ICYMI: Tea-loving hackers, Venom flaw and overworked CISOs

ICYMI: Tea-loving hackers, Venom flaw and overworked CISOs

This week's ICYMI column looks at a tea shop data breach, analysis on the Venom flaw and concerns over 'burnt-out' security professionals.

ICYMI: WordPress XSS flaw, costly breaches & the return of Snooper's Charter

ICYMI: WordPress XSS flaw, costly breaches & the return of Snooper's Charter

The latest ICYMI column looks at the latest WordPress XSS flaw, costly data breaches and the return of the controversial "Snooper's Charter".

ICYMI: Lenovo MiTM bug, 'hero' Snowden & cyber-insurance trust

ICYMI: Lenovo MiTM bug, 'hero' Snowden & cyber-insurance trust

This week's In Case You Missed It (ICYMI) column looks at the latest Lenovo flaw, Edward Snowden's standing in the UK, trust in cyber-insurance and a new version of TorrentLocker.

ICYMI: Barclays beefs up security, AVs vulnerable to Freak & getting InfoSec right

ICYMI: Barclays beefs up security, AVs vulnerable to Freak & getting InfoSec right

The top stories on SC over the last week include Barclays poaching staff from Europol, anti-virus concerns and some useful advice for getting information security right.

Delivering digital services: SC Roundtable report

Delivering digital services: SC Roundtable report

The public sector is being asked to deliver its services digitally, with availability and reliability just as important as security, as our experts agreed at a recent SC Magazine Roundtable

Infosec Europe 2015 preview

Infosec Europe 2015 preview

Now in its 20th year, the event's theme is "Intelligent Security: Protect. Detect. Respond. Recover."

SC Magazine UK's salary survey: how much are you worth?

SC Magazine UK's salary survey: how much are you worth?

SC Magazine's salary survey shows that in response to the current skills shortages, the money is rolling in for information security professionals.

Defence from denial of service

Defence from denial of service

Kate O'Flaherty reports how distributed denial of service attacks are growing in size and scale, making it important to know what to do before, during and after an attack

With a little help from my friends

With a little help from my friends

Rapid expansion of the cyber-security sector has meant that government agencies and international professional organisations don't meet all of the industry's changing demands and it has often had to provide its own support infrastructure

ICYMI: SSL and Magento flaws, APT gangs & the breach blame game

ICYMI: SSL and Magento flaws, APT gangs & the breach blame game

This week's ICYMI column looks at the top stories on SC from the last week, from the breach blame game and Anonymous hackers to the discovery and patching of critical SSL and Magento flaws.

ICYMI: Anonymous targets ISIS, 'advanced' attacks & TV takeover

ICYMI: Anonymous targets ISIS, 'advanced' attacks & TV takeover

This week's In Case You Missed It column looks the top stories on SC from the past week, including an online battle between Anonymous and ISIS, a takeover of a French TV network and demystifying claims of 'advanced' cyber-attacks.

ICYMI: Thieving Chrome, 'illegal' Facebook & police fighting tech firms

ICYMI: Thieving Chrome, 'illegal' Facebook & police fighting tech firms

The latest ICYMI looks at data-scraping Chrome extensions, Facebook privacy and common cyber-security failings.

ICYMI: OpenSSL bugs, stealthy DoS attacks and stealing Bitcoins

ICYMI: OpenSSL bugs, stealthy DoS attacks and stealing Bitcoins

In this latest In Case You Missed It column, we look at the top stories on SC this week, including the discovery of a new OpenSSL bug and super-stealthy denial of service attack.

Firewalls 20 years on: Gil Shwed interview

Firewalls 20 years on: Gil Shwed interview

Mobiles and the cloud may have subverted the idea of perimeter protection, but some 20 years after launching FireWall-1, Check Point founder Gil Shwed tells SC that there's still a security role for the Firewall.

ICYMI: Freak flaws, 'smart' city questions and UK data breaches

ICYMI: Freak flaws, 'smart' city questions and UK data breaches

This week's In Case You Missed It column looks at the top five articles on SC this week, including new Facebook flaws, 'Freak' attacks and the trade-offs with 'smart' cities.

