Top 10 Stories

US telco AT&T has suffered an incident courtesy of a malicious insider, which has resulted in the compromise of account and personal information of number of customers.   According to a breach notification letter sent out to affected users and to the Office of the Vermont Attorney General, it explains that one of the company's employees violated their policy and security guidelines by accessing users' account information, including the users' social security number and driver's...

A security researcher has claimed to have uncovered a botnet using the“Shellshock” exploit against servers on a number of high-profile domains.   According to Arstechnica, these domains include servers at Yahoo and the utility software developer WinZip. Jonathan Hall, president and senior engineer of technology consulting firm Future South Technologies found the botnet by tracking down the source of requests that probed one of his servers for vulnerable CGI server scripts that could be exploited using the...

Hewlett Packard will split into two companies to provide computers and printers on one side, and corporate hardware and services operations.   It is anticipated that CEO Meg Whitman will run the enterprise company as well as serving as chairman of the computing and printer division, which last quarter accounted for about half its revenue and profit.   HP has invested in security businesses over the past few years, with major acquisitions of SIEM business...

Touchstone Medical Imaging, a Tennessee-based medical firm who provides services such as MRI, CT scans, Ultrasound and Mammography, has announced that it suffered a data breach as the result of an open share that was exposed to the internet.   This shared folder contained billing information of patients including Social Security numbers, names, addresses, date of birth and phone numbers. It stated that no medical information records were stored in this folder, but they make...

Hackers exploited an employee password to crack into JP Morgan Chase and access 83 million user's data.   The incursion started in June, according to the people familiar with the bank’s review. The hackers entered a web-development server with an employee’s user name and password, then wormed their way into the lender’s network, sources said.   The server was a soft spot in the bank’s armor that lacked safeguards normal in other parts of the...

Users of the Windows Insider Programme for Windows 10 may see users giving up more than they may like to.   According to The Inquirer, the privacy policy of the Windows 10 preview reveals some startling permissions that you grant by installing and using it. It says: “We may collect information about your device and applications and use it for purposes such as determining or improving compatibility" and "use voice input features like speech-to-text, we may collect voice information...

Facebook is developing online “support communities” which would bring together and connect Facebook users suffering from certain illnesses or ailments.   The site reportedly has a team investigating “preventative care” applications that would help people improve their lifestyles, similar to many current activity tracking services, people familiar with the matter told Reuters.   The sources, which asked to be kept anonymous due to the ongoing nature of the developments, said that Facebook has been meeting with...

A witness in the Silk Road takedown case believes that the FBI is not telling the whole truth when it comes to how they found the back-end server.   Joshua Horowitz said that his “practice is concentrated on criminal defense matters that require expertise in technology and computer software” and former Special Agent Tarbell’s explanation of how the FBI discovered the server’s IP address is “implausible”.   In the document hosted by Techcrunch, Horowitz said that Tarbell’s explanation...

Belfast’s Centre for Secure IT (CSIT) has been awarded funding of £400,000 to help reduce cyber attacks to national grid.   The Converged Approach towards resilient Industrial control systems and cyber assurance (CAPRICA) project will investigate vulnerabilities within the national grid. One of four new projects made up of a £2.5 million initiative and co-funded by the Engineering and Physical Sciences Research Council (EPSRC) and UK’s National Cyber Security Programme.   The CSIT research team will...

The US Defense Advanced Research Projects Agency (DARPA) has warned that users of the internet will never be fully secure.   Speaking during the Washington Post’s Cybersecurity Summit, DARPA director Arati Prabhakar said that the only way fully to secure the internet is to seal it off and make it available only to selected people.   Prabhakar said that, while wholly securing the internet is impossible, DARPA is working on new ways to track hackers and criminals...