Knock Knock! Unique new backdoor Trojan infecting computers

Backdoors normally implement remote control tool TeamViewer in order to get unauthorised access to an infected computer. However, a newly-discovered Trojan, BackDoor.TeamViewer.49, uses the tool for less obvious reasons.

Fraud costs UK £193bn per year, rise in phishing attacks seen

Annual fraud losses in the UK could amount to £193 billion, much higher than the government estimate of £50 billion.

Apple rehires crypto legend Jon Callas

Cryptology executive Jon Callas returned to Apple, following the FBI/Apple showdown this year.

HITB 2016: Zorko calls for greater cooperation in cyber-crime fight

HITB 2016: Zorko calls for greater cooperation in cyber-crime fight

One of the Netherland's Cyber-security chiefs opened today's 7th annual Hack in the Box with a call to bring the private, public and communities closer together.

HITB 2016: John Adams - 'backdoor' security laws unworkable

HITB 2016: John Adams - 'backdoor' security laws unworkable

Bolt Financial's John Adams took the stage at HITB 2016 today to label many governments' drivers for backdoors unworkable

US GAO finds nukes are controlled by computers from 1970s

US GAO finds nukes are controlled by computers from 1970s

The US US Government Accountability Office has released a report showing that The Pentagon is controlling its nuclear arms with computers from the 1970's.

China's quantum communications satellite to improve data security, thwart hackers

China's quantum communications satellite to improve data security, thwart hackers

China will send the first quantum communications satellite into orbit in July, vastly improving the secure transmission of data and thwarting the efforts of hackers.

Two-year GDPR honeymoon period starts today

Two-year GDPR honeymoon period starts today

The two year GDPR honeymoon period starts today - industry experts that spoke with SC are all urging business to, " take a hard look at how their data are shared and stored, focusing in particular on any cloud apps in use across the organisation."

Study: US federal agencies still lacking strong cyber hygiene

Study: US federal agencies still lacking strong cyber hygiene

A new study showing how US federal agencies still don't have a firm grasp of cyber-security was ironically released days after a third-party contractor hired to fortify the US Office of Personnel Management's systems suddenly quit.

Nine out of 10 UK organisations vulnerable to data threats

Eighty-nine percent of UK organisations feel somewhat or more vulnerable than they have been in the past to internal and external threats to sensitive data.

Microsoft seeks to mitigate laziness by banning popular passwords

Microsoft seeks to mitigate laziness by banning popular passwords

Old man Redmond looks to prevent "LinkedIn"-style debacle by preventing users from choosing popular passwords.

It's a trap! WhatsApp Gold 'premium' version lures users to malware

A new scam is tricking users of WhatsApp into downloading a so-called exclusive version of the app called 'WhatsApp Gold', which infects mobile devices with malware.

34% of Brits willing to sacrifice their online safety for weight loss

With summer just around the corner, people are looking for quick diet solutions online to get their bodies 'beach ready'. A third of Brits (34 percent) are willing to sacrifice their online safety to lose a few pounds by clicking on potentially malicious websites that offer to help 'lose belly fat'.

GCHQ infosec group disclosed kernel privilege exploit to Apple

GCHQ infosec group disclosed kernel privilege exploit to Apple

GCHQ's infosec unit CESG was credited with the discovery of two vulnerabilities that were patched by Apple last week.

Swiss defence contractor hacked, details released

Swiss defence contractor hacked, details released

The details of a years long campaign against a Swiss defence contractor have been released in partnership with Swiss CERT.

Analysis: Japanese ATM super-raiders bag £9m in 3 hours

Analysis: Japanese ATM super-raiders bag £9m in 3 hours

Japanese criminals exploit stolen South African bank data to withdraw 1.4 billion Japanese yen (£9 million) using cloned bank cards.

Bad guys jump ship to CryptXXX after TeslaCrypt authors release decryption key

Bad guys jump ship to CryptXXX after TeslaCrypt authors release decryption key

Researchers have spotted threat actors flocking to CryptXXX after TeslaCrypt authors closed shop.

SWIFT to update cyber-security policies as third heist pulled on user

SWIFT to update cyber-security policies as third heist pulled on user

The SWIFT bank messaging cooperative has announced an update to its cyber-security policies as yet another bank has been hit.

Surrey teenager charged under Computer Misuse Act over Mumsnet hack

A teenager from Surrey has been charged with a cyber-attack on Mumsnet, forcing the parenting website to reset the passwords of its 7.7 million members.

