Editor's News

Credit card company Discover is probing an online retailer after a breach of customer card data was detected.   According to security blogger Brian Krebs, NoMoreRack.com is being quizzed for the second time after a number of banks said that they were seeing fraud on cards that were all recently used by customers of the retailer.   NoMoreRack.com said that it was aware of this and had called in outside investigators to check for signs of a...

Microsoft released five patches last night to cover two critical flaws in Windows and Internet Explorer.   Firstly, MS14-012 addresses 18 vulnerabilities in all versions of IE, from IE6 on Windows XP, to IE11 on Windows 8.1. It also includes the fix for a 0-day vulnerability that was identified by FireEye on February 11, first on the website of the organization of the US Veterans of Foreign Wars.   According to Wolfgang Kandek, CTO of Qualys, said:...

More than 162,000 WordPress sites have been used in a distributed denial-of-service (DDoS) attack after a HTTP-based (layer 7) distributed flood attack was enabled with them.   According to IT security firm Sucuru, any WordPress site with Pingback enabled (which is on by default) can be used in DDoS attacks against other sites. The attack sent hundreds of requests per second to servers from valid and legitimate WordPress sites.   “Is your site attacking others? It...

A widely-reported virus that has infected users in the Ukraine has been detected as widely as the UK and USA.   Called the “Snake” or “Uroboros” virus, it has been compared to the Stuxnet worm and the finger of blame has been pointed at Russia. According to io9.com, the virus works by giving the attacker full remote access to the compromised system and it has the ability to stay inactive for a number of days.  ...

Accuvant has announced that it is to be acquired by asset management firm Blackstone.   Blackstone will acquire a majority stake in Accuvant as part of their private equity portfolio, while Accuvant management and existing shareholder Sverica International LLC, a private equity investment firm, will invest alongside Blackstone in the transaction. Financial terms of the transaction were not disclosed.   Accuvant is a provider of information security services and solutions serving enterprise-class organisations to help...

Future energy bills will rely on machine readable formats that is presented in a form that is clear and easy to understand.   According to the consultation on proposals to amend domestic energy supply licence conditions, which require provision of key energy data in a machine readable format, future energy bills and statements will require suppliers to place key customer energy data in a machine readable format on energy bills, such as in a QR...

The NSA set fire to the internet, and the rest of the world needs to be the fire fighter.   Speaking at the SXSW Conference in Austin, Texas, NSA whistleblower Edward Snowden said that the stories of the past eight months showed the “adversarial internet” and said that what he found and reported was “nothing which we asked for or wanted, but something we have to protect against”.   Snowden pointed the finger at two...

Encryption does work, is not an “arcane black art” and has improved since revelations of surveillance were made. Speaking at the SXSW Conference in Austin, Texas, NSA whistle blower Edward Snowden praised end-to-end encryption as it makes life harder for those who want to watch you and makes “mass surveillance impossible on a network level”. Snowden said that he had seen progress made as companies focusing on new user interfaces and ways to interact with...

More blackhats are being drawn to using The Onion Ring (TOR) to hide their online activity.   According to media reports, as well as being a great hiding mechanism for underground markets dealing in illegal items, TOR is also being used by cyber crooks to hide their criminal activities and infrastructure. According to Kaspersky Lab’s Sergey Lozhkin, its research found that there were approximately 900 hidden services online at any current time, and it found...

South Korea has suffered its second major data breach in three months, with a telecommunications company KT Corporation affected by the loss of 12 million customer records.   According to the Register, the South Korean Government has launched an inquiry into the breach. Despite two hackers and the CEO of a telemarketing firm being arrested last week on suspicion of infiltrating the telco giant’s servers and stealing the data, the South Korean telecoms ministry has...