Top 10 Stories

Techworld: The recently closed Full Disclosure security mailing list, which served as an open discussion forum for security researchers since 2002, was replaced Tuesday with a new list that will serve the same purpose, but will require former members to resubscribe. The new list will continue to be called Full Disclosure, but will be managed by Gordon Lyon, a well-known network security expert and creator of the popular Nmap security scanner. Lyon is known in...

  BBC: Raymond "Jerry" Roberts - one of the last of a top World War Two code-breaking team at Bletchley Park - has died, aged 93, following a short illness. Captain Roberts, from Liphook in Hampshire, was part of a group that cracked the German High Command's Tunny code at the British listening post. Their decrypts made it possible to read Hitler's own messages during the war.  

  The Hacker News: Defending and Analysis of online threats and malwares have become more challenging nowadays and especially for larger businesses like the popular social networking site - Facebook. To encounter malware, phishing, and other online threats, Facebook has taken an important step forward. Facebook has unveiled its latest security-focused platform, dubbed as ‘Threat Data’, which is a framework that aims to standardize its methods for collecting and analyzing data.  

IT News: eBay Japan has closed a hole that allowed user accounts to be accessed by anyone. The authentication flaw existed because eBay created passwords for accounts based on a combination of a username plus what should have been random data referred to as salt.

Dutch News: The Dutch banks ING and Rabobank are taking their legal responsibility to protect customer information too lightly, according to a senior EU official. The European Union's data protection regulator Peter Hustinx made the comment in an interview with the Financieele Dagblad on Tuesday.

Net Security: Microsoft has been aggressively campaigning to get users to stop using Windows XP, and has gone so far as to offer $100 off the purchase of a new PC via the Microsoft Store in order to sweeten the switch to a newer OS (preferably Windows 8). But there is a massive number of devices that won't be so easily upgraded, as 95 percent of ATMs is running on the soon-to-be outdated and unsupported...

  Gizmodo: Imagine you're walking around, enjoying the early spring sunshine, and looking for a Wi-Fi network. You hear a whirring sound above you, look up, and there's a drone, just chilling. Did that drone just take your picture? Nah. It just stole all the precious passwords from your smartphone.   This is a real—however somewhat distant—possibility. We know that it's technically possible thanks to some London-based SensePost security researchers who built new software called...

Threatpost: Hold off on the notion that watering hole attacks may supplant phishing as the initial means of compromise in advanced attacks. A number of recent targeted campaigns have used the crash of Malaysia Airlines 370 as a lure to infect government officials in the U.S. and Asia-Pacific. FireEye today published research on a number of spear phishing attacks that contained either infected attachments or links to malicious websites. One Chinese group, admin@338, has been...

Chicago Business: Trustwave Holdings Inc., a Chicago-based credit card security company, was sued alongside Target Corp. by banks who say they suffered financial damages when the retailer was hacked during the holiday shopping season. Although the most serious allegations are leveled at Target, the suit alleges that Trustwave failed to identify deficiencies in the retailer's IT systems. Trustwave's software audits companies' IT systems to make sure they comply with credit card security regulations.

Infosecurity: Data breaches at Target and other retailers have been making headlines, but it turns out that financial institutions are finding their operations increasingly impacted as well. A survey by ACI Worldwide of financial industry professionals found that a full 44% of customer accounts have been compromised. While the headlines continue to highlight data breaches, which involve compromised payment, banking and personal data, it’s clear that financial institutions must stay vigilant in combating fraud loss...