Editor's News

A number of media websites have been defaced to display a message from hacktivists the Syrian Electronic Army (SEA).   According to media reports, The Independent, Telegraph, LA Times, CNBC & NBC, Boston Globe, Forbes and Business Insider were among those who came under attack, which the BBC reported was enabled by changing the DNS settings of the shared website provider.   The message related to Thanksgiving, and was accompanied by a message critical of...

The FinFisher surveillance software masqueraded as a benign bookmark manager, according to detection by the Detekt software.   According to the Register, developer Claudio Guarnieri said on Twitter that Detekt discovered the malicious toolkit and an unknown user uploaded the file to the Virus Total analysis engine. The malware was signed with a Comodo certificate signed by 'Jagdeependra' and not the author of the bookmark manager Outertech.   FinFisher is a cross-platform tool that can...

More businesses are appointing a chief information risk officer (CIRO) and it is expected to become a full-time professional position.   Andrew Fitzmaurice, CEO of Templar Executives, said that often the board do not see the benefit of information security until it is presented to them and they see that it can affect share prices and their corporate edge.   Therefore the “board level champion” position of the CIRO has emerged who has a CISO...

Shellshock was successful because of a failure on the first patch and the rush to install it. According to a blog by Imperva, hackers rapidly adapted the vulnerability into their exploit kits and their ongoing attack campaigns and while the original patch was proven ineffective, a second wave of exploits dovetailed into the first one. Barry Shteiman, director security strategy at Imperva, said: “This vulnerability is one of the best examples of the risk to...

Cyber criminals could be raking in profits 20 times greater than the cost of their attacks. According to research by Kaspersky Lab of the cost of the most frequently used hacker tools with the money stolen in a successful malicious operation, the money made can be significant. In the case of creating a phishing page that mimics a popular social network site, as well as setting up a spam mailing list that links victims to...

The Australian Government has rolled out a network to enable reporting ot cyber crime fraud and incidents. Named ACORN (Australian Cybercrime Online Reporting Network),it will enable the public to report cases of cyber crime and also offer information to the public on how to avoid such attacks, reported lT News. ACORN is being positioned as a “national policing initiative" and Justice Minister Michael Keenan said police at federal and state levels would for the first...

An open letter has been sent to the National Institute for Standards and Technology (NIST) and copied to the White House asking for secure and resilient encryption standards to be built.   Signed by 19 organisations, including the EFF, Liberty Coalition, New America's Open Technology Institute, Electronic Privacy Information Center (EPIC) and vendors including Silent Circle and Cloudflare, it calls for development “free from back doors or other known vulnerabilities”, and calls on NIST to...

Sony Pictures Entertainment instructed employees not to connect to corporate networks or email after it suffered a major hacking incident.   The company network was affected with company PCs featuring an image saying “We have obtained all your internal data including secrets and top secrets”.   According to Deadline, the computers in New York and around the world were infiltrated by a hacker, and a source said that it is “down, completely paralysed”   In...

Between 2008 and 2014, there were over 700 prosecutions under the Computer Misuse Act. Revealed under a Freedom of Information Act request by Cordery, there were 702 prosecutions by the Crown Prosecution Service (CPS) in a six year period for the four charges of: unauthorised access to computer material; unauthorised access with intent to commit or facilitate the commission of further offences; unauthorised acts with intent to impair, or with recklessness as to impairing, the...

Regin was spotted twice before yesterday's revelations, claim researchers. Following yesterday's announcement about the detection of the sophisticated surveillance backdoor Trojan ‘Regin’ by Symantec, researchers at both Kaspersky Lab and F-Secure have claimed that they were both aware of the threat. Kaspersky said in its research that it was contacted in spring 2012 by a researcher who mentioned Regin when analysis was being done of the Duqu malware. Kaspersky said that it has been tracking the threat for the...