Leaky Bluetooth smartphones & wearables can be tracked from 100m away

Leaky Bluetooth smartphones & wearables can be tracked from 100m away

Researchers at Context Information Security have discovered that smartphones, tablets, iBeacons, fitness trackers and other wearable devices using embedded Bluetooth Low Energy (BLE) could potentially be tracked from 100m away.

Fujitsu adds iris scanning to smartphone biometrics

Fujitsu adds iris scanning to smartphone biometrics

Smartphone users could be offered a new way to protect their devices. Fujitsu is set to introduce iris-scanning technology for phones as an alternative security measure.

Adult Friend Finder breach exposes millions of users

Adult Friend Finder breach exposes millions of users

A famous cartoon once said, "On the internet, no one knows you're a dog". But millions of users of online dating site Adult Friend Finder may discover that far more is known about them than they would care to admit.

Novel malvertising attack leads to drive-by ransomware

Novel malvertising attack leads to drive-by ransomware

A new malvertising attack, constructed around the Magnitude exploit kit, is using a novel technique to push users to sites where they can be attacked with a drive-by download.

New GCSE to focus on cyber-security, encourage students to DoS around

New GCSE to focus on cyber-security, encourage students to DoS around

A new computer science GCSE course, developed by examining body OCR, looks set to bring cyber-security education to secondary school children in the UK.

'Practical' ICO may not issue huge data breach fines

'Practical' ICO may not issue huge data breach fines

The ICO has called for a more 'practical' approach to data protection regulation in light of advancing technology, limited resources and the incoming EU Data Generation Protection Regulation - and this might result in more 'tellings off' and less fines.

Freaky 'LogJam' TLS flaw weakens web encryption for MiTM surprise

Freaky 'LogJam' TLS flaw weakens web encryption for MiTM surprise

Researchers say the new 'LogJam' encryption flaw could be used by attackers to downgrade Transport Layer Security (TLS) connections to 512-bit export-grade cryptography, to crack that connection and read any data being transmitted. The flaw affects thousands of web and email servers, as well as VPNs.

Google, Apple and Facebook urge Obama to reject encryption backdoors

Google, Apple and Facebook urge Obama to reject encryption backdoors

War on encryption could spell economic disaster for US

Scone: Bettys Tea Shop loses 122,000 customer records in data breach

Scone: Bettys Tea Shop loses 122,000 customer records in data breach

The directors of Bettys & Taylors of Harrogate have pledged to harden security on the Bettys.co.uk website and keep customers informed, after details of 122,000 customers were lost in a data breach.

UK web admin tool infected to access 'gold mine' of data

UK web admin tool infected to access 'gold mine' of data

A Trojanised version of the popular UK-developed PuTTY web admin tool, which can steal highly sensitive data, has been discovered by Symantec.

'Burnt-out' security pros hide breaches, demand bigger budgets

'Burnt-out' security pros hide breaches, demand bigger budgets

A new report into the ethics of security professionals reveals some eye-opening findings on hidden data breaches, and how incidents are being used to push for bigger budgets.

Confusion mounts over FBI claims that researcher 'hacked plane' mid-flight

Confusion mounts over FBI claims that researcher 'hacked plane' mid-flight

A prominent security researcher is appears to have compromised in-flight systems to take control of a plane and make it fly sideways whilst on-board, according to an FBI affidavit.

Update: GCHQ and police hackers protected by revised Computer Misuse Act

Update: GCHQ and police hackers protected by revised Computer Misuse Act

The Computer Misuse Act 1990 has quietly been updated, handing out life sentences to hackers and seemingly giving more power and protection to law enforcement and surveillance agencies.

Chinese Army rations use of wearables over security fears

Chinese Army rations use of wearables over security fears

Country's leading military newspaper warns over 'risk' of tracking to reveal military secrets.

Newer MS operating systems cut malware

Newer MS operating systems cut malware

Older operating systems are considerably more vulnerable and users put themselves at greater risk of security breaches says the latest Microsoft Security Intelligence Report

Russian defence sector could lose access to Western software

Russian defence sector could lose access to Western software

Russians concerned that sanctions could hit support for and even supply of Western software used in its defence sector.

APT17 exploit on Microsoft TechNet nothing novel, say experts

APT17 exploit on Microsoft TechNet nothing novel, say experts

FireEye has revealed that a China-based hacking group has been using Microsoft TechNet as a relay for C&C addresses for BlackCoffee malware, but experts tell us it's nothing novel.

Google-Vidal Hall "opens the floodgates" to data breach compensation

Google-Vidal Hall "opens the floodgates" to data breach compensation

March's landmark ruling by the London Court of Appeal that just three UK persons could sue Google over cookie privacy violation has far reaching consequences as far as breach compensation is concerned.

A year of trouble and strife for Google and the 'Right to be forgotten'

A year of trouble and strife for Google and the 'Right to be forgotten'

One year ago the European Court of Justice ruled that Google should remove URL links from its search engine at the request of just one internet user; now, the tech giant finds itself fighting a privacy battle against users, regulators, academics and activists.

Jamie Oliver Company defends response to malware-ridden website

Jamie Oliver Company defends response to malware-ridden website

Representatives of Jamie Oliver insist the celebrity chef has 'no regrets' over the handling of security breakdowns on his website, despite exposing millions of visitors to malware that could have been used to steal sensitive data.

