Top 10 Stories

The Register: The South Korean government was forced to launch an inquiry today after another massive data breach rocked the country, time the theft of account information belonging to 12 million customers of telco KT Corp. The Incheon Metropolitan Police said on Thursday it arrested two hackers and the CEO of a telemarketing firm last week on suspicion of infiltrating the telco giant’s servers and stealing the data, according to Yonhap.    

Phys.org: Programmer Nikos Mavrogiannopoulos who works for Red Hat, has discovered a major security problem with the Linux operating system—a bug that could allow a hacker to create a certificate that could bypass the normal authenticity checks. Red Hat sent out an immediate alert and suggests all those who use its product update their software with a fix they've made available.   Officially known as CVE-2014-0092, the bugappears to be a simple programming error—one that has been...

Threatpost: Milan-based Hacking Team relies on servers in the United States and hosted by American companies to support its clients’ state-sponsored surveillance operations in some of the world’s most repressive regimes. Hacking Team is an Italian security firm that develops surveillance equipment and sells it to foreign governments that allegedly turn around and use that equipment to spy on various targets. According to a new report from the University of Toronto’s Citizen Lab, in at least 12...

FTC: The U.S. Federal Trade Commission signed a memorandum of understanding (MOU) with the Information Commissioner’s Office (ICO) of the United Kingdom today to promote increased cooperation and communication between the two agencies in their efforts to protect consumer privacy.   The MOU was signed by FTC Chairwoman Edith Ramirez and the UK’s Information Commissioner and Chief Executive, Christopher Graham. It is designed to bolster their privacy enforcement partnership at a time when more and more consumer...

PC Mag - FreedomPop, known for its free mobile services, is jumping on the encrypted smartphone bandwagon with the Privacy Phone. The device, affectionately nicknamed the "Snowden Phone" for NSA leaker Edward Snowden, promises private communication, anonymous Internet access, and online security. Everything down to the phone's purchase is secret: customers can even remain nameless by paying for the transaction with bitcoins.

Infosecurity - A crypto error in the GnuTLS library has made hundreds of software packages vulnerable to fake security certificates. GnuTLS provides support for cryptographic algorithms like SSL and for protocols such as Transport Layer Security (TLS). An open-source offering, it’s used by a wide range of desktop and server products, including Linux, Debian and Ubuntu distributions to verify digital certificates. Its widespread deployment is an Achilles heel in the case of a flaw being...

Infosecurity - Anecdotally, it feels like the good guys are losing ground to the tide of worldwide malware. Stats unfortunately bear that out: new research has revealed that malware activity has become so pervasive globally that attack servers communicating with malware are now hosted in 206 countries and territories. FireEye in 2013 recorded more than 40,000 unique cyber-attacks (more than 100 per day) and more than 22 million malware command-and-control (CnC) communications, which routinely bypass...

Beta Boston - Few notice the “spotter car” from Manny Sousa’s repo company as it scours Massachusetts parking lots, looking for vehicles whose owners have defaulted on their loans. Sousa’s unmarked car is part of a technological revolution that goes well beyond the repossession business, transforming any ¬industry that wants to check on the whereabouts of ordinary people.

Help Net Security - SailPoint published an infographic which outlines recent research results that indicate that while global enterprises are embracing - and in some instances mandating - the use of cloud and mobile technologies, they do not have IT controls in place to properly manage them. Without the proper preventive and detective controls, those enterprises are ultimately putting themselves at an increased risk of fraud, theft, and privacy breaches.

BBC: As diplomatic efforts are stepped up to ease tensions in Ukraine, security experts have warned that Kiev and Moscow are locked in a cyber stand-off. Security forces in Ukraine have accused the Russian army of disrupting mobile communications. Smaller-scale attacks have seen news websites and social media defaced with propaganda messages.