Editor's News

CESG, the Information Security arm of GCHQ, has announced that it is extending its CESG Certified Professional scheme (CCP) to the private sector to allow all information assurance (IA) and cyber security professionals to be certified. After its launch last year, the CCP has helped some 900 government employees and external service providers achieve CCP certification. Running in parallel with the IISP’s own professional development and certification programme and allows candidates to achieve Practitioner, senior...

More than half of set of surveyed senior IT security professionals said that they were unsure whether their IT staff could detect the presence of an attacker who was attempting to breach their network or extract private data. According to a survey of nearly 200 professionals by Lieberman Software, 52 per cent said that they were “not confident” that that their IT staff could detect the presence of an attacker who was attempting to breach...

The Ministry of Defence (MoD) is to recruit hundreds of cyber specialists to help defend the UK’s national security and be able to launch strikes to enhance the UK’s range of military capabilities.   According to defence secretary Philip Hammond, the MoD will “recruit hundreds of computer experts as cyber reservists to help defend the UK’s national security” as part of a new Joint Cyber Reserve. This will see “reservists” working alongside regular forces to...

The United States of America could leave itself open to attack with more than 30,000 Department of Homeland Security employees set to stay at home due to the budget stalemate. With the two sides of Congress failing to agree on a budget, the nation has gone into a partial shutdown which will leave 700,000 federal workers staying at home national parks, museums, federal buildings and services closed down. Among the affected divisions are the departments...

Plans to better prepare the UK’s cyber defences have been met with conflicting opinions. The Ministry of Defence (MoD) announced plans to recruit “reservists” to work alongside regular forces in the creation of the new Joint Cyber Reserve Unit, who will also have the ability to make offensive strikes. Speaking to IT Security Guru, Dave Anderson, senior director at Voltage Security, said that he saw the positive side of this as it would attract new blood into...

The ZeroAccess botnet, which has control of around two million endpoints, has begun to be sinkholed with around a quarter of its connections removed. The actions by Symantec researchers, after it found a weakness that offered a complicated method to sinkhole the botnet, have allowed it to detach over half a million PCs in only five minutes. In its work, Symantec spotted the flaw in an update in its peer-to-peer command and control (C&C) architecture, a...

The Financial Policy Committee (FPC) is to devise a way of toughening up bank’s cyber defences in the next six months. According to point 13 of the FPC meeting held on 18th September, a report from the Treasury, government agencies and Financial Conduct recommended a programme of work to assess, test and improve the financial system’s resilience to cyber attacks. The minutes claimed that the “the threat had many dimensions and was growing”, and combined with...

The Financial Policy Committee (FPC) is to devise a way of toughening up bank’s cyber defences in the next six months. According to point 13 of the FPC meeting held on 18th September, a report from the Treasury, government agencies and Financial Conduct recommended a programme of work to assess, test and improve the financial system’s resilience to cyber attacks. The minutes claimed that the “the threat had many dimensions and was growing”, and combined with...

A man has been arrested in San Francisco on charges of hacking and operating an underground website that allowed users to purchase weapons and drugs. According to a complaint posted by security blogger Brian Krebs from the 27th September, a warrant was issued for the arrest of Ross William Ulbricht, also known as “Dread Pirate Roberts”, and others for the violation of the narcotics laws of the United States as well as knowingly “combine, conspire, confederate, and agree...

The security director of Yahoo has said that a lack of a formal bug bounty process led to the payment of $12.50 for a cross-site scripting (XSS) vulnerability. In a blog, Yahoo security director Ramses Martinez said that after “an interesting 36 hours” the company has moved to address the issue with payments from $150 - $15,000 set to be introduced from the end of this month, with the payment amount determined by a clear system...