Zenedge launches the next generation of its Zenshield DOME platform, a means to protect organisations against cyberthreats aiming to infiltrate by targeting the weakest link in a network chain.

According to Zenshield, Zenshield "applies concentric rings of common-rule security policies and templates to protect against cyber breaches"-- not only of central organisations, but also of connected partners, vendors and suppliers.

In other words, organisations can administer own security policies and oversee suppliers and vendor networks in order to create a cooperative, common-rule cybersecurity policy and template barricade. Meanwhile heuristic algorithms monitor supplier and vendor traffic and dynamically update security policies across the entire ecosystem.

What could be more ubiquitous in any AV presentation set-up than Microsoft Power Point? Hated by some, revered by others…and now PowerPoint has a new group of admirers: the hackers.

Hackers found a safety flaw in the Microsoft Office suite of software to use PowerPoint files to take control over Windows-based computers.

The hack doesn’t (yet) get a clever name like the infamous Heartbleed, but Microsoft released a security advisory admitting they have seen "targeted attacks against Windows users who use PowerPoint."

This is classified as Read more...

Security researchers at Symantec and Kaspersky identify a highly advanced piece of malware, one that has been stalking the world for years-- Regin, a customisable piece of software with a scarily wide array of capabilities.

Described by Symantec as nothing less than "groundbreaking and almost peerless," Regin is as sophisticated as the famous Stuxnet and Duqu malware, and possibly nastier than both. It has been around since at least 2008, runs within the kernel layer of Windows PCs and uses a complex architecture involving multiple layers of encryption and an own virtual filesystem.

"Customisable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organisations, infrastructure operators, businesses, researchers, and private individuals," the Symantec report on the malware reads. Meanwhile Kaspersky ominously describes it as "a cyber-attack platform which the attackers deploy in the victim networks for ultimate remote control at all possible levels."

Mozilla, Cisco, Akama, EEF, IdenTrust and the University of Michigan team up with the Internet Security Research Group (ISRG) to encourage all to shift from HTTP to HTTPS through a movement dubbed Let's Encrypt.

The ISRG admits getting basic server certificates is a hassle for many server operators, especially smaller ones, as the application process is confusing and, in the end of the day, it costs money. Let's Encrypt promises to change the situation through a simple one-click process one can run during the server's native installation or configuration process. Oh, and it costs as much as free.

HTTPS is not perfect, the EFF says, but it is still an improvement over the widely used HTTP protocol.