News

Texas drone bill sparks a battle

By Jaikumar Vijayan | 17 May, 2013 20:26

The battle to find a balance between privacy concerns and the beneficial use of drones for commercial and law enforcement purposes is in sharp focus in a bill that's winding its way through the Texas legislature.

Alleged tech support scammers settle FTC charges

By Grant Gross | 17 May, 2013 18:28

Operators of two alleged tech support scams that charged consumers hundreds of dollars to supposedly fix their computers have settled charges from the U.S. Federal Trade Commission.

Nation's critical infrastructure cyber defenses weak, DHS tells hearing

By John P. Mello | 17 May, 2013 17:51

Experts criticize government's threat sharing, noting it wants the private sector to be generous but it's stingy with the private sector

Police arrest Anonymous suspects in Italy

By Philip Willan | 17 May, 2013 17:42

Italian police arrested four suspected hackers Friday, accusing them of having taken control of the Italian branch of the Anonymous network.

Security a key factor in LogMeIn’s Internet of Things platform

By David Braue | 17 May, 2013 17:22

Remote-access success story LogMeIn is staking its claim on the evolving Internet of Things (IoT) market by launching an IoT-enabling platform that uses LogMeIn’s cloud-based connectivity platform to link and secure nearly any kind of device.

Researchers uncover new global cyberespionage operation dubbed SafeNet

By Lucian Constantin | 17 May, 2013 16:44

Security researchers from Trend Micro have uncovered an active cyberespionage operation that so far has compromised computers belonging to government ministries, technology companies, media outlets, academic research institutions and nongovernmental organizations from over 100 countries.

Big Data Investigations: Opportunity and Risk

By Taylor Armerding | 17 May, 2013 13:01

Experts say large-scale security analytics can cut through the noise to find key intelligence. But connecting the dots can lead to legal trouble

Experts ding DHS vulnerability sharing plan as too limited

By Antone Gonsalves | 17 May, 2013 13:00

Without universally availability, plan could miss smaller businesses hackers could use as an entry point to critical infrastructure companies

LulzSec members sent to prison for infamous DDoS attacks

By John E Dunn | 17 May, 2013 12:57

Four members of the infamous and largely British LulzSec hacking group that carried a string of high-profile DDoS attacks in 2011 have been handed relatively lenient prison terms of up to 32 months by the judge at Southwark Crown Court.

Remains of the Day: Where in the world?

By Dan Moren | 17 May, 2013 12:34

Mr. Cook goes to Washington, an Apple Store grows in San Francisco, and Mac spyware turns up in Norway. The remainders for Thursday, May 16, 2013, are going global.

New Mac spyware found on Angolan activist's computer

By Lucian Constantin | 17 May, 2013 12:04

Previously unknown Mac OS X spyware, signed with a valid Apple Developer ID, has turned up on the laptop of an activist from Angola at a human rights conference in Norway.

Virtual desktops win the security case for Brisbane lawyers

By David Braue | 17 May, 2013 10:17

It may have started out as a way of simplifying an increasingly complicated IT environment, but Brisbane law firm Cooper Grace Ward (CGW) has found its virtual desktop infrastructure (VDI) investment is also delivering improved remote-access security, data protection and integrity of sensitive information.

In a sea of malware, viruses make a small comeback

By Jeremy Kirk | 17 May, 2013 04:24

The computer virus seems to be making a subtle comeback.

GPs open to sharing patient information, says survey

By Randal Jackson | 17 May, 2013 00:09

A survey of general practices' attitudes to the use of information technology shows that most are open to sharing patient information provided that appropriate security and privacy measures are in place.

Four former LulzSec members sentenced to prison in the UK

By Lucian Constantin | 16 May, 2013 18:11

Four British men associated with the LulzSec hacker collective received prison sentences Thursday for their roles in cyberattacks launched by the group against corporate and government websites in 2011.

Pushdo botnet is evolving, becomes more resilient to takedown attempts

By Lucian Constantin | 16 May, 2013 14:41

Security researchers from Damballa have found a new variant of the Pushdo malware that's better at hiding its malicious network traffic and is more resilient to coordinated takedown efforts.

Booming mobile industry spawning global criminal marketplace

By John P. Mello | 16 May, 2013 13:02

In an alarming 'post-PC' era alert, working group says criminal infrastructure created much faster than it was for PC fraud

Internet Explorer 10 blocks more malware than Chrome or Firefox, test finds

By John E Dunn | 16 May, 2013 13:00

Microsoft's Internet Explorer 10 is better at blocking malware downloads than rivals Chrome, Firefox, Safari and Opera thanks to superior URL and application reputation technology, a new test by NSS Labs has found.

Oracle renumbers Java patch updates, confuses users even more

By Gregg Keizer | 16 May, 2013 10:06

Oracle has changed the numbering of its Java security updates, prompting one expert to say, "As if Java updates weren't confusing already."

Despite $1.46b furphy, 2013-14 Budget offers slim pickings for cyber security

By David Braue | 16 May, 2013 10:00

Months on from the government’s bold PR initiative in which it said it would spend $1.46 billion on IT security, the release of the 2013-14 federal budget has shown little additional financial support for this and other cyber security initiatives.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Audit Management Solutions

Manage the complete audit lifecycle from audit universe identification and risk assessment to management/board reporting and quality assurance.

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.