Top 10 Stories

Vormetric has joined the Google Cloud Platform Partner Programme as a Technology Partner.   The Vormetric Data Security Platform extends the security controls of the Google Cloud Platform by adding data-at-rest encryption, access control and security intelligence audit log capabilities, enabling customers to use data protected by compliance requirements, legal frameworks and contractual obligations within Google Cloud Platform implementations.   The Google Cloud Platform Partner Programme includes technology partners such as ISVs and SaaS vendors,...

NCC Group has published the .trust Technical Policy.   The .trust Technical Policy will provide the rules and governance to measure security compliance on NCC Group’s soon-to-launch .trust domain. All brands operating on a .trust domain will be required to adhere to the Policy and will subject to a mechanism that promotes a high standard of security to their consumers and business partners.   Developed by a coalition of industry luminaries and NCC Group experts...

Regular corporate WebEx conference meetings lack passwords and are thus open to anyone who wants to listen in. According to research by Brian Krebs on Cisco's WebEx video and audio conference-based meetings, he found that many do not follow the basic best practice and allow virtually anyone to join daily meetings about apparently internal discussions and planning sessions. Many meetings that can be found by a simple search within an organisation’s “Events Center” listing on Webex.com, which seem to...

At least 21 federal lawsuits have now been filed against Home Depot following its recent data breach.   As of the weekend, that number had doubled from September 24th. The lawsuits are asking courts to grant them class-action status and because of their number and the fact that they've been filed in courts across the country, the lawsuits are likely to be combined into "multi-district litigation."   At least one motion has already been filed...

FBI director James Comey has once again criticised Apple's iPhone and devices running Android that can hold secure, encrypted data that is inaccessible by law enforcement. He said that such capabilities allow users to "place themselves beyond the law” and that unbreakable encryption of user data has "gone too far." He said he is concerned that even with a legal court order, the information secured on a smartphone could be kept secret, even in the cases...

A list of financial institutions has been spotted in the configuration file of Retefe malware. This is a Trojan designed for man-in-the-middle attacks consisting of intercepting the connection from the user to the bank by changing the DNS (domain name server) settings, allowing the attacker to route the connection through the cyber criminal’s infrastructure and permit full access to the traffic without raising the suspicion of the victim. Analysis of the malware by CSIS found that...

UK retail banks, with the support of law enforcement bodies, including the City of London Police and the National Crime Agency, have launched a fraud awareness campaign to help the public spot the difference between a legitimate call and a call from a fraudster.   With a poll deeming millions to be at risk of falling victim to a fraudster, the awareness drive, named “Know Fraud, No Fraud” includes advice on eight things your bank would never ask you,...

North Korea has reportedly expanded the size of its “cyber terror force” to around 6,000 agents.   According to South Korea’s Ministry of National Defense and reported by the Diplomat, Kim Jong-Un issued an order establishing North Korea’s Strategic Cyber Command in 2012 and this emphasised the need to acquire talented agents for cyber warfare.   The increase in personnel is already paying off for the North, as the Defense Ministry said that South Korea suffered...

A third-party application may be to blame for the leaking of thousands of Snapchat images.   Snapchat said in a tweet that users “were victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use”. According to the Guardian, photos and videos were captured after some Snapchat users used a site called “Snapsaved.com” that offered to let them use the service on a website on a...

California Governor Jerry Brown has  signed legislation to protect state residents affected by security breaches that compromise their personal data, leave them susceptible to identity theft and cyber criminals.   The updates law requires companies that suffer a breach to offer free identity theft prevention and mitigation services to consumers for at least a year if their Social Security or driver’s license number was compromised.   The legislation applies to individuals and companies that conduct business...