Top 10 Stories

The number of manual account hijacking cases is small, but such incidents can be distressing to users and they can result in significant financial loss.   Research by Google and the University of California, San Diego found that by analysing manual hijacking cases that occurred at Google between 2011 and 2014, there are only nine incidents per million Google users per day.   While many people believe phishing is not a very effective technique because...

A new version of the “Backoff” point-of-sale (PoS) malware no longer uses a version number in the malware body, but just uses the version name ROM.   This performs very similarly to Backoff’s previous versions, but modifications have been made to make analysis more difficult and to avoid detection.   In this version, the credit card extracting functionality is still very much the same, but the malware author has added two extra features: hashing the...

Thousands of British bank customers are at risk of fraud due to a website which offers anyone the opportunity to buy stolen credit card details.   Rescator.cc offers an eBay-style service for hacked financial data, allowing anyone to purchase a stolen card for as little as £8 in just half a dozen clicks.   In a test purchase Channel 4 news used a legitimate card number, name and expiry date, but gave a random address for the invoice....

A cyber attack penetrated computer networks for months at USIS, the US Government's leading security clearance contractor.   The breach, first revealed by the company and government agencies in August, compromised the private records of at least 25,000 employees at the Homeland Security Department and cost the company hundreds of millions of dollars in lost government contracts.   In addition to trying to identify the perpetrators and evaluate the scale of the stolen material, the...

Microsoft and Dropbox today announced a "strategic partnership" to make life easier for people who use the two technologies.   In the next few weeks, the Office apps on iOS and Android will include integrated Dropbox support in order to provide direct access to Office documents stored on Dropbox. In early 2015, both Dropbox's Web interface and Office Online will support one another, enabling opening, editing, and sharing.   Dropbox for Business users will have a similar...

Evidence suggests the Samaritans Radar app is actually delivering a very large number of false positives.   Even if the Samaritans have no control over what happens once the app notifies a user of a concerning tweet, it is absolutely preposterous to suggest that the processing is necessary to protect people’s vital interests. Moreover, this condition explains that it can only be relied on where consent cannot be given by the data subject or the controller...

Microsoft anti-malware for Azure Cloud Services and virtual machines is now generally available for Azure customers.   According to Microsoft, this security extension for Azure provides an additional layer of security by helping to identify, block and remove malicious software on virtual machines managed by Azure customers.   Offered is real-time protection from the latest threats, with on-demand scanning and monitoring at no additional charge. Customers can select the Microsoft Antimalware security extension when creating...

The UK Government and the insurance industry are collaborating to help bolster businesses' defence strategies and establish the country as a leader in the cyber security insurance market. The collaboration will see 12 major insurers coordinate in the creation of a comprehensive cyber security insurance model. According to V3, Cabinet Office minister Francis Maude explained that the model will be used to mitigate the damage caused by cyber attacks to firms of all sizes, and act...

Personal information from the Miami-based Jessie Trice Community Health Center has been breached.   The centre has told nearly 8,000 patients that their personal information including full names, social security numbers and dates of birth were stolen.   The centre said that the incident is under investigation by the FBI and IRS after it was discovered in late July and notified to the Miami health center on November 3rd.   VIEW FULL STORY

The NSA has said that it shares most of the bugs it finds, but not all of them.   Speaking at an event at Stanford University, NSA director Mike Rogers said that President Barack Obama told him that the default decision should be to share information on new vulnerabilities.   “He also said, look, there are some instances when we’re not going to . The thought process as we go through this policy decision, the...