Editor's News

Industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives. Speaking at a summit for the financial, water, energy, communications and transport sectors, Secretary of State for Business, Innovation and Skills Vince Cable said that cyber attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately...

The second Waking Shark stress test exercise has been deemed a success, with participants calling for stronger attacks next time. The exercise, which was held on Tuesday 12th November 2013, was s designed to follow up and reinforce the lessons learned from previous cyber exercises and reflect the continued evolution of the nature, intensity and sophistication of cyber threats over the past two years. It was conducted between 14 firms, six financial market infrastructure providers,...

The chief financial officer of Target has said that he is “deeply sorry” for the recent breach and it is determined to win back customers' trust.   Speaking before the US Senate Judiciary Committee hearing which is investigating the data breaches, John Mulligan, Target chief financial officer and executive vice president, said the cyber attack has strengthened its resolve and it will make “Target, and our industry, more secure for customers in the future”.  ...

Malwarebytes is to accept Bitcoin payments for its consumer anti-malware suite.   According to the company, it will accept Bitcoin for its Anti-Malware Pro product and any products that are purchased with Bitcoin will have a Bitcoin logo on the page. Malwarebytes will be using Coinbase as the payment platform.   Marcin Kleczynski, CEO of Malwarebytes, said that it was excited to accept a crypto currency that provides a level of anonymity to users. “Protecting...

The Open Group has launched an accreditation program to assure the integrity of commercial information and communication technology products.   Called the Open Trusted Technology Provider Standard (O-TTPS) Accreditation Program, this is intended to assure integrity in technology development and to prevent maliciously tainted and counterfeit products from entering the supply chain.   Companies seeking O-TTPS Accreditation can choose to be accredited for compliance with the O-TTPS standard for a specific product line, business unit...

A need for fully skilled, experienced professionals is causing headaches when hiring in information security.   Speaking to IT Security Guru, Christian Toon, head of information risk for Europe at Iron Mountain, said that a current recruitment drive has shown that there is a need for full skillsets and “a security all rounder”.   He said: “We do need someone with computer skills and defined ideas, but we need more. It is about being personable...

A security operations centre is to be opened by the UK Government for its public sector network (PSN) to be able to respond to threats.   In an email to IT Security Guru, a Cabinet Office spokesperson confirmed that rather than a continuous diagnostics and mitigation (CDM) system, which the US Department of Homeland Security has installed for US Government departments, this solution is being offered.   “We are not offering a centralised CDM system...

Google has said that it is not prepared to pay a bug bounty for a privacy flaw, despite needing to make a change in Calendar after it was reported.   In an email to IT Security Guru, Google said that it did not have any further comment to make on a recent blog after it initially reviewed the report made by Terence Eden. Eden said that the issue was formally disclosed to Google on 6th...

More than 20,000 records were leaked because of a SQL Injection attack. After it was revealed that Bell Canada had 22,421 user names and passwords, and five valid credit card numbers of affiliated small-business customers posted on the internet at the weekend, security researcher, Troy Hunt, said in a blog that it was “pretty self-evident from the original info leaked by the attackers that SQL injection had played a prominent role in the breach”. He...

An attempt to gain access to Yahoo Mail accounts was thwarted. In a statement, Yahoo senior vice president of platforms and personalisation products Jay Rossiter, said that it identified “a coordinated effort to gain unauthorized access to Yahoo Mail accounts” and upon discovery “took immediate action to protect our users, prompting them to reset passwords on impacted accounts”. Yahoo said that while there is no evidence that the passwords used to try and access the accounts...