Editor's News

According to Google's head of Android security, Adrian Ludwig, support for the WebView extension used in Android versions 4.3 Jelly Bean is too time consuming and costly. Ludwig explained in a Google+ blog post that “WebKit alone is over 5 million lines of code and hundreds of developers are adding thousands of new commits every month, so in some instances applying vulnerability patches to a 2+ year old branch of WebKit required changes to significant...

Hackers purporting to be from the "Lizard Squad - Official Cyber Caliphate" group have attacked the official website of Malaysia Airlines, leaving visitors to see a message that read: “ISIS WILL PREVAIL”. The airline’s ticket-booking and other services were also unavailable. Instead, a large picture of a Malaysia Airlines A380 plane and the words “404-Plane Not Found” and “Hacked by Cyber Caliphate” were shown.   However, although Malaysia Airlines confirmed its site was compromised ,...

Two-thirds of executives expect that business efficiencies and productivity will force them to adopt Internet of Things (IoT) devices despite the security risks.   The survey of 404 IT professionals and 302 executives from retail, energy and financial services organisations in the US and UK by Tripwire found that 24 per cent have already connected at least one device to their enterprise networks, while only 46 per cent of respondents say that the risks associated...

The Information Commissioner’s Office has said that it has no plans to investigate the issue regarding a reportedly unsecure database of personal details of members of the Scouts.   According to The Register, the Scout Association's database holds the contact details of 450,000 young people and volunteer adults, and a Scout leader contacted The Register to express concerns that the Compass database is not secure, despite the organisation's assurances it had been tested. The system has...

Minecraft’s maker Mojang has said that it was not hacked, and instead user details were collected by a phishing attack. According to the story, email addresses and passwords of 1,800 Minecraft users were posted online and published online in plain-text format. Heise found that the details would allow strangers to log into each of those user’s accounts on Minecraft to play online, and download the game to their own computers. Mojang said in a statement...

Putting in place security controls and processes and adopting a defence-in-depth approach are the keys ways to reduce your exposure to a cyber attack.   According to a Government document, on “Common Cyber Attacks: Reducing The Impact”, preventing, detecting or disrupting the attack at the earliest opportunity limits the business impact and the potential for reputational damage.   The report claimed that there are “effective and affordable ways” to reduce your organisation’s exposure to the...

For an open internet, policymakers should demand openness not just at the traffic/transport layer, but also at the content/applications layer of the ecosystem.   In a letter sent to the Chairman of the Senate Committee on Commerce, Science and Transportation, the Chairman of the House Committee on Energy and Commerce and US Senator Bill Nelson and US Representative Frank Pallone Jr, the BlackBerry CEO John Chen claimed that President Obama and FCC Chairman Tom Wheeler...

An exploit kit named “Angler” is currently using an unpatched Flash 0-day to install malware.   According to the SANS Institute, current versions of Windows may be vulnerable, although Windows 8.1 and Google Chrome do not appear to be vulnerable. “Typically we see these exploits more in targeted attacks, not in widely used exploit kits,” it said. “This flaw could affect a large number of users very quickly.”   French security researcher Kafeine spotted the version...

More UK firms are adopting managed security services to alleviate cyber security concerns. According to a new study conducted by Pierre Audoin Consultants, as a global security skills shortage continues, firms are looking to external provision in order to lower costs and access the required expertise. Its survey of 230 people from both business and IT functions found that 21 per cent of companies use no external cyber security resources, 40 per cent buy in...

Verizon has confirmed that it has fixed a vulnerability in its My FiOS app, to enable users’ ability to securely access their Verizon email via the app.   In a story published by Forbes, it revealed that there was a vulnerability in Verizon's My FiOS Android app that could be exploited to gain access to other customers’ emails with little effort.   The bug was uncovered by Randy Westergren, senior software developer with XDA-Developers, who said...