Editor's News

PHP.net had a bad day yesterday, when its website was flagged by Google as hosting malware. At first it was suspected that it was a false positive, but further analysis by the web scripting website found that two servers had been hacked and set up to serve malware. According to PHP.net, its team have audited every server operated by php.net and the servers which hostedwww.php.net, static.php.net and git.php.net domains were found to be compromised. It...

It's been a few months since we heard from NSA whistleblower Edward Snowden, but the former contractor broke his silence via a statement read at the “Stop Watching Us” Rally in Washington, DC. Read by Justice Department whistle blower and attorney with the Government Accountability Project, Jesselyn Radack and published here, Snowden claimed that what we had learned in the last four months was that “no telephone in America makes a call without leaving a record with the...

LinkedIn has defended itself after it was criticised over its Intro product and accused of using “man in the middle” tactics. In this time of heightened awareness around surveillance, and after a scathing report by security firm Bishop Fox which pointed out that upon downloading it, all IMAP and SMTP data is sent through LinkedIn's servers, the social network has responded by calling the assertions “inaccurate”. When it was announced last week, it was described as a “ rich, interactive, application-like...

Researchers at the Chaos Computer Club (CCC) have claimed to have been able to break Apple's Touch ID using a fake fingerprint of the phone user. In a statement, CCC said that the fingerprint of the user is photographed with 2400 dpi resolution, with the resulting image cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Then, pink latex milk or white woodglue is smeared into the pattern created by...

LinkedIn has moved to clarify accusations that accesses the email accounts of users. In a statement, Blake Lawit, senior director of litigation at LinkedIn responded to media claims which reported that users has sued the social network after accusing it of hacking into their external email accounts and downloading contacts’ addresses. According to arstechnica, four plaintiffs filed a class-action suit in US district court in San Jose on Friday claiming that LinkedIn used its member's identities without consent...

Deloitte has announced the launch of a Cyber Intelligence Centre to monitor, analyse and respond to threats. Using Deloitte’s knowledge, it will manage each aspect of a business and provide a tailored solution based on its needs. Using capabilities from Vigilant, who it acquired earlier this year, as well as its multi-service centre based in Spain providing global support to Deloitte clients. Mike Maddison, head of security and resilience at Deloitte, said: “Since we can perform this...

Fresh Mac-targeted malware has been detected, which creates a backdoor on a user's machine. According to the Hacker News, the Trojan known as "Leverage" has not exploited large numbers of users yet, but Apple has responded by updating its XProtect to detect the Trojan and prevent it from launching. Taking advantage of two Java vulnerabilities, researchers found that the attack launches from a Java applet from a compromised website which drops to a Java archive, opening...

A matter of months after it was revealed that the US National Security Agency (NSA) collected data on all of our activities; its director has now said that information should be shared better. According to Threatpost, General Keith Alexander, who was heckled by members of the audience during his keynote at the Black Hat conference in Las Vegas in July, has said that the NSA, along with other federal agencies such as the FBI, Department of Homeland Security...

Microsoft is predicted to release an out-of-band patch for the zero-day vulnerability in Internet Explorer. Despite it releasing an advisory regarding the issue, following reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. Ross Barrett from Rapid 7 recommended taking immediate action to mitigate the risk, especially as the exploit code is now widely available. He said: “I personally expect to...

Application single-sign on vendor SaaSID has announced that it has been acquired by cloud IT services and business application services vendor Intermedia. An established name in identity and access management, security and compliance vendor, Intermedia already offered single sign-on via its Office in the Cloud suite of services, and now adds the SaaSID technology to allow users to offer simplicity and security in accessing their cloud applications. Phil Koen, Intermedia chairman and CEO, praised Ed...