Microsoft to block 'terrorist content' on its services

Microsoft banned terrorist content from its services and said it would invest in public-private partnerships to help fight terrorism.

Changing of the TidePool: Operation Ke3chang malware evolves as APT threat reappears

Operation Ke3chang, the APT that in 2013 was discovered targeting Europe-based Ministries of Foreign Affairs, not only apparently remains active but also seems to be leveraging a new family of malware called TidePool.

Industry's cyber-security "market failure" must be addressed

Industry's cyber-security "market failure" must be addressed

Valuing cyber-risk key to addressing "market failure" around cyber-security, said a deputy director at the Cabinet Office in a speech to the Westminster eForum.

Tech support scammers turn to screen locking malware to fleece victims

Tech support scammers turn to screen locking malware to fleece victims

Attackers have taken it back some ways by using old tactics to pull off new scams

75% of European SMEs staff confident in their company mobile security

Nearly three quarters (74 percent) of European employees have no concerns about security issues when using a mobile phone owned by their company. Highlighting a significant level of confidence in workplace mobile security strategies, the figure stands at 75 percent for employees at small and medium-sized enterprises (SMEs).

'Digital Batman' hacktivist posts video of cyber-attack on Catalan police site

'Digital Batman' hacktivist posts video of cyber-attack on Catalan police site

Days after transferring £7,600 ($11,000) in stolen bitcoins to an anti-ISIS revolutionary group in Syria, hacktivist Phineas Fisher was at it again—defacing the website belonging to Spain's Catalan police union, and posting an online tutorial showing how it was done.

Cerber ransomware on sale in Russian darknet with new scripting features

Victims download the malware either via a double-zipped file with a WSF inside attached to the malicious email or via an unsubscribe link at the bottom of the email which is linked to the same ZIP file.

BoE demands UK banks to step up cyber-security after Bangladesh attack

Following the attack in February on the Central Bank of Bangladesh, the Bank of England (BoE) has issued an urgent call to order all British banks to carry out a security review of any computer connected to the SWIFT network.

Cash stolen from 15K ATMs in Japan in coordinated attack

Cash stolen from 15K ATMs in Japan in coordinated attack

As many as 100 people are believed to have taken part in a heist of nearly $13 million USD (£9 mil) from thousands of cash machines in Japan.

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

Eastern Ukraine separatists seemingly targeted in Operation Groundbait APT

Researchers have discovered a malware-based APT dating back to 2008 that at least appears to target political enemies of Ukraine, including pro-Russia separatists in the disputed eastern region of the country.

TeslaCrypt authors release master keys, Ransomware Info Day held 19 May

TeslaCrypt authors release master keys, Ransomware Info Day held 19 May

The authors of the TeslaCrypt ransomware have publicly released the master decryption key that unlocks files encrypted by the malware in efforts to close up shop and go home for good.

SEC chief: Cyber-crime biggest threat to financial systems

SEC chief: Cyber-crime biggest threat to financial systems

Hackers could wreak havoc on banks and other financial institutions, claims Mary Jo White

LinkedinGate: industry reacts to

LinkedinGate: industry reacts to

With the news of over 100 million user login credentials being stolen from online professional networking website LinkedIn, the industry offers it's viewpoints on passwords, the GDPR and LinkedIn's choice of encryption.

Android Pay launches in UK; 28% of consumers worried about digital payment security

Android Pay launches in UK; 28% of consumers worried about digital payment security

Security and payment experts warn that the Google-backed Android Pay UK launch on 18 May is promising, however could be held back by concerns over malware.

Russian students come out on top at international programming finals

A trio of students from St Petersburg State University in Russia have been dubbed world champions in the 40th annual ACM International Collegiate Programming Contest (ICPC) finals.

Video: Police need to be more savvy in commissioning high-tech solutions

Video: Police need to be more savvy in commissioning high-tech solutions

Chief constable Stephen Kavanagh tells techUK's Partners Against Crime seminar that the police need to engage more effectively with the private sector in developing new crime fighting capabilities.

IP EXPO: Responsibility and blaming the victim

IP EXPO: Responsibility and blaming the victim

Today's panel at IPEXPO discussed the common bad habit of blaming the victim rather than the criminals who committed the crime.

Why does old malware refuse to die? ...and is the IT security industry doing enough to kill it?

