Editor's News

Lenovo has defended the installation of the Superfish software, saying that there is no evidence to substantiate security concerns.   In a statement, Superfish was previously included on some consumer notebook products shipped in a short window between October and December to help customers potentially discover interesting products. After user feedback was not positive, it was subsequently disabled at server side from January in all Lenovo products, disabling Superfish for all products.   It also...

Home computing manufacturer Lenovo has been accused of installing adware on its laptops.   Named “Superfish”, the company has suggested users uninstall if they do not find it useful, while security experts have condemned the move, suggesting it is man-in-the-middle software.   According to reports, Superfish stole all manner of web traffic using fake, self-signed, root certificates to inject advertisements into sessions, and also monitored user activity, used man-in-the-middle attack techniques to crack secure connections,...

The Royal Bank of Scotland has launched a fingerprint login service for users of the RBS and NatWest mobile app.   RBS said its 'Touch ID' would be available for nearly one million Apple iPhone users that have RBS or NatWest mobile banking apps. The move is part of the bank's reaction to a decline in customers using its branches and growth in those banking online and via mobile phone apps.   According to RBS, over three million customers...

The founder and former chief executive of Chesapeake, Aubrey K. McClendon, has been accused of stealing confidential company data during his last months on the job in order to launch his new oil and gas empire. According to the civil complaint filed by Chesapeake, McClendon “misappropriated highly sensitive trade secrets from Chesapeake" and "subsequently used these trade secrets for the benefit of" a company he founded in 2013, American Energy Partners LP, reported Reuters. In the suit, Chesapeake...

The US National Security Agency (NSA) has said that it has “no comment” to claims that it has installed malware on hard drives of internet users. Initially Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs. Naming the attacking group “The Equation Group”, it targeted Government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. However it declined to...

A group using self-developed targeted attack tools has hit 3,000 targets in the Middle East and carried out espionage actions across the region. Named the Desert Falcons, according to the report by Kaspersky Lab the 30-strong Palestine, Egypt and Turkey-based group carries out its actions with its own “homemade malware tools and techniques to execute and conceal its campaigns on PC and Mobile OS”. The group was first seen in 2011, with first infections made...

The Secure Socket Layers (SSL) v3.0 protocol is no longer acceptable for protection of data due to inherent weaknesses within the protocol.   According to a bulletin from the PCI council on impending revisions to the PCI data security standard (DSS) and the payment application data security standard (PA-DSS), following The National Institute of Standards and Technology (NIST) identifying the Secure Socket Layers (SSL) v3.0 protocol as no longer being acceptable for protection of data...

Kaspersky Lab has said that the Carbanak attackers are targeting financial entities directly in an unprecedented, determined, highly professional and coordinated attack which is still ongoing.   Named Carbanak as it based on the Trojan Carberp and the name of the configuration file is "anak.cfg", Kaspersky’s analysis says that according to what it has found, the first malicious samples were compiled in August 2013 when the controllers started to test the Carbanak malware.   It...

The group who have reportedly stolen $1 billion in two years from 30 countries was initially spotted in December.   The report by Kaspersky Lab found that a multi-national gang of cyber criminals from Russia, Ukraine, China and parts of Europe found that the “Carbanak” criminal gang attempted to attack up to 100 banks, e-payment systems and other financial institutions in around 30 countries where the largest sums were grabbed by hacking into banks and...

More than 60 per cent of mobile dating apps are potentially vulnerable which could put personal user information and corporate data at risk.   A study by IBM of the top 41 dating apps available on Android devices found that many have access to additional features on mobile devices such as the camera, microphone, storage, GPS location and mobile wallet billing information. IBM also found that nearly 50 per cent of organisations analysed have at...