It was another busy week for the security industry as Microsoft and Adobe both released hefty software patches, the draft Investigatory Powers Bill faced further scrutiny in the UK parliament and the EU agreed the security laws that will force firms to disclose cyber threats.
In other news, encryption remained on the agenda for FBI director James Comey as he urged the technology industry to change their business models to suit the demands of law enforcement.
Read on for the best security stories of the week from V3:
FBI director questions business case for end-to-end encryption
FBI director James Comey suggested that major technology firms offering end-to-end encryption products should change their business models to adhere to data requests of the US government.
Adobe updates Flash Player to resolve 79 security flaws
Adobe pushed out an updated version of Flash Player that resolved a total of 79 security flaws in its last security update of the year. The release addressed critical vulnerabilities that could give an attacker the ability to take control of an affected system, according to Adobe.
Aer Lingus, easyJet and Chiltern Railways accused of exposing credit card data
Flaws in the mobile websites of major firms operating in the UK including easyJet, Aer Lingus and Chiltern Railways resulted in sensitive user data being transmitted without encryption, according to mobile security firm Wandera, although several of the companies involved denied the claims.
Former GCHQ director denies agency conducts mass surveillance
GCHQ does not conduct mass surveillance on citizens of the UK, according to former director Sir David Omand. The former civil servant, who ran GCHQ from 1996 to 1997, was speaking during a Select Committee set up to scrutinise the ongoing draft Investigatory Powers Bill. Legal experts said Omand was using a very liberal definition of mass surveillance to make the claim.
Microsoft passes 130 security fixes for 2015 with final Patch Tuesday update
Microsoft issued its final Patch Tuesday update of 2015, taking the total number of security fixes for the year to 135. This is well in excess of the 85 issued in 2014. The December update contained 12 fixes, eight of which are rated critical while the other four are rated as important.
EU agrees security laws that will force firms to disclose cyber threats
The European Commission (EC) agreed a draft law that will require better cooperation between nations to tackle cyber threats and force major companies in key sectors to disclose cyber security incidents.
French police consider restricting public Wi-Fi and Tor services during times of crisis
French law enforcement was reportedly weighing up proposals to restrict the use of public Wi-Fi and access to the Tor network during times of crisis, according to leaked documents from the French Ministry of Interior published by website Le Monde.
US authorities arrest Silk Road ‘senior adviser’ in Thailand
The US Justice Department announced the arrest of a ‘key player’ suspected of helping to manage the notorious drug website Silk Road, according to unsealed court documents from a New York district court.