Editor's News

McAfee parent Intel has announced that it plans to remove the name of the security company and rename it as “Intel Security”.   Intel, who acquired McAfee in 2010 for a fee of around £5 billion, said at the 2014 International Consumer Electronics Show in Las Vegas that the new brand will identify Intel products and services in the security segment and retain the red shield logo.   Intel CEO Brian Krzanich said that the...

Authentication will move to be more of a cloud-based solution, and specifically offered in a service-based model.   Speaking to IT Security Guru, Jason Hart, vice president of cloud solutions at SafeNet, said that the adoption of cloud is happening as users want to use context-based authentication. “There are different authentication mechanisms, it is about being able to mix and match,” he said.   “The software is there, and I think we will see an...

The Yahoo.com domain served malicious advertisements which redirected users to the “Magnitude” exploit kit.   According to a blog by Fox-IT, five iframes were infected which redirected users to websites that were served by an IP address in the Netherlands. This exploit kit exploits vulnerabilities in Java and can install different malware including ZeuS and Andromeda.   Fox-IT claimed that its examination of a traffic sample found that this mainly affected users in Europe, specifically Romania...

FireEye has announced the acquisition of security services vendor Mandiant for $1 billion (£608 million). Together, the two companies will offer FireEye’s virtual execution and sandboxing technology along with Mandiant’s incident response management and remediation solutions. According to FireEye, this acquisition creates the industry’s leading advanced threat protection vendor with the ability to find and stop attacks at every stage of the attack lifecycle. Under the terms of the merger agreement, FireEye will issue an...

Snapchat has announced that it is to release an update to its application to address and reduce abuse opportunities after user details were leaked online. According to a blog post by the company, the ability to enter a phone number to enable users to find friends was introduced after the launch of the application, and it was informed about potential abuse of this feature by Gibson Security in August 2013. “Shortly thereafter, we implemented practices like rate limiting aimed...

Microsoft has been revealed to be sending out its “crash logs” in plain text. According to research by Websense Security Labs, it found that Windows Error Reporting predominantly sends out its crash logs in clear text, which could potentially allow eavesdroppers to map out vulnerable endpoints and gain a foothold within the network for more advanced penetration. More than one billion network-connected PCs use the Windows Error Reporting program, and the reports often contain details such as...

Mobile malware that sends premium SMS messages and calls from Android devices has been detected. According to research released by ZScaler, the functions of MouaBad.P include making calls to premium numbers in order to generate revenue, harvesting SIM card information and checking for internet connectivity. It found that the premium rate numbers are all located in China. “Forcing Android applications to initiate calls to premium phone numbers controlled by the attackers is a common revenue generation scheme...

Blue Coat Systems has acquired Norman Shark to add zero-day sandboxing technology to its Advanced Threat Protection product range. After the companies partnered to integrate the Norman Shark technology into the Blue Coat Malware Analysis Appliance, this acquisition will see Norman Shark’s IntelliVM and SandBox emulation technologies added to the portfolio to provide advanced analysis and the ability to analyse any threat type, in any version of any application. Blue Coat already integrates the Norman Shark technology...

The proposed Dark Mail Alliance has been described as having “no logic” and having no business for internet service providers (ISPs) to adopt. Speaking to IT Security Guru, Brian Spector, CEO of CertiVox, said that the proposed secure email protocol would not be used by big service providers as “it is just not commercially feasible for large scale ISPs to do so.” Spector said: “What they are trying to do is get more ISPs to...

Mozilla has confirmed that it has disabled a malicious add-on that posed as being from Microsoft. According to Arstechnica, a Mozilla representative said the malicious add-on named "Microsoft .NET Framework Assistant", was no longer available. “This was used by 'Advanced Power' as part of its attack. You should always be careful with anything you download. It's a good idea to use many layers of protection, including anti-virus software to stop malware,” the spokesperson said. The research...