The US State Department's unclassified e-mail systems were the victim of a cyberattack in recent weeks, around the same time as White House systems were breached, a senior US official said.
The official, who spoke on condition of anonymity, said no classified systems were compromised. Portions of State's unclassified systems have been shut down to improve security but should be back online shortly.
Researchers at Trend Micro are warning that a new version of the Bashlite malware is using the ShellShock vulnerability (CVE-2014-6271) to gain control of devices using BusyBox.
BusyBox is built on top of the Linux kernel and is used by devices such as routers. According to Trend Micro, recent samples of Bashlite (ELF_BASHLITE.SMB) scan networks for devices and machines running on BusyBox, logs in using a set of usernames and passwords, and then runs a command to download and run bin.sh and bin2.sh scripts to gain control over the BusyBox system.
BlackBerry has unveiled its new mobile-device management and security platform and struck wide-ranging partnerships to bolster its capabilities, sending its shares more than 6 per cent higher.
BlackBerry said it would team up with Samsung to provide a "highly secure mobility solution" for Samsung's Android phones. The system couples the Canadian company's device management capability with the KNOX software embedded on Samsung's Galaxy phones and tablets, and will be available in early 2015, the companies said.
HP held its annual Mobile Pwn2Own competition in Tokyo, Japan from 11-12 November. The purpose of this event was for security researchers, developers and hackers to exploit various phones through some previously unknown bug and then report it to the respective handset maker so the vulnerability could be patched and fixed.
The newspaper Süddeutsche Zeitung reports that the German spy agency BND will spend €28 million on what it calls its 'Strategic Technical Initiative' (SIT) next year, and that it has asked the German government for a further €300 million (original in German). The German edition of the English-language site "The Local" explains how the money will be used:
The aim of the programme is to penetrate foreign social networks and create an early warning system for cyber attacks.