Editor's News

The Information Commissioner’s Office (ICO) is warning organisations that they must make sure their websites are protected against SQL flaws.   Pointing at a recent case, where the hotel booking website Worldview Limited was fined £7,500 due to a vulnerability on its website which allowed attackers to access the full payment card details of 3,814 customers, the ICO said that the data was accessed after an attacker exploited a flaw on a page of the...

There are two divisions in wearable technology – one that collects information about you and another about the wearer. Speaking at a Halsbury’s Law Exchange event in central London, wearable technology was determined to be as powerful as a computer and it was difficult to nail down the “fluid borders”. Andrew Caldecott QC said: “The key legal argument is that something should allow us to keep control of our own private information and we should...

There is a massive gap between the security measures deployed by consumer facing and non-consumer facing organisations. According to research by Neustar, non-consumer facing organisations are lagging well behind their consumer facing counterparts in areas such as continuous DDoS protection and fraud detection technology. The report identified a surprising gulf in domain maturity between organisations running consumer facing domains and their B2B only counterparts. A survey of 300 senior European IT managers found that they...

The open source remote monitoring cellular/WiFi/satellite connectivity platform Cyatta has reported that it has suffered an attack to enable a significant change of information and a major password change.   In a statement, Cytta said that the attack occurred last Thursday October 30th, where an unauthorised person (or persons) accessed the Nevada Secretary of State Corporate filing system known as “Silverflume” and altered the officer and director information contained therein.   “This Corporate information is the backbone of numerous very...

Wikileaks has claimed a “largely victorious” legal result for hackers accused of attacking PayPal in December 2010.   In a statement, Wikileaks praised the "PayPal 14" for a significant victory on, beating felony convictions and jail time. WikiLeaks’ publisher Julian Assange said: "When I first heard about these protests against the financial censorship of WikiLeaks I was in prison, and this expression of popular will lifted my spirits.   “I know first-hand how grinding years of court...

47.7 million public wifi hotspots will be deployed worldwide by the end of 2014.   The research by iPass found that global hotspot numbers will grow to over 340 million over the next four years, offering around one hotspot for every twenty people globally.   “Over the last few years we've seen the emergence of the 'wifi first' generation. Wifi has become cool again; in fact it's seen by most as an essential utility, just...

54 per cent of respondents to a survey said that their IT department is involved in the adoption of new technologies for end users, including cloud-based services.   The survey of 1,000 IT security professionals by Intralinks and the Ponemon Institute found that 49 per cent of respondents believe their company lacks clear visibility into employees’ use of file sharing/file sync and share applications, while 51 per cent are not convinced that their organisations have...

Despite taking more than two months to detect, the attack on JP Morgan Chase was enabled via a flaw in a corporate challenge website.   Using credentials from the Holden Security August report, data pointed to a big problem at the website for the JPMorgan Chase Corporate Challenge, and the combinations of passwords and email addresses used by race participants who had registered on the Corporate Challenge website were among those 1.2 billion credentials.   According to New York...

The Financial Industry Regulatory Authority (FINRA), Wall Street's industry funded watchdog, is planning to intensify its scrutiny of cyber security practices at brokerage firms in 2015.   According to Reuters, it will hire tech-savvy examiners to help boost its efforts. This is the first time that a regulator has hired examiners with technology expertise to assist in reviewing firms' practices, a FINRA spokeswoman said.   The watchdog routinely examines brokerages to check up on whether they...

A survey of senior security practitioners has found that a third have no real-time insight on cyber risks. The survey of 1,825 organisations in 60 countries by EY found that 43 per cent of respondents say that their organisation’s total information security budget will stay approximately the same in the coming 12 months, despite increasing threats, while 53 per cent said that a lack of skilled resources is one of the main obstacles challenging their...