National Grid CISO talks up security convergence

National Grid CISO talks up security convergence

National Grid's chief information security officer and head of digital risk Graham Wright talked targeted attacks, critical infrastructure and the blurring of physical and digital security at a recent London conference.

NSA, GCHQ or both behind Stuxnet-like Regin malware?

NSA, GCHQ or both behind Stuxnet-like Regin malware?

Symantec has discovered a new piece of customisable malware - reminiscent of the Stuxnet worm - which has been stealing data from governments, telcos, energy companies and SMEs since 2008. And experts say the threat actor could be the US or UK government.

Defending against APTs: 'We are behind the curve'

Defending against APTs: 'We are behind the curve'

High-profile CISOs and senior IT security managers talked advanced persistent threats (APTs) and how they can be countered at SC Magazine's latest roundtable in central London.

Russia to ban State use of foreign software in bid to boost IT-security

Russia to ban State use of foreign software in bid to boost IT-security

Russia reportedly plans to ban imports of foreign software for state use from next year according to recent government statements.

China could put America's lights out, says NSA chief

China could put America's lights out, says NSA chief

The head of the NSA has said China and "one or two" other countries could shut down America's power and financial services companies, and that such an attack was "a matter of when not if".

European arrests highlights danger of teen cyber-crime

European arrests highlights danger of teen cyber-crime

School pupils are among 15 EU citizens suspected of using Trojans for crimes such as DDoS attacks and extortion.

Malware mafia renders prevention tools useless

Wide scale of Dutch state surveillance revealed by data leak

Wide scale of Dutch state surveillance revealed by data leak

Concern over both the leak of data and the extent of surveillance by authorities in the Netherlands.

ICO warns that Russian website allows webcam/baby monitor feeds to be watched online

ICO warns that Russian website allows webcam/baby monitor feeds to be watched online

ICO warns users to change their default passwords to avoid webcam spying.

Detekt anti-surveillance software released

Detekt anti-surveillance software released

Open source software capable of detecting the presence of surveillance spyware has been released by four European and US human rights and IT organisations.

Met Police's cyber fraud squad sees rise in cyber-enabled crime

Met Police's cyber fraud squad sees rise in cyber-enabled crime

Detective Superintendent Jayne Snelgrove, head of Metropolitan Police's Falcon group, says that cyber-enabled crime can only be stopped using teamwork and the right skills.

Francis Maude: Home-grown talent key to defeating cyber-criminals

Francis Maude: Home-grown talent key to defeating cyber-criminals

UK cabinet minister Francis Maude told conference attendees in London today that human endeavour holds the key to defeating cyber-criminals.

Operation Onymous - are the FBI's claims transparent enough?

Operation Onymous - are the FBI's claims transparent enough?

Most sites taken down in operation Onymous were spam or clone sites says researcher.

'Let's Encrypt' aims to drive adoption of HTTPS

'Let's Encrypt' aims to drive adoption of HTTPS

Some of the world's biggest security companies are working together to develop 'Let's Encrypt' - a new certificate authority (CA) offering free and automatically renewable HTTPS web encryption.

Research reveals hackers are increasingly exploiting privileged accounts

Research reveals hackers are increasingly exploiting privileged accounts

New research claims that the security threats landscape is now almost egalitarian in nature, with almost every industry - and every company - now being a security target.

Microsoft issues out-of-band patch to Windows Kerberos

Microsoft issues out-of-band patch to Windows Kerberos

Microsoft has very unusually released an `out-of-band' security patch to fix a vulnerability in Windows - and Windows Server - that hackers are reportedly exploiting to compromise IT networks.

NotCompatible botnet infects Android mobiles, infiltrates corporate networks

NotCompatible botnet infects Android mobiles, infiltrates corporate networks

Mobile security firm Lookout has discovered a more sophisticated variant of the NotCompatible Android botnet which it says targets enterprise networks through compromised mobile devices.

87% of top Apple iOS apps have been cracked

87% of top Apple iOS apps have been cracked

Attacks on Apple iOS devices are rising sharply, with 87 percent of the top 100 paid-for iOS apps now having been cracked and cloned - up from just 53 percent in 2013, according to a new report.

US banks set to splash the cash on cyber-security

US banks set to splash the cash on cyber-security

New research from PricewaterhouseCoopers (PwC) suggests that US financial service companies will spend an additional £1.3 billion (US$ 2 billion) on cyber-security by 2017.

One in four consumers hit by ID theft

One in four consumers hit by ID theft

One in four consumers has been a victim of identity theft, an issue which came out as the leading concern among 1,000 respondents in a survey commissioned by Centrify.

'Serious threat' as free web apps plant Trojans and ransomware

'Serious threat' as free web apps plant Trojans and ransomware

Security professionals are being warned of a 'serious threat' from cyber-criminals using free web apps to distribute malware including Zeus, DOFOIL, CryptoWall and other ransomware.

Four 'volume crime hubs' target cyber-crime impacting the capital

Four 'volume crime hubs' target cyber-crime impacting the capital

London is establishing four hubs which aim to increase reporting of cyber-crime in the capital.

