Editor's News

Bad password management costs businesses up to £130,000 and a year in lost productivity. According to research by Centrify, of 2,000 UK and US participants, it found that the average employee wastes £261 a year in company time on trying to manage multiple passwords, which for a company with 500 staff is a loss of more than £130,000 a year. Barry Scott, EMEA chief technology officer for Centrify, told IT Security Guru that the concept was...

A vulnerability which affects all versions of Microsoft Windows is being used in a Russian cyber-espionage campaign which targets NATO, the European Union and critical sectors. According to research by iSIGHT Partners the vulnerability, which impacts all supported versions of Microsoft Windows and Windows Server 2008 and 2012, and a patch will be made available today. The research found that exploitation of the vulnerability was discovered in the wild in connection with a cyber-espionage campaign that iSIGHT Partners attributed...

A greater proliferation of online service is enabling cyber criminals, but that is not being met with equal online law enforcement. Speaking at the ISSE 2014 Conference in Brussels, Troels Oerting, head of the European Cybercrime Centre (EC3) and assistant director of Europol's Operations Department, said that we need greater collaboration across the world as cyber criminals are not focused on territory. He said that in the Danish police, he had the authority to use...

There should be more effort to build a strong and trustworthy IT security industry in Europe. Opening the ISSE conference in Brussels, Norbert Pohlman, director of TeleTrust in Germany, said that the European strengths are high level of competence in security and data protection, with innnovative security solutions, extensive security research and high expertise and evaluation and an open crypto policy. “Culturally we are in a good condition, with traditionally reliable IT security with no...

Edward Snowden has recommended the public take a greater interest in secure products and avoid public products like Dropbox, Facebook and Google.   Speaking at the New Yorker Festival, Snowden said that there is a problem in the way that people do not feel that they have anything to hide, as they are “inverting the model of responsibility”. He said that if this is the attitude, we will get where Government's do not have to justify...

US retailer Kmart has admitted some customer payment cards have been compromised after it discovered that point of sale systems had been breached.   While investigations are ongoing, initial indications are that the infections had started early last month. In a statement, Kmart president and chief member officer Alasdair James said that the retailer is working closely with federal law enforcement authorities, its banking partners and security experts in an ongoing investigation.   He said that the IT...

It has been reported that 4chan hackers have hacked into at least 100,000 Snapchat images sent via unofficial third party apps. Snapchat have tweeted a response to the claims by hackers that ‘Snapchat’s servers were never breached and were not the source of these leaks.’ Snapchat seemed to put the responsibility on the users by stating the users were ‘victimised by their use of third-party apps.’ The company then go on to confirm that this is something...

American ice cream chain Dairy Queen has confirmed that the Backoff malware was responsible for the impact upon payment card data.   In a statement, Dairy Queen said that nearly 400 US restaurants were affected, and that systems were accessed due to a "third-party vendor's compromised account credentials."   The statement, posted on the front page and signed by president and CEO John Gainor, said that after the intrusion was detected in August, it launched an extensive investigation...

Microsoft will release nine security bulletins next week, three of which are rated as critical.   With another five rated as important and one rated as moderate, the updates are for Windows, Internet Explorer, Office, .NET Framework and ASP.NET. This is also the first monthly patch release since the Trustworthy Computing Group was closed.   Russ Ernst, director of product management at Lumension, said: “The security group anyway is definitely still hard at work. Given the very...

There has been a significant increase in boardroom pressure on IT security departments, as board members become aware of targeted and DDoS attacks.   According to research by Fortinet of 1,600 IT decision makers across 15 countries, 63 per cent had experienced greater interest from the board. However the growing awareness of IT security within the boardroom  was also cited as a major contributor to making the IT security job more difficult, with three-quarters rating...