ICYMI: Facebook hijack, Rowhammer bug and Star Trek CISOs

ICYMI: Facebook hijack, Rowhammer bug and Star Trek CISOs

This week's ICYMI column looks at the top five stories on SC this week, including a Facebook log-in hijacking tool, the Rowhammer flaw and the future of the CISO.

Bristol launches 'smart' city amid privacy doubts

Bristol launches 'smart' city amid privacy doubts

Bristol has launched a 'smart cities' project that will see a software-defined network facilitate machine-to-machine learning for a future of driverless cars, assisted living and real-time healthcare. But where does that leave citizens' privacy?

Case study: Securing the water supply

Case study: Securing the water supply

"IT security isn't just about technology, it's also people and processes," explains Michael Cock, group information technology manager at Sutton and East Surrey Water (SESW) as he describes to SC some of the policies, approaches and technology used to protect the drinking water of 670,000 residents and 284,000 properties

How do you solve a problem like mobile security?

How do you solve a problem like mobile security?

A growing variety of technologies, functionality and devices, often not chosen by the organisation, connecting to the corporate network from beyond the perimeter make mobile security tougher than ever, reports Doug Drinkwater from SC Magazine's recent roundtable

Fixing the UK's cyber-skills gap

Fixing the UK's cyber-skills gap

A KPMG survey found that over half of UK companies would seriously consider hiring ex-hackers or convicted criminals to plug their skills gap

NATO: Defending against the known unknowns

NATO: Defending against the known unknowns

Pooling of technology and people across agencies and member countries - as well as partnering with industry - is central to NATO's cyber-defence strategy, as Ian West explains to SC's Tony Morbin

Hackers for hire

Hackers for hire

Advances in technology and declining prices are fuelling an expanding market in hiring hackers - in some cases for defence, but increasingly, for criminal activities.

ICYMI: Gov spies grab crypto keys, Masque attacks & interviewing Eugene

ICYMI: Gov spies grab crypto keys, Masque attacks & interviewing Eugene

The latest In Case You Missed It column looks at the biggest stories on SC this week, including the alleged NSA/GCHQ hack on Gemalto and our interview with Eugene Kaspersky.

Eugene Kaspersky interview: 'Critical infrastructure is under threat'

Eugene Kaspersky interview: 'Critical infrastructure is under threat'

It's been a busy few weeks for Kaspersky Lab, the anti-virus vendor behind the discovery of Equation and Carbanak groups. SC interviewed CEO Eugene Kaspersky on the disclosures, the company's direction, anti-virus and cyber-insurance.

ICYMI: UK data breaches, Carbanak and Royal Navy threats

ICYMI: UK data breaches, Carbanak and Royal Navy threats

This week's ICYMI looks at the top stories on SC this week, including new reports on UK data breaches and the Carabanak cyber-crime gang.

Largest bank heist ever conducted online?

Largest bank heist ever conducted online?

The multi-facited Carbanak cyber-raid on global financial institutions appears to be the biggest ever bank robbery by a single cyber-crime group.

ICYMI: iOS spyware, car vulnerabilities and Outlook privacy

ICYMI: iOS spyware, car vulnerabilities and Outlook privacy

This week's ICYMI column reviews the top stories on SC last week, from an espionage group targeting Apple iOS devices to Internet of Things flaws and privacy concerns around Outlook.

Same old Target: How retailers get hacked

Same old Target: How retailers get hacked

The retail industry is a common target for hackers, mainly because that's where the money is. But as Sophos security expert James Lyne demonstrates, their defences are all too often easily exploitable.

ICYMI: EU data protection laws, Skype hackers and the return of Pirate Bay

ICYMI: EU data protection laws, Skype hackers and the return of Pirate Bay

In its week's ICYMI, we look at the top news articles on SC the last week including EU data protection laws, Skype hackers and the re-launch of Pirate Bay.

ICYMI: EU data protection, iPhone spyware and Flash zero-days

ICYMI: EU data protection, iPhone spyware and Flash zero-days

The latest ICYMI column looks at the biggest stories on SC this week, including worrying news on EU data protection laws, claims of iPhone spyware and new Flash Player zero-days.