Why does old malware refuse to die? ...and is the IT security industry doing enough to kill it?

Old malware is the zombie apocalypse of the cyber -ecurity world. So why is that and why can't we fix it?

Web app attacks are on the rise, but money is tight for developers

Cyber-attacks against web applications are increasing, yet security budgets for developers remain low.

70% of UK employees use unauthorised cloud services at work

Unauthorised cloud services are used by 70 percent of UK employees at work.

98% of IT pros feel third-party secure access is not a top priority

Despite the increasing number of security threats connected to supplier and contractor access, only two percent of IT experts consider third-party secure access a top priority.

Hacker on trial for €100k British Airways DoS attack

A 23-year-old man appeared in court to face charges for allegedly launching Denial of Service attacks against British Airways, two police websites and a game retailer.

117 million LinkedIn email credentials found for sale on the dark web

117 million LinkedIn email credentials found for sale on the dark web

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for sale on the dark web.

IP EXPO: Pindar tells delegates prevention is not enough

While security spending continues to increase at a dizzying speed, breaches are increasing even faster, said Gemalto's Joe Pindar this morning at IP Expo. What are we to do?

SC Congress Atlanta: What are the drivers for cyber insurance?

SC Congress Atlanta: What are the drivers for cyber insurance?

A panel of industry insiders at SC Congress Atlanta looked at cyber-insurance, taking a look at what is driving the industry's quick growth.

SC Congress Atlanta: Ransomware, a real or overblown threat?

SC Congress Atlanta: Ransomware, a real or overblown threat?

A panel Tuesday at SC Congress Atlanta delved into a debate over how serious the threat is posed by ransomware.

New version of Skimer ATM malware comes back after several year absence

New version of Skimer ATM malware comes back after several year absence

Trojan allows hackers to make cash withdrawals from ATMs using "magic" cards and also skim card data from users without the need for external hardware.

78% of SMBs would use 'dirty tricks' to disadvantage rivals

78% of SMBs would use 'dirty tricks' to disadvantage rivals

A new marketing survey has revealed UK companies are sometimes less upstanding than we might hope when dealing with rivals, including deploying cyber sabotage techniques.

Most organisations unprepared for cyber-security incidents

Most organisations unprepared for cyber-security incidents

Roughly 77 percent of organisations are unprepared for cyber-security incidents according to research by NTT Com in its 2016 Global Threat Intelligence Report.

Europol mandate strengthened plus oversight increased

Europol's mandate has been strenghtened to provide new powers in the fight against cyber-crime and terrorism, while extra safeguards have been put in place to provide oversight and data protection for citizens.

OSGP custom RC4 encryption cracked yet again

The Open Smart Grid Protocol's (OSGP) home-grown RC4 encryption has been cracked once again. The easy-to-break, custom RC4 was cracked last year.

Symantec products vulnerable to buffer overflow bug

Symantec products vulnerable to buffer overflow bug

The Google Project Zero team has found a vulnerability in Symantec's Antivirus Engine that results in instant blue-screening and kernel memory corruption without user action on Windows.

Board checklist issued to improve cyber-security, data sharing advocated

Board checklist issued to improve cyber-security, data sharing advocated

CityUK's Cyber Taskforce report, 'Cyber and the City; making the UK's financial and related professional services industry safe from cyber attacks' launched today with former GCHQ head Iain Lobban urging greater data sharing.

Destroy your data responsibly! International Recycling Day is 17 May

International Recycling Day is held today, 17 May to caution businesses that being green and responsible recycling is vital to destroy data on disused devices

Researchers spot phishing attacks leveraging 2016 Rio Olympics

Researchers spotted a spike in phishing attacks, email scams and spam messages that mimic branding from the 2016 Rio De Janeiro Olympics.

Ponemon: 89% of healthcare orgs breached in last 2 years

Ponemon: 89% of healthcare orgs breached in last 2 years

For the second consecutive year, Ponemon Institute's annual study on the state of security and privacy in health care found that cyber-crime was the leading cause of data breaches among hospitals and other medical providers.

Russia strengthens banking system security standards

Russia strengthens banking system security standards

New standards and regulations to improve Russian bank responses to cyber-attacks - and help prevent insiders taking advantage of cyber-attacks to cover criminality.

