“Security researcher Brandon Dixon has discovered a way to bypass the Antivirus detection for malicious PDFs,” writes eHackingNews, “using the XML Data Package(XDP) format.” It goes on to add that “opening the malicious XDP file can result in Adobe Rea…
Microsoft increases hackers’ exploit development costs
Jonathan Ness, security development manager of Security Science – part of the Trustworthy Computing group – claimed that Microsoft are looking to reduce or eliminate exploit based attacks by increasing the cost required to develop attacks – specificall…
Microsoft’s Bill Harmon on tackling child exploitation online: We can win
On June 20th at the Microsoft HQ in Seattle, Bill Harmon, associate general counsel, Microsoft digital crimes unit, presented at the TwC International Media Campus Tour on child sexual exploitation online. While he assessed that the problems we have to…
Kayak.com investigates search engine glitch that exposed users’ personal data
Online travel website Kayak.com is investigating a security breach in which personal information of users was available through its search engine.
AT&T security chief: mobiles are the “nail in coffin” for trust, and the perimeter
The man responsible for the security of AT&T’s network recently told one audience that mobility is perhaps the death knell for trust within an organization’s network perimeter. His solution lies in a gradual network-based security strategy that moves y…
Pennsylvania man indicted for hacking Energy Department networks
A Pennsylvania man has been arrested for hacking into computer networks at the Department of Energy (DOE), the University of Massachusetts (U-Mass), and a number of companies and trying to sell access to these networks to an uncover FBI agent.
Fake anti-virus comes to Android – or does it?
Webroot has reported the arrival of fake anti-virus, one of the most prevalent of PC threats, on the Android mobile platform. Beware of the Android Security Suite Premium – it’s a trojan.
Governments spend too much on cyber surveillance and not enough on catching crooks
A report from academics including Ross Anderson and Richard Clayton from Cambridge University suggests current cyberdefense is misdirected: too much money is spent on preventing cybercrime rather than apprehending cybercriminals.
Nuclear regulator warns about cybersecurity lapses at California power plant
The US Nuclear Regulatory Commission (NRC) is warning Southern California Edison that it might take enforcement action against the utility because of cybersecurity lapses found in a May security audit of its San Onofre nuclear power plant.
Customers’ bank details stolen from Glasgow City Council
Glasgow City Council has been forced to write to 37,835 suppliers and residents following the theft of an unencrypted laptop from its offices in Cochrane Street.