Tor plays down fears that network analysis attack could identify users

Tor plays down fears that network analysis attack could identify users

The Tor Project has played down fears that cyber-criminals and law enforcement could launch network analysis attacks to identify over 80 percent of Tor users.

US State Department takes email system offline after suspected cyber-attack

The US State Department reportedly turned off its entire unclassified email system over the weekend after a suspected cyber-attack.

Security experts urge caution as UK firms consider hiring ex-hackers

Security experts urge caution as UK firms consider hiring ex-hackers

The widening cyber-security skills gap is pushing British companies to consider employing hackers and convicted criminals, according to new research. But some experts say this is the wrong approach.

US marshals grab mobile phone data from the sky

US marshals grab mobile phone data from the sky

Airborne law enforcement surveillance devices grab phone data on tens of thousands at a time.

Tor abused to mount APT attacks on European governments

Tor abused to mount APT attacks on European governments

Tor provides anonymity, not security, given that exit nodes appear to have been used for Russia- based APT attacks.

Courion reports company service account risks

Skype and ISPs under fire for giving encryption the boot

Skype and ISPs under fire for giving encryption the boot

The Electronic Frontier Foundation criticises Skype for no end-to-end encryption and claims that ISPs in the US and Thailand are removing encryption from customer data.

MasterCard, Visa pin hopes on new security standard for online payments

MasterCard, Visa pin hopes on new security standard for online payments

MasterCard and Visa have teamed to develop a new security standard, 3DS 2.0, which aims to kill off the password for online transactions.

Attackers increasingly targeting Apple users

Attackers increasingly targeting Apple users

IPhone mass uptake has led to it being clearly targeted by cyber-criminals says Cyren report

Microsoft report warns on outdated security software

Microsoft report warns on outdated security software

Microsoft says outdated software can be almost as insecure as having no protection at all.

G4S shares sent tumbling by fake website that cost £12 to build

G4S shares sent tumbling by fake website that cost £12 to build

British security services company G4S saw shares decline yesterday following a hoax emailed message and website.

HSBC Turkey hackers stole card details on 2.7 million customers

HSBC Turkey has confirmed that a recent cyber-attack resulted in the loss of card details on 2.7 million customers.

Demand for ediscovery increases in Europe

Researchers discover close correlation between civil unrest and hacktivism

Researchers discover close correlation between civil unrest and hacktivism

Research from Arbor Networks claims to show there is a strong correlation between the actions of real-world hacktivists and online conflict.

NGOs face an uphill battle against state-sponsored attacks

NGOs face an uphill battle against state-sponsored attacks

Cyber-attacks pose a serious threat to smaller organisations, especially NGOs, according to a new report from Munk School of Global Affairs.

Stuxnet 'an accident waiting to happen'

Stuxnet 'an accident waiting to happen'

Stuxnet was targeted 'inside-out' not 'outside-in' infiltration of air-gapped system says new book.

Microsoft issues critical patches for Windows SSL/TLS and OLE flaws

Microsoft issues critical patches for Windows SSL/TLS and OLE flaws

Microsoft has issued critical patches for flaws relating to SSL/TLS encryption on Windows systems, as well as the Windows Object Linking and Embedding (OLE) protocol.

Google: Phishing is 'astonishingly' successful

Google: Phishing is 'astonishingly' successful

Phishing emails - which often seem blatantly fake to security professionals - are far more successful and professionally exploited than previously thought, according to new Google research.

Apple fails to patch 'Masque' flaw now in hands of cyber-criminals

Apple fails to patch 'Masque' flaw now in hands of cyber-criminals

A flaw that affects nearly all Apple iOS devices - and which Apple has failed to patch despite knowing about it since July - is now being circulated among cyber-criminals and may have already led to attacks.

Malware campaign targets Amazon UK customers

AnonGhost hacks Nottinghamshire Police website

Simulated terrorist cyber-attack on London

Simulated terrorist cyber-attack on London

Entrants are invited to take part in the Cyber Security Challenge 2015 Masterclass to defend London from a simulated terrorist cyber-attack.

Internet Security Alliance to launch European spinoff

Internet Security Alliance to launch European spinoff

A European version of the Internet Security Alliance think-tank will launch next spring.

Darkhotel APT steals IP from travelling executives

Darkhotel APT steals IP from travelling executives

A sophisticated cyber-espionage campaign uses Wi-Fi and a backdoor to trick travelling C-level execs into downloading "Darkhotel" spying software.

Study shows employees lack IT security awareness

Rovnix continues on its path of destruction

Home Depot breach is the largest to date

Researchers act to stop 'flight cyber-jacking'

Cyber-pros get big salary rises

Cyber-pros get big salary rises

But skills shortage means companies have to hire more and more 'green' information security staff.

MI5, MI6 and GCHQ spy on British lawyers

MI5, MI6 and GCHQ spy on British lawyers

The UK's intelligence agencies have been spying on supposedly sacrosanct emails and calls between British lawyers and their clients, and could have exploited the information to illegally influence terrorist trials.

