InfoSecurity News Headlines

Some videoconferencing equipment could enable hackers to eavesdrop on privileged corporate conversations or a boring employee training seminar, according to a security official at Rapid7.

Microsoft is a myth maker when it comes to Google’s new privacy policy, the search giant is charging.

Social Security Commissioner Michael Astrue told a House panel this week that he had a relative and a friend declared “dead” on his agency’s death list, which publishes the names and social security numbers of deceased individuals, even though they were very much alive.

The National Institute of Standards and Technology (NIST) is awarding $10 million in funding for trusted online credential pilot projects.

The total number of patient records compromised in the US increased by 97% in 2011 compared with 2010, according to a report released this week by the Redspin consulting firm.

Academics Benedikt Driessen and Ralf Hund from Ruhr University Bochum have reverse-engineered and cracked the GMR-1 and GMR-2 voice ciphers used by many satellite networks.

Following its signature to the ACTA agreement in Tokyo last week, the EU has published ’10 Myths about ACTA’. It’s purpose is to counter the many criticisms about the Anti-Counterfeiting Trade Agreement, and is part of a current EU campaign to demonstrate that ACTA is misunderstood.

Reuters reports that VeriSign was repeatedly hacked during 2010. The information was discovered among 2000 different quarterly SEC filings being reviewed by Reuters.

Apple has released massive security updates for its Lion and Snow Leopard Mac operating systems, fixing 52 vulnerabilities.

The top G-man is warning Congress that hackers will pose a greater danger to US national security than terrorists in the not-too-distant future.

Oracle has pushed out a patch for a denial-of-service vulnerability in the Oracle WebLogic Server, Application Server, and iPlanet Web Server due to hash collisions.

A US House panel has approved legislation that would encourage critical infrastructure companies to adopt cybersecurity best practices and would give the Department of Homeland Security (DHS) responsibility for safeguarding critical infrastructure cybersecurity.

The House of Commons Science and Technology Committee has today published its Malware and Cybercrime report – a recommendation to the UK government on how to tackle online threats.

US critical infrastructure companies would need to spend nine times more on cybersecurity in order to prevent a surprise digital assault, according to a new report by Bloomberg Government and the Ponemon Institute.

Trusteer has discovered that ZeuS-variant Ice IX seeks to divert bank-to-customer telephone calls to further obfuscate any fraud.

Following Symantec’s weekend claim that up to five million Androids may be infected with Counterclank, other researchers suggest that the code is adware rather than malware.

Mozilla has released the latest version of its browser, Firefox 10, with fixes for nine security flaws, including five critical vulnerabilities.

Prison inmates in Maryland had access to social security numbers of patients who received treatment under the state’s Medicaid program, according to a recent state audit.

The proposed new European Union data protection regulation will support the adoption of cloud computing, says European Commission Vice-President Neelie Kroes.

Ernst & Young, auditors of Regions Financial Corp., lost personal information on current and former Regions’ employees when a flash drive with the data sent in the mail was stolen.