Top 10 Stories

IB Times: According to the man tasked with tackling online crime across the European Union, the continent's reliance on the internet to do business makes it the perfect target for cybercriminals, who don't even have to leave their armchairs to commit crimes. Troels Oerting, head of Europol's European Cybercrime Centre (EC3) was speaking at the InfoSecurity conference in London on Tuesday, starkly warning those listening: "I think that the cyber threat will change the world...

  IB Times: Companies in the UK have reported a decrease in security breaches over the last 12 months, but the cost of dealing with those breaches have doubled. Most damaging and sophisticated cyber attacks are causing companies of all sizes to spend much more money on cyber security despite an overall decrease in the number of breaches detected.  

Infosecurity: HP has announced a new consulting services practice, named HP Security Metrics Services, an initiative to provide data that can deepen executive-level security engagement by demonstrating how specific security risks directly imperil business objectives. The methodology is data-driven, using an organization’s existing sources of security data to set parameters that give stakeholders a clear alert when their business objectives are at risk. The idea of course is to enable enterprises and other entities to...

Register: A malware infection which drew headlines January has returned and is using new techniques to infect and spread amongst users. Known as Sefnit, the botnet infection was spotted in September of 2013 and triggered alarms earlier this year when researchers warned that millions of systems were likely infected with the malware. Associated with click fraud and bitcoin mining activities, Sefnit was noted for its use of the Tor anonymising network as a means of...

Graham Cluley: Last week I described how many AOL accounts appeared to be spamming out links to diet spam and Android malware, and speculated that the service could have suffered a serious breach of security. AOL is attempting to calm user fears that unencrypted passwords may now be in the hands of hackers, but at the same time is sensibly suggesting that users change their passwords:  

CBR: UK businesses hit by a cyber-attack are being hit with double the financial pain compared to a year ago, a new survey has found. Despite the number of reported attacks falling, the average cost of a breach has risen to between £65,000 and £115,000 for small business and £600,000 and £1.15m for large organisations, as the severity and impact of attacks increased throughout 2013.    

Securelist: Cybercriminals often like to use a bogus letter to trick people into opening malicious attachments. There are two tricks that make this work: a message from a familiar name (a bank, social network, service provider or other organization that might interest the recipient) and an intriguing or alarming subject. An attack based on fake messages supposedly from coffee chain Starbucks combined the two. The detected distribution claimed that a few hours ago a recipient's...

CIO: Companies have several options for defending against a recently discovered zero-day vulnerability in Internet Explorer and experts say businesses should get started immediately. Over the weekend, security vendor FireEye found an exploit aimed at defense and financial services companies using IE9 through IE11. The exploit was found in a "very popular U.S. website," which has removed the malicious code, Dan Caselden, senior vulnerability researcher for FireEye, said.  

IT Security Guru: Funding that is allocated to the development and improvement of open source code should be redirected to bug bounty programs. In an email to IT Security Guru, TK Keanini, CTO of Lancope, said that while he welcomed the move to boost open source code by the Linux Foundation, he would like to see a renewable and talented set of security researchers rewarded for finding flaws in these open source projects so that they can...

Film Industry Network: The British website of Victoria’s Secret has been hacked and rebuilt in spectacular fashion as scammers set their targets on shopper’s wallets without their knowledge. A search on Google for “Victoria Secret UK” returns what shoppers think is the legitimate website, but if you take a closer look at the domain name, you can already see a discrepancy.