Criminals and Bitcoins seized in FBI/EC3 crackdown on Tor dark markets

Criminals and Bitcoins seized in FBI/EC3 crackdown on Tor dark markets

The FBI, the European Cybercrime Centre (EC3) and other high-profile law enforcement agencies are celebrating the take-down of 410 'dark markets' on Tor which was selling drugs, weapons and other illegal goods.

Infamous hacker extradited to the US

Cyber Connect UK launches this week

A new website and online community for small businesses and start-ups in the cyber-sector went live on Tuesday

British government wants to develop cyber-insurance market

British government wants to develop cyber-insurance market

The British government has teamed up with 12 insurers to develop the fledgling cyber-insurance market.

$500 million for new Russian cyber army

$500 million for new Russian cyber army

Russia is recruiting now for new dedicated cyber-forces in the army, with an initial outlay of some US$ 500 million (approximately £315 million).

Virus-like 'WireLurker' malware targets Apple Mac and iOS devices

Virus-like 'WireLurker' malware targets Apple Mac and iOS devices

A new and 'unprecedented' malware family has been targeting Apple devices much like a traditional computer virus, and is thought to have infected up to 350,000 machines to date.

Rotten Tomato malware targets Microsoft Word

SQL breach results in ICO fine

SQL breach results in ICO fine

Preventable SQL attacks need to be tackled says the ICO following a breach fine on Worldview Limited for losing customer payment details.

Bring Your Own Disaster as UK firms see rising mobile breaches

Bring Your Own Disaster as UK firms see rising mobile breaches

A study from BT reveals that almost half of UK firms (41 percent) suffered a mobile security breach over the last year, with another fifth reporting as many as four incidents in the same time-frame.

Gmail account gets hacked despite 2FA

Gmail account gets hacked despite 2FA

A widely circulated blog post from security expert Grant Blakeman about his Google Gmail and Instagram accounts being hacked has provoked a debate about the true strength of two-factor authentication (2FA).

Visa contactless hack takes a million units of any foreign currency

Visa contactless hack takes a million units of any foreign currency

Visa is acting to prevent attacks on its contactless cards using a flaw found by Newcastle University researchers while dismissing the findings as "no cause for concern".

GCHQ calls on tech companies to cooperate in fight against terrorists

GCHQ calls on tech companies to cooperate in fight against terrorists

The new head of GCHQ has started his job with a robust message complaining that US technology companies are the "command and control networks of choice" for terrorists.

Internet of Things attacks unlikely - but the cloud is another matter

Internet of Things attacks unlikely - but the cloud is another matter

Security software vendor Trend Micro says that nascent infrastructure means that there will be few attacks from cyber-criminals on Internet of Things devices next year.

THREAT OF THE MONTH: Passwords

THREAT OF THE MONTH: Passwords

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU exercise

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers yesterday.

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most companies

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two new reports.

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role in £6 million scheme

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) scheme.

Win32/Crowti ransomware is on the rise

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.

Hackers smuggle out stolen data disguised as videos

Hackers smuggle out stolen data disguised as videos

Around a dozen organisations, including at least one financial sector company, have been hit by a new form of hacking where attackers hide stolen corporate data inside video files that they upload to popular sharing sites like YouTube.

White House breached: Russian hackers suspected

White House breached: Russian hackers suspected

Russian hackers are allegedly behind a breach at the US President's office, while Russia's BlackEnergy malware has been used to attack US SCADA system suppliers.

Twitter offers telephone number as ID

94% of businesses suffered cyber-security incident

SC Exclusive: Human rights lawyers hit by Chinese cyber-attack

SC Exclusive: Human rights lawyers hit by Chinese cyber-attack

Not-for-profit legal group Lawyers Without Borders says that it has been hit by a cyber-attack emanating from China.

95% of companies challenged by BYOD security

80% of IT professionals expect to see an increase in mobile security incidents in their company in 2015.

FBI raids house of 'second Snowden'

FBI raids house of 'second Snowden'

The FBI is reported to have raided the house of a second whistle-blower who was leaking sensitive agency documents to the media.

NATO and UK defence groups hit by Russian cyber-attack

NATO and UK defence groups hit by Russian cyber-attack

NATO, UK defence attachés and even visitors to Counter Terror Expo and Farnborough Airshow were targeted by 'APT28' Russian state-backed spy group, says FireEye.

Cyber-security skills gap remains a 'societal challenge'

Cyber-security skills gap remains a 'societal challenge'

The cyber-security skills gap is a 'societal challenge' that must be tackled by everyone, from schools and universities to citizens and businesses, a panel of experts said in London today.

8 in 10 infosec pros think perimeter security can combat APTs

8 in 10 infosec pros think perimeter security can combat APTs

A new survey from Lieberman Software reveals that almost eight in ten IT security professionals believe that perimeter security technologies like firewalls and anti-malware solutions are sufficient in defending against advanced persistent threats (APTs).

Rogue Tor exit node injects malware into downloaded binaries

Rogue Tor exit node injects malware into downloaded binaries

A security researcher has discovered a 'bad' Russia-based Tor exit node which was being used to inject malware into downloaded binary files.

Sign up to our newsletters