ICYMI: McAfee security manager, cybersec salaries, Conficker worm, embedded XP; JD Wetherspoon breach

The latest In Case You Missed It (ICYMI) looks at McAfee security manager failure; 2016 cybersec salaries up; Conficker in 20% of attacks; Embedded XP end-of-life; Wetherspoon breach took 15 mins.

salary survey treasure chest
salary survey treasure chest

McAfee Enterprise Security Manager failed to manage own security

McAfee has had to admit to an embarrassing vulnerability in one of its own products.  Hard-coded username allowed access to the McAfee Enterprise Security Manager as master user without authentication or password which could allow hackers to bypass security.

2016 will be a very good year for cyber-security professionals

Based on a survey of 2102 UK employers, Manpower  Group concluded that “Recent high profile data breaches such as those at TalkTalk and Sony have created a surge in demand for cyber-security experts,” noting it had seen a four-fold increase in demand for IT security specialists.  A shortage of skilled workers is driving salaries to dizzying heights. Some cyber-security specialists can charge £3,000 a day while in rarer cases the figures can be as high as £10,000 per day, claimed Manpower UK managing director Mark Cahill

20% of cyber-attacks attributed to Conficker worm

Detected in everything from police body cameras to the business internet of things (IoT) landscape, the notorious Conficker worm has started to appear pre-installed inside police body cameras. Check Point suggests that as many as 20 percent of all attacks globally can be attributed to Conficker in the period identified.

Cash machines in malware risk as embedded Windows XP reaches end of life

Tens of thousands of cash machines could become vulnerable to malware and DDoS attacks next month when support for the embedded version of Windows XP comes to an end. From January 2016, Microsoft will be issuing no further security patches or updates for the OS which is still used in the majority of ATMs to deliver cash to customers in the UK and elsewhere around the world.

JD Wetherspoon attack took 15 mins says hacker 'Ropertus'

Last Friday it was reported that British pub chain JD Wetherspoon suffered a data breach hitting some 650,000 customers whose details were leaked. The stolen database contained the details of customers who signed up to receive Wetherspoon's newsletter, registered with Sky's The Cloud to use Wi-Fi in its pubs, submitted a 'contact us' form on the website or bought vouchers online before August 2014.