Top 10 Stories

LastPass has said that there are some security holes in its online password management software. In a blog post, the company gave brief details of the flaws found in its password manager for Chrome, Firefox, Opera and Safari.   According to We Live Security, the first vulnerability is in an add-on known as Bookmarklets. LastPass Bookmarklets are small snippets of JavaScript code that install as a bookmark of “favourite” in your browser.   Detected by Zhiwei...

Deputy Prime Minister and Liberal Democrat leader Nick Clegg has said that plans to monitor and store UK citizen’s online activity will not happen while he is in Downing Street.   He said that the “snooper's charter" was "not going to happen" while Downing Street said discussions continued about "the next steps", according to BBC News. A spokesperson for the Prime Minister said that the reality was that technological change had not gone away and,...

Emergency powers to ensure police and security services can continue to access phone and internet records are being rushed through Parliament.   According to BBC News, Prime Minister David Cameron has secured the backing of all three main parties for the move, saying urgent action was needed to protect the public from "criminals and terrorists" after the European Court of Justice struck down existing powers.   Deputy Prime Minister Nick Clegg described a "poisoned pill",...

The source code for a small but capable malware program that targets online bank accounts has been leaked.   According to CSIS Security Group, and reported by PC World, the program known as “Tinba” or “Zusy,” was discovered around mid 2012 and infected tens of thousands of computers in Turkey. It is notable for having a very small code base—just 20K—but capabilities similar to malware much larger in size.   Last week, CSIS found a...

Gartner research predicts that by the end of 2015, over half of CEOs will have a senior “digital” leader role in their staff.   According to its 2014 CEO and senior executive survey, one third of large organisations will have a digital risk officer role or equivalent by 2017. Also by 2020, 60 per cent of digital businesses will suffer major service failures due to the inability of the IT security team to manage digital...

The delivery network of CryptoLocker is still running despite the ransomware not being active since the international takedown.   According to Security Week, Bitdefender reports that it has kept a close eye on CryptoLocker over the past nine months, and while victim losses are estimated at roughly $27 million, but the actual damage, without including the value of the lost files, could be twice as much.   However while communications have been disrupted, the CryptoLocker...

Shylock, said to have infected more than 30,000 machines, has been disrupted due to an international operation.   Mostly targeting UK bank accounts, BBC News reported that the malware affected computers running Microsoft's Windows operating system.   Authorities were able to seize computer servers that were controlling Shylock, which included the National Crime Agency.

Security vendor FireEye has been caught up in an issue which saw a researcher lose his job for reporting a vulnerability to the vendor.   According to IT News, researcher Jean-Marie Bourbon of French IT vendor Sogeti posted details of multiple vulnerabilities in security firm FireEye's Malware Analysis System 6.4.1, along with proof-of-concepts exploits for them. However he later claimed that Sogeti had fired him for the incident under pressure from FireEye.   FireEye denied...

Prominent US Muslims were targeted by the NSA's Prism surveillance programme.   According to leaked data by Edward Snowden, and reported by Computer Weekly, while none of the five had been charged in the six years since the period covered by the Snowden document, they were targeted for domestic surveillance despite posing no threat to the US, suggesting the surveillance may have been carried out illegally.   The report said that it was unclear under...

  US personnel networks were accessed by Chinese hackers.   According to the New York Times, the hackers accessed the computer networks of the US Office of Personnel Management earlier this year, with the intention of accessing the files of tens of thousands of federal employees who had applied for top-secret security clearances.   According to senior US officials, the hackers gained access to some of the agency's databases in March before the threat was...