ICYMI: Hacking into cars, Chinese cyber-espionage and Siri's security flaw

ICYMI: Hacking into cars, Chinese cyber-espionage and Siri's security flaw

The latest ICYMI column looks at the week's biggest stories, including hacking into cars, Chinese cyber-espionage and the take-down of thousands of French websites.

CISOs: Out of step with their own security teams?

CISOs: Out of step with their own security teams?

CISOs are increasingly taking on greater management responsibilities - but are they as a result being divorced from their firm's true security maturity and the tools needed to avoid being breached?

ICYMI: A fond farewell to a security legend

ICYMI: A fond farewell to a security legend

This week's In Case You Missed It looks at the five biggest security news this week, including the sad passing of information security journalist - who helped found SC - Steve Gold.

ICYMI: Lizard Squad arrest, yearly predictions and new iCloud flaw

ICYMI: Lizard Squad arrest, yearly predictions and new iCloud flaw

This week's In Case You Missed It looks at the five most popular articles on SC, including news on Lizard Squad and old security predictions.

The perimeter's breached - encrypt everything!

The perimeter's breached - encrypt everything!

Late last year SC Magazine UK editor-in-chief Tony Morbin interviewed Alan Kessler, president and CEO, Vormetric, to get an industry insider view on issues in the commercial encryption market.

Keys to the internet

Keys to the internet

International uptake has been slow for the DNS security extension (DNSSEC) which authenticates URL queries. Tony Morbin spoke to Anne-Marie Eklund Löwinder to get a better understanding of the issues

Securing the Internet of Things

Securing the Internet of Things

Multiple connected 'Internet of Things' devices could be fuelling a corporate security nightmare suggests Kate O'Flaherty

Russia revamps its infosec strategy

Russia revamps its infosec strategy

Cyber-crime is as much a threat to ordinary Russians as anyone else, and the country is developing a strategy to cope - while seeking international cooperation too, as Eugene Gerden in St Petersburg reports

Discussing APT: an SC Magazine UK editorial roundtable

Discussing APT: an SC Magazine UK editorial roundtable

Tapping the insight of info security's thought leaders on advanced persistent threats, what they represent and how to protect against them.

APT attacks: Time to respond

APT attacks: Time to respond

Advanced persistent threat (APT) attacks are complex, multi-layered and designed to evade detection, leaving IT security teams in the dark and sensitive data at risk. Doug Drinkwater asks how to respond

Reboot 25: Threat seekers

These explorers' findings of critical vulnerabilities - from Heartbleed to Shellshock - have generated excitement, along with awareness, and made an indelible mark on security.

Reboot 25: The influencers

Blessed are the influencers for they will make a true difference - through policy, vision, drive, innovation and ideas - in the course of information security. What sets our selection apart is that they've held significant sway on the direction of IT security.

Reboot 25: Thought leaders

These professionals have done everything from cryptography to founding an influential security conference.

Reboot 25: Industry pioneers

The following hitched up their digital wagons to blaze new trails in cybersecurity.

ICYMI: GCHQ and the Belgacom attack, digital forensics and Tor darknets

ICYMI: GCHQ and the Belgacom attack, digital forensics and Tor darknets

This week's ICYMI looks at the top five articles on SC, including new hacking allegations against the GCHQ and the return of Tor dark markets.

ICYMI: Sony passwords, government malware and the return of Poodle

ICYMI: Sony passwords, government malware and the return of Poodle

This week's In Case You Missed It looks at the five most popular articles on SC, including weak passwords exposed in the Sony Pictures breach and the return of the Poodle flaw.

Police, digital forensics and the case against encryption

Police, digital forensics and the case against encryption

The Metropolitan Police has become the latest law enforcement agency to complain that encryption makes it difficult to catch and prosecute criminals.

Reboot 25: Top management

From childhood fascinations and unlikely epiphanies to unexpected opportunities and market surges, top security managers find inspiration in almost anything - and they're willing to seize opportunity and take responsibility to lead their teams.

ICYMI: The security blame-game, Cyber Monday, DDoS attacks & Sony's breach

ICYMI: The security blame-game, Cyber Monday, DDoS attacks & Sony's breach

This week's In Case You Missed It looks at the five most popular articles on SC, including the launch of a new cyber-security degree, new ATM malware and Sony's latest data breach.

