Editor's News

Microsoft released six patches last night to cover 29 vulnerabilities in Microsoft Windows and Internet Explorer.   With two rated as critical, three rated as important and one rated as moderate in severity, Tyler Reguly, manager of security research at Tripwire, recommended TT teams to focus on the two critical issues affecting Internet Explorer and Windows Journal first.   “If you cannot apply updates immediately, there are workarounds for both of these critical flaws,” he...

Accommodation booking service Hotel Hippo was closed by its parent and “it will not reopen” according to its founder.   In a statement posted on pastebin by founder and managing director Chris Orrell, he said that the site was “little used” but security, safety and privacy was “of the utmost importance to us”. Following the revelations of security failings by Scott Helme, Orrell said he was “very alarmed to hear that our valued customers should...

The next distributed denial-of-service (DDoS) vector to be concerned about is SNMP (Simple Network Management Protocol) amplification attacks.   Speaking to IT Security Guru, Akamai security evangelist Martin McKeay said that this was the next DDoS attack vector he was worried about as it allows an attacker information to a log management system and, as many are not configured and pull in information, they could send information to any source.   “With DNS you look at...

hdjgyudksh cih k vuifk hik gklbb

Barclays has been named as the first major organisation to gain the new Government Cyber Essentials certification.   Certified for its Digital Banking services, including MyBarclays, BMB and Pingit, to demonstrate basic cyber hygiene and reach Cyber Essentials certification, Barclays Digital Banking had to complete the Cyber Essentials Questionnaire.   An external perimeter vulnerability scan was also carried out, which is an additional requirement for Cyber Essentials certification that is mandated by CREST.   The...

After the sinkholing exercise of earlier this week, No-IP has said that that all of the 23 domains that were “seized by Microsoft” on June 30th were now back in its control.   In an updated blog, No-IP said that it may take time for the DNS to fully propagate, but everything should be fully functioning within the next day. “We are so sorry for the inconvenience that this takedown has caused our customers,” it said....

Microsoft will release six bulletins next week, two of which are rated as critical and patch flaws in Windows and Internet Explorer.   According to its advance notification, the two critical patches are for remote code execution flaws. The remaining four patches will cover flaws in Windows and Microsoft Server Software, and are all rated as important.   Russ Ernst, director of product management at Lumension, said: “Data centre administrators shouldn’t plan to be away...

IT Security Guru has launched a new page exclusively for product reviews.   Starting with a look at AppRiver’s CipherPost Pro, IT Security Guru is delighted to be working with esteemed review guru Dave Mitchell, former reviews editor for SC Magazine. We are welcoming other opportunities to review your products, so please contact the team by emailing [email protected]   Editor Dan Raywood, said: “There are few places that review business security technology these days and...

The Electronic Frontier Foundation (EFF) has filed a Freedom of Information Act (FOIA) lawsuit against the NSA and the Office of the Director of National Intelligence (ODNI).   In an effort to gain access to documents showing how intelligence agencies choose whether to disclose zero day flaws, the movement comes a year after Edward Snowden’s revelations, and mark a time when online freedom advocates are taking their fight to legal cases.   In this case,...

The University of Surrey has announced the launch of the Surrey Centre for Cyber Security (SCCS).   Offering a means for academia and industry to work together on research, Michael Kearney, vice president of research and innovation at University of Surrey, called it an “an important initiative in its own right”.   He said that it will be supported with investment and staff, and this fitted within the wider realm of security as a generic...