German iron plant hit by APT attack

German iron plant hit by APT attack

A German federal agency has detailed in a new report how an Advanced Persistent Threat (APT) attack physically damaged an unnamed iron plant in the country.

Millions of routers and PCs vulnerable to decade-old cookie flaw

Millions of routers and PCs vulnerable to decade-old cookie flaw

A critical software vulnerability that was supposedly patched in 2005 is still affecting at least 200 types of home and small business internet routers, and could also be used by hackers to compromise millions of networked PCs and IoT devices.

UK firms turning to cyber-security contractors

UK firms turning to cyber-security contractors

New research reveals that UK firms are turning to contractors to plug the widening skills gap in the cyber-security field.

Hidden backdoor in up to 10m Android phones

Hidden backdoor in up to 10m Android phones

Chinese manufacturer Coolpad installs hidden backdoor in Android phones allowing permanent control of the device.

US government reportedly blaming North Korea for Sony hack

US government reportedly blaming North Korea for Sony hack

US officials have concluded that North Korea was "centrally involved" in the cyber-attack on Sony Pictures, according to American national media and TV reports.

ICANN hacked

Sony faces lawsuits over data privacy

Sony faces lawsuits over data privacy

New York film premier cancelled after Sony hackers issue threats

Quantum physics behind 'unhackable' security authentication

Quantum physics behind 'unhackable' security authentication

A team of Dutch scientists is proposing a new security system for credit cards and passports which uses the power of quantum physics - and which is apparently 'impossible to hack'.

Grinch vulnerability could hit Linux systems

Grinch vulnerability could hit Linux systems

Security researchers uncover 'grinch' vulnerability that could affect all Linux systems

SoakSoak bug hits 100,000 websites using old plugin flaw

SoakSoak bug hits 100,000 websites using old plugin flaw

WordPress sites have been hit by a malware campaign from a Russian domain using a plugin flaw identified months ago.

GCHQ faces new Belgacom hack allegations

GCHQ faces new Belgacom hack allegations

New leaks from NSA whistle-blower Edward Snowden reveal that the alleged GCHQ cyber-attack on Belgacom used Regin malware and was undiscovered for two years before it was detected. Plus, there are now concerns that the clean-up operation was not successful.

Hackers now offer '100% satisfaction guaranteed'

Hackers now offer '100% satisfaction guaranteed'

The underground hacker market has become so commercialised that cyber-criminals are offering "100% satisfaction" guarantees on stolen credit cards, or they will be replaced.

Film producers shaken (not stirred) as Sony hackers steal James Bond script

Film producers shaken (not stirred) as Sony hackers steal James Bond script

Eon Productions, the producers behind the upcoming James Bond film 'Spectre', have confirmed that an 'early version' of the script has been stolen and leaked by the Guardians of Peace (GOP) hackers.

Constant attack a growing reality

Constant attack a growing reality

Persistant attacks have become a state of permanent attack for some organisations according to a new report.

Tor darknets rise again after Operation Onymous

Tor darknets rise again after Operation Onymous

A month since the joint FBI/Europol crackdown on more than 400 dark markets and a new report claims that action hasn't been as successful as first thought.

APT attacks move to mobile devices

APT attacks move to mobile devices

Kaspersky predicts future sale of APT software to more dubious customers.

Iranians mount 'catastrophic' cyber attack on Las Vegas casino

Iranians mount 'catastrophic' cyber attack on Las Vegas casino

Iranian hacktivists targeted Las Vegas Sands casino in a sinister forerunner of the Sony Pictures breach.

UK government gives fresh backing to Cyber Security Strategy

UK government gives fresh backing to Cyber Security Strategy

A revew by the government of its three-year-old Cyber Security Strategy suggests that new funding, more security training and a stronger focus on SMEs is to come in 2015.

Sony Pictures allegedly launched DDoS-type attacks

Sony Pictures allegedly launched DDoS-type attacks

GOP hackers demand Sony Kim Jong-un film is halted; websites containing stolen data attacked

Inception malware could target UK businesses

Inception malware could target UK businesses

Sophisticated malware framework, Inception, uses targeted phishing emails to steal data and store it in the cloud

Anonymous hacker Sabu reveals how he became FBI informant

Anonymous hacker Sabu reveals how he became FBI informant

Sabu interview details reasons for disclosure of Anonymous LolzSec hackers' identities.

'Destover' malware highlights incident response

'Destover' malware highlights incident response

Fallout from Sony Pictures hack continues with incident reponse now under the spotlight.

Police need more money to fight cyber-crime, finds report

Police need more money to fight cyber-crime, finds report

Money is urgently needed from the Government's £860 million National Cyber Security Programme to plug big holes in the police's ability to combat cyber-crime, which is now reaching crisis levels.

Poodle bug still hitting 10% of world's websites

Poodle bug still hitting 10% of world's websites

The 'Poodle bug, which allows encrypted web traffic to be hacked, has returned in a new variant that affects 10 percent of websites worldwide.

