Feeds

Articles about Security Risks

Trustwave gobbles up Application Security, gorges itself on tech

Data security biz Trustwave has acquired fellow data security provider Application Security, a startup that specialises in automated database security scanning technologies. Financial terms of the deal, announced on Monday, were undisclosed. Privately-held Application Security develops security software for relational databases …
John Leyden, 12 Nov 2013
Copyright Gage Skidmore licensed under CC attribution http://creativecommons.org/licenses/by-sa/2.0/deed.en

Phil Collins' daughter 'will give you A VIRUS' – security bods

Phil Collins' actress daughter is the celebrity most likely to give your equipment a nasty virus, security firm McAfee has warned. Its annual McAfee Most Dangerous CelebritiesTM study warned clicking on search links after Googling Lily Collins could flood your system with malware. The second most infectious celeb is Sk8r Boi …
Jasper Hamill, 18 Sep 2013

New UK.gov cyber-security standard puts MANAGERS in firing line

The UK government is seeking to hear from businesses that would be interested in submitting evidence to help form a new "organisational standard" for cyber security. The Cyber Security and Resilience Team within the Department for Business, Innovation, and Skills (BIS) has asked businesses to detail initial interest in …
OUT-LAW.COM, 07 Mar 2013
The Register breaking news

BT links with Huawei raise national security concerns, say MPs

Chinese telecoms giant Huawei has dismissed claims that its technology, which is used by BT, is a threat to the UK's national security. The company was forced to defend itself today, after a parliamentary security and intelligence committee report attacked the civil service for failing to inform ministers of BT and Huawei's …
Kelly Fiveash, 06 Jun 2013
The Register breaking news

'We are screwed!' Fonts eat a bullet in Microsoft security patch

Windows users were surprised to find that a Microsoft security update stopped fonts from working on their PCs. Security update KB2753842 has killed certain fonts on PCs where it has been installed, rendering many of them unusable, and causing problems for designers and businesses who rely on using the types in their work. …
Anna Leach, 17 Dec 2012
Winnie-the-Pooh honey

Business expects data retention will hit their bottom lines: survey

Risk management outfit Protiviti says Australian businesses are fearful that the government's proposed metadata retention scheme is going to cost them. The government is in the throes of considering a two-year retention regime for Australian telecommunications carriers and ISPs. While the Parliamentary Joint Committee on …
IE8 patch

Looking forward to the end of Tuesday? You've patched this month's 37 Microsoft bugs, right?

True to its word, Microsoft released nine security patches this month, two of which are rated as critical. The company said that the August edition of Patch Tuesday addresses a total of 37 CVE-listed security vulnerabilities. Most of the flaws will be addressed by the cumulative Internet Explorer security update. The browser …
Shaun Nichols, 12 Aug 2014
The Register breaking news

Canada: We'll boot 'security risk' firms from gov network bid race

The Canadian government has said that it will be invoking a "national security exemption" as it hires firms to build a secure network, hinting that Chinese telco Huawei could be excluded. The exemption allows the government to kick out of the running any companies or nations considered a security risk, which coming in the wake …

India's tough hacker crackdown: IT security leaflets with every device

India has reportedly concocted a plan to cut down on IT security problems: forcing hardware vendors to include a security awareness brochure with all desktop PCs, mobile phones and USB modems. The plans were dreamt up to improve the country’s cyber security preparedness, in response to the increasing volume of online threats …
Phil Muncaster, 14 Jan 2013
The Register breaking news

Treating today’s security risks

In the second of our mini series of audiocasts assessing the state of the IT Security market, our expert panel considers the major risks and how to deal with them. Again lending their expertise are Jon Clay, core technology marketing manager from Trend Micro and Tony Lock, programme director at the IT analyst firm Freeform …
Team Register, 18 Mar 2009
Canary Wharf at night

Bank of England plans to shove cyber-microscope up nation's bankers

The Bank of England today announced it plans to penetrate Blighty’s banks to test the security of their critical computer systems. Speaking to the British Bankers’ Association, the BoE's exec director of resolution, Andrew Gracie launched CBEST [PDF], a new defence-testing programme that mimics crims who attack crucial networks …
School of Rock

UK.gov to train up 11-year-old cyberwarriors

British schoolkids as young as 11 will be trained in cyber security as part of a new drive to protect the UK from digital threats. The government will produce learning materials designed to get 11- to 14-year-olds up to speed on cyber security. If the kids show a willingness to strap on a keyboard and fight in some foreign …
Jasper Hamill, 13 Mar 2014
The Register breaking news

