clearer guidelines on social media usage on behalf of their employers.

Iran internet users spied on by hackers, report says

Hackers spied on about 300,000 internet users in Iran last month after stealing security certificates from a Dutch IT firm.

WikiLeaks website target of cyber attack

WikiLeaks has been the target of a cyber attack as it released thousands of previously unpublished U.S. diplomatic cables.

Sensitive file transfer imperatives ‘causing security practice breaches’

Increased pressure to improve the speed and security of file transfers from customers and partners is creating vulnerabilities in enterprise security procedure.

Linux competition launched by Cyber Security Challenge UK

The Cyber Security Challenge UK has launched a competition challenging participants to detect hacker activity on Linux systems.

Defcon hackers steal most data from Oracle

Hackers at the Defcon convention managed to trick employees at some of the largest U.S. companies to help them steal data.

China paper dismisses McAfee hacking allegations

China's top paper has dismissed as "irresponsible" suggestions that the country is linked to large-scale internet hacking.

Smartphone upsurge causing ructions for IT managers

Smartphones are overtaking laptops as the mobile device of choice for enterprise workforces, bringing another headache for IT departments to contend with. 

SAP to release software security patch

Business software company SAP says it will release a patch to customers to fix a security flaw in its software.

N.Korean hackers hired to attack S.Korea game network

More than 30 North Korean hackers were hired by a South Korean crime ring to steal personal data from South Korean gamers.

McAfee uncovers biggest series of cyber attacks

McAfee has uncovered the biggest series of cyber attacks to date, involving 72 organisations targeted including the UN.

Teen on cyber-hacking charge released on bail

A teenager believed to be a leading member of the Anonymous and LulzSec hacking groups has been released on bail.

XP target of cyber rootkits infections

Un-patched and often pirated versions of Windows XP are a main target for rootkits infections, according to the AVAST Virus Lab.

Caller ID gets legibility boost

It should be much easier for blind and visually impaired mobile users to tell who is calling them if a system being showcased at this month’s Mobile World Congress in Barcelona takes off.

IT security must innovate or die, NetEvents conference told

Network security companies must innovate or die

Governance regains central role in IT security

Governance is playing an increasingly important part of information security within enterprises.

Spot market could re-open after cyber attack

The spot market in European Union emissions permits may re-open next week following a cyber attack that resulted in nearly 30 million euros (£26 million) of carbon permits being stolen.

Emerging tech will flip IT’s value proposition

Chief information officers must ‘re-imagine’ IT to support growth and competitive advantage, say findings from the ‘2011 CIO Agenda’ survey.

110,000 new IT professionals needed this year

Half a million required to keep up with projected UK demand over the next five years, says e-Skills survey.

Security spend resilience due to changing endpoint IT

The value of the enterprise network and data security market is set to exceed $10bn by 2016.

Female IT security student numbers ‘increasing’

Registration for the SANS London 2010 event shows an 11 per cent increase of women students for Security 560, ‘Penetration Testing and Ethical Hacking’ providing further evidence that more women are breaking into the sector, and may now account for 17 per cent of IT security practitioners.

Cyber security skills search starts

What’s been launched as the UK’s ‘first hunt for future cyber security professionals’ has begun.

IT dept ‘usual suspects’ for data snooping: survey

Up to 35 per cent of organisations suspect that their most sensitive internal information has been illicitly passed over to competitors – most probably by former employees.

Google ditches Windows over security concerns

Google is urging its employees to dump Microsoft Windows in favour of Mac OS and Linux citing security concerns, say reports.

Secure remote access continues to be top concern

Twenty-five per cent of IT administrators have voted ‘Securing remote access’ as the issue that most keeps them a peaceful night’s sleep, while 15 per cent said ‘keeping virus definitions up to date’ was their second biggest nocturnal concern.

ISF starts work on new IT security standard

The Information Security Forum (ISF) has launched a series of initiatives designed to lead toward a industry standard for managing information security requirements for enterprise third-party relationships.

Kaspersky PURE could become 'open to third parties'

Kaspersky Lab is considering developing its new PURE home security software to become an operating platform for which approved third parties will be able to develop updates and plug-ins.

New online threats ‘will come through the Cloud’

Social media and Cloud Computing have increased the vulnerability of UK companies and public sector organisations to new cyber threats, with hacking and denial of service attacks having doubled since 2008.

Swings-and-roundabouts year for info security pros

More than half of information security professionals received salary increases in 2009, according to the surveyed for the (ISC)2 2010 Career Impact Survey, while less than five per cent of participants lost their jobs.

‘Art of War’ helps thwart cybercrime

The art of war, and the art of information security, are closely aligned, claims a new book ‘Assessing Information Security: Strategies, Tactics, Logic and Framework’ that applies the principles of Sun Tzu’s classic text to online threat combat.

Cyber criminals will target World Cup fans

South Africa’s hosting of the 2010 Soccer World Cup will make it the target of an intense cybercrime wave in the lead-up to the FIFA tournament in June, security experts have warned.

