Editor's News

Today sees two notable events online: Safer Internet Day and a “fight back” against mass surveillance.   The latter is backed by the Electronic Frontier Foundation (EFF), who called it the day “we fight back against mass surveillance”. It said that a broad coalition of organisations, companies and individuals are loudly voicing their stance against unwarranted mass spying. It said that over 6,000 websites have joined together “to demand reform” as it called for reform...

A threat operation that has been involved in global cyber-espionage operations over the last seven years has been detected and named as “The Mask”.   Also named Careto, it targets Government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organisations and activists. Extremely sophisticated, it has attacked more than 31 countries and gathers sensitive data from systems it has infected.   These include office documents, various encryption keys, VPN configurations, SSH keys...

Leading minds in encryption and cyber crime have joined Kaspersky Lab's International Advisory Board. Among the first board of internationally recognised IT security experts are former cyber advisor to Presidents Bush and Obama, Howard A. Schmidt; former Minister of State for Security and Counter Terrorism, Baroness Pauline Neville-Jones, and cryptographers Bruce Schneier and Whitfield Diffie. The newly-formed advisory board will further reinforce the company’s cyber security intelligence foundations, bringing in new perspectives and expertise from...

Barclays has found itself in a data loss nightmare, after national newspapers reported about the loss of 27,000 records.   According to the Mail on Sunday, the thousands of confidential customer files were stolen and sold on to rogue City traders. The information included customers’ earnings, savings, mortgages, health issues, insurance policies, passport and national insurance numbers and each report is about 20 pages long, and among the victims are doctors, businessmen, scientists, a musician...

LinkedIn has announced that it is to withdraw its controversial Intro system after only being announced five months ago. The concept of Intro was that injected HTML code into the top of the emails you receive on your iPhone so you could view someone's LinkedIn profile alongside the message they have sent you. In a blog titled "doing fewer things better", LinkedIn's senior vice president of products and user experience, Deep Nishar, said that as...

Imperva has acquired three firms and added cloud DDoS mitigation technologies to its product offering. The company announced last night that it will acquire Incapsula and Skyfence as well as the software assets of Tomium. According to the company, the acquisition of Skyfence will see the addition of security for internal corporate applications which are moving to software-as-a-service (SaaS) delivery models. Skyfence offers a solution to provide user fingerprinting technology to profile normal user behaviour...

Microsoft will issue five bulletins on next week’s Patch Tuesday, including two patches rated as critical. The two critical patches are for remote code execution flaws in Windows and Microsoft Security Software, while important patches will be issued for vulnerabilities in Windows and the .NET framework. Commenting, Wolfgang Kandek, CTO of Qualys, said that for the second consecutive month, there is no update to Internet Explorer, but one will be expected before the PWN2OWN competition...

The Waking Shark 2 exercise has been described as a waste of time.   In an email to IT Security Guru, Professor John Walker, a member of the British Computer Society Elite Group, said that he did not feel that Waking Shark 2 was a success as “it did not reflect the real world” and that banks “still have massive issues”.   Walker said: “They were exposed as the Bank of England do not understand...

Tickets for this year’s Security B-Sides London conference will go on sale this Sunday.   Released this Sunday at 11am, tickets for the community-driven event sold out in a matter of minutes last year for the event held on Tuesday April 29th at Kensington and Chelsea Town Hall in London.   Held under the banner of “Connecting People & Agents of All Kinds”, the content for presentation opportunity is currently open for talks that will...

GCHQ has updated details on its website after it denied that an expired PGP key was offered for secure communication.   Researcher Terence Eden told IT Security Guru that when he contacted GCHQ and asked for a public key with which he could encrypt communications, he was directed to a key on their website which had expired a few days earlier.   In response, GCHQ denied that this was the case. A GCHQ spokesman said:...