Saturday , 20 January 2018
Home » Author Archives: Dan Raywood

Author Archives: Dan Raywood

Dan Raywood is the editor in chief of the IT Security Guru. A journalist with more than 13 years experience, Dan has been at the forefront of the information security industry.

As the news editor of SC Magazine he covered breaking stories such as Stuxnet, Flame and Conficker and the online hacktivist campaigns of Anonymous and LulzSec, and broke the news on the EU’s mandatory data breach disclosure law and a vulnerability which affected more than 200 sites.

Contact Dan on dan@itsecurityguru.org, by phone on 0207 1832 839

Sophisticated cyber threats are biggest technology fear for financial and public sector in 2018

The financial services industry and public sector are aligned in their concerns about data and system security, with both citing a fear of harmful cyber threats emerging in 2018, according to a new study from digital workplace provider Invotra. The research, conducted among 504 senior IT managers working across public sector and financial organisations, found that 79% of those in ... Read More »

Eugene Kaspersky: We would quit Moscow if Russia asked us to spy

Kaspersky Lab CEO Eugene Kaspersky has fired back at accusations that his company’s software was used to carry out spying for the Russian government, and said that if the Kremlin did ask the security firm to do anything wrong, he’d take the company out of the country. Reports have linked the use of Kaspersky software with the theft of NSA hacking tools, ... Read More »

As Apple fixes macOS root password hole, here’s what went wrong

Apple has emitted an emergency software patch to address the trivial to exploit vulnerability in macOS High Sierra, version 10.13.1, that allowed miscreants to log into Macs as administrators without passwords and let any app gain root privileges. The Cupertino iPhone giant kicked out the fix, Security Update 2017-001, today after word of the bug and methods to exploit it ran wild over ... Read More »

Uber says 2.7 MEEELLION(ish) UK users affected by hack

Uber has finally come up with a figure for the number of UK-based riders and drivers affected by its massive data breach: 2.7 million. The taxi hire firm has been slammed by regulators around the world for keeping the hack, which happened in October 2016, quiet for the best part of a year. To make matters worse, when it eventually ‘fessed ... Read More »

Google You Owe Us: Search engine sued for £2.7bn on behalf of 5.4 million people

Google could be forced to pay £2.7bn in compensation after it was accused of selling the data of more than five million iPhone users without their consent. A class action has been launched against the search engine giant over claims it harvested the browsing histories of users of Apple’s device by using an algorithm bypassing the default privacy settings on ... Read More »

Facebook bot problem: Users forced to upload selfies to prove they are real

Facebook, the world’s largest social network, has confirmed that it is attempting to “catch suspicious activity” by making users upload selfies to help prove they are real humans. A screenshot widely-shared across Twitter suggested the platform was now using a new checkpoint system in place of the traditional “captcha” verification process. “Facebook is now locking users out of account features, then demanding that those ... Read More »

Clarksons hack: Shipping giant fears hackers may leak confidential data over refusal to pay ransom

UK shipping giant Clarksons confirmed that it was hit by hackers, who appear to have been successful in stealing sensitive and confidential corporate data. The firm said that it suspects that the hackers may soon leak the stolen data, likely in retaliation to the company refusing to meet the cybercriminals’ ransom demand. Clarksons said that the hackers had managed to access the company’s computer ... Read More »

New Ursnif variants silently targets banks and employ redirection attacks

New Ursnif variants being tested in the wild are using redirection attacks to target Australian banks and malicious TLS callback techniques to achieve process injection.  The malware is based on the same code as the original Ursnif trojan, aka Gozi ISFB, but features modifications to the code injection level and to attack tactics, IBM Executive Security Advisor Limor Kessem said in a Nov. ... Read More »

Study: 90 percent of top cryptocurrency apps carry security and privacy risks

A study of 90 cryptocurrency mobile applications available on Google Play found that 90 percent of them contain security vulnerabilities or privacy risks. Web security company High-Tech Bridge conducted the research, using dynamic, static, and interactive testing to search mobile apps for weaknesses, including the top ten mobile flaws listed by the Open Web Application Security Project (OWASP). View full story ORIGINAL SOURCE: ... Read More »

Reported Software Vulnerabilities on Track to Break Record in 2017

The number of reported software flaws took off in 2017 and is on track for a record-breaking year, according to two organizations that track vulnerability disclosures. The National Vulnerability Database, managed by the U.S. National Institute of Standards and Technology, has documented more than 13,400 vulnerabilities so far this year, more than double the database logged in all of 2016. View ... Read More »