Top 10 Stories

NY times - Young tech companies have a long list of to-dos. Signing up users and raising money are usually at the top of the list. Much further down? Data security. That neglect has recently come back to bite many hot new applications and web services — and their users — and has them rushing to improve their products after breaches and holes were discovered.

BBC news - Labour has called for tougher action by police and the intelligence services to tackle cyber crimes connected with child pornography and terrorism. Shadow home secretary Yvette Cooper said such action was needed in the face of growing online crime and abuse.

BBC news - South Korea defence chiefs broke the unspoken rules on 19 February by outlining their aim to develop a cyber-tool aimed specifically at knocking out North Korea's nuclear capabilities, according to Yonhap news agency. Their blueprint appears to be a 2010 cyber-attack on Iran, which used software known as Stuxnet to damage nuclear facilities. Although the US and Israel are often accused of launching the attack, neither nation admitted involvement.

Help Net Security - Bitcoin exchange Mt. Gox has shared more details about the issues that have led to it filing for bankruptcy protection just as malware peddlers have started taking advantage of affected users' desperation and desire to recover their lost bitcoins. The exchange has published an announcement regarding the bankruptcy application with the Tokyo District Court, in which it is explained that its liabilities exceed its assets, and that this situation may be...

The Hacker News - The Mozilla Firefox web browser is used by roughly 30% of all Internet users and the company is seriously concerned about the Security of its users for many years. To Improve the Stability, Security and performance of Firefox web browser, Mozilla announced back in 2013 that it planned to enable ‘Click to Play’ feature in upcoming Firefox versions, which will block most vulnerable plugins like Java by default.

Softpedia - The Congo domains (.cd) for Amazon, Audi, AVG, BBC, BMW, Canon, DHL, eBay, Fujitsu, GoDaddy, Hitachi, Honda, IBM, Panasonic, Toshiba, Mercedes, Rolex, Samsung, T-Mobile, Volkswagen and many others have been defaced by hackers of TeaM MaDLeeTs. In reality, many of these companies don’t even have a .cd domain. However, that doesn’t matter in this particular attack. The attackers breached the systems of the Congolese Network Information Centre (NIC) and modified DNS entries so...

The Register - Bitcoin owners keen to understand just what failed exchange MtGox may be able to do for them remain in the dark, after the outfit set up a call centre that, so far as The Register can tell, seldom picks up the phone. MtGox declared bankruptcy last week, taking more than $US400m worth of Bitcoin with it.

IDG News Service - A new variant of the Gameover malware that steals online banking credentials comes with a kernel-level rootkit that makes it significantly harder to remove, according to security researchers from Sophos. Gameover is a computer Trojan based on the infamous Zeus banking malware whose source code was leaked on the Internet in 2011. Gameover stands apart from other Zeus-based Trojan programs because it uses peer-to-peer technology for command and control instead of...

ZDNet - Mozilla is set to take the next step in discouraging the use of plugins in Firefox, with the browser maker setting a deadline of March 31st for plugin-makers to apply to avoid Firefox's upcoming click-to-play plugin feature. Shipped in Firefox's alpha "Aurora" channel in September, click-to-play prevents all plugins, except Flash, from running unless the user explicitly grants permission.

Computerworld - Citing the need to prod software vendors to patch vulnerabilities even faster, Hewlett-Packard's bug bounty program said it was shortening its patch-or-go-public policy to 120 days. The Zero Day Initiative (ZDI), a researcher reward program run by HP's TippingPoint division, a maker of corporate intrusion prevention system (IPS) and firewall appliances, announced the new deadline at the RSA Conference, a massive security trade show and conference that wraps up today in San Francisco.