Top 10 Stories

Guardian - Drug and insurance companies will from later this year be able to buy information on patients – including mental health conditions and diseases such as cancer, as well as smoking and drinking habits – once a single English database of medical data has been created. Harvested from GP and hospital records, medical data covering the entire population will be uploaded to the repository controlled by a new arms-length NHS information centre, starting in March. Never before...

BBC - A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets. The fridge was one of more than 100,000 devices used to take part in the spam campaign. Uncovered by security firm Proofpoint the attack compromised computers, home routers, media PCs and smart TV sets.

BBC - When cyber criminals are arrested it usually means the end of their profiting from spam, viruses and stolen data. Once down, they stay down. But some parts of the cyber crime world are much harder to stamp out. Like zombies they do not seem to know they are supposed to be dead, and keep coming back again and again to cause even more trouble. In particular, botnets - networks of hijacked computers - exhibit...

Cogmotive - Any person with a mailbox in a company using Office 365 could exploit this vulnerability to obtain full Administrative permissions over their entire company’s Office 365 environment using just a few lines of JavaScript. The malicious employee would now have access to the Email and SharePoint content of every employee in the company as well as the ability to make any configuration changes to the environment. This short video shows the exploit in action...

Washington Post - Security firm IntelCrawler said Friday that it has identified a Russian teenager as the author of the malware probably used in the cyberattacks against Target and Neiman Marcus, and that it expects more retailers to acknowledge that their systems were breached. In a report posted online, the Sherman Oaks, Calif., company said the author of the malware used in the attacks has sold more than 60 versions of the software to cybercriminals in Eastern...

ZDNet - Many major firms in South Korea have had customers' data leaked in recent years, either by hacking attacks or their own employees. In the latest case, an employee from personal credit ratings firm Korea Credit Bureau (KCB) has been arrested and accused of stealing the data from customers of three credit card firms while working for them as a temporary consultant.

Top Tech News - Even as security analysts are wading through the issues with the Target breach, new information is emerging about Neiman Marcus’ woes. According to the New York Times, hackers infiltrated the luxury retailing giant’s computer  network as far back as July. Neiman Marcus last week disclosed hackers may have stolen credit and debit card numbers of its customers. The retailer has made it clear that it deeply regrets and is very sorry that “some of...

Network Computing - The DarkLeech attack compromised at least 20,000 legitimate websites around the world last year. It also made its mark as an example of a trend -- attackers targeting Internet infrastructure as a stepping stone to more potent attacks. In the latest edition of its annual security report, Cisco Systems spotlights this increased focus on gaining access to Web servers, name servers and datacenters with the goal of taking advantage of their processing...

Computerworld - Starbucks today promised to update its iOS app to calm a storm of interest in a report this week that claimed criminals could easily nab the app's credentials from a stolen iPhone. At the same time, Starbuck's CIO dismissed concerns raised by the report, but declined to go into specifics about the steps it has, and would, take.

The Hacker News - More than 15.2% of the Algerian population use Internet service which is provided by around 30 Internet Service Providers and one of the largest shares is served by Algerie Telecom. Algerie Telecom provides TP-LINK TD-W8951ND Router to most of their home customers who Opt-In for Internet services and each of which has ZYXEL embedded firmware installed in it. ABDELLI Nassereddine, penetration tester and Algerian Computer Science Student has reported highly critical unauthorized access and password disclosure vulnerabilities in the Routers provided by Algerie Telecom.  ...