Editor's News

GCHQ has launched a fresh pilot sponsorship scheme aimed at identifying individuals with exceptional aptitude to become the UK's next generation of cyber security experts. The scheme, named “Cyber First” will draw on talent from a broad range of backgrounds to meet the UK’s future national security needs, both in Government or for companies involved in national security. Announced by Francis Maude, Minister for the Cabinet Office with responsibility for Cyber Security, it will identify those...

Gaming video platform and community Twitch has reported unauthorised access to some user's account information. In a notice, it said that it has expired passwords and stream keys, and have disconnected accounts from Twitter and YouTube. “As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account,” it said. “We also recommend that you change your password at any website where you use...

New joint initiatives between Government and the insurance sector have been announced to help firms get to grips with cyber risk and insurance. Announced by the Government and Marsh, a major insurance brokers and risk advisor, is seeking t0 make cyber insurance a part of firms’ cyber toolkits and cement London as the global centre for cyber risk management. According to a report, the UK could become a world centre for cyber security insurance. The report notes...

Freshly detected point of sale (PoS) malware which infects machines to scrape for credit card information and exfiltrate that data to external servers has been detected. According to research from Cisco, “PoSeidon” contains several components, including the ability to maintain persistence on the target machine in order to survive a reboot, and it installs a keylogger and scans the memory of the PoS device for number sequences that could be credit card numbers. PoSeidon starts...

Businesses face an average of 3.9 distributed denial-of-service (DdoS) attacks a day, with 96 per cent of attacks lasting for less than half an hour. According to the inaugural quarterly DDoS trends and analysis report from Corero Network Security, short bursts of attack traffic instead of prolonged events and partial link saturation attacks have become more common. The report, based on real customer data, said that one customer in particular experienced an average of 12...

Victims of the Target breach do not expect to see any of the $10 million settlement, as the consumer will need to demonstrate loss. Despite the $10 million settlement being announced last week which claimed that individuals could get up to $10,000 in damages, one analyst has said that affected victims could see as little as $50 to $100. According to news reports, as more than 100 million customers could have been affected by the...

The Metropolitan Police and Mayor of London should lead a London-wide campaign during 2015-16 to draw attention to the threat of online crime. According to a report by the Police and Crime Committee, the Met should identify a senior ranking officer to be responsible for mainstreaming cyber crime action across the whole of the force, and there should be more focus on low-level, high volume online crimes. Saying that the police are behind the curve...

Security threats from insiders are “exploding”, but businesses are not ready to accept it.   Speaking to IT Security Guru, Clearswift senior vice president of products Guy Bunker said that in a sense, “everything is getting worse!” as from the perspective of the organisation, the coupling of technologies the open network are responsible for two-third of the threats within the extended enterprise.   Looking back at its 2013 research on the “enemy within”, Bunker admitted...

An £38 million funding investment has been confirmed with Queens University Belfast, allowing for expansion at its Centre for Secure Information Technologies (CSIT).   Establishing it as a world-leading research and innovation hub for cyber security for Smart Cities and the Internet of Things, the £38 million expansion aims to enhance security in highly virtualised environments and connected devices, and to prevent personal information theft and fraud from laptops, smart phones and cloud storage.  ...

New bugs have been discovered in OpenSSL, a year on from the announcement of the Heartbleed flaw. Described as a high severity flaw, the advisory said that one “high” severity flaw exists if a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension, then a “NULL pointer dereference” will occur. This can be exploited in a denial of service attack against the server. In the second flaw, which was...