Experts fret over iPad security risks

Apple's much hyped iPad tablet may come tightly locked down but the device is still likely to be affected by many of the security issues that affect the iPhone, as well as some of its own. Security experts polled by El Reg were concerned about a variety of risks, in particular phishing attacks and browser exploits. Graham …
John Leyden, 29 Jan 2010

People will happily run malware if paid ONE CENT – new study

Security white hats, despair: users will run dodgy executables if they are paid as little as one cent. Even more would allow their computers to become infected by botnet software nasties if the price was increased to five or 10 cents. Offer a whole dollar and you'll secure a herd of willing internet slaves. The demoralising …
Darren Pauli, 18 Jun 2014

Popular password protection programs p0wnable

Researchers have detailed a series of quickly patched vulnerabilities in five popular password managers that could allow attackers to steal user credentials. "Critical" vulnerabilities were discovered and reported in LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword in work described by the University of California …
Darren Pauli, 14 Jul 2014
The Register breaking news

Facebook message security risks 'open door to Web 2.0 botnet'

Security watchers have already begun fretting about the security implications of Facebook's new messaging system, warning that compromised accounts might be used to create potent Web 2.0 botnets. The system brings together Facebook messages, instant messaging chat and SMS messages in one location, a development that increases …
John Leyden, 18 Nov 2010

Five critical fixes on deck for Patch Tuesday

Microsoft is planning to release at least five critical fixes in next week's Patch Tuesday monthly security update. The company said that the planned patch release will include fixes for critical remote code execution flaws in versions of Windows, Office, and Internet Explorer, as well as Microsoft Exchange Server. Among the …
Shaun Nichols, 06 Dec 2013
The Register breaking news

Step forward the chief information security officer

What does the modern chief information security officer (Ciso) look like? The role used to be little more than acting as a glorified sysadmin but things have changed. These days, Cisos must be all-rounders, concentrating not just on technology but on business too. “In recent years, the role of the Ciso has become more business …
Danny Bradbury, 15 Nov 2011
adobe

Buggy software in need of patching? Hey, we got that right here – Adobe

Adobe has released a batch of scheduled security fixes to address critical flaws in its Flash Player and ColdFusion products. The company said the updates will tackle a pair of security vulnerabilities in the two platforms which could be exploited remotely by attackers. For Flash Player, the update applies to Windows, Linux and …
Shaun Nichols, 13 Nov 2013

Beijing leans on Microsoft to maintain Windows XP support

The Chinese government has urged Microsoft to extend support for Windows XP in order to boost Beijing’s anti-piracy efforts and head off a potentially huge security threat. Yan Xiaohong, deputy director of China’s National Copyright Administration, met Microsoft and other software companies in a bid to put some pressure on, …
Phil Muncaster, 04 Dec 2013
black and white pic of alan turing

Gay hero super-boffin Turing 'may have been murdered by MI5'

Legendary code-breaker and computing boffin Alan Turing - seen by many as the father of modern computing and credited with a huge contribution to the Allied victory in World War Two - may have been murdered by the British security services, it has been claimed. “The government should open a new inquiry into the death of gay war- …
Lewis Page, 30 Dec 2013
traffic lights

SCADA flaws put world leaders at risk of TERRIBLE TRAFFIC JAM

In November 2014, leaders of the G20 group of nations will convene in Brisbane, Australia, for a few days of plotting to form a one-world government high-level talks aimed at ensuring global stability and amity. Queensland, the Australian state in which Brisbane is located, is leaving no preparatory stone unturned as it readies …
Simon Sharwood, 21 Nov 2013
chain_relationship_channel

HP exec: 'CYOD' will TEAR APART the IT dept as we know it

Corporations are close to handing staff credit notes to buy or choose their own technology in a trend that will bust classic IT departments and supply chains, HP's top boss for Europe reckons. BYOD has morphed into Choose Your Own Device (CYOD) but the impact will still be just as dramatic, said Herbert Kock, HP's joint head of …
Paul Kunert, 07 Apr 2014
Windows 8.1 Start screen

Microsoft: Hey, small biz devs – Windows Store apps are for you, too

We reckon there haven't been many line-of-business apps built for Windows 8's Modern UI so far, but Microsoft has now made it easier for companies that want to do so. Most Windows 8 Apps are downloaded and installed from the Windows Store – which is why Microsoft has taken to calling them "Windows Store Apps" following the …
Neil McAllister, 04 Apr 2014

Hey banks: Use Win XP after deadline? You'll PAY if card data's snaffled

Banks that use the Windows XP operating system will face a risk to their compliance with payment card data security rules if they continue to operate the software after Microsoft withdraws its extended support services, a US regulatory body has warned. Microsoft confirmed in 2010 that it would end "extended support" for Windows …
OUT-LAW.COM, 14 Oct 2013
frustration_anger_irritation_annoyance pain

