Editor's News

The move to mobile ransomware is a “logical” one, but will not be as effective as what is hitting PCs.   Speaking to IT Security Guru, Michael Sutton, vice president of security research at Zscaler, said that as campaigns such as CryptoLocker have been so successful, it was logical that the ransomware threat moves to mobile devices.   This week, Robert Lipovsky, malware researcher at ESET, wrote in a blog about Simplocker which affects Android devices...

A “well orchestrated DDoS” attack put code-hosting domain Code Spaces down this week. In a statement, Code Spaces said that the denial-of-service attack was launched against it on Tuesday of this week, which is normally overcome, but “on this occasion however the DDOS was just the start”. Pointing at an “unauthorised” person, who gained access to its Amazon EC2 control panel and left a number of messages for Code Space to contact them using a...

Three-quarters of security practitioners have no confidence in users or technology.   According to research by Bromium of 300 information security practitioners, 85 per cent felt that that their existing security technology is unable to prevent endpoint infections, and that anti-virus solutions are unable to protect against advanced targeted attacks.   Rahul Kashyap, chief security architect at Bromium, said: “The reality today is that existing endpoint protection, such as anti-virus, is ineffective because it is...

Nokia buckled to a multi-million Euro ransom demand over a stolen encryption key.   According to IT News, in 2007 the mobile phone manufacturer’s encryption keys were used to sign applications for smartphones running the Symbian operating system, to ensure they were approved by Nokia.   The blackmail attempt took place in 2007, when Nokia was still the number one smartphone vendor in the world with Symbian holding a dominant, half-market share. Even though Nokia reported...

Maze prison records “sold at auction”.   The Northern Ireland prison service has been warned by the UK data protection regulator after a filing cabinet containing prisoner records was unwittingly sold at an auction. According to the Information Commissioner’s Office (ICO), this incident occurred in 2004 when the cabinet, which officials thought was empty, was sold at a public auction.   However it contained files about the closure of the prison, including the details of...

The problem with privileged user access is caused by “super” user accounts that are generally shared by IT staff members to perform their job.   Speaking at the Identity Management conference in London, Jitender Arora, information and security risk executive in the financial services industry, said that users often need access to do their job and this means full access for individual accounts. However, this problem is compounded by number of orphan and dormant accounts...

Microsoft has warned of a denial of Service vulnerability which exists in its Malware Protection Engine.   According to advisory 2974294, the vulnerability was reported to Microsoft and iIn order to exploit this vulnerability, a specially crafted file must be scanned by an affected version of the Microsoft Malware Protection Engine.   If affected anti-malware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the...

Government intelligence arm GCHQ is to spread information to trusted partners to enable wider defence capabilities.   Speaking at the IA14 event, GCHQ director Sir Iain Lobban said that a new initiative will see it work with industry partners to enhance the protection of UK networks from threats in cyber space.   He said: “Ultimately we’re seeking to use our unique capabilities, and the range of insights gleaned from our intelligence and security work, to offer...

Several members of the management board of OWASP have been accused of financial mismanagement and bullying by a former employee.   In an email sent to the OWASP leaders list, former OWASP project program manager Samantha Groves, accused some OWASP board members of “mis-managing project funds” and of using “sexually aggressive and offensive, gender specific language against her in front of my co-workers, other board members, and volunteers”.   Specifically name-checking board members Jim Manico,...

Only one in ten UK citizens believe that their mobile calls and texts remain private.   According to a study of 1,000 employed people by Silent Circle, only 12 per cent of respondents believe that their mobile calls and texts remain private, while 24 per cent actively avoid making sensitive calls on a mobile phone in a bid to win back some privacy.   Vic Hyder, revenue chief for Silent Circle, said: “What our study...