Top 10 Stories

Oracle boss Larry Ellison is to step down as chief executive after 37 years. He will be replaced by Mark Hurd and Safra Catz and become co-chief executives. Oracle board president Michael Boskin said: "Safra and Mark are exceptional executives who have repeatedly demonstrated their ability to lead, manage and grow the company. The directors are thrilled that the best senior executive team in the industry will continue to move the company forward into a...

Cyber attacks constitute a group-level risk that is managed as part of BP’s standard set of risk management processes.   According to Bob Dudley, group chief executive of BP, it recognises cyber threats as a major risk and the need to have a system to manage that risk and minimise the impact of attacks,” he told the Global Cyber Security Innovation Summit in London. Computer Weekly reported that Dudley said as member of the highly-targeted energy sector,...

Apple has launched its latest mobile operating system iOS8 to include fixes for more than 40 security vulnerabilities.   Touted as the biggest update to the software since it launched the App Store, among the vulnerabilities patched in the new release are a series of kernel flaws, several WebKit bugs and a pair of vulnerabilities that allowed a user to install apps outside of the App Store.   Also killed in iOS 8 is a...

Hackers associated with the Chinese Government have repeatedly infiltrated the computer systems of US airlines, technology companies and other contractors involved in the movement of US troops and military equipment.   According to a US Senate Armed Services Committee's year-long probe, the military's US Transportation Command, or Transcom, was aware of only two out of at least 20 such cyber intrusions within a single year. The investigation also found gaps in reporting requirements and a...

The US military is building a new cyber defense corps that can be used to protect the nation and possibly for offensive purposes.   According to NSA director Michael Rogers, who also heads the US Cyber Command, the 6,200-member unit should be fully operational by 2016, to bolster defenses against hackers and state-sponsored cyberattacks.   Rogers told the Billington Cybersecurity conference that the unit would be able to assist in protecting against cyberattacks on "critical infrastructure," which includes computer-controlled power...

A widespread mistrust of cloud providers across Europe has led to seven in 10 businesses accusing them of failing to comply with laws and regulations on data protection and privacy.   According to research by Netskope and The Ponemon Institute, 53 per cent of respondents said the likelihood of a data breach increases due to the cloud, and the Ponemon Institute study also found that data breaches increase the expected economic impact by as much...

The “very alarming” level of cyber threats organisations face is unlikely to fall for at least ten years.   Suleyman Anil, head of cyber defence head at the emerging security challenges division of Nato, told Sinet's first Global Cyber Security Innovation Summit that “it will be at least a decade before we are able to reach an effective level of collaboration and co-operation on cyber defence,” reported Computer Weekly.   Anil said there are three...

A recurring cross-site scripting (XSS) bug in Amazon's Kindle Library can be exploited by attackers looking to hijack users' Amazon account.   In order for this attack to work, the user must be tricked into adding an e-book containing a specific script in its metadata to his or her Kindle Library, and then open the Kindle Library web page. Once that is done, the code is automatically executed, and the attacker can harvest Amazon account...

Cisco has launched a threat-focused next-generation firewall, the Cisco ASA with FirePOWER Services.   According to the company, this provides the full contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence and optimise defences to protect all networks. By integrating the proven Cisco ASA 5500 Series firewall with application control, and its next-generation intrusion prevention systems (NGIPS) and advanced malware protection (AMP) from Sourcefire, Cisco is providing integrated threat defence across the...

A critical vulnerability in Twitter’s advertising service that allowed a researcher to delete credit cards from any Twitter account.   According to The Hacker News, two different vulnerabilities were found in ads.twitter.com, and the first flaw exists in the delete function of credit cards in the payments method page. By choosing the “Delete this card” function, an ajax POST request is sent to the server.   “All I had to do is to change those two...