Editor's News

Microsoft released seven patches last night, adding two more to its planned release of five.   Of these, four were rated as critical and three as important. Tyler Reguly, manager of security research at Tripwire, said: “The biggest discussion point with Microsoft's patch drop this month is probably the change in bulletins. To go from five to seven bulletins says to me that initial testing was completed last minute so they decided to slip the...

A distributed denial-of-service (DDoS) attack which was registered at 400Gbps has been spotted, eclipsing the Spamhaus attack from last year.   Last June, the anti-spam organisation was hit by a 300Gbps attack. Content delivery firm CloudFlare, who were tasked with protecting Spamhaus and were also hit, announced this week’s attack.   Matthew Prince, CEO and co-founder and CloudFlare, said via his Twitter account that a “very big NTP reflection attack hitting us right now. Appears...

Authentication board the FIDO Alliance has launched its first public review draft specifications for the delivery of standards for simpler and stronger authentication.   Emphasising a device-centric model that reflects the Alliance's dedication to usability, privacy and security, it bolsters the board’s principle of simplified but secure login. Its concept is to allow a user to login to an application using an approved and standard method, using a user’s account identifier which is verified with...

After the mobile application Flappy Bird was pulled by its creator, malicious versions are now being detected.   According to detections by Malwarebytes and Trend Micro, fake versions of Flappy Bird are spreading online. According to Malwarebytes, a free game has been detected not only for Android, but also for iOS. Malwarebytes security researcher Chris Boyd said that clicking the link took the user to surveys, which have now been taken down.   Boyd said...

Today sees two notable events online: Safer Internet Day and a “fight back” against mass surveillance.   The latter is backed by the Electronic Frontier Foundation (EFF), who called it the day “we fight back against mass surveillance”. It said that a broad coalition of organisations, companies and individuals are loudly voicing their stance against unwarranted mass spying. It said that over 6,000 websites have joined together “to demand reform” as it called for reform...

A threat operation that has been involved in global cyber-espionage operations over the last seven years has been detected and named as “The Mask”.   Also named Careto, it targets Government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organisations and activists. Extremely sophisticated, it has attacked more than 31 countries and gathers sensitive data from systems it has infected.   These include office documents, various encryption keys, VPN configurations, SSH keys...

Leading minds in encryption and cyber crime have joined Kaspersky Lab's International Advisory Board. Among the first board of internationally recognised IT security experts are former cyber advisor to Presidents Bush and Obama, Howard A. Schmidt; former Minister of State for Security and Counter Terrorism, Baroness Pauline Neville-Jones, and cryptographers Bruce Schneier and Whitfield Diffie. The newly-formed advisory board will further reinforce the company’s cyber security intelligence foundations, bringing in new perspectives and expertise from...

Barclays has found itself in a data loss nightmare, after national newspapers reported about the loss of 27,000 records.   According to the Mail on Sunday, the thousands of confidential customer files were stolen and sold on to rogue City traders. The information included customers’ earnings, savings, mortgages, health issues, insurance policies, passport and national insurance numbers and each report is about 20 pages long, and among the victims are doctors, businessmen, scientists, a musician...

LinkedIn has announced that it is to withdraw its controversial Intro system after only being announced five months ago. The concept of Intro was that injected HTML code into the top of the emails you receive on your iPhone so you could view someone's LinkedIn profile alongside the message they have sent you. In a blog titled "doing fewer things better", LinkedIn's senior vice president of products and user experience, Deep Nishar, said that as...

Imperva has acquired three firms and added cloud DDoS mitigation technologies to its product offering. The company announced last night that it will acquire Incapsula and Skyfence as well as the software assets of Tomium. According to the company, the acquisition of Skyfence will see the addition of security for internal corporate applications which are moving to software-as-a-service (SaaS) delivery models. Skyfence offers a solution to provide user fingerprinting technology to profile normal user behaviour...