Regulation best way to tackle cybercrime wave

Kaspersky Lab CEO Eugene Kaspersky has called for more global regulation in the fight against online threats. Speaking to E&T at InfoSecurity Europe 2009, Kaspersky said that the era of the unregulated Internet has passed, and that the notion of unregulated public networks was not realistic when economies could be wrecked by cyber-criminals.

Firewall pronounced 'dead' at InfoSecurity Europe

The Internet firewall is 'dead', according to IT security start-up Palo Alto Networks. Speaking live on the third of E&T's exclusive video bulletins from Infosecurity Europe 2009, director of corporate marketing Franklyn Jones says that with enterprises increasing their use of online applications, the traditional concept of a protective traffic gateway needs reinvention.

Apple users still complacent about security

Cyber-criminals are continuing to show increasing interest in targeting the Apple Mac community and users can expect a slew of new Mac-specific malware and Trojans, Sophos senior technology consultant Graham Cluley has warned, speaking exclusively in the fourth of E&T magazine's video bulletins from InfoSecurity Europe.

Cybercriminals are 'new business competition'

1.9m malware-infected computers ‘controlled by cybercriminals’ claim

A network of 1.9m malware-infected computers has been identified by web gateway vendor Finjan’s Malicious Code Research Center (MCRC). Corporate, government, and consumer computers around the world were infected by the malware, the company claims.

Security flouted to ‘get the job done’

Companies are leaving themselves vulnerable to employees’ ‘purposeful flouting’ of the rules when it comes to information security, claims a survey by certification company (ISC)2.

Employers using social networks to check recruitees

Over 30 per cent of human resources departments and business managers admit to searching for potential and current employees’ social networking profiles for information about their background and behaviour - and 24 per cent of those say that they have been put off by something they have found.

Anonymous proxies still ‘major security concern’

Ninety per cent of IT managers in the educational sector view anonymous proxies to be a problem, compared with 51 per cent in the private sector. Anonymous proxies are the most popular way to bypass an organisation’s Internet filtering: thus connected, users can surf any website unmonitored, even if it should have been blocked by a Web filter.

‘Application security’ tops Google IT security searches

‘Application security’ tops a global list of most commonly-searched-for IT security terms according to an analysis of current Google search trends and volume statistics by risk management firm ArmstrongAdams. Data loss and PCI DSS ranked highest in terms of UK originated searches in December 2008.

PIN apps: Hacking on the hoof

'Grey hat' apps are a new phenomenon in software that enable street hackers to delve into your smartphone and access your data, and more besides.

The dangers of hoax security breaches

A fake hack attack can be as damaging as a real one and they're becoming increasingly common.

Google Android: how secure is its future?

How has Google's Android smartphone operating system managed to become so successful?

EU Data legislation amendments

Proposed amendments to the EU data privacy laws propose to swap-out carrots for sticks in a redoubled effort to get European organisations to do a better job to protect everyones' data.

Terrorism's invisible propaganda network

Global militant organisations are tapping into the vulnerabilities in mobile technologies for propaganda and recruitment, as well as to filch data for financial gain.

VoIP: voicing security concerns

Channelling voice calls over IP networks has brought many advantages to enterprise communications, but it also creates some security risks.

IT Security Legislation Guide

IT is one of the most rigorously regulated parts of an organisation, and legislation affecting information security is spearheading the legal changes.

ID access management's cloud challenge

With users accessing systems from ever more obscure points of entry, how do you keep control of access privileges? We look at the software that may have the answer.

IT security: isolating the problem

PC operating systems are full of security holes, which is why some are now turning to software first developed for 'hidden' computers to better protect them

Data breach – Could Sony have done more?

Data breaches like the one that affected Sony aren’t the end of the world if companies are honest with customers who have been affected.

Cyber-criminals target quake-hit network

Japan's Internet infrastructure withstood quake and tsunami, but was also left working for cyber-criminals to exploit the anguish of survivors desperate for information

Public eyes gets smart

Latest-generation CCTV cameras are bringing intelligent observation to some of the world’s most scrutinised cities. E&T zooms in on the innovations.

Preparing for the worst

Cyberwar threats are all too real, E&T investigates.

Social engineering: an intruder's tale

Posing as an IT consultant, Colin Greenless performed a penetration test on a FTSE-listed financial services firm. One or two tricks of social engineering gave him free access to some very useful - and very valuable - information.

Killer spam: the business threat

Ever-escalating spam levels are close to tearing the commercial guts out of any business and organisation that relies on email as a primary method of business communication.

IT security's infamous five

Despite all the warnings, all the headlines, and all the headaches, there are some security basics that we just keep leaving undone: Graham Cluley names them.

Security skills: aptly qualified or merely mollified?

IT security specialists want recognition and acclaim from their managers – but gaining the proper qualifications to endorse their status is not clear-cut.

Hardware that blocks hardcore

Bloxx Tru-View could be on the list of organisations worried about what their staff are downloading from the web.

Hacking the human

Any IT security can be circumvented by hackers who target the human factor - but risk can be minimised