Editor's News

The proposed Dark Mail Alliance has been described as having “no logic” and having no business for internet service providers (ISPs) to adopt. Speaking to IT Security Guru, Brian Spector, CEO of CertiVox, said that the proposed secure email protocol would not be used by big service providers as “it is just not commercially feasible for large scale ISPs to do so.” Spector said: “What they are trying to do is get more ISPs to...

Mozilla has confirmed that it has disabled a malicious add-on that posed as being from Microsoft. According to Arstechnica, a Mozilla representative said the malicious add-on named "Microsoft .NET Framework Assistant", was no longer available. “This was used by 'Advanced Power' as part of its attack. You should always be careful with anything you download. It's a good idea to use many layers of protection, including anti-virus software to stop malware,” the spokesperson said. The research...

The National Security Agency has made dozens of changes in its operations and computer networks to prevent another whistleblower. According to Reuters, the NSA is making 41 specific technical measures to control data by tagging and tracking it, to supervise agency networks with controls on activity, and to increase oversight of individuals. This will include two-person control of every place where someone could access data, and enhancement of the security process that people go through. There...

The current Data Retention Directive is “incompatible” with the Charter of Fundamental Right, according to the court of justice of the European Union. According to a statement by the Advocate General, Mr Cruz Villalón, the Directive is invalid due to the absence of sufficient regulation of the guarantees governing access to the data collected and retained, and because member states have exercised their powers with moderation with respect to the maximum period of data retention....

Dell has announced plans to allow users to use its technologies to enable mobile connectivity. Named Enterprise Mobility Management (EMM) to allow mobile users to connect to a unified solution, and will be launched as an annual software subscription license across EMEA from Q1 2014. According to the company, Dell EMM provides unified security and management for remote workers and allows its Connected Security concept to get “more connected”. Building on earlier announcements with a...

A tech support officer from the University of Huddersfield has been crowned the top civilian in the 2013 Cyber Security Challenge’s DC3 Digital Forensics Challenge. Designed by the US Department of Defense Cyber Crime Centre, the Digital Forensics Challenge is a team competition but winner Glyn Snowden entered on his own and was second only to a group of four from Northrop Grumman, making him the highest-ranked civilian in the competition. The competition requires participants...

As part of the National Cyber Security Strategy, the UK Government has announced plans to expand partnerships with the private sector over the next year. Two years since the launch of the strategy two years ago, the key plans of a new national cyber security ‘hub' that will allow the government and businesses to exchange information on threats and responses; the formation of the National Crime Agency and strengthening of the Centre for Protection of the National Infrastructure (CPNI)...

CertiVox has admitted that it chose to take its secure email encryption service PrivateSky offline after a warrant was issued by a division of GCHQ. CEO Brian Spector told IT Security Guru that despite having "tens of thousands of heavily active users", it was served with a RIPA warrant from the National Technical Assistance Centre (NTAC), a division of GCHQ and a liaison with the Home Office, who were seeking the keys to decrypt the customer...

Exploit kits and botnets will begin to spread mass-produced ransomware in 2014 According to the Sophos security threat report, botnets will deliver more ransomware as users grow more resistant to fake alerts and anti-virus scams. Its statistics for June 2013 found that 29 per cent of exploit kits carry some kind of ransomware, in particular Glazunov that Sophos said had “become notorious for delivering dangerous ransomware”. The report said: “It’s hard to predict what form...

Malware which uses a shared hosting database, essentially in a service-based model, has been detected.   According to research by Imperva, the Database-as-a-Service (DBaaS) model allows them to set up a shared platform to host command and control (C&C) servers. Imperva claimed that this model gives illegitimate users easier access to data, from both inside and outside the service, and to do botnet management and as an infrastructure for both infection and data exfiltration.  ...