CERT-UK: Fighting back against cyber-criminals

CERT-UK: Fighting back against cyber-criminals

Six months after launch and the UK's National Computer Emergency Response Team (CERT-UK) is seeing rising awareness of the group, the CiSP initiative and cyber-crime more generally.

ICYMI: UK cyber-security courses, government malware and the new Sony hack

ICYMI: UK cyber-security courses, government malware and the new Sony hack

This week's In Case You Missed It looks at the most popular articles on SC including news of CESG-accredited cyber-security courses, the Regin malware and the latest Sony hack.

ICYMI: Cyber-terrorism and politics, former hackers & supply chain problems

ICYMI: Cyber-terrorism and politics, former hackers & supply chain problems

This week's In Case You Missed It looks at the latest cyber-terrorism claims, former hackers in enterprises and issues to be dealt with in the supply chain.

CESG approved cyber-security training launched

CESG approved cyber-security training launched

CESG certified cyber security training launched today with eight companies and 12 courses accredited.

ICYMI: Defining APTs, new TLS bugs and NHS data breaches

ICYMI: Defining APTs, new TLS bugs and NHS data breaches

TLS bugs, the definition of an advanced persistent threat and new figures on NHS data breaches are the pick of the stories in the latest In Case You Missed It column.

ICYMI: Tor criminals, the Apple 'virus' and InfoSec salaries

ICYMI: Tor criminals, the Apple 'virus' and InfoSec salaries

Our latest In Case You Missed It (ICYMI) column looks at the take-down of Silk Road 2.0 and other dark markets on Tor, the new WireLurker malware and some good news for cash-happy InfoSec pros.

'Every day is a challenge' - Inside Europol's fight against cybercrime

'Every day is a challenge' - Inside Europol's fight against cybercrime

Europol's European Cybercrime Centre (EC3) is growing faster than expected. Doug Drinkwater visited its offices in The Hague, Netherlands, to find out how it is uniting law enforcement in the fight against cyber-criminals

Making waves and headlines: 2014 in review

Making waves and headlines: 2014 in review

2014 was the year that cyber-security hit the headlines, with data breaches, more government surveillance leaks, and celebrity exposures causing the UK public to lose faith in the web, reports Tony Morbin

Cybercrime: the new normal

Cybercrime: the new normal

In an interview with SC's Tony Morbin, the NCCU's Jamie Saunders explained how 'policing by consent' contends with the tidal wave of new criminal opportunities unleashed by digital technology and the connected world

ICYMI: Drupal flaw, Android Lollipop and security shortcomings

ICYMI: Drupal flaw, Android Lollipop and security shortcomings

This week's In Case You Missed Column looks at websites at risk from Drupal's SQL injection flaw, security features on Android and information security shortcomings in business.

ICYMI: Internet of Things bugs, Apple woes in China and the CISO shelf-life

ICYMI: Internet of Things bugs, Apple woes in China and the CISO shelf-life

This week's In Case You Missed It column looks at the Internet of Things, Apple's troubles in China and a strongly worded goodbye note by the outgoing head of GCHQ.

Control systems are under attack: 4SICS

Control systems are under attack: 4SICS

Control systems are visible on the internet and under attack from dedicated malware, but vendors are not providing adequate security.

2015: Prime time for information security?

2015: Prime time for information security?

Further data breaches, Heartbleed-type flaws and new revelations about government surveillance will likely continue in 2015 but, as Doug Drinkwater reports, it could also prove a pivotal year for data protection, law reform, the Internet of Things and the fight against terrorism

Security in 2015: Biometrics

Security in 2015: Biometrics

While biometric technology is becoming more sophisticated, it is still far from infallible. Kate O'Flaherty reports

ICYMI: Poodle, hacking smart meters and spending big on cyber security

ICYMI: Poodle, hacking smart meters and spending big on cyber security

This week's In Case You Missed It column looks at a new SSL flaw, attacks on smart meters, FBI's problem with phone encryption and the bank that is spending £310 million on cyber security.

ICYMI: GCHQ transparency, data trust and the Snapchat hack

ICYMI: GCHQ transparency, data trust and the Snapchat hack

This week's In Case You Missed It column looks at concerns around data trust and transparency, and the latest serious data breach at one of the biggest technology start-ups.

