Editor's News

Criminal black markets are complex and mirror free markets in their unprecedented levels of maturity and growth.   According to a report by RAND and Juniper, the black markets have significant levels of economic sophistication, reliability, accessibility and resilience in the products, distribution channels and actors involved.   The report claimed that the black markets are growing in size and complexity and the hacker market has emerged as a playground of financially driven, highly organised...

Microsoft has warned of a zero-day vulnerability in Word and limited, targeted attacks directed at the 2010 version.   In an advisory, Microsoft said that the vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer.   The vulnerability can be exploited...

Project management website Basecamp was hit by a 20 Gbps distributed denial-of-service (DDoS) attack and blackmail attempt yesterday. In a statement, Basecamp said that the attack targeted the network link between its servers and the internet. “This is like a bunch of people blocking the front door and not letting you into your house. The contents of your house are safe - you just can’t get in until they get out of the way,” it...

Gmail has announced it is to add HTTPS by default for checking and sending email, after adding it to its service in 2010.   In a blog, Nicolas Lidzborski, Gmail security engineering lead, said that today's change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers, regardless of device or connection.   He said: “Every single email message you send or receive -...

MalwareBytes has announced the launch of the premium edition of its software, the first completely new version of the company’s flagship security software for six years.   Named Malwarebytes Anti-Malware Premium, it is designed to work alongside traditional anti-virus to provide additional protection, and combines five powerful technologies in a lightweight 16MB download. These include a new heuristics engine; anti-rootkit technology; Malwarebytes’ Chameleon to brute force start-up and scan when malware is operating; malicious URL...

Microsoft has admitted to taking “extraordinary actions based on the specific circumstances” to access a user’s email account.   In a statement, John Frank, deputy general counsel and vice president of legal & corporate affairs at Microsoft, said that while it believes that Outlook and Hotmail email are and should be private, information it received indicated an employee was providing stolen intellectual property to a third party.   According to BBC news, Microsoft was alerted...

A move to Ireland has been described as sending a strong message to companies who care about the privacy and security of their data that this is a country that can support that.   Following a report in the Guardian, where it was claimed that Home Secretary Theresa May had called Yahoo to an “urgent meeting to raise security concerns after the company announced plans to move to Dublin where it is beyond the reach...

The Open University has launched a new post graduate computing programme, with a strong focus on digital forensics. Developed with industry organisations including the BCS and CGI, the University said that this offers IT professionals the opportunity to learn to gain digital forensics qualifications. The masters course also includes new modules on software development courses to help organisations adopt the latest agile methodologies without scaring their customers and board members. According to the Open University,...

Symantec has confirmed that president and CEO Steve Bennett’s position has been terminated, and replaced with Michael Brown as an interim.   In a statement, Symantec said that Bennett resigned from the board of directors. He was in the position for just under two years, following the departure of Enrique Salem, who has remained in the security sector and serves on the boards of FireEye, Box and Forescout.   Symantec said that a special committee...

A browser which claims to be a mobile version of the Tor software has been detected, but it reportedly is ridden with malware.   According to a discussion on the Tor project website, the Tor Browser in the Apple App Store is fake, with a user claiming “it's full of adware and spyware” and a move to have it removed has been mooted.   A mobile researcher told IT Security Guru that the malware was...