David Blunkett: Share skills & intel to improve national cyber-security

David Blunkett: Share skills & intel to improve national cyber-security

Former UK Home Secretary David Blunkett says the cross-sector sharing of information and skills is essential if nation critical cyber-attacks - and cyber- terrorism - are to be averted.

Sony woes continue: Lizard Squad launches DDoS attack on PlayStation network

Sony woes continue: Lizard Squad launches DDoS attack on PlayStation network

Lizard Squad claims to have hacked Sony's PlayStation Network, with the firm still reeling from one of the biggest data breaches in recent history.

Are anti-malware solutions good enough?

Are anti-malware solutions good enough?

A new study reveals that anti-malware solutions are not as good as first thought, with most unable to detect new 'in the wild' malware. But some of the vendors in question have hit back.

Technology incidents yield increasing costs

NSA hacks 70% of global mobile phone networks

NSA hacks 70% of global mobile phone networks

American spy agency NSA infiltrated most of the world's smartphone networks.

North Korea denies responsibility for Sony hack

North Korea denies responsibility for Sony hack

'Not us' says N Korea over targeted Sony hack Trojan using Korean language, Korean computers and similarities to previous attack on S Korea.

Commercial opportunities in security problems

Commercial opportunities in security problems

Problems with information security can be turned into commercial opportunities says business consultancy giant KPMG.

Chinese cyber-espionage suspected, 77 arrested in Kenya

Chinese cyber-espionage suspected, 77 arrested in Kenya

A fatal fire at a home in Nairobi, Kenya, has resulted in the exposure of what police believe to be a large scale Chinese hacking operation.

Security researcher wins £6,000 after finding critical PayPal flaw

Security researcher wins £6,000 after finding critical PayPal flaw

Egyptian cyber-security researcher Yasser Ali has won US$ 10,000 (£6,384.28) in a bug bounty after finding a flaw in the PayPal global payment system that would allow any of its 150 million-plus customer accounts to be hijacked with a single click.

Weak passwords revealed by Sony Pictures hackers

Weak passwords revealed by Sony Pictures hackers

Experts emphasise the need for user education as Sony hackers reveal employee passwords such as "password" and "s0ny123"

Russia to launch banking IT-security centre

Russia to launch banking IT-security centre

Russian banks to share attack details via IT security centre for the banking sector.

Iranian hackers preparing for attack

Iranian hackers preparing for attack

Operation Cleaver is a global data gathering exercise still underway by Iranian hackers in key infrastructure sectors, a possible precursor to a major attack.

FBI warning on 'destructive' attack that wipes all data

FBI warning on 'destructive' attack that wipes all data

FBI alert follows Sony Pictures hack for which North Korea refuses to deny involvement.

UK cyber-crime policing criticised as Halifax hacker is jailed

UK cyber-crime policing criticised as Halifax hacker is jailed

Police crack phishing-based case just as a UK government watchdog slates them for failure to keep pace with cyber-crime.

Cash-happy hackers phish for Wall Street secrets

Cash-happy hackers phish for Wall Street secrets

A financially-motivated threat actor from the West has reportedly been launching continuous cyber-attacks against healthcare and pharmaceutical companies in order to game the stock market.

Information security: 'Not my problem'

Information security: 'Not my problem'

Information security is always someone else's problem, according to senior non-IT executives in a survey commissioned by NTT Com Security.

New malware hits ATM and electronic ticketing machines

New malware hits ATM and electronic ticketing machines

Both ATMs and electronic ticketing machines are facing further hacks as fraudsters focus on inadequately defended environments.

MPs: social media giants hide use of personal data

MPs: social media giants hide use of personal data

Users' data privacy on social networks is not protected says MPs.

118 arrested in coordinated global airline anti-fraud operation

118 arrested in coordinated global airline anti-fraud operation

EC3 coordinates global action to fight airline fraud.

Tech experts want new UK data protection law for biometrics

Tech experts want new UK data protection law for biometrics

A panel compromising the former head of GCHQ, leading scientists and privacy rights campaigners raised concerns over the use of biometrics at a government committee meeting earlier this week.

Change passwords? People can't be bothered, survey shows

Change passwords? People can't be bothered, survey shows

Two thirds of users still using the same password across multiple accounts says survey.

Syrian Electronic Army hacks newspapers and tech firms via 3rd party website

Syrian Electronic Army hacks newspapers and tech firms via 3rd party website

The 'Syrian Electronic Army' is reported to have hacked the websites of UK newspapers The Independent, The Telegraph and the Evening Standard - as well as a host of global companies.

National MBA in cyber-security launched today

National MBA in cyber-security launched today

National MBA in cyber-security to bridge tech-management gap, catering for both techies and middle managers seeking promotion to report on infosecurity to the board.

UK surveillance questioned as government publishes anti-terror law

UK surveillance questioned as government publishes anti-terror law

The British government today published details of its proposed anti-terror law, and subsequently faced fresh questions on surveillance and the mixed messages given out to local cyber-security start-ups.