Microsoft holds nose, shoves Windows into Android, iOS boxes

Microsoft may not yet be keen for its Office suite to run on rivals' mobile devices, but it has made good on its promise to make Windows accessible on Android and iOS devices. As we flagged last week, that promise was to release native RDP clients for Android and iOS. Both have now landed. Here's the iOS version. The Android …
Simon Sharwood, 18 Oct 2013

IE 0-day plugged up but TIFF terror continues in November Patch Tuesday

November's edition of Patch Tuesday brought relief from an IE zero-day exploit but a TIFF image-handling vulnerability under active attack from hackers remains unpatched. Microsoft released a total of five bulletins, three of which are marked up as critical and five of which are designated as important. The patch batch …
John Leyden, 13 Nov 2013
The Register breaking news

Breathe life into your cyber security campaign

Ah, another day, another government initiative designed to educate users about cyber risk. The Canadian government has declared October “Get Cyber Safe” month. It has a web site, too, which advises users on how to avoid getting pwned. The advice list includes updating your malware signatures and not giving out your password. …
Danny Bradbury, 18 Oct 2011

Japan's XP migration solution: Remove network cable

A Japanese local government has come up with a rather unusual solution to the problem of Windows XP migration – keep the venerable OS but disconnect the remaining PCs running it from the internet. In around a year’s time, April 8 2014 to be precise, Microsoft will end free support for the operating system which is still …
Phil Muncaster, 03 May 2013
channel

More tech fails to exorcise security risks

Current IT systems are inherently insecure and growing complexity will simply increase these risks, a leading academic has warned. Users should rebel and demand vendors compensate them for security foul-ups, said pugnacisous Professor Klaus Brunnstein of the University of Hamburg Brunnstein told delegates to an IT security …
John Leyden, 14 Sep 2005
Nokia Lumia 625 displaying Office app

Concerning Windows Phone and its relevance to the larger business

Five Lumia phones leaning against each other Nokia Lumia 630: Will enterprises bite? You could be forgiven for thinking that Microsoft has missed the boat with its Windows everywhere proposition. It’s a hybrid world in which Android, iOS, OS X and even Linux are not going away. This in turn leaves Windows Phone 8.1 as just …
Dale Vile, 22 May 2014
The Register breaking news

ICO: NHS data security breaches are just 'plain daft'

NHS staff should be more aware of data security risks as patient confidentiality "is at the heart of what they do", Jonathan Bamford, head of strategic liaison at the Information Commissioner's Office has said. Speaking at an event on healthcare efficiency, he said that he was confounded by the disconnect between staff awareness …
The Register breaking news

Security takes a backseat on Android in update shambles

The majority of Android smartphone users are walking around with insecure devices running out-of-date OS builds, leaving personal and business data at greater risk of attack. The latest figures from Google's Android developer web site show that 44.4 per cent of users have the latest version of Android (Android 2.3 or later …
John Leyden, 22 Nov 2011
The Register breaking news

Ofcom to UK: Really - you're using the same password for everything?

Brits are taking serious security risks by continuing to use the same password for multiple websites, communications watchdog Ofcom warned today. Worse still, the regulator - which published a report today based on a survey of 1,805 people aged 16 and over - found that a staggering one in four (26 per cent) UK adults used …
Kelly Fiveash, 24 Apr 2013
management BYOD5

Forget choice: 50% of firms will demand you BYOD by 2017

When you are as bombarded by BYOD good-news stories as El Reg is these days, the central marketing message that emerges is it's all about "freedom of choice." Not for long, it seems, if the Gartner's analysts are correct: they forecast that half of all companies will enforce "choice" as a condition of employment. The biggest …
Iain Thomson, 02 May 2013
The Register breaking news

Confidential report reveals ContactPoint security fears

An independent study on the previous government's controversial child protection database highlighted significant security and privacy risks. Deloitte found significant shortcomings in the security of the ContactPoint database when it evaluated the system back in 2008. But only a summary of its report was ever published prior to …
John Leyden, 29 Jun 2010
The Register breaking news

UK cops, boffins to crack out war plan against cyber-crims

UK ministers have discovered that computer hacking is no longer the preserve of awkward teens tapping away in their bedrooms - and will now wage war on gangs raiding Brits' online accounts. The government has formed a new Cyber Crime Reduction Partnership to bring together top cops, security experts and boffins to come up with …
John Leyden, 15 Mar 2013

