Top 10 Stories

Nearly 40 per cent of large companies, including many in the Fortune 500, aren’t taking the right precautions to secure the mobile apps they build for customers.   Research by IBM Security and the Ponemon Institute today found that organisations are poorly protecting their corporate and BYOD mobile devices against cyber attacks – opening the door for hackers to easily access user, corporate and customer data.   The study, which researched security practices in over...

2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organisations, according to new research from IS Decisions.   Currently, 43 per cent of IT professionals in the UK have an insider threat programme in place, and 69 per cent of those remaining, or 36 per cent of the total, are planning to put one in place this year. A further eight per...

Huawei has unveiled a next generation anti-Distributed Denial-of-Service (DDoS) Solution.   Facilitating the prevention of DDoS attacks to improve the security and competitive edge of enterprises across the Europe region, the solution uses Big Data technology to build traffic models in over 60 dimensions to prevent DDoS attacks without unintentionally interrupting legitimate requests.   Huawei’s powerful and most current IP reputation technologies can accurately identify zombie hosts, while improving the internet access experience of legitimate...

Chinese activist site Greatfire is under a sustained Distributed Denial-of-Service (DDoS) attack that is racking up $30,000 a day in server costs.   The website masks internet traffic from websites including Facebook and Google, so it can be seen in China, and does so using cloudy servers.   Website administrator Charlie Smith said the DDoS is delivering 2.6 billion requests an hour, saying that the attack is aggressive and is an exhibition of censorship by...

Security Alliance has launched ThreatMatch, a new service that brings together current and relevant cyber threat intelligence with security monitoring, incident response and security testing expertise. By providing a filtered view of real cyber security threats at a global, sector and organisational level, ThreatMatch identifies improvements to security monitoring and incident response capabilities, and helps determine requirements for targeted security testing. At the core of ThreatMatch is an online portal that allows subscribers to monitor and utilise...

Sacred Heart Health System has sent letters to approximately 14,000 patients informing them of a hacking attack which targeted one of its third-party billing vendors. Specifically, hackers were able to use a phishing attack to gain access to the email account of an employee of the billing vendor. The attack resulted in certain patient health information being compromised which included patient names, date of service, date of birth, diagnosis and procedure, total charges and physician...

GCHQ has never appeared more appealing to those with the right skills. According to "Chris" from GCHQ, people now see GCHQ as a much more technical savvy operation GCHQ said it has only recruited about six people from the Cyber Security Challenge in recent years but it is looking to increase that figure significantly. Chris, who works on the information security side of GCHQ, said however that to attract the right people, it has to...

1,999 popular iOS and Android apps used for financial, social networking, shopping or communication are susceptible to the FREAK attack. Security researchers at FireEye have analyzed 10,985 apps in Google Play, each with at least one million downloads, and discovered that 1,228 were vulnerable to the FREAK (Factoring RSA Export Keys) attack made public at the beginning of the month. Researchers say that 664 of the discovered vulnerable apps rely on the OpenSSL provided by...

The UK Government has admitted to possessing far-reaching hacking powers to break into computers, phones and communications networks anywhere across the globe. The revelation surfaced after civil rights group Privacy International filed a legal challenge in 2014 questioning the hacking powers of UK government intelligence agency GCHQ. The Government outlined its authority to infiltrate mobile phones, laptops, iPads and networks used on a day-to-day basis. UK intelligence services need authorisation to hack into devices used...

Dr. Zulfikar Ramzan has been named as chief technology officer of RSA.   Formerly CTO of Elastica and a senior chief scientist at Sourcefire and technical director of Symantec’s security technology and response division, and is a PhD graduate in electrical engineering and computer science from the Massachusetts Institute of Technology.   In this role, Ramzan is responsible for leading the development of the company’s technology strategy and will focus on bringing to market the...