Editor's News

NTT Com has announced the acquisition of German IT security firm BDG & Co.   According to NTT Com Security, it acquired the company to strengthen its customer base among large enterprise and medium-sized organisations. BDG’s employees will be integrated into NTT Com Security’s DACH organisation. BDG’s executive partners, Helmut Honermann and Karl-Heinz Jaeger, will hold managerial positions at NTT Com Security, while BDG’s founder John von Simson remains with the company in an advisory capacity.   Frank Brandenburg,...

Trustwave has said that legal claims in regard to its involvement with the Target breach are without merit.   According to a statement posted online by chief executive Robert McCullen, the company said it is looking “forward to vigorously defending ourselves in court against these baseless allegations”.   He said: “As some of you may know, Trustwave was recently named as a defendant in lawsuits relating to the data security breach that affected Target stores...

Almost nine in ten IT decision-makers are changing their cloud buying behaviour following the revelations about Government surveillance. A survey of 1,000 decision makers by NTT Communications found that 88 per cent were changing their cloud buying behaviour, while only five per cent of respondents believe location does not matter at all when it comes to storing company data. In its report, named “NSA after-shocks: how Snowden has changed it decision-makers’ approach to the cloud”,...

Logins for social media accounts are now more valuable than credit card details to attackers.   According to the Telegraph, recent data breaches have caused a glut of data to flood onto the market, meaning that their value have dropped from between $20-$40 to $2, while access to social media accounts such as Twitter can vary from $16 to more than $325.   According to research by RAND and Juniper, while there is a value...

Phishing attacks which use genuine BBC news stories have been detected.   According to research by Panda security, fraudsters are trying to innovate and create more realistic scenarios. One scam detected this week showed a recent story about a lottery winner that was sent around the globe and informed the recipient that they had been “donated” £1.5 million and had to send their name and address for further details.   However a link led to...

With the end of XP support now less than two weeks away, it is not predicted that attackers will hold on to exploits.   Stephen Bonner, partner in the information protection and business resilience at KPMG, said that if he were an attacker with a zero-day for XP, he would launch it now. “I don’t believe that attackers have long term economic thinking, and would retain a valuable attack. If you are an organised criminal,...

Whitehat Security has announced that it has launched a version of its Aviator for Windows.   Now available in Beta, the company said that this was the most requested feature since the Mac version was launched last October, which has seen “tens of thousands of downloads”   Robert Hansen, director of product management at WhiteHat Security, said: “Outside of keeping our blog and Twitter followers up-to-date since its release in October, we have done little-to-nothing...

Revealing too much information on breaches could leave businesses vulnerable to attack.   According to Reuters, the US Securities and Exchange Commission (SEC) has convened after a series of high-profile data breaches which has sparked major public policy debates, including on how customers should be alerted, who should bear the cost of breaches and how such information should be disclosed both to government and the public.   However, companies that over share information could become...

Plans to “professionalise” the information security have been described as “too rigid for industry”.   According to John Colley, managing director for (ISC)2 EMEA, the report from the Department for Business Innovation and Skills were worrying due to an over reliance on the CESG Certified Professional (CCP) as a foundation for all skills development in the United Kingdom.   “I fear the CCP scheme will not meet the needs of the commercial sector. This scheme...

Those companies who are compliant with the PCI data security standard are better at addressing perimeter vulnerabilities.   According to a survey by the NTT Innovation Institute, those companies who perform quarterly external PCI authorised scanning vendor assessments have a more secure vulnerability profile and a faster remediation time, with 27 per cent demonstrating this.   NTT Com global director of security strategy Garry Sidaway told IT Security Guru that often the problem compliance frameworks...