Editor's News

More searches will uncover more vulnerabilities, as flawed systems are still prevalent.   Speaking at the CodenomiCON 2014 event in Las Vegas, cryptographer and C03 Systems CTO Bruce Schneier and former Presidential advisor and chairman of the board of Codenomicon, Howard Schmidt, said that they believed that the discovery of Heartbleed was one of many and if you kept looking, you would find more flaws.   Schmidt said that as attackers keep stock piling zero-days...

Security by design is becoming less of a case, particularly with the enhancement of the internet of things (IoT).   Speaking at the CodenomiCON 2014 event in Las Vegas, cryptographer and C03 Systems CTO Bruce Schneier, and former Presidential cyber security advisor and chairman of board of Codenomicon, Howard Schmidt, said that security is still something everyone can do, but it still works despite scares, risk and identity theft that goes on.   Schneier said...

American restaurant chain P.F. Chang has revealed that a total of 33 branches were affected by the summer breach.   In a statement, CEO Rick Federico said that the investigation into the breach, which was originally reported in June, has determined that the security of its card processing systems was compromised, and it believes that the intruder may have stolen some data from certain credit and debit cards that were used at 33 branches of P.F....

Mozilla has admitted that its developer network database has been breached, potentially disclosing the details of 76,000 users.   According to a blog post authored by operations security manager Joe Stevensen and director of developer relations Stormy Peters, the incident was discovered following a data sanitisation process of the database. While the passwords were encrypted, the email addresses were not and all were available on a publicly accessible server.   “As soon as we learned...

Israeli intelligence and at least one other intelligence service eavesdropped on US Secretary of State John Kerry during Middle East peace negotiations.   According to Spiegel, as Kerry mediated last year between Israel, the Palestinians and the Arab states, some telephone calls were not made on encrypted equipment, but instead on normal telephones, according to sources.   The German newspaper also claimed that the Israeli Government used the information obtained in international negotiations which aimed...

The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of fresh point-of-sale (POS) malware named Backoff.   It has warned that variants have been seen as far back as October 2013 and commonly include the capability to scrape memory for track data, log keystrokes, manage command and control (C&C) communication and inject a malicious stub into explorer.exe.   It said: “The malicious stub that is injected into explorer.exe is responsible for...

PaddyPower will today be contacting 649,055 of their customers who they believe have been affected by a data breach in 2010. In an online statement, the company state that they had detected malicious activity in an attempted breach of its data security system in 2010. On the effects of the breach, the statement says that ‘no financial information or customer passwords were compromised in the isolated incident and customers’ accounts are not at risk as...

There is a connect between attacks on The Onion Router (Tor) project and the withdrawal of a talk at next week’s Black Hat conference.   According to Craig Young, security researcher at Tripwire, while the attacker(s) in this case are still technically anonymous, he believed that there is most likely a connection between this incident and the recently withdrawn talk which would have focused on de-anonymising Tor users.   He said: “If this was in fact a...

The Onion Router (Tor) project has admitted that it has discovered relays which appear to have been targeting people who operate or access Tor hidden services.   According to a blog from the project, the attack involved modifying Tor protocol headers to do traffic confirmation attacks. The attacking “relays” joined the network on January 30th and they were removed on the 4th July. “While we don't know when they started doing the attack, users who operated or accessed hidden...

There is another Edward Snowden waiting to happen, according to Wikileaks editor Julian Assange, who said that the confirmation of each surveillance parameters was extremely important for others to realise what was happening. In an interview with Democracy Now, Assange acknowledged that Snowden would never receive a fair trial if he were to return to the USA, and there would be no possibility to conduct a meaningful defence. He said: “That’s just a sad reflection...