Editor's News

Software which redirected Tor browser users to ransomware has been detected.   According to a statement by the Tor Project, several people had contacted it reporting that software had told them to install the Tor browser to access a website, which infected visitors with the Cryptolocker ransomware.   It said: “In this case, the authors of CryptoLocker set up a website which is only reachable by using Tor. That is why people are thinking that the software...

Alert Logic has announced its first European security operations centre (SOC). This week the Houston, Texas-based company opened the centre in Cardiff to support demand from its rapidly expanding customer base in Europe. The centre will be staffed by a team of local security and threat intelligence experts, delivering a fully managed, enterprise-grade service for the Alert Logic suite of network, system and application security technologies. Gray Hall, CEO at Alert Logic, said: “The opening...

A lack of cyber security skills in the UK makes it a potential easy target for attackers, while a lack of education on threats is the most serious threat facing businesses today.   According to research of delegates at this year’s 44CON conference in London, 75 per cent believed that a lack of cyber security skills in the UK makes it a potential easy target for attackers, while 74 per cent believed that people's lack...

Parliament and the press have been “astonishingly complacent” when it comes to personal privacy issues following the Edward Snowden surveillance revelations. At a Q&A session following a private screening of the Snowden documentary ‘Citizen Four’, former Conservative party chairman and Shadow Deputy Prime Minister, David Davis, said that the freedom for surveillance needed to be “brought under control” as for the past couple of years we have been in a benign state and become “appallingly complacent” to...

More than 1,600 cloud-based applications are vulnerable to the Poodle flaw.   According to Netskope, while it was seeing fewer detections of the flaw in version 3.0 of the SSL protocol every day, there were still 1,632 vulnerable cloud applications as of Wednesday.  A week before, on the 16th and two days after the flaw was first revealed, the number of vulnerable apps was 3,562, and this dropped to 2,754 a day later.   The number has continued...

Online auction website eBay has defended its sale of an ATM machine, saying that the sale fell within its policies.   The sale, which ended early on Monday, saw a Triton 9100 ATM machine sold, with the seller describing the item as “removed from a working environment” and “ATM has error code”. The ATM was listed for sale at £300, and swiftly disappeared from sale with the message “Les enchères sur cet objet sont terminées”...

Facebook has announced plans to scour lists of breached credentials to identify its own users. In a blogpost, Facebook security engineer Chris Long said that as it is common for attackers to publicly post the email addresses and passwords they steal on public 'paste' sites. Therefore, it has built a system dedicated to further securing people's Facebook accounts by actively looking for these public postings, analysing them and then notifying people when it discovers that their...

A fresh zero-day flaw in Microsoft PowerPoint is being exploited, which has caused Microsoft to issue a warning.   In an advisory, Microsoft said that the vulnerability could allow remote code execution and affects all supported releases of Microsoft Windows, apart from Windows Server 2003. ”At this time, we are aware of limited, targeted attacks that attempt to exploit the vulnerability through Microsoft PowerPoint,” it warned.   The vulnerability is in Microsoft Object Linking and Embedding...

Zscaler has entered the advanced persistent threat (APT) market with the launch of Fall 2014.   Combining robust internet security, APT protection, data loss prevention, SSL decryption, traffic shaping, policy management, security assessment and threat intelligence, the company said that the technology comes with a capability to monitor and manage a deployment via a mobile device.   Daniel Druker, chief marketing officer at Zscaler. “As a cloud-based system deployed at massive global scale, we at...

BAE Systems is to acquire commercial cyber service provider Perimeter Internetworking Corp, which trades as SilverSky. In a $232.5 million (approximately £144.4 million) cash deal and debt free basis, the acquisition is expected to close before the end of 2014. A cloud-based managed security services provider of services including email protection, network security and managed applications, SilverSky is largely focused on the US market, with a growing business in Asia and Europe. Ian King, chief...