Stories by John E Dunn

Data breaches can be traced back to nine attack 'patterns', says Verizon report

By John E Dunn | 24 April, 2014 00:10

Almost every security incident and data breach recorded during 2013 can be traced back to a series of basic threat types or ‘patterns', many of which are specific to industry sectors, Verizon's bellwether 2014 Data Breach Investigations Report (DBIR) has concluded.

SMS spam rises in UK as 'accident compensation' scammers get busy

By John E Dunn | 23 April, 2014 22:58

The volume of SMS spam being sent to UK mobile users rose 11 percent in the first quarter of 2014 thanks mainly to a sudden spike in accident compensation scams, according to messaging security firm Cloudmark.

Open source trounces proprietary software for code defects, Coverity analysis finds

By John E Dunn | 17 April, 2014 22:54

Forget bad headlines generated by the Heartbleed flaw, when it comes to code defects open source is still well ahead of proprietary software, generating fewer coding defects for every size of project, according to a new analysis by scanning service Coverity.

'Snowden effect' has changed cloud data security assumption, survey claims

By John E Dunn | 17 April, 2014 22:50

Edward Snowden's revelations of sophisticated NSA spying have made many senior IT staff distinctly edgy about their use of the cloud with nine out of teen now paying close attention to the location of stored data, a survey of global attitudes has found.

Phishing domains at record levels at criminals target Chinese consumers, says APWG

By John E Dunn | 15 April, 2014 23:00

The number of domains registered to carry out phishing attacks broke all records in the second half of 2013 and yet a huge proportion of this type of fraud can now be explained by a single country, China.

Mumsnet falls to Heartbleed hackers as 1.5 million users reset passwords

By John E Dunn | 15 April, 2014 22:54

The Heartbleed flaw has claimed its first big-name victim with the hugely popular British Mumsnet site admitting that cyber-thieves have exploited the bug to compromise an unknown number of if its 1.5 million user accounts.

HMIC slates police forces for ignoring cybercrime and cyberdefence

By John E Dunn | 11 April, 2014 04:17

Many police forces in England and Wales are behaving as if cybercrime and cyberdefence are not part of their remit, lacking detailed strategies to prevent, detect or react to it, a stinging report from inspection body Her Majesty's Inspectorate of Constabulary (HMIC) has found.

Google's Chromebooks get Citrix XenApp business makeover

By John E Dunn | 10 April, 2014 22:54

Google has underlined its ambition to draw more enterprises to the budding Chromebook platform by announcing a tie-up with Citrix to access Windows applications through the latter's XenApp delivery system.

World hit by record wave of 'mega' data breaches in 2013, says Symantec

By John E Dunn | 09 April, 2014 23:33

What do Target, AOL, LivingSocial, Evernote, and Adobe have in common with one another? Answer: they were all victims of huge data breaches during 2013, part of a phenomenon that a new Symantec report calcuates has reached epidemic levels.

ZoneAlarm 2015 adds cloud scanning of email attachments BEFORE they open

By John E Dunn | 09 April, 2014 22:57

Check Point has announced the new version of its popular ZoneAlarm antivirus program which features a cloud sandbox technology designed to check email attachments for malware before they are opened.

Windows XP only the latest example of risky software, argues KPMG

By John E Dunn | 08 April, 2014 23:05

The fact that millions of PCs and embedded systems will continue to run Windows XP beyond this week's End of Life (EOL) deadline is only the latest example of obsolete, risky software that shouldn't be used to stoke up unnecessary fear, KPMG analyst Stephen Bonner has argued.

NSS Labs fires back at FireEye as security test controversy burns anew

By John E Dunn | 08 April, 2014 23:03

Security testing firm NSS Labs has publically defended itself against furious accusations by security firm FireEye that a cool assessment of the security vendor's breach detection technology published last week was based on a flawed methodology.

Are Google's Chromebooks a sales hit? So far, the analysts can't say

By John E Dunn | 04 April, 2014 23:54

Google shifted a paltry 2.1 million Chromebooks in 2013, a figure that could still grow to 11 million per annum by 2019, new figures from US outfit ABI Research have predicted.

Android social apps slated for sending 'growth hacking' spam

By John E Dunn | 04 April, 2014 23:51

Mobile security firm AdaptiveMobile has named and shamed a clutch of popular Android apps it believes have been using the ‘growth hacking' technique to spam large volumes of invitations to the contacts database of installed users.

Boxee.tv still silent after mystery 158,000 database breach of forum users

By John E Dunn | 03 April, 2014 23:45

The hacking Vikings have hit Samsung-owned web TV sharing service Boxee.tv, reportedly pillaging a 158,000 user database of forum users later posted to a Tor Internet site and at least one researcher.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security Solutions-GigaVUE-2404

Newgen provides innovative network monitoring and security solutions based upon Gigamon’s GigaVUE-2404

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.