Editor's News

Google is tightening supervision of its Play store by forming a team who will screen new apps for malware and sexually explicit material. While not adopting Apple's approval process, Google's special team will screen each Play Store app submitted by developers to spot earlier anything that runs afoul of its rules. According to the blog, it had already begun reviewing apps several months ago “to better protect the community and improve the app catalog”. Eunice...

US healthcare services provider Premera has confirmed that is suffered a sophisticated attack which compromised the personal information of members, employees and business partners.   In a statement, Premera president and CEO Jeff Roe confirmed that attackers gained unauthorised access to IT systems, which was discovered on January 29th and an investigation found that it occurred on May 5th, 2014. “As part of our own investigation, we notified the FBI and are coordinating with the...

A third of UK businesses have no data breach response plan.   According to research by Experian of 400 senior business executives, only a third have specific budgets set aside to deal with data breaches, despite 81 per cent saying that they are concerned about the financial impact of recovering from a breach.   Amir Goshtai, managing director of affinity at Experian Consumer Services, said “The prevalence and severity of data breach incidents will continue to...

A vulnerability classed as “high” severity in OpenSSL is set to be fixed on Thursday.   According to an advisory, the OpenSSL project team has announced the forthcoming release of OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf. “They will fix a number of security defects,” Matt Caswell from the OpenSSL Project Team said. “The highest severity defect fixed by these releases is classified as "high" severity.   Whilst the flaw remains veiled in secrecy, Microsoft...

Employees at GCHQ and other sensitive parts of the Government have been told to strip employees of company smart phones and memory sticks to protect them from cyber attacks.   According to the Telegraph, advice warns firms that staff are the “weakest link in the security chain” and protective action must be taken. Companies have been told staff should only use trusted WiFi networks and constantly update internet browsers.   The warnings were contained in...

Computer science student Adam Tonks was crowned as the fifth winner of the annual Cyber Security Challenge at the weekend.   After completing the 48 hour battle against the cyber terrorists Flag Day Associates and a separate challenge to protect an industrial control system, 21-year old Tonks beat thousands of entrants and 41 fellow finalists to be named as the winner.   Following in the footsteps of a postman, pharmacist and students Jonathan Millican and...

Yahoo has announced that it is to introduce end-to-end (e2e) encryption for its webmail service Yahoo Mail.   In a blog post, Yahoo CISO Alex Stamos said that the e2e function is enabled via a plugin, and at this stage it is rolling out the source code for feedback from the wider security industry, but the goal is to provide an intuitive e2e encryption solution for all users by the end of the year.  ...

A new ransomware variant is targeting gamers and preventing them from getting stuck into the action.   Claiming to be a new variant of CryptoLocker, research by Bromium found that the new variant aims to make gamers pay to unlock what they already own and data files for more than 20 games can be affected by the threat.   Once infected, the ransomware seeks out saved games and other files and encrypts them and is...

The nature of warfare is changing, and defences need to be improved in order to defend against “anoraks inside cyber warehouses”. Speaking in a backbench debate on defence spending, Sir Richard Ottaway MP, chair of the Foreign Affairs Committee, he said that the “real battles of the future lie in cyber warfare”. Sir Ottaway said that the “anoraks inside cyber warehouses in eastern Russia or in Asia” are the current enemy, and as a result...

As well as facing the Flag Day Associates in the main Cyber Security Challenge, candidates are also facing a live smart grid security issue. In the separate challenge, candidates get 70 minutes to defend and provide a security validation test of an industrial control system. With each of the seven teams getting the opportunity to do this, they will also be asked to debrief the organisers from Airbus on their work and actions. Specifically, the...