NSA and GCHQ moles feeding Tor Project with bug reports, claims executive director

By John E. Dunn | 24 August, 2014 00:33

The wizards of Tor are being fed bug reports by anonymous sources inside the agencies normally seen as trying to break its security, the NSA and GCHQ, the Project's executive director Andrew Lewman has claimed in a BBC interview.

MoD lays down cybersecurity challenge to suppliers

By Charlotte Jee | 23 August, 2014 17:05

The Ministry of Defence (MoD) Centre for Defence Enterprise (CDE) will launch a £1m cyber security competition at an event in London next month.

Researchers malware steals Gmail password, online banking data

By Antone Gonsalves | 23 August, 2014 10:46

University researchers have built an Android app that secretly snatches valuable personal data from other mobile apps, such as webmail, shopping and online banking.

US warns 'significant number' of major businesses hit by Backoff malware

By Martyn Williams | 23 August, 2014 07:04

Over a thousand major enterprise networks and small and medium businesses in the U.S. have been compromised by a recently discovered malware package called "Backoff" and are probably unaware of it, the U.S. Department of Homeland Security (DHS) said in a cybersecurity alert on Friday.

Your living room is vulnerable to cyber attacks

By Tony Bradley | 23 August, 2014 04:06

At the Black Hat security conference in Las Vegas earlier this month, researchers demonstrated how a Nest thermostat can be hacked, to show how easily connected appliances--the household technologies that make up the Internet of Things--can be compromised. When you look beyond the demo's hyperbolic headlines, it turns out the hack requires physical access to the Nest device, but the questions remains, "How vulnerable is IoT?"

Three easy ways to separate work and play on the same PC

By Ian Paul | 23 August, 2014 04:05

All of us lead double lives these days since we both work and play online. During the day you may be working on a company document in Google Drive, while at night you're kicking back and chatting with friends on Skype.

Spammers top spoofing targets are still finance and travel industries

By John E. Dunn | 23 August, 2014 02:28

The travel industry and large banks were the US industries most abused by spam and malicious email in the second quarter of 2014, according to Agari's Email TrustIndex.

Hold the phone: iMessage spam not all it's cracked up to be

By Marco Tabini | 23 August, 2014 01:20

Is Apple's iMessage the new favorite tool of spammers worldwide? A widely-quoted recent article written by Wired's Robert McMillan suggests it is, even going so far as to claim that iMessage "is being taken over by spammers."

What happened to the Flashback Trojan? Turns out US universities are still riddled with it

By John E. Dunn | 22 August, 2014 22:50

US universities are still battling surprisingly high levels of malware infection among their student populations, mainly old forms considered neutralised years ago such as the Mac Flashback Trojan and Conficker worm, according to security firm BitSight Technologies.

Lessons learned from UPS Store breach

By Antone Gonsalves | 22 August, 2014 22:48

The security breach discovered at a few dozen franchises of the UPS Store, a subsidiary of United Parcel Service, provides a number of lessons for other retailers.

Security spending gets boost from mobile, social and cloud, says Gartner

By Mikael Ricknäs | 22 August, 2014 21:56

The increased adoption of mobile, social and cloud computing is driving growth in security spending among organizations that are also becoming more aware of threats on all those fronts.

Mobile apps could be abused to make expensive phone calls

By Jeremy Kirk | 22 August, 2014 14:43

A security precaution skipped in mobile applications such as Facebook's Messenger could be abused to make an expensive phone call at a victim's expense, a developer contends.

Amazon tricks up CloudFront encryption with anti-spy feature

By Liam Tung | 22 August, 2014 12:56

Spies and hackers will find it harder to unseal encrypted communications if they’ve already captured packets sent across Amazon’s content distribution network, CloudFront.

The 10 most terrifying security nightmares revealed at the Black Hat and Def Con hacker conferences

By Brad Chacos | 22 August, 2014 08:12

It's that time of year again: The wonderful, terrifying week when hackers and security gurus descend upon Las Vegas to show off their skills and unleash presentation after presentation full of scary-sounding exploits. This year is no different. Over the previous week, we've heard tales of planes brought down by rogue code, snoops spying on your security cameras, and secretive, undetectable code that can turn any USB drive into an unstoppable malware vessel.

NIST taking input for mobile security guidelines

By Joab Jackson | 22 August, 2014 06:03

The U.S. National Institute of Standards and Technology (NIST) is developing a guide for testing third-party apps to ensure that they are secure and don't introduce any vulnerabilities.

City of London Police brings in Kaspersky to train officers to tackle cybercrime

By Antony Savvas | 22 August, 2014 04:07

City of London Police has enlisted internet security expert Kaspersky Lab to help train its officers to tackle all levels of cybercrime.

US agencies to release cyberthreat information faster to the health-care industry

By Grant Gross | 22 August, 2014 04:02

U.S government agencies will work to release cyberthreat information faster to the health-care industry after a massive breach at hospital operator Community Health Systems, representatives of two agencies said.

Should companies practice data retention or data destruction?

By Ellen Messmer | 22 August, 2014 00:01

Many businesses spend a lot of time thinking about how to retain and store data, but there's another idea: Think about how to destroy your data.

CISOs Can Combat APTs with a Bit of Preparation

By Radhika Nallayam | 21 August, 2014 23:59

Advanced persistent threats are on the rise. It is time for CISOs to move beyond the traditional security measures.

Researchers build security framework for Android

By Antone Gonsalves | 21 August, 2014 22:37

University researchers have modified the Android operating system to let developers plug in enterprise-class security enhancements that would normally require overhauling a mobile device's firmware.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Fraud Management Solutions

Reduce fraud losses regardless of channel by preventing cybercrime, identity theft, and other threats targeting your customers.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.