Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.
A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber warfare.
Crowds of people came out to see Daniel Ellsberg chat with Edward Snowden at HOPE X conference.
Apple has built backdoors in its iOS operating system that can leak the personal data of all 600 million iPhone and iPad users and may have been exploited by the US secret service, according to a new US research paper.
In the aftermath of the MH17 tragedy which saw almost 300 people lose their lives in an airplane crash over Ukraine, cyber-criminals are taking advantage by leading social media users to malicious websites.
Andy Archibald, deputy head of the UK's National Cyber Crime Unit (NCCU), is to chair a new cyber-crime taskforce based out of the European Cybercrime Centre (EC3) in The Hague in Netherlands.
Here are the five most popular SC articles, as seen by you the reader, in the week for July 11 to 17.
One of the first cases of government-grade malware falling into the hands of common cyber criminals has been uncovered by US security firm Sentinel Labs.
This week's In Case You Missed It (ICYMI) column takes a look at Google's Project Zero, accusations of double-standards at the ICO and the need to share intelligence on critical infrastructure.
UK cyber experts side with NSA whistle-blower who urges companies to adopt encryption and to shun Dropbox because the cloud storage company is 'hostile to privacy'.
Android apps ask for far too many device and data permissions, with 68 percent of 75,000 apps scanned requiring the ability to generate text messages, according to new research.
Chinese firm uses unusual techniques to infected legacy computer systems.
The controversial DRIP (Data Retention and Investigatory Powers) bill completed its Lords committee stage without amendment yesterday, after effectively being rubber-stamped into the legislative books overnight.
John Donahoe, the chief executive officer of eBay, has confirmed that May's data breach has had a negative impact on revenues and user activity.
New research from IT security vendor Websense and Ponemon Institute indicates that security professionals want their companies to invest in new technology, but are doing little to 'upskill' existing staff.
NIST cryptographers want to be able to reject NSA guidance.
Many Germans have personally experienced mass state surveillance by the Stasi, hence the move to use typewriters to prevent NSA survellance.
The wide spectrum of discovered vulnerabilities makes a single solution unlikely - UC Berkley report
Some of the UK's chief information security officers (CISOs) are breaking away from IT budgets and reporting lines but are still missing C-level support, a new study reveals.
IT technology website lost data on one million users to Russian hackers.
The Pitty Tiger APT has been targeting telcos, defence companies and at least one government in a cyber-espionage campaign that relies on spear phishing and malware prying on vulnerabilities in Microsoft Office.
The UK's data privacy watchdog, the Information Commissioner's Office (ICO), has called on the government to give it more power, better funding and the ability to imprison people as it battles against a record number of data protection complaints.
More than 96 percent of organisations experienced a significant IT security incident in the past year.
A study of some of the UK's top chief information security officers (CISOs) has revealed that just 21 percent are conducting security awareness training on a regular basis.
British Prime Minister David Cameron today announced a £800 million investment in improving the country's cyber intelligence, reconnaissance and defence capabilities.
NatWest customers targeted by Gameover Zeus Trojan variant.
A suspected Chinese government cyber-attack called 'Zombie Zero' has been targeting shipping, logistics and manufacturing companies worldwide, according to US security research firm TrapX.
This week's In Case You Missed column looks at Britain's new surveillance laws, the sacking of a security researcher and questions on BYOD management.
BrutPos or @-Brt attacks have infiltrated POS systems with botnets largely thanks to weak admin passwords.
The British government has been criticised by the president of a leading UK data protection professional body for trying to water down the 'right to be forgotten' privacy protection now being instigated by Google.
The UK's National Crime Agency has been working with the FBI and Europol to disrupt the infrastructure behind Shylock Trojan, malware which siphons money from European bank accounts.
San Francisco-based endpoint security company Malwarebytes announced today that it has received $30 million (approximately £17.53 million) in Series A funding from Highland Capital Partners.
The British government looks set to pass the Data Retention and Investigations Powers Bill - a law which will allow police and security services to access people's phone and internet records from telcos and ISPs.
Some Twitter users have claimed that cyber-criminals may have been able to spam the email addresses registered with the social networking giant.
Smart light bulb hacked to reveal WiFi password, research project highlights need for development of Internet of Things security.
Two-thirds of UK companies believe that they will be targeted by a cyber-attack within the next year, leading some industry observers to question whether business defences are up to scratch.
Attack vectors demonstrate the sophistication of malware available to cyber-criminals globally, says CheckPoint MD Keith Bird.
"Fighting off an APT attack using firewalls and anti-virus is akin to shooting at a nuclear warhead with a bow and arrow."
Researchers at Curesec have found a vulnerability that is potentially affecting 60 percent of Android devices connected to Google Play.
Reports are coming in that cyber-criminals are deploying an attack methodology that was last successful in the late 1990s.
Anti-spam organisation Spamhaus welcomes two arrests in the UK and Spain, and now seeks others outside the EU, which commentators believe is unlikely to happen.
Just over a week after Microsoft seized more than 20 domains from No-IP, the ISP now says that all of the domain names are back in its possession.
UK-based travel booking website Hotel Hippo appears to have closed just one week after an independent security consultant found that the firm had weak security and privacy controls.
