Tech companies must surrender their crypto-keys, says EU adviser

Tech companies must surrender their crypto-keys, says EU adviser

EU counter-terrorism measures propose enforced hand-over of encryption keys - a proposal described as unenforceable and ineffective policy decided by people who don't understand the technology.

Adobe suffers second zero-day in 24 hours

Adobe suffers second zero-day in 24 hours

Adobe has been hit by two zero-day flaws in the space of 24 hours, raising questions over the safety of its Flash Player platform which is being heavily targeted by cyber-criminals.

NSA whistleblower Edward Snowden warns of iPhone spyware

NSA whistleblower Edward Snowden warns of iPhone spyware

NSA whistle-blower Edward Snowden reportedly refuses to use Apple's iPhone because he fears the handset can be monitored by spy agencies.

Online pornography blocked by default - censorship or sensible?

Online pornography blocked by default - censorship or sensible?

Sky Broadband is effectively requiring users to opt in to pornography - a move that many parents may welcome, but which civil libertarians among others do not.

French DDoS attacks spike after terror protest

French DDoS attacks spike after terror protest

Arbor Networks says that the number and size of DDoS attacks against French websites spiked considerably after 3.7 million people took to the streets to protest against terrorism.

Cyber-security legislation in Obama's State of the Union address

Cyber-security legislation in Obama's State of the Union address

US President Obama urged the country's legislative body, Congress, to pass laws that would better protect the country from emerging cyber-threats.

Researcher discovers 'critical' new Adobe Flash zero-day

Researcher discovers 'critical' new Adobe Flash zero-day

A widely-used exploit kit called 'Angler' has apparently been used to target a new zero-day affecting the latest versions of Adobe's Flash Player.

US firms spending millions on false positive security alerts

US firms spending millions on false positive security alerts

US$ 1.3 million spent on false positive cyber-security alerts

Siri voice commands can be used to steal iPhone data

Siri voice commands can be used to steal iPhone data

Researchers have discovered a way to smuggle data out of Apple iPhones inside the Siri voice system.

Russia to establish new cyber-threat response centre

Russia to establish new cyber-threat response centre

A new state centre for cyber-threat response is being established in Russia this year, expected to be formally approved in March according to a Russian Parliament spokesperson talking to SCMagazineUK.com.

ICO slammed for not fining breached shoe retailer

ICO slammed for not fining breached shoe retailer

The Information Commissioner's Office (ICO) has been heavily criticised for failing to fine London-based shoe retailer Office, after a hacker accessed more than a million of its customers' details and unencrypted passwords.

2 million cars vulnerable to USB dongle attack

2 million cars vulnerable to USB dongle attack

A security researcher has discovered over two million US-made cars could be attacked via insecure USB dongles.

Chinese cyber-spies accused of stealing IP on US fighter jet

Chinese cyber-spies accused of stealing IP on US fighter jet

The Chinese government allegedly stole the designs of a new US fighter jet, according to the latest leaked documents from NSA whistle-blower Edward Snowden.

Islamic hackers exploit CMS flaws on 'thousands' of French websites

Islamic hackers exploit CMS flaws on 'thousands' of French websites

Tens of thousands of French websites have been hacked in the aftermath of last week's Charlie Hebdo terrorist attack, which left 20 people dead.

US and UK join forces for cyber 'war games'

US and UK join forces for cyber 'war games'

The UK and US will increase their co-operation on cyber-security, with some kind of transatlantic 'Waking Shark' banking exercise seemingly in the pipