Editor's News

The National Security Agency (NSA) apparently spied on user activity on online games such as World of Warcraft.   According to new details publisuhed by whistle blower Edward Snowden, the NSA monitored activity in order to carry out their surveillance, to track potential threat actors and to try and recruit informants. According to Sky News, the NSA also spied on Microsoft's popular X-Box Live and apparently so many agents were inside Second Life that a...

The majority of attacks are opportunistic rather than targeted, which businesses struggle to detect and contain.   According to a report by Trusteer and Ponemon Institute, 53 per cent of 755 IT security professionals have experienced “opportunistic” attacks, compared to 16 per cent who believe that an attack was targeted at them. Of those surveyed, 55 per cent said that they had “some involvement” in preventing or detecting those targeted attacks.   Trusteer senior security strategist George Tubin...

President Barack Obama has said that he will propose “some self-restraint" to the National Security Agency (NSA) in order to rein in rampant snooping, but said that it does a very good job about not engaging in domestic surveillance.   Speaking to MSNBC’s Hardball last week, Obama defended the intelligence agency, saying that it does a good job in not reading people's emails and not listening to the contents of their phone calls, but said...

Human error has been blamed in relation to an incident where digital certificates were signed that claimed to belong to the French administration. The French security agency said in a statement that an effort to “strengthen the overall IT security of the French Ministry of Finance” led to digital certificates being signed by the certification authority (CA) of the DGTrésor (Treasury) which is attached to the agency. It said: “The mistake has had no consequences...

Two million compromised accounts have been detected, including more than 1.5 million login credentials. According to a blog by Trustwave’s SpiderLabs, these were from data leaked from the Pony botnet controller and more than 318,000 were Facebook logins. Other login data related to Yahoo, Twitter and Gmail, as well as Russian social networks. In total there are users in 92 countries affected, indicating that the attack is fairly global and that at least some of...

A website which can tell users if their email address has been hacked and is used elsewhere has been launched. Created by security blogger and Microsoft MVP Troy Hunt, haveibeenpwned.com consolidates data from five major breaches that was revealed publicly and was readily available via various sites on the web: Stratfor; Adobe; Gawker; Yahoo; and Sony. Hunt said that collectively this is 154 million accounts, primarily being the 152 million + accounts breached from Adobe...

Hacker League, a platform for managing hackathons, has been acquired by Intel and will be formed into the Mashery division. According to a blog post by co-founder Mike Swift, Intel company Mashery has acquired the assets of Hacker League, just two years after the university project was built. “Since then, hackathon organisers in the US and abroad have listed and powered over 450 events on the platform creating a massive community of developers who now count on...

Around 140 command and control (C&C) domains have been taken down that apparently hosted the CryptoLocker ransomware. According to a blog by Malware Must Die, 138 domains have been suspended or sinkholed which hosted the rampant ransomware. “A Trojan Downloader is a type of virus that infects a computer like any other virus, but the key difference is that it is usually much smaller in size and does not carry the actual virus payload the...

Consider who comes into your office, and educate users to achieve the “human firewall”.   Speaking at an event in London, Peter Wood, CEO of penetration testers and consultancy First Base Technologies, said that users should be warned about locking workstations as “cleaners are never vetted” and servers are often accessed remotely as “IT people don’t like getting their knees dirty”.   He said: “An attacker can compromise a desktop and take control. The human...

Akamai has announced that it plans to acquire cloud-based security vendor Prolexic for $370 million (£226 million).   Adding cloud-based security solutions for protecting data centres and enterprise IP applications from distributed denial of service (DDoS) attacks, the acquisition will see Akamai add these services to its web optimisation and security offerings once the definitive agreement is signed.   Akamai said that upon completion, it will be able to provide users with a portfolio of...