Editor's News

Microsoft will release five patches next week, with two rated as critical.   The two critical patches both fix remote code execution flaws in Windows and Internet Explorer, while the three important-rated patches fix elevation of privilege and security feature bypass vulnerabilities in Windows and Silverlight.   Ross Barrett, senior manager of security engineering at Rapid7, said that this continues the light trend of 2014 patch Tuesdays. “We only see two issues that are critical/remote code...

Government investigation websites are often abandoned and filled with spam and malicious links as certificates expire and security updates lapse.   According to a blog by security researcher Terence Eden, abandonment is the primary cause of the vulnerabilities and, as time wears on, people begin to drift away from the project, jobs change and no one is left responsible for updating and maintaining the software.   “So we move on to the tragic fate of...

Online comic store ComiXology has warned of an unauthorised access of a database that contained user details, and rolled out a complete password reset.   In an email, ComiXology said that in the course of a recent review and upgrade of its security infrastructure, it determined that an “unauthorised individual accessed a database of ours that contained usernames, email addresses and cryptographically protected passwords”.   It said that even though it stores passwords in protected...

A free security app for mobiles has been introduced by Malwarebytes to protect people from the growing number of Potentially Unwanted Programs (PUPs) targeting Android users.   According to the company, the new version of Anti-Malware Mobile will give people an option to automatically detect and block the apps that aim to make money from aggressive advertising and in-app purchases, as well as collecting unnecessary amounts of personal data.   Claiming that such apps are...

The end of support for XP by Microsoft will see a rise in the adoption of “bring your own device” policies.   According to EY, with 20-30 per cent of the world still running XP, despite Microsoft ending support in a month, BYOD could be a quick solution to the problem. Mark Brown, director of information security at EY, said: "Hackers will use this as an opportunity to take advantage of those organisations that have...

Following the breach which affected tens of millions of users, the CIO of American retailer Target has resigned.   According to media reports, Beth Jacob is the first high-level executive to leave the company following the breach of 70 million records after six years in the position. Target said that it will replace Jacob, but with an external hire, and the position will be “elevated” to CISO as part of its plan to tighten its...

To commence with this article, I would like to make it clear that I am not grumpy by intention, and that my current mood is attributed to what is at times, a failing of the Security Profession, and more the case, some of those who are associated with it in their various capacities, and guises - please allow me to elaborate. To set the scene, I wish to take you back to a Gartner event...

CIFAS – the UK's Fraud Prevention Service, today released Fraudscape: a report that analyses fraud recorded by over 300 organisations during 2013. While overall fraud levels decreased in 2013 by 11% compared with 2012, analysis in Fraudscape reveals trends, including increases in card, mortgage and loan fraud and a decrease in bank account fraud. Identity related crimes – frauds where criminals misuse the personal data of victims – still accounted for over 60% of all...

Economic crime against financial services organisations continues to rise around the world. Some 45% of financial services respondents to PwC's 2014 Global Economic Crime Survey say they have been victims of economic crime. And 39% say they have been victims of cybercrime, as fraudsters increasingly turn to technology as their main crime tool. Around half who have experienced economic crime during the survey period report an increase in the number of occurrences and the financial...

Many mobile device users are still not aware that they are just as vulnerable to cybercrime on their smartphones as they are on their PCs. in response, Kaspersky Lab has today launched the free Kaspersky Safe Browser for Windows Phone app to safeguard web surfing on smartphones running Microsoft’s mobile OS. The application is now available for download from Windows Phone Store. The new browser boasts protection against phishing, a widespread threat that affects PCs...