Top 10 Stories

Threatpost: When attackers broke into the network of the University of Maryland last month, the university’s wasn’t sure how to react. The organization had never had a major security incident before, and this one qualified as major: 310,000 Social Security numbers and other information was gone. And then three weeks later, it happened again. Wallace Loh, the president of the University of Maryland, told the Senate Commerce Committee Wednesday that the university’s security and IT team was...

Dark Reading: The most high-profile attacks on Domain Name Service (DNS) servers are distributed denial-of-service (DDoS) attacks, but there are even more nefarious attacks on these systems underway today as cyber criminals and APT actors abuse commonly vulnerable DNS servers. "DNS has been around forever. But there's an overwhelming lack of expertise" in it, says Patrick Foxhoven, vice president and CTO of emerging technologies at Zscaler. "It's been thought of as a dumb, foundational-level protocol. I believe...

Threatpost: While the number of requests for user information that Google receives from governments around the world continues to rise–climbing by 120 percent in the last four years–the company is turning over some data in fewer cases as time goes on. Google received more than 27,000 requests for user information from global law enforcement agencies in the last six months of 2013 and provided some user data in 64 percent of those cases.  

Data Breaches: Associated Press reports that there have been over 200 reports of card fraud by customers who used payment cards at a Fairmont, Minnesota restaurant, El Agave Mexican Restaurant. Officials believe a point-of-sale hack took place at the restaurant.  

ZD Net: Stolen Twitter accounts now fetch more than credit cards on the cybercrime black market, according to a new report released by the RAND Corporation. The report is the first in a series commissioned by Juniper Networks.   "Markets for Cybercrime Tools and Stolen Data: Hacker's Bazaar" explains that a Twitter account now costs more to purchase than a stolen credit card, because Twitter account credentials potentially have a greater yield.  

PC World: A malicious software program for Android that mines lesser-known cryptocurrencies could cause phones to overheat, a mobile security company warned Wednesday. The “Coinkrypt” malware appears to not be very widespread and has been seen in Spanish-language forums discussing pirate software, wrote Marc Rogers, a principal security researcher with Lookout Mobile Security. The “Coinkrypt” malware appears to not be very widespread and has been seen in Spanish-language forums discussing pirate software, wrote Marc Rogers, a principal security researcher...

Trend Micro: Just six months after mobile malware and high risk apps reached the one million mark, we have learned that that number has now doubled. This milestone comes at the heels of the “tenth anniversary” of mobile malware. 2004 saw the first mobile malware—a proof-of-concept (PoC) malware named SYMBOS_CABIR—which infected Nokia phones. But it wasn’t until during the start of the smartphone era that mobile malware exploded onto the threat landscape. From relatively harmless pop-up messages,...

  Business Insider: Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago."  

IT News: Target and its security partner Trustwave have been sued by two banks for "monumental" losses they say card issuers will face because of the retailer's holiday season data breach. In a complaint filed in Chicago's federal court, Trustmark National Bank and Green Bank NA accused the defendants of failing to properly secure customer data, enabling the theft of about 40 million payment card records plus 70 million other records, including addresses and phone numbers....

  Wired: There is too much inconsistency in EU legislation and EU data protection regulation when it comes to biometric data, says Julia Lodge, senior analyst at Adaption Information Management and Technology, at the University of Leeds. "It's these inconsistencies in law that could erode privacy and make accountability and trust in legislation fragile. The moment that becomes even more fragile and people misunderstand how biometrics are being used, they may question whether the regulator...