US government admits 21.5 million records taken in OPM hack
This is a significantly higher number than was initially suggested, and has resulted in the loss of personal data including names, addresses and Social Security numbers.
Splunk buys security startup Caspida for $190m to boost threat detection
This week Splunk acquired the threat detection startup Caspida for $190m. This comes in a bid to bring data science-based behaviour to its cyber security offerings. The acquisition will give Splunk increased analytics to identify security threats.
"This acquisition is aligned to our strategy of expanding our cyber security offerings and will enable us to bring advanced analytical capabilities to our customers," said Splunk chief executive Godfrey Sullivan.
OpenSSL issues fix for niche but high-severity security flaw
Firms were being advised to apply the latest patch for OpenSSL after a high risk security flaw was discovered. While the risk to business was said to be minimal, the news comes after the infamous Heartbleed bug was uncovered that had wide-ranging effects on web servers around the world.
"An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA [certificate authority] flag, enabling them to use a valid leaf certificate to act as a CA and 'issue' an invalid certificate" they said.
United Airlines and NYSE hit by major IT glitches, but cyber attacks ruled out
There were major IT glitches at United Airlines and the New York Stock Exchange (NYSE) on Wednesday. This forced UA to ground flights for two hours and the NYSE to close for over three hours, yet cyber attacks were ruled out as the cause.
"I have spoken to the CEO of United, Jeff Smisek, myself. It appears from what we know at this stage that the malfunctions at United and the stock exchange were not the result of any nefarious actor," said US homeland security secretary Jeh Johnson.
Edinburgh Council cyber attack exposes 13,000 email addresses
"We want to reassure the public that the ongoing security of our website is critically important, and we continue to work with our service providers to ensure that the risks associated with attacks are dealt with," said a spokesperson.
Three UK politicians 'hacked' using insecure WiFi services
The results of an experiment by internet security provider F-Secure were released this week in which three British politicians were 'hacked' to show the weaknesses of public WiFi connections.
"Well, it's pretty horrifying, to be honest. What you have extracted was a very tough password, tougher than most people use. It's certainly not ‘Password'," said Conservative MP David Davis.
Adobe issues security fix for Flash flaw found in Hacking Team data
Adobe released a patch for its Flash software after a vulnerability was uncovered in the huge cache of information leaked from software surveillance company Hacking Team.
"Adobe recommends users update their product installations to the latest versions using the instructions provided in the 'Solution' section in Security Bulletin APSB15-16," the firm said.
Cyber attack on US power grid could cost country $1tn
The warnings were published in a major report produced by insurers Lloyds of London and the University of Cambridge's Centre for Risk Studies entitled Business Blackout.
UK online banking users hit with Dyre malware phishing attacks
Online banking customers in the UK were being warned of a major phishing campaign using a notorious piece of malware called Dyre. Nearly 20,000 malicious emails were sent out over the course of three days containing an infectious .exe file.
"This version of Dyre, unlike others Bitdefender has previously analysed, distributes itself through three different emails, thus increasing the chances of more users falling victim," said Catalin Cosoi, chief security strategist at Bitdefender.
Facebook voices support for EU data protection law changes
"There should be order in Europe. There should be a single regulator and not multiple regulators trying to regulate the same thing in their own different ways," said Stephen Deadman, deputy chief privacy officer at Facebook, during an event attended by V3.
NCA and Trend Micro join forces to tackle cybercrime threat
The companies have signed a Memorandum of Understanding that will see the formation of a new cross-organisation ‘virtual team' to develop innovative ways of fighting online crime.
"The bad guys have had it their own way for way too long. They're more than happy to share intelligence and infrastructure with each other - for a price - to make their efforts more successful. Now it's time to respond in kind. The fight back starts here," said Raimund Genes, chief technology officer at Trend Micro, after the announcement.
Spaces are filling up fast
HP ZBook x2 offers 32GB RAM, M.2 SSD with up to 2TB storage and Nvidia Quadro GPU
Laptops should be able to offer true all-day working, and some
CGN has created an "online capability gap" between cyber criminals and law enforcement, says Europol
ISPs use Carrier Grade NAT to share IP addresses amongst multiple users