Pornhub dismisses hacker's offer to sell access to servers as hoax

Pornhub dismisses hacker's offer to sell access to servers as hoax

A hacker calling himself Revolver yesterday advertised on Twitter that he was selling access to Pornhub servers for $1,000 after discovering an exploit, but the pornography video sharing website is disputing the veracity of this hack.

German Intelligence blames Russia for Parliament hack

German Intelligence blames Russia for Parliament hack

Germany's domestic intelligence agency has pointed the official finger at the Russian state for the 2015 attacks on the Bundestag, the German Parliament

Google seeks to phase out Flash on Chrome by year-end

Google plans to begin phasing out support for Adobe's Flash Player by the end of this year, the search company announced on a Chromium forum.

Vietnamese bank thwarts hack made through SWIFT messaging system

Vietnamese bank thwarts hack made through SWIFT messaging system

A Vietnamese bank has thwarted an attack similar to the one that befell the Bangladesh Central Bank in February and led to the loss of £56 million

IBM's AI Watson might be solving cyber-crime by end of year

IBM's AI Watson might be solving cyber-crime by end of year

Artificial intelligence could make catching hackers more elementary but will cyber-criminals adopt the technology and could it make cyber-security professionals redundant?

Seoul blames North Korea for cyber-attack on defence contractor

North Korea denies claims by South Korea that it was behind a cyber-attack on a navy defence contractor.

Malware-embedded porn apps provoke Android lockscreen attacks

Android lockscreen malware disguising as porn apps are an increasing concern for IT security analysts who predict a growth in attacks.

Not OK - data on 70k OkCupid users exposed

A semi-private database consisting of the identities of 70,000 users of the dating website OkCupid was published on the internet as part of a university research paper.

Banking Trojan has infected at least 40K Android users worldwide

Hundreds of different banking Trojans attack Android users, one being Android.SmsSpy.88.origin, which was first spotted in 2014.

BfV agency says Russia is behind German cyber-attacks

According to Germany's domestic intelligence agency, Russia was most likely responsible for the major cyber-attack on the Bundestag last year, forcing computer systems to be on hiatus for days.

Call centre fraud spikes 45 percent as payment card security improves

Call centre fraud spikes 45 percent as payment card security improves

A recent Pindrop study found a spike in call centre fraud as cyber-security improves.

The Bangladesh Job part II: the gang strikes again

The Bangladesh Job part II: the gang strikes again

According to Swift the fingerprints of those behind February's £56 million heist from the Bangladesh Central Bank have been found on another attempted heist.

New PayPal phishing scam hooking victims

The research firm AppRiver reports a new PayPal phishing scam is making the rounds using a phony security message to obtain personally identifiable information.

Fetish forum breached: 107,000 users facing major humiliation

Over 100,000 users are at risk of public humiliation or blackmail as Rosebutt Board, a web forum dedicated to the 'anal fisting' fetish, has suffered a data breach.

SS7 vulnerability defeats WhatsApp encryption, researchers claim

SS7 vulnerability defeats WhatsApp encryption, researchers claim

Flaw in the international communications standard SS7 could allow hackers to mimic users and intercept messages on mobile networks.

The cyber-security buck should stop with executives, finds survey

The cyber-security buck should stop with executives, finds survey

New research by VMWare has found that a great deal of UK workers believe that the responsibility for cyber-security should go all the way to the board of directors.

Bangladesh bank investigators reportedly find three separate network intruders

Bangladesh bank investigators reportedly find three separate network intruders

The investigation into the bank heist that cost Bangladesh's central bank $81 million (£56m) has taken a byzantine turn, as a new report surfaced of multiple hacking groups infiltrating the bank's network.

VirusTotal policy changes spark outrage among newer tech startups

VirusTotal policy changes spark outrage among newer tech startups

Changes in policy at information sharing database, VirusTotal, mean that those who don't put in will get nothing back, but some warn that this is merely the old guard of tech world muscling out the new players.

Alleged securities fraudsters to be extradited from Israel

Two Israeli men accused of securities fraud and hacks into media outlets and nine financial institutions, including JPMorgan Chase, Fidelity Investments and E*Trade Financial Corp., will be extradited to the US.

UK mobile software firm 51Degrees suffers a cyber-attack

UK mobile software and device detection firm 51Degrees has been hacked. The company has notified its customers of the breach via an urgent email.

Viking Horde: are mobile botnets a thing now?

Viking Horde: are mobile botnets a thing now?

