Editor's News

Today marks the two-week deadline for the ownership of the Gameover Zeus (GOZeus) botnet after control was seized by the UK’s National Crime Agency, the FBI, Europol and a number of security companies.   In a warning issued by the NCA, it said that after the international action on the 2nd June, which temporarily weakened the global network of infected computers, providing a two-week opportunity for members of the public to rid themselves of the...

Domino’s Pizza is refusing to pay a ransom demand of €30,000 (£23,000) despite an attacker threatening to release the 600,000 customer details.   According to Sky news, the hacker known as “Rex Mundi” said the full details would be released today unless the firm paid them the fee. Those details include customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions, as well as each customer's favourite pizza topping.   However Domino's Pizza...

Malwarebytes have launched a tool to protect users against known and unknown zero-day exploits.   Using behavioural analysis rather than a signature database, the company claimed that Malwarebytes Anti-Exploit demands minimal system resources and interaction and runs silently protecting against vulnerabilities in mass-market applications such as browsers, Java, document readers, media players and others.   It stops attackers from executing malicious code by using three separate layers of defence: actively guarding against OS security bypasses,...

Microsoft has announced a review of its Windows Privacy Statement to offer opt-out on adverts and sharing of personal information.   According to an announcement made to users, when you sign in to a site or service using your Microsoft account, it collects certain information in order to verify your identity on behalf of the site or service to protect you from malicious account usage and to protect the efficiency and security of the Microsoft...

Half of servers tested by Qualys labs are vulnerable to the most recently-discovered OpenSSl flaw.   According to Qualys, after the advisory was published on June 5th it has been testing a remote check for the flaw and satisfied that the test is identifying vulnerable hosts correctly, a scan run against the SSL Pulse dataset found that about 49 per cent servers are vulnerable, and around 14 per cent of the total number are exploitable because they're...

Modern malware campaigns use classic techniques, despite claims of sophistication.   According to researchers at Context Information Security, there are classic virus techniques at the heart of The Mask, or Careto, espionage malware. Despite being described by Kaspersky as one of the "most advanced global cyber-espionage operations to date” and widely attributed to sophisticated, state sponsored cyber attacks, Context claimed that the malware appears to rely on technology plucked out of the history books. Kevin...

Feedly has said it will not pay a ransom demand despite facing down a distributed denial-of-service (DDoS) attack.   The social media and RSS website came under attack yesterday, and said in a blog that “criminals are attacking Feedly with a DDoS” who were “trying to extort us money to make it stop”. However it said that it “refused to give in and are working with our network providers to mitigate the attack as best...

Twitter desktop application Tweetdeck had a major cross-site scripting (XSS) bug last night. While owner Twitter fixed the bug, users were encouraged not to use the application and change passwords as the application spouted random text in place of regular tweets. According to reports, systems were randomly retweeting messages containing potentially malicious scripts. Mashable reported that a 19-year old Austrian named Firo Xi found the flaw, but denied that it was a deliberate hacking effort....

American Chinese restaurant chain PF Chang has said it is investigating a report of a possible data breach involving credit and debit card data.   According to USA Today, the data may have been stolen from restaurant locations nationwide. The chain has 211 P.F. Chang's locations in the USA, and 192 Pei Wei Asian Diner restaurants. Initially detected by security blogger Brian Krebs, who found that customer data from thousands of credit and debit cards...

Target has announced that it is to hire a new CISO following the major breach and loss of the CIO and CEO.   According to Security Week, the company announced that it has hired Brad Maiorino as senior vice president and CISO. Maiorino will join the retailer on June 16th and will be responsible for the company's information security and technology risk strategy and report to CIO Bob DeRodes who was hired by the company in April....