Information security budgets on the decline?

Information security budgets on the decline?

A new report which claims information security budgets have fallen has been called into question, but carries better news for security companies and security awareness training.

Connected cars: Leaving the door ajar for cybercriminals?

Connected cars: Leaving the door ajar for cybercriminals?

Your next new car is likely to connect - via the internet - to an assortment of applications and sensors in order to tap into valuable data. But questions are now being asked now on the potential privacy and security risks.

ICYMI: Shellshock attacks, cyber Armageddon and unpredictable hackers

ICYMI: Shellshock attacks, cyber Armageddon and unpredictable hackers

This week's In Case You Missed It column looks at the first attacks resulting from the Bash/Shellshock bug, claims of cyber Armageddon and unpredictable hackers.

ICYMI

ICYMI

This week's In Case You Missed It (ICYMI), China's industrial spying; US extra-territorial claims; SANS event; Card hacks increase; Malvertsing growth; staff data-theft criminal; Biometric smartphones up tenfold; Celebgate hits cloud; Kids, weakest link; Women's Security Society event; Kyle and Stan hit millions.

Cloud computing hit by 'Celebgate'

Cloud computing hit by 'Celebgate'

Enterprises are questioning their cloud strategy after Apple's iCloud service was implicated in the leak of nude celebrity photos. But should one bad Apple spoil the bunch?

The worst happens. What next?

The worst happens. What next?

You've accepted that you are going to be breached at some point. Tony Morbin looks at how this new perspective should be reflected in your response planning

Google Glass: a ticking time bomb?

Google Glass: a ticking time bomb?

Kate O'Flaherty reports how the security implications of wearable technology are becoming clearer as Google Glass infiltrates the corporate market

What are the rules in cyber-warfare

What are the rules in cyber-warfare

Cyber-warfare is so new that the 'ground-rules' are still being established. After the 2007 APT cyber-attack on Estonia, Nato created a cyber-defence centre and the Tallinn Manual ensued. Nazan Osman provides an overview of some of the CCDCOE's and manual's conclusions

Snowden's forgotten legacy - highlighting insider threat

Snowden's forgotten legacy - highlighting insider threat

NSA whistleblower Edward Snowden lifted the lid on government surveillance but, as Doug Drinkwater reports, his disclosures have also had a significant impact on how companies view rogue employees

Cyber Essentials: benchmarking best practice

Cyber Essentials: benchmarking best practice

From October 2014 many UK public sector information handling projects will require contractors to be Cyber Essentials certified. Tony Morbin looks at how the scheme works, its aims, implementation, shortcomings and potential next steps

The 5 most read articles this week: August 22 to 28

The 5 most read articles this week: August 22 to 28

Here are the five most popular articles, as read by you the reader, in the week for August 22 to 28.

ICYMI: Sony PlayStation hack, security spending & 'unbreakable' encryption

ICYMI: Sony PlayStation hack, security spending & 'unbreakable' encryption

This week's In Case You Missed It column looks at Sony PlayStation Network hack, the rise in security spending and surprising new claims on cyber security skills and encryption.

SCADA systems: Riddled with vulnerabilities?

SCADA systems: Riddled with vulnerabilities?

SCADA systems are essential to the smooth running of critical infrastructure but, as evidenced by the Stuxnet attack, they can be exploited through software and hardware vulnerabilities, and human error. But experts contest if they are really under threat.

ICYMI: NSA insiders, hacking living rooms & learning from Target

ICYMI: NSA insiders, hacking living rooms & learning from Target

This week's In Case You Missed It looks at rumours on a new NSA insider, hackable living rooms and if police are turning the tide on cyber-criminals.

The 5 most read articles this week: August 15 to 21

The 5 most read articles this week: August 15 to 21

Here are the five most popular articles, as read by you the reader, in the week for August 15 to 21.

Should you use cyber insurance to mitigate risk?

Should you use cyber insurance to mitigate risk?

While still a relatively immature industry, cyber insurance can reduce the costs of recovering from a breach, and, as Tony Morbin reports, it can also play a role in driving adoption of best practice, including de-facto standards in critical infrastructure.