The Scottish Business Resilience Centre (SRBC) has warned Scottish firms to step up their cyber security measures - especially if the internet is a fundamental part of their supply chain.
A new study from IT governance reveals that a half of IT staff believe that their company may have suffered a data breach without it being detected.
The three main political parties in the UK are in talks about introducing a new emergency law that would require phone companies to log records of phone calls, texts and internet usage.
Barclays bank has announced that it has received the UK government's Cyber Essentials certification for its digital banking services, including MyBarclays, BMB and Pingit.
InfoSec Skills Ltd have embarked on a new scheme to help close the national 'skills gap' in information security.
New research from consulting firm KPMG claims that cyber security and data protection are only ranked third as priorities in UK boardrooms, following people skills and plant/machinery spending.
The German software revelation may have come from a second NSA leak/source other than Edward Snowden, says cryptography expert Bruce Schneier.
Bletchley Park, the forerunner to GCHQ and synonymous with the Enigma code breakers of WWII, opened its international cyber-security exhibition earlier this week.
A complex variant of the MiniDuke malware - first seen almost 18 months ago and which targets NATO and other European government IT systems - has been spotted.
"Anyone with an understanding of embedded systems could develop the technology to hibernate, rather than switch off, the handset" - Rob Bamforth, Quocirca
ISPs and Privacy International seek legal clarification on how far GCHQ can go with its state-sponsored surveillance activities.
Dame Margaret Beckett has criticised the government's National Security Strategy and says that the next version must do more to protect businesses from cyber threats.
The proportion of spam in email traffic fell 1.3 percent from April to May says Kaspersky.
A leading cyber security professor and researcher has urged companies to not make users the enemy, and says that a start would be removing layers of 'unnecessary' authentication.
The Information Commissioner's Office (ICO), is looking into possible privacy breaches by Facebook and UK-based booking site HotelHippo.com.
IntelCrawler reports a significant increase in malicious cyber-attacks taking place during the civil war in Iraq.
The Surrey Centre for Cyber Security (SCCS) has launched, and will be home to academia research on everything from privacy and data protection, to secure mobile communication and human-centric technology.
What is claimed to be the first mobile malware to combine the unholy trinity of private data theft, banking credential theft/spoofing and remote access, has been discovered by researchers at FireEye.
The much-debated cyber security skills gap was the topic of debate at two separate conferences in the UK on Tuesday.
After facing a barrage of criticism for taking down the No-IP DNS server, Microsoft is now getting praise from some quarters for its impact on malware distribution - though critics remain.
CHAPS' Mark Hale drew an interesting parallel between cyber defence and the sinking of RMS Titanic in London yesterday.
Delegates and panelists debate breach liability, response, and the need for a plan of action.
Cisco researchers uncover a cyber criminal group that have been hiding since at least 2007, distributing malware almost entirely undetectable by anti-virus systems.
National Cyber Crime Unit deputy director Andy Archibald says that law enforcement must regain the trust of industry partners to beat cyber-criminals.
Microsoft accused of acting "excessively" - US court order used to take down servers exploited by threat actors also hits servers being used by millions of innocent internet users.
Mark D. Parker dissects deperimeterisation - what it is and how to prevent it.
The latest news on the people and companies at the forefront of information security.
The first update to the Computer Misuse Act since 1990, Operation Tovar combats infamous malware and more security news.
2 minutes on keeping security at the forefront by working with third-parties
Amichai Shulman and Sarb Sembhi whether or not anti-virus is dead
In the current print issue, SC Magazine UK talks to women in the industry about their experience, asks if data is secure when held by a cloud provider and assesses how ready we are for the new EU Data Protection Regulation.
A leading insurance underwriter told British politicians and security experts in London today that insurers must be involved in the fight against cyber warfare.
CryptoLocker is back and more popular than ever, less than one month on from the Operation Tovar campaign.
UK-based security services firm Portcullis has discovered a flaw in Sophos Antivirus that could allow attackers to inject malicious code and disable the software.
The German Government has cancelled a contract with US telecoms provider Verizon over fears it is obliged to hand over customer data to the US Government.
Online bank thieves who stole £400,000 earlier this year are believed to have been hit by police action against the Gameover Trojan gang.
ENISA and Europol have signed a strategic cooperation agreement to fight cyber-crime together, marking the latest example that international cyber-crime policing cooperation is improving.
Despite the takedown of Gameover Zeus last month, security researchers say that a small group of cyber-criminals are using the Trojan, with a tweaked version of the Citadel botnet, to steal banking credentials.
Some eight months after discovery and paying a bug bounty of US100,000, Microsoft Windows remains vulnerable to the weakness found by James Forshaw.
Two-factor authentication can be bypassed on some of PayPal's mobile applications.
Experts say the government should get involved with tackling the challenge of social engineering scams
Italian hacking team seem to have forgotten about a Blackberry version of the spyware.
UK Home Secretary and NCA director general explain the need for state digital surveillance.
A new report from the UK's Information Commissioner's Office (ICO) reveals how few police forces are adhering to the full requirements of the 1998 Data Protection Act.
Researchers at F-Secure have found that cyber-criminals are using the Havex malware family to compromise equipment made by industrial control system manufacturers in Germany, Belgium and Switzerland.