Top 10 Stories

  Graham Cluley: A browser extension called “Sell Hack” is creating something of a storm, after claiming it can reveal the hidden email addresses of LinkedIn users. The tool, first spotted by Yahoo Tech columnist Alyssa Bereznak, initially gives the impression that it allows anyone to visit a LinkedIn profile page and “hack” into LinkedIn’s systems to extract the page owner’s (normally private and hidden) email address.  

  Guardian: As many as 24m routers across the world can be used by cybercriminals to launch massive attacks on internet infrastructure, while simultaneously disrupting home connections and costing communications companies dearly. Research shown exclusively to the Guardian showed 800,000 of those routers are based in the UK, opening up the potential for serious disruption of the country’s data networks.  

  Register: The United States' National Security Agency - whose image has suffered recently following revelations by whistleblower Edward Snowden - has hatched a bold plan to win back public support by offering a range of powerful cloud-based data services which will be free to use, the Register can exclusively reveal. The plans, which remain closely held pending Presidential approval, were leaked to el Reg by a source who declined to be named but whose credentials as a person...

Reuters: Security industry pioneer RSA adopted not just one but two encryption tools developed by the U.S. National Security Agency, greatly increasing the spy agency's ability to eavesdrop on some Internet communications, according to a team of academic researchers. Reuters reported in December that the NSA had paid RSA $10 million to make a now-discredited cryptography system the default in software used by a wide range of Internet and computer security programs. The system, called Dual Elliptic Curve, was...

BBC: The UK's Computer Emergency Response Team (CERT-UK), which will co-ordinate the country's cybersecurity defence, has been formally launched. The body will deal with "cybersecurity incidents" of national significance. It will also provide advice and alerts on cyber-threats to government, industry and academia.  

BBC: A man who ran a Microsoft computer scam tricking people into paying for free anti-virus software has received a suspended four-month jail sentence. Mohammed Khalid Jamil, 34, from Luton, hired people at an Indian call centre to falsely tell victims their computers had a serious problem.    

Washington Post: In late 2005, as Iraqi roadside bombings were nearing an all-time peak, the National Security Agency’s newly appointed chief began pitching a radical plan for halting the attacks that were killing or wounding a dozen Americans a day. At the time, more than 100 teams of U.S. analysts were scouring Iraq for snippets of electronic data that might lead to the bomb-makers and their hidden factories. But the NSA director, Gen. Keith B....

IT Pro Portal: With millions spent on cyber security by financial institutions, many are failing to secure the most basic physical aspects of their premises. This was evident in recent research by Appriver, who on a walk around the City of London found practically every street had at least one user's screen visible through a first floor window. Some streets surrounding Cheapside had screens not only visible on the first floor, but banks of them at street...

Dark Reading: A text message is sent, and cash starts spitting out of an ATM infected with malware. That is one of the capabilities of a sophisticated variant of malware known as Ploutus that has been linked to attacks in Mexico and the Ukraine. In the process, it has become another example of how hackers are turning their attention to ATM machines as another avenue to a bank's coffers.    

Threatpost: The current move by auto makers to stuff their vehicles full of networked devices, Bluetooth radios and WiFi connectivity has not gone unnoticed by security researchers. Charlie Miller and Chris Valasek spent months taking apart–literally and figuratively–a Toyota Prius to see what vulnerabilities might lie inside; and they found plenty. Now, another researcher has identified a number of issues with the security of the Tesla S, including its dependence upon a weak one-factor authentication system linked...