Editor's News

Betting bible the Racing Post is to implement stringent new security measures after suffering an aggressive attack that saw customer details stolen. According to a statement, the website “is completely safe to use” after it removed all log-in and registration functionality. It confirmed that it suffered a security breach after its site was “the subject of a sophisticated, sustained and aggressive attack on Friday and Saturday, in which one of our databases was accessed and customer details...

The most dangerous time to use a smartphone is after 11pm after drinking and using the London Underground’s central and district lines. Research by Trend Micro of 2,500 adults throughout the UK, found that 26 per cent had lost their device on the tube, while 25 per cent was on the central and district lines. Also, 22 per cent said that they had lost a device in a bar, while 18 per cent lost a...

Boxes and technology will not save the CISO of the present and future, but people and processes will. Speaking to IT Security Guru, Art Gilliland, global security lead at HP, said that while the role of the CISO is changing to more of a management position with more responsibilities, more cooperation with employees will help defend the business. Gilliland said that problems are often solved by investment in technology, and often challenges are solved with...

Only four per cent of UK businesses are confident that their information security functions fully meet their needs. According to a survey of 1,900 global senior executives by EY, 66 per cent of respondents said that the number of security incidents within their organisation has increased by at least five per cent over the last 12 months, while 52 per cent of organisations do not have the capability to assess the impact to their information...

RandomStorm has announced the launch of a network intrusion detection system (NIDS) tool StormProbe. Built to analyse network traffic using more than 30,000 malware signatures to identify anomalies and malicious payloads, StormProbe is based around the same algorithm that powers its StormAgent Log Management software. With StormProbe, when a matched rule is detected, RandomStorm’s instances, events and alerts (IEA) algorithm creates a matched rule instance and begins to record all linked alerts as unique, time-based...

The number of breached user details in the recent Adobe attack could have impacted up to 38 million people, equivalent to the population of Poland. After the company announced it has suffered the attack, when security blogger Brian Krebs discovered 40GB of source code, which appeared to be uncompiled and complied code for ColdFusion and Adobe Acrobat, Adobe confirmed that it had been working on an investigation into a potentially broad-ranging breach into its networks since 17th September....

The UK computer emergency readiness team (CERT) is expected to be operational by January 2014 following the success of the Fusion cell data sharing concept. Although it was recently reported that the team’s announcement had been delayed until next year, Trend Micro president for UK and Ireland Steve Jones told IT Security Guru that it was his understanding that the UK CERT would be up and running in three months. He said: “A plan like this is...

After the revelations that the NSA has infiltrated traffic into Google and Yahoo’s data centres, German journalists have been advised to stop using their services. According to Reuters, the German Federation of Journalists trade union has recommended journalists avoid the use of search engines and email services from Google and Yahoo for their research and digital communication until further notice. The union said in a statement that “searches made by journalists are just as confidential as...

Yahoo has launched its first bug bounty program after what it called an “extremely positive” response from the security community. The company was criticised after it “rewarded” a vulnerability disclosure of a cross-site scripting flaw with a $12.50 voucher for a T-shirt. After reviewing its policies, Yahoo security director Ramses Martinez said that a bug bounty program would be rolled out by the en d of October and true to their word, the policy was announced yesterday. Martinez said that it...

A new certification to align skills and knowledge within healthcare has been launched by (ISC)². The healthcare security and privacy certification has been established as a global standard of competency for healthcare information security and privacy practitioners. According to (ISC)², it is designed to provide healthcare employers and those in the industry with validation that a healthcare security and privacy practitioner has the core level of knowledge and expertise required by the industry to address...