The 5 most read articles this week: August 8 to 14

The 5 most read articles this week: August 8 to 14

Here are the five most popular articles, as read by you the reader, in the week for August 8 to 14.

ICYMI: Data breach disclosure, European privacy & internet outages

ICYMI: Data breach disclosure, European privacy & internet outages

This week's In Case You Missed It looks at data breach response, new concerns on EU privacy and claims that the internet is breaking 'under its own weight'.

Black Hat reports: Lurk Downloader & cryptocurrency mining hijacker

Black Hat reports: Lurk Downloader & cryptocurrency mining hijacker

During Black Hat Dell SecureWorks' threat reports included details on its research into the Lurk Downloader and hijacking attempts on large hosting companies' networks.

ICYMI: Black Hat news, biggest breach ever & figures to take to the CEO

ICYMI: Black Hat news, biggest breach ever & figures to take to the CEO

This week's In Case You Missed It (ICYMI) highlights from the Black Hat conference, and reaction to the 'biggest data breach ever'.

The 5 most read articles this week: August 1-7

The 5 most read articles this week: August 1-7

Here are the five most popular articles, as read by you, the reader, in the week for August 1 to 7.

The 5 most read articles this week: July 25-31

The 5 most read articles this week: July 25-31

Here are the five most popular articles, as read by you the reader, in the week for July 25 to 31.

ICYMI: Driverless cars, cyber espionage & the hidden cost of data breaches

ICYMI: Driverless cars, cyber espionage & the hidden cost of data breaches

This week's In Case You Missed It column considers early security questions on driverless cars, the hidden cost behind data breaches and new claims of industrial cyber espionage.

The 5 most read articles this week: July 18-24

The 5 most read articles this week: July 18-24

Here are the five most popular SC articles, as seen by you the reader, in the week for July 18 to 24.

ICYMI: Questions on cyber warfare, start-up money and helping out charities

ICYMI: Questions on cyber warfare, start-up money and helping out charities

This week's In Case You Missed column considers the possibility of cyber warfare, the money reaching cyber security start-ups and how charity can start at home for InfoSec practitioners.

The 5 most read articles this week: July 11-17

The 5 most read articles this week: July 11-17

Here are the five most popular SC articles, as seen by you the reader, in the week for July 11 to 17.

Conference report: Intelligence services share secrets with private sector

Conference report: Intelligence services share secrets with private sector

UK Financial Cyber Security summit sees call for cross-border and sector info sharing; cyber expenditure plans and investment in exports revealed.

The 5 most read articles this week: July 4-11

The 5 most read articles this week: July 4-11

Here are the five most popular articles, as read by you the reader, in the week for July 4 to 11.

Digital signatures are now legal authentication

Digital signatures are now legal authentication

But where does this leave anyone whose electronic identity has been stolen as a result of a malware infection?

ICYMI: Microsoft takedown, policing cybercrime & eyes on Tor and Tails

ICYMI: Microsoft takedown, policing cybercrime & eyes on Tor and Tails

This week's In Case You Missed It (ICYMI) looks at Microsoft's action against cybercriminals, the cyber security skills gap and NSA spying on Tor users.

CASE STUDY: Women's Security Society

CASE STUDY: Women's Security Society

A conversation with Jane Wainwright, Co-founder Women's Security Society and now senior manager at PWC.

Securing the Olympics

Securing the Olympics

With a military background in insider threat, Jane Wainwright tackled threats from inside and out to secure London's 2012 Olympics.

EU Data Protection Regulation: Rocky road to compliance

EU Data Protection Regulation: Rocky road to compliance

The EU is inching ever closer to putting the much-anticipated EU General Data Protection Regulation on the statute books, and that could see many companies playing catch up.

Women in IT security: Pushing at an open door?

Women in IT security: Pushing at an open door?

Why don't more women choose information security as a profession? What are the barriers, and what can be done to rectify the situation?

How secure is cloud - really?

How secure is cloud - really?

Revelations of government surveillance are fuelling a paranoia that isn't going to subside. So should firms be afraid of adopting cloud?

SC Webcasts UK

Sign up to our newsletters

FOLLOW US