Cyber relations between China and the United States fell to a new low over the weekend Following the accusations of the APT1 report of a year ago, the naming of five Chinese nationals last week saw the first move to name individuals suspected of attacking, hacking and stealing from US businesses. According to Reuters,a report prepared by the Chinese Academy of Cyber Space claimed that America too had undertaken spying operations against China,...
Read moreSecurity professionals would not bother getting cyber insurance, as two-thirds believe insurers would not actually honour a claim if one was made. A survey of 250 security professionals by AppRiver found that 32 per cent of UK businesses don’t bother seeking this increasingly vital cover, while two-thirds (63 per cent) believe insurers would not actually honour a claim if one was made. Jim Tyer, EMEA channel director for AppRiver, said: “What this means...
Read moreUnbeknownst to them, employees and individual users often open the door to criminals by using easily-guessable passwords. Drawing on data from 691 breach investigations from across 24 countries, the 2014 Trustwave Global Security Report found that 96 per cent of applications that Trustwave scanned in 2013 contained one or more serious security vulnerabilities while weak passwords continue to plague businesses. The report also found that 71 per cent of compromises were not detected...
Read moreeBay may face a joint investigation by three US states, with Connecticut, Florida and Illinois jointly investigating the matter. According to Reuters, the investigation by the states will focus on eBay's measures for securing data, circumstances that led to the breach and the company's response, said Jaclyn Falkowski, a spokeswoman for Connecticut Attorney General George Jepsen. eBay spokeswoman Amanda Miller declined to comment on the states' actions, but said it had proactively contacted...
Read moreRumours circulated last night that the 145 million eBay records were available for sale for around £450. A pastebin statement claimed to have the “full eBay database dump with 145, 312, 663 unique records” and asked for 1.453 in Bitcoin. The seller did not respond to an email sent by IT Security Guru. Analysis by Kenn White, Rapid7 and Per Thorsheim determined the database to be fake, and eBay also confirmed that it...
Read moreThe next challenge for eBay could be the California Online Privacy Protection Act (OPPA). The San Jose headquarted company could face the wrath of the California privacy enforcer over the massive hacking and potential data breach, which has seen 145 million user records potentially breached. The 2003 California act, approved under the governance of Arnold Schwarznegger, details of the duty of Attorney General require that they “work with companies on privacy trends and offers...
Read more99 per cent of companies have employees who use eBay, and therefore their companies could be at risk. According to research from Skyhigh Networks, the average Fortune 2000 Company has approximately 15,800 employees using eBay and as employees access the website from work, this could have significant security consequences for business. Charlie Howe, Skyhigh Networks EMEA director, said that a breach which affects 145 million people has to have an impact on businesses,...
Read moreAround 145 million user records were affected in the eBay breach in what could be the second biggest breach in history at a US company. According to Reuters, the attackers copied ‘a large part’ of that database and this is the second biggest breach for a US company since the Adobe breach of around 152 million user accounts last October. While eBay spokesperson Amanda Miller told Reuters that passwords were encrypted claimed that...
Read moreProofPoint is to acquire NetCitadel to add incident response capabilities to its product and service offering. With a figure of $24 million (£14 million) reported by ProofPoint, the deal will extend the reach and capabilities of Proofpoint’s existing advanced threat solutions, adding additional threat verification and containment capabilities via an open platform that unifies products from Proofpoint and other vendors. Steele, chief executive officer of Proofpoint, said: “Loss of customer records and other...
Read moreBusinesses should open their own vulnerability research centres, according to Microsoft. According to The Register, Microsoft's Jeremy Brown said that the opening of the Microsoft Vulnerability Research (MSVR) team and centre in 2008 allowed Microsoft security researchers to safely report bugs and vulnerabilities they found in third-party software in a bid to shore up the security ecosystem of the wider internet and by extension, the company's infrastructure. Brown recommended businesses open their own...
Read more