As mobile devices become ever more powerful, they are increasingly being targeted by botnet operators as the ideal members of their zombie armies.

Pornhub launches bug bounty programme on HackerOne

Pornhub is offering white hats between $50 (£35) and $25,000 (£17,300) for reporting qualifying vulnerabilities.

TalkTalk profits hit by customer losses following cyber-attack

TalkTalk profits hit by customer losses following cyber-attack

TalkTalk's CEO puts a brave face on the fallout from the cyber-attack in October but the profit figures and customer losses paint a different picture.

Biometric data: security and ease negate passwords, but is it private?

Compared to passwords, authentication through biometric data is simpler to use and can be much more secure.

Critical patches target privilege escalation

Half of this months Patch Tuesday releases are critical, many addressing privilege escalation.

Attackers already pouncing on newly discovered ImageTragick vulnerability

Attackers already pouncing on newly discovered ImageTragick vulnerability

Mere hours after word spread last week of a remote code execution vulnerability in the image-processing software ImageMagick, bad actors were already actively exploiting it in the wild

Scammers impersonate legit cyber-security companies

Scammers impersonate legit cyber-security companies

A scammer syndicate has been caught impersonating the services of cyber-security companies and charging high fees for doing very little.

Patch Tuesday: Adobe Flash Player patch on the way, Acrobat, Reader fixes issued

Patch Tuesday: Adobe Flash Player patch on the way, Acrobat, Reader fixes issued

Adobe released fixes for its Reader and Acrobat products and said it will issue an update later this week for Flash Player to patch a vulnerability that is currently being exploited in the wild.

Alleged Syrian Electronic Army hacker extradited to US to face charges

An alleged hacker for the Syrian Electronic Army (SEA) has been extradited to the United States from Germany.

IT pros in financial services assert ability to detect breaches

Data breaches in the worlds of banking, credit and finance have nearly double between 2014 and 2015 according to the Identity Theft Resource Centre's 2015 Breach List report. Despite being unsure of how long it would take, IT pros in financial services are very confident in their ability to detect a breach.

Anti-virus software stops surgery to scan medical monitor for malware

Anti-virus software stops surgery to scan medical monitor for malware

Screens on a vital medical monitor went blank in the middle of a heart procedure in the US - officials blame human error for misconfigured AV software.

UAE InvestBank hacked, nearly 100k recycled data records leaked?

A data file of 10GB holding sensitive financial data compromised from an InvestBank in the United Arab Emirates (UAE) has been leaked online. The file contains information on tens of thousands of customers from a bank based in Sharjah.

Ransomware targets and infects 38% of IT pros in healthcare

Ransomware is becoming a more prevalent threat actor, targeting and infecting 38 percent of healthcare IT professionals.

Twitter blocks US spy agencies from getting key terror alerts

Twitter blocks US spy agencies from getting key terror alerts

The social media giant has taken a stand when it comes to intelligence agencies using the service to collect data.

PerezHilton.com gossip site serves up malicious ads - again

PerezHilton.com, home to Hollywood and celebrity gossip news, has served up a new set of malicious ads to some of its half a million daily site visitors.

Privacy International files for judicial review against general hacking warrants

Privacy International files for judicial review against general hacking warrants

Privacy International has filed for Judicial Review at the UK's High Court, challenging the Investigatory Powers Tribunal's (IPT) decision to allow the Government to issue 'thematic warrants' which allow for general hacking.

Activist Lauri Love dodges encryption key issue for now

Activist Lauri Love dodges encryption key issue for now

Lauri Love, the British/Finnish activist, was granted a small victory today at Westminster Magistrates Court when the judge ruled he didn't have to reveal the passwords to encrypted files as part of his request for return of data storage devices.

Kiddicare suffers a data breach! 794,000 customer details are exposed

Kiddicare suffers a data breach! 794,000 customer details are exposed

Baby retailer Kiddicare suffers a data breach that exposes 794K customer details

Malware popups delivered with Pirate Bay downloads, report

Torrent site's users received malware warnings.

Bangladesh blames £56m bank heist on badly-installed software

Bangladesh Central Bank officials are pinning the blame for an cyber-attack that netted $81million (£56mil) from the financial institution on SWIFT's for incorrectly installing new software.

British manufacturers urged to step up their cyber-security plans

To face the growing number of cyber-threats as part of their efforts to get ready for the 4th industrial revolution, British manufacturers are being urged to step up their cyber-security planning.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US