Same old security problems as UK firms await wearable tech invasion

Same old security problems as UK firms await wearable tech invasion

A new report from Trend Micro reveals an IT appetite for wearable devices in the workplace - but an alarming lack of controls to guard against privacy and security threats.

UK internet firms warn of more mass surveillance

UK internet firms warn of more mass surveillance

Internet firms and privacy campaigners are warning that a new Government law could pave the way for the renewed blanket collection of personal mobile phone data for use by UK police and intelligence agencies.

Hackers blackmail Sony film company

Hackers blackmail Sony film company

Sony Pictures hacked by GOP which is demanding cash or disclosure of company secrets.

National Grid CISO talks up security convergence

National Grid CISO talks up security convergence

National Grid's chief information security officer and head of digital risk Graham Wright talked targeted attacks, critical infrastructure and the blurring of physical and digital security at a recent London conference.

NSA, GCHQ or both behind Stuxnet-like Regin malware?

NSA, GCHQ or both behind Stuxnet-like Regin malware?

Symantec has discovered a new piece of customisable malware - reminiscent of the Stuxnet worm - which has been stealing data from governments, telcos, energy companies and SMEs since 2008. And experts say the threat actor could be the US or UK government.

Defending against APTs: 'We are behind the curve'

Defending against APTs: 'We are behind the curve'

High-profile CISOs and senior IT security managers talked advanced persistent threats (APTs) and how they can be countered at SC Magazine's latest roundtable in central London.

Russia to ban State use of foreign software in bid to boost IT-security

Russia to ban State use of foreign software in bid to boost IT-security

Russia reportedly plans to ban imports of foreign software for state use from next year according to recent government statements.

China could put America's lights out, says NSA chief

China could put America's lights out, says NSA chief

The head of the NSA has said China and "one or two" other countries could shut down America's power and financial services companies, and that such an attack was "a matter of when not if".

European arrests highlights danger of teen cyber-crime

European arrests highlights danger of teen cyber-crime

School pupils are among 15 EU citizens suspected of using Trojans for crimes such as DDoS attacks and extortion.

Malware mafia renders prevention tools useless

Wide scale of Dutch state surveillance revealed by data leak

Wide scale of Dutch state surveillance revealed by data leak

Concern over both the leak of data and the extent of surveillance by authorities in the Netherlands.

ICO warns that Russian website allows webcam/baby monitor feeds to be watched online

ICO warns that Russian website allows webcam/baby monitor feeds to be watched online

ICO warns users to change their default passwords to avoid webcam spying.

Detekt anti-surveillance software released

Detekt anti-surveillance software released

Open source software capable of detecting the presence of surveillance spyware has been released by four European and US human rights and IT organisations.

Met Police's cyber fraud squad sees rise in cyber-enabled crime

Met Police's cyber fraud squad sees rise in cyber-enabled crime

Detective Superintendent Jayne Snelgrove, head of Metropolitan Police's Falcon group, says that cyber-enabled crime can only be stopped using teamwork and the right skills.

Francis Maude: Home-grown talent key to defeating cyber-criminals

Francis Maude: Home-grown talent key to defeating cyber-criminals

UK cabinet minister Francis Maude told conference attendees in London today that human endeavour holds the key to defeating cyber-criminals.

Operation Onymous - are the FBI's claims transparent enough?

Operation Onymous - are the FBI's claims transparent enough?

Most sites taken down in operation Onymous were spam or clone sites says researcher.

'Let's Encrypt' aims to drive adoption of HTTPS

'Let's Encrypt' aims to drive adoption of HTTPS

Some of the world's biggest security companies are working together to develop 'Let's Encrypt' - a new certificate authority (CA) offering free and automatically renewable HTTPS web encryption.

Research reveals hackers are increasingly exploiting privileged accounts

Research reveals hackers are increasingly exploiting privileged accounts

New research claims that the security threats landscape is now almost egalitarian in nature, with almost every industry - and every company - now being a security target.

Microsoft issues out-of-band patch to Windows Kerberos

Microsoft issues out-of-band patch to Windows Kerberos

Microsoft has very unusually released an `out-of-band' security patch to fix a vulnerability in Windows - and Windows Server - that hackers are reportedly exploiting to compromise IT networks.

NotCompatible botnet infects Android mobiles, infiltrates corporate networks

NotCompatible botnet infects Android mobiles, infiltrates corporate networks

Mobile security firm Lookout has discovered a more sophisticated variant of the NotCompatible Android botnet which it says targets enterprise networks through compromised mobile devices.

87% of top Apple iOS apps have been cracked

87% of top Apple iOS apps have been cracked

Attacks on Apple iOS devices are rising sharply, with 87 percent of the top 100 paid-for iOS apps now having been cracked and cloned - up from just 53 percent in 2013, according to a new report.

Sign up to our newsletters