Industry News

The Linux community has been hit by more security woes after a breach forced the temporary closure of the web sites of the Linux Foundation and others. At the time of writing, LinuxFoundation.org, Linux.com and all sub domains were offline and replaced with a message informing visitors that a security breach occurred on 8 September, most likely as a result of an intrusion on Kernel.org at the end of August. “We are in the process of restoring services in a [...]

Belgian security firm GlobalSign is to resume issuing website authentication certificates, after a hacker claimed to have breached its systems. The company is still investigating whether bogus certificates were created in its name. Had that happened, cyber criminals would have been able to spy on users accessing supposedly secure sites. An earlier attack on Dutch company DigiNotar resulted in several hundred false certificates being issued. GlobalSign said it would start bringing its systems back online on Monday, but did not [...]

A missing dot in an email address might mean messages end up in the hands of cyber thieves, researchers have found. By creating web domains that contained commonly mistyped names, the investigators received emails that would otherwise not be delivered. Over six months they grabbed 20GB of data made up of 120,000 wrongly sent messages. Some of the intercepted correspondence contained user names, passwords, and details of corporate networks. About 30% of the top 500 companies in the US were [...]

Security firm Symantec has put the cost of cyber crime to the world’s economy at $388bn annually, a figure that is $100bn greater than the combined global market for marijuana, cocaine and heroin. The Norton Cybercrime Report 2011 said that the figures are based on information and estimates from 12,000 victims of cyber crime in 24 countries, split between $114bn in lost finances and $274bn in the time victims take to deal with the after effects of being targeted by [...]

Venafi developed the Director 6 platform and applied for the patent after recognizing that organizations have little insight into the security assets in their inventories, where they are deployed, by whom they are accessed or how they are managed. Without leveraging best practices and automated management processes across multiple CAs, companies and government agencies cannot gain control of their spiraling key and certificate inventories. Thus they expose themselves to significant, unquantified and unmanaged security, compliance and operational risks, which invariably [...]

University Hospital of South Manchester NHS Foundation Trust lost the personal information of 87 patients when a medical student mislaid an unencrypted memory stick. According to the Information Commissioner’s Office (ICO), the trust breached the Data Protection Act when the personal details of patients, and sensitive information relating to their treatment, were lost last December. The mistake happened when a medical student, who had been on a placement at the hospital’s Burns and Plastics Department, copied data onto a personal, [...]

The number of businesses that have chosen to block access to social networking sites has risen over the past year. According to research by Clearswift, there has been a 20 per cent increase in the number of companies blocking access to social media sites, with 91 per cent of those doing so mainly concerned about security and data loss. The figure was obtained from an online survey of 1,529 employees and 906 managers in the UK, US, Australia, Germany, the [...]

London’s City University has launched a research centre devoted to helping experts identify and combat cyber crime and cyber terrorism. The Centre for Cyber and Security Sciences will unite researchers from across the institution who will share expertise on areas as broad as network and physical security, cryptography, software reliability and systems science. “The university has many specialists in this area with experience of both advising governments and industry and researching the latest trends,” said Dr Muttukrishnan Rajarajan, a reader [...]

The Guardian partnered with WikiLeaks last year to publish a tranche of secret US diplomatic cables, but 251,000 of unredacted US diplomatic cables are now available online after a security blunder. According to German newspaper Der Spiegel, the mistake happened after Julian Assange’s ex-lieutenant Daniel Domscheit-Berg returned the encrypted file containing the sensitive documents. Password to encrypted files published But WikiLeaks claims The Guardian is responsible for revealing the identity of sources after the password to the encrypted files was [...]

Visitors to the websites of Vodafone, the Daily Telegraph, UPS and four others were re-directed to a site set up by Turkish hackers on Sunday night. The diversion was the result of the group’s attack on computers that hold web address information. Real URL names were deliberately mistranslated into the IP address of the hackers’ site. No data from the seven victims was lost or compromised as a result of the attack. The hacking group, called Turkguvenligi, targeted the net’s [...]