Editor's News

A miscommunication issue with a member and a functionality issue with a new website feature have dogged the National Union of Journalists (NUJ) in recent days.   Journalist and NUJ member Kate Bevan told IT Security Guru that, after she had initially used a seven-character password to renew her press card, she was told this was too long and needed to “send the password by email”.   Bevan said: “You should never use anyone's credentials...

A Twitter account for hacktivist movement Anonymous has been hit by allegations of in-fighting, backstabbing and missing fundraising donations.   According to International Business Times, Christopher Banks (aka Jackal) has been accused of stealing $35,000 (£20,720) from a fundraising campaign which was designed to help build a new website for the “Your Anonymous News” account. It claimed that in early 2013, Jackal and other prominent people running the account decided that they wanted to build...

Whistle blowers Edward Snowden and Chelsea Manning have been offered honorary membership of the Chaos Computer Club (CCC).   In a statement, CCC said that public awareness of the activities of the NSA, GCHQ and other intelligence agencies have been taken seriously and the CCC has “clearly and unambiguously positioned as a supporter of Edward Snowden and demanded that the German government is committed to the whistleblower”.   It referred to Snowden as an “American...

A Ferrari has been offered to the hacker who can come up with the best scam.   According to the Times of India, the gift is part of a bizarre "employee of the month" competition from the leader of a global cyber crime syndicate who offers the luxury car as a prize.   Speaking to the Independent on Sunday, Troels Oerting, the head of the European Cybercrime Centre, said that a video was posted on...

Many apparently “secure” websites remain vulnerable to the Heartbleed OpenSSL flaw a month on from it being widely reported and a patch being offered.   According to netcraft, although many secure websites reacted promptly to the bug by replacing their SSL certificates and revoking the old certificates, some made the critical mistake of reusing the potentially-compromised private key in the new certificate.   It determined that more than 30,000 affected certificates have been revoked and reissued without...

Every three minutes, a botnet communicates with its command and control centre while every 24 hours, company networks are infected with a new botnet.   Research by Check Point, based on analysis of monitored security events from over 10,000 organisations found that malware is downloaded every ten minutes in 84 per cent of the respondents.   It also found that every ten minutes, a known malware variant is being downloaded to company networks and every...

Microsoft will release eight patches on its next Patch Tuesday, two of which are rated as critical.   Fixing remote code execution flaws in Windows, Explorer, Server Software and Productivity Software, this is the first scheduled release since the final scheduled patches were released a month ago. Last week Microsoft issued an emergency fix for a zero-day flaw in Internet Explorer that covered Windows XP users.   Ross Barrett, senior manager of security engineering at Rapid7,...

Rogue employees are the biggest threat to information security, although there is little investment in training or compliance.   Based on a poll of 79 attendees at last week’s Infosecurity Europe 2014 by the BSI, 37 per cent of those respondents said the biggest threat was rogue employees, higher than cyber attacks (19 per cent) and bring your own device (15 per cent).   Suzanne Fribbins, risk management expert at BSI, said that it was...

Mobile malware which locks Android users out of their device and demands a ransom payment has been detected.   According to research by Bitdefender , the Reveton or IcePol ransomware displays a bogus message claiming to be from the police and that you have been monitored accessing child abuse websites. The malware, identified as Android.Trojan.Koler.A is delivered automatically while the victim is browsing malicious pornographic sites.   “As the user browses, an application that claims...

The French arm of Telco Orange has suffered a major data breach which has seen 1.3 million customer details leaked.   According to the Register, hackers made off with subscriber names, dates of birth and phone numbers that were used for its email and SMS marketing campaigns. Orange did not disclose how the April 18th breach was executed, but the breach accounted for about 4.9 per cent of the Telco’s subscriber base.   Steve Smith, managing...