Top 10 Stories

Computer Weekly: Europeans only have themselves to blame for the dominance of internet data by big US technology firms, says Mikko Hypponen, chief research officer at Finnish security firm F-Secure. Europeans continue to use US-based online services even though data is accessible to the US government because they have no alternative, he told attendees of Infosecurity Europe 2014 in London.  

Arstechnica: Microsoft officially ended support of the twelve-and-a-half-year-old Windows XP operating system a few weeks ago. Except it apparently didn't, because the company has included Windows XP in its off-cycle patch to fix an Internet Explorer zero-day that's receiving some amount of in-the-wild exploitation. The unsupported operating system is, in fact, being supported.   Explaining its actions, Microsoft says that this patch is an "exception" because of the "proximity to the end of support for Windows XP."   

  Net Security: The results of the latest cyber threat reports and surveys have denominated 2013 as the year of major breaches. The media naturally focuses on the big stories of massive data breaches or coordinated state attacks which leave in their wake a trail of lawsuits, customer data losses and political conflicts. However that’s not the entire spectrum of the cyber security landscape, nor does it reflect the full damage of attacks in cyber...

Infosecurity: Improved monitoring and analytics can improve the information available to IT security teams. But shifting patterns of work mean it only offers partial insights. Turning to "big data" analytics techniques can improve security intelligence. But it cannot provide a complete picture of the security threats facing the enterprise.

Net Security: SGP Technologies SA, the Switzerland-based joint venture of Silent Circle and Geeksphone behind Blackphone, announced the specifications of its eagerly awaited privacy-minded handset. The company has selected the NVIDIA Tegra 4i mobile processor to power Blackphone. Tegra 4i has 60 custom GPU cores; a quad-core CPU based on ARM's Cortex-A9 r4 CPU, plus a fifth battery-saver core; and an integrated NVIDIA i500 LTE modem.

TechWeekEurope: As the UK enjoys a relatively low volume of distributed denial of service (DDoS) attacks, France is seeing deluges of traffic hitting organisations frequently, according to research. Major hosting providers, including the hugely-polular, OVH have attracted DDoSers to France, which was only outdone by the US in terms of the amount of DDoS traffic passing through the countries’ networks, according to Arbor Networks.

Threatpost: Researchers at Websense said today they may have isolated two components within the VGX library that are being exploited by attackers targeting the latest Internet Explorer zero-day vulnerability. By combing through millions of Windows crash reports sent via the Windows Error Reporting feature, researchers have discovered a spike in VGX.DLL crashes in two particular spots. Application crashes are indicators of exploit activity in some cases, and researchers believe that either one could be what...

IT News: Facebook is aiming to make life easier for application coders with a two-year stability guarantee for its entire platform as well as versioning for application programming interfaces. The stability guarantee applies to core Facebook features such as Login, Sharing, Requests and software development kits (SDKs), as well as frequently used Graph API endpoints, the social network behemoth announced this morning at its annual F8 developer conference.  

The Register: Felons wanting to best forensic investigators need only perform a factory reset of all current model iPhones, say forensic security experts. Apple's decision to encrypt data on the iPhone is responsible for this state of affairs because a factory reset not only wipes data but also erases the decryption key required to reveal the handset's contents, according to Jason Solomon, a forensics investigator with Sydney-based Klein and Co.  

Sydney Morning Herald: Australia's federal privacy commissioner has found Multicard breached its customers' privacy and the Privacy Act by making the personal information of about 9000 people who have border clearance available online. The data breach resulted in personal information, including first and last names, dates of birth, addresses, partial credit card numbers and expiry dates and photographs being made publicly accessible online.