Editor's News

Facebook has announced the launch of a ThreatExchange to enable security professionals anywhere to share threat information more easily, learn from each other’s discoveries and make their own systems safer. Claiming that tools for sharing security information between organisations don’t work if they are inefficient or too complex, Facebook has included a set of privacy controls so that participants can help protect any sensitive data by specifying who can see the threat information they contribute....

A website designed to allow anonymous crime reporting contains severe security flaws, including a lack of secure transmission of data. Launched by Crimestoppers, Fearless is described as “a site where you can access non-judgemental information and advice about crime and criminality”. It says that what makes the site different is that it provides a safe place to give information about crime, 100 per cent anonymously. It says: “Anonymous means you don’t have to give your...

Hackers who raided health insurance records from Anthem may have been inside the system since December. According to Associated Press, although the breach was first detected on January 27th when an Anthem computer system administrator discovered outsiders were using his own security credentials to log into the company system and steal data, unauthorised data queries with similar hallmarks started as early as December 10th, and continued sporadically until the 27th of January. Kristin Binns, a...

The Dridex banking Trojan is being heavily targeting the UK. Following the publication of a heatmap which showed the interest in the UK, Peter Kruse, head of Danish security firm CSIS, said that the heavy targeting of the malware against UK businesses and users is unusual, but it is obvious that those behind this malware family have a special interest in consumers as well as companies located in the UK. He said: “The primary purpose...

HP has signed a definitive agreement to acquire encryption provider Voltage Security.   Sitting alongside its other security offerings: SIEM technology ArcSight, integrator Vistorm and code review service Fortify, the acquisition of Voltage Security will complement HP Atalla, HP’s information security and encryption business.   Art Gilliland, senior vice president and general manager of enterprise security products said that the  announcement aligns with HP’s focus on end-to-end protection of the data itself, helping enterprises neutralise...

The US health insurer Anthem has warned users to be wary of phishing campaigns following the recent attack and data breach.   In a press release, Anthem said that the scams are designed to capture personal information are designed to appear as if they are from Anthem, and the emails include a “click here” link for credit monitoring.   “Anthem is not calling members regarding the cyber attack and is not asking for credit card...

GCHQ should be under the regulation of judges, according to a senior MP.   David Davis, who ran for the position of Conservative Party leader in 2005 and lost to David Cameron, and has in recent years spoken out on surveillance and for online privacy, said that there should be some better regulation of the intelligence agency, in an interview published today by IT Security Guru.   “The problem is there is a whole series...

Distrust of phone networks will lead to more secure lines and peer-to-peer phone connections.   Speaking to IT Security Guru, David Davis MP said that he suspected that eventually we will have direct peer-to-peer phone networks where, if we are not far away from each other, secure calls will be possible.   “Where there is not an exchange, it will come because it is cheaper and more efficient than having massive networks with huge volumes,”...

Mass surveillance of the internet by GCHQ prior to December was unlawful, according to the Investigatory Powers Tribunal.   It said that the “intelligence sharing” process did not comply with human rights law, and there was a lack of transparency.   Following the decisions in December 2014 that determined that the collection tool Tempora and intelligence sharing between NSA and GCHQ was in principle lawful, the complaint brought by civil rights groups Privacy International, Amnesty...

Governments should step in to cover the threats posed by cyber attacks as they present such a danger to global business.   Lloyd’s of London head Stephen Catlin said that cyber security presented the “biggest, most systemic risk” he had come across in his 42-year career in insurance, and argued that managing such liabilities was a job for Governments.   He warned that it is possible to have the same loss happening around the globe,...