Venom vulnerability: toxic threat or hissing hyperbole?

Venom vulnerability: toxic threat or hissing hyperbole?

Anyone reading the news headlines on the Venom flaw over the last 24 hours might be forgiven for thinking that the sky, or at least the cloud, is falling down.

'Venom' VM zero-day draws comparisons with Heartbleed

'Venom' VM zero-day draws comparisons with Heartbleed

CrowdStrike security researchers have discovered a zero-day affecting virtual machines, dubbed 'Venom', which could allow an attacker to "escape out of the virtual machine and execute code on the host with full privileges", thus putting data centres potentially in danger.

Police upskill officers on cyber-crime

Police upskill officers on cyber-crime

Police forces across the UK are increasing up-skilling their officers so that they can properly deal with cyber-crime cases, a new Freedom of Information Act request reveals.

DDoS botnet hijacks thousands of routers

DDoS botnet hijacks thousands of routers

Tens of thousands of poorly-configured home and business routers have been infected with malware and recruited into a massive botnet.

Data breaches to cost businesses £1.3 trillion by 2019

Data breaches to cost businesses £1.3 trillion by 2019

New research suggests that the rapid digitisation of consumer's lives, combined with increasing cyber-crime activity, will push data breach losses up to US$ 2.1 trillion (£1.34 trillion) globally by 2019.

GCHQ recruiting hackers to deter terrorists, protect national infrastructure

GCHQ recruiting hackers to deter terrorists, protect national infrastructure

GCHQ is recruiting hackers who can "carry out computer network operations to keep the UK safe".

Glasgow choir and Winchester music festival hit by 'unique' cyber-attack

Glasgow choir and Winchester music festival hit by 'unique' cyber-attack

The Glasgow Contemporary Choir and the Blissfields music festival near Winchester are among the innocent victims of what's being described as a 'unique' attack on WordPress-powered websites.

New Tory government pushes ahead with Snooper's Charter

New Tory government pushes ahead with Snooper's Charter

The controversial 'Snooper's Charter' surveillance law could be fast-tracked now that the Conservative political party has formed a majority government in the House of Commons.

Flaws found in smart grid consortium's home-grown crypto

Flaws found in smart grid consortium's home-grown crypto

The Open Smart Grid Protocol (OSGP) project has continued to roll out its own cryptographic standard and application layer communication protocol in the face of a tangible degree of criticism.

Box in no rush to open EU data centres, sees end of Safe Harbor

Box in no rush to open EU data centres, sees end of Safe Harbor

US-based cloud collaboration and storage provider Box tells us that there are currently no plans to open European data centres, despite continuing concerns around NSA surveillance.

Banks could be first to be hit by EU privacy fines

Banks could be first to be hit by EU privacy fines

Nearly half of European IT professionals would struggle to meet the reporting requirements of new EU data protection regulation. That's according to a survey from Varonis, who also found that a third of organisations did not have a plan to enable them to comply with the new legislation.

WordPress XSS flaw an example of growing sophistication

WordPress XSS flaw an example of growing sophistication

A flaw has been found in the genericons WordPress package that creates vulnerabilities in any plug-in or theme which uses it.

Internet-connected drug pump found with "severe" exploitable flaw

Internet-connected drug pump found with "severe" exploitable flaw

The US Department of Homeland Security has issued a warning via the National Vulnerability Database after a security researcher described an internet-connected drug infusion pump manufactured by Hospira as "literally the least secure IP enabled device I've ever touched in my life."

Public-Key Solves Half of the Key Distribution Problem

London-specific threat-intelligence launching via Mayor's office initiative

London-specific threat-intelligence launching via Mayor's office initiative

London-specific threat intelligence is to be provided to businesses in the capital, possibly as early as next month, via an innovative independent body combining the police, government and the private sector, instigated by the Mayor's office.

Google pumps out updates to security extension to patch vulnerabilities

Google pumps out updates to security extension to patch vulnerabilities

Persistent problems are plaguing the Google engineers who developed an anti-phishing extension for Chrome.

Rombertik malware takes down PC if detected or analysed

Rombertik malware takes down PC if detected or analysed

A new strain of malware has been found to wipe an infected hard drive if it is detected or analysed.

Edinburgh Napier University launches International Cyber Academy

Edinburgh Napier University launches International Cyber Academy

Responding to the growing demand for cyber-security professionals, Edinburgh Napier University is today launching its International Cyber Academy.

NSA whistleblower Snowden a 'hero' - but not in the UK?

NSA whistleblower Snowden a 'hero' - but not in the UK?

NSA and GCHQ whistleblower Edward Snowden and the film on his leaks, Citizenfour, were celebrated at an event in London last week, but questions remain whether the UK really got the message on privacy and government surveillance.

Updated: PC maker Lenovo exposes users to "massive security risk"

Updated: PC maker Lenovo exposes users to "massive security risk"

World number one PC maker Lenovo has been accused of running a "massive security risk" because flaws in its online product update service allow hackers to download malware onto its users' systems through a man-in-the-middle (MiTM) attack.

Credit card style e-voting system could beat electoral fraud

Credit card style e-voting system could beat electoral fraud

With online voting in the UK yet to reach its full potential for the forthcoming election, many still doubt the security of systems claiming to be robust enough for a full, nationwide online vote.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US