Red faces as Pentagon leases Chinese satellite

US lawmakers are up in arms after it emerged that the Pentagon has leased a Chinese commercial satellite to support non-classified communications with its African bases. The details of the one-year, $10m contract were revealed at a House Armed Services Committee on Capitol Hill last week. The Apstar-7 satellite is owned and …
Phil Muncaster, 01 May 2013
Huawei

Huawei looking into critical router flaw claims

Chinese telecoms kit maker Huawei has said it is investigating claims by researchers that two of its router products contain serious vulnerabilities which could allow hackers to remotely take control of the devices. Felix Lindner and Gregor Kopf of Berlin-based Recurity Labs announced their findings at the Defcon hacking show at …
Phil Muncaster, 02 Aug 2012
The Register breaking news

Businesses blind to the security risks of temporary staff

More than 80 per cent of temporary staff have the same level of access to company documents as permanent staff but without the same accountability, according to research released today by security firm Websense. The survey of more than 100 temporary staff found that 88 per cent of respondents were able to access documents from …
OUT-LAW.COM, 28 Nov 2007
European Union Flag

EU trade chief looks to reboot anti-dumping case against Huawei, ZTE

The EU's top trade investigator is going to try to get permission to probe Chinese telcos Huawei and ZTE, despite the fact that European firms like Ericsson refuse to complain about them. The European Commission, like US government officials, have been looking into Huawei and ZTE over alleged state subsidies that let them …
The Register breaking news

Over half of all apps have security holes

More than half of all software applications failed to meet an acceptable level of security, according to a study based on real-world code audits by application security firm Veracode. Around 57 per cent of applications failed to pass muster when first submitted to Veracode’s cloud-based testing service. A similar 56 per cent of …
John Leyden, 23 Sep 2010

Defence Signals Directorate offers BYOD advice

Australia's signals intelligence agency, the Defence Signals Directorate (DSD), has published two sets of guidelines for Australian government agencies contemplating a bring your own device (BYOD) regime. The public advice, available here, is utterly anodyne and offers terrifyingly tough questions including: What are the legal …
Simon Sharwood, 26 Nov 2012
homeless man with sign

VoIP and IE risks star in SANS' threat list

The SANS Institute released its annual Top 20 internet security risk list on Wednesday. Unlike previous editions of the long-running list, many security risks highlighted in the run-down are not dependent on operating system security bugs. VoIP service and phones, threats posed by fraudulent phishing emails, and web …
John Leyden, 16 Nov 2006
Freescale Internet of Things car

Freescale: Cloudy dumb sensors? Nope, not OUR smart Internet of Things

Wearable devices are great examples of accessible stuff within the Internet of Things, but on the whole they’re pretty dumb sensors. Typically, they use Bluetooth to crank out information to a mobile or similar gadget, which relays the data for processing in the cloud and then back to a web interface. Wearables are clever, but …
Bob Dormon, 07 May 2014
The Register breaking news

Openistas squish security bugs twice as fast

Open source software has comparable security, faster bug fixing, and fewer potential backdoors than commercial software, according to a study on software application vulnerabilities by security firm VeraCode. The study, published on the first day of the RSA Conference, is based on aggregated data from real world scanning of …
John Leyden, 01 Mar 2010
The Register breaking news

UK.biz lax on web app security

Web application security among UK corporates is getting worse, according to audits carried out by CESG-accredited security consultancy NTA Monitor. NTA Monitor reports a ten percentage point increase in the total number of web applications found to have at least one high-risk security issue. A quarter (27 per cent) of all web …
John Leyden, 08 Sep 2009

Only buy Huawei or ZTE if you like being SPIED ON - US politicos

Huawei and ZTE, China's top makers of telecoms kit, should be locked out of the US market because their technology poses a security risk, a US House of Representatives group said today. The Intelligence Committee believes there is a threat of Chinese state influence on the two companies that would make them a liability in the …
European Union Flag

Steelie Neelie: One cloud contract model to rule them all

The European Commission is seeking leading lights in the arena of cloud services to help sketch out a contract framework so that customers don't get tied into murky deals. At least, this is the principle that Steelie Neelie Kroes, vice president of the EC outlined in a blog today, ahead of the European Cloud Partnership Steering …
Paul Kunert, 24 Jun 2013

Obama orders gov data must be 'open and machine-readable'

US President Barack Obama has issued an Executive Order, decreeing that “Government information shall be managed as an asset throughout its life cycle to promote interoperability and openness, and, wherever possible and legally permissible, to ensure that data are released to the public in ways that make the data easy to find, …
Simon Sharwood, 10 May 2013