Top 10 Stories

After suffering a major breach earlier this year, US Chinese restaurant chain PF Chang has said it is still investigating the incident, but it was the work of a “highly sophisticated gang”.   According to a security update from the chain, the incident is “being investigated by both the U.S. Secret Service and a team of third-party forensic experts” said CEO Rick Federico. Although the company did not reveal how the attack happened, how many...

Hackers briefly put the world on the brink of disaster last night, as the Twitter account of the Israeli Defence Force (IDF) was hacked to send a rogue tweet.   With responsibility claimed by the Syrian Electronic Army, they posted a fake warning of a possible nuclear leak due to rocket strikes, which triggered a brief panic among some of the account's 215,000 followers, according to the Register. The Syrian Electronic Army published a screenshot showing...

After South Korea and USA suffered major national data breaches, now Denmark has too.   According to the Copenhagen Post, as many as 900,000 Danes could be victim to the breach after the Ministry for Economic Affairs and the Interior leaked their personal CPR identity numbers. Detected by a company which works with private data as the state distributor of property information, Finn Gilling said it “immediately reacted and notified the personal information office of...

Around 14 per cent of all US debit cards were exposed in 2013 following massive data breaches.   According to research by Discover Financial Services’ Pulse ATM network, the figure is three times that of 2012 and the majority of affected cards were exposed in the Target data breach, which affected ten per cent of all US debit cards, reports PC World.   While the figure for 2014 could be even higher as the Target...

One of every five websites is blocked by the UK, including many legitimate websites.   According to the Open Rights Group, who tried access 100,000 websites with default filter settings - or "normal" filtering with nothing set as a default, it found that almost 20,000 were blocked, it reported.   As a result, the lobby and digital freedom group has relaunched the website www.blocked.org.uk project, which allows any web users to check to see if...

WordPress is an excellent website for websites, but it does seem to be troubled by vulnerabilities.   According to Threatpost, this vulnerability in the MailPoet plug-in could allow an attacker to take over any site running it without authentication. The plug-in allows developers running WordPress to send newsletters and manage subscribers within the content management system and has nearly two million downloads to date.   However the serious vulnerability could apparently allow an attacker to...

A fresh backdoor has been detected which is claimed to further demonstrate that nation states actively use crimeware.   According to F-Secure, its analysis of “MiniDuke” in Feburary 2013 also allowed it to find another malware family which was using the same loader; that malware is part of the Cosmu family of information-stealers.   The company claimed that what makes the connection to MiniDuke is that based on compilation timestamps, it was Cosmu, not MiniDuke,...

The UK Government and Open University are to team up to offer a cyber security course that will teach 200,000 people.   According to v3, Cabinet Office deputy director of Cyber Defence and Incident Management Natalie Black said the initiative will help develop cyber skills in Britain. "At the moment we are working very hard to develop a pipeline of cyber talent. We are working hard with e-skills to give people the opportunity to transfer to...

Graham Cluley: Yesterday, the world was scratching its head as to why Microsoft had announced it wouldno longer send out security advisories via email. The general consensus was that newly introduced Canadian anti-spam legislation was to blame for the decision, but I and others did raise a concern that Microsoft may have made its decision with too much haste – and that its activities were probably exempted from the new anti-spam law. W  

IT News: A hacking group that has been operating virtually undetected by anti virus systems since at least 2007 has been exposed by a team of researchers at Cisco. The String of Paerls group - which distributes malware almost entirely undetectable by anti-virus systems and targets high-profile, lucrative industries such as banking, oil, television and jewellery - was exposed by a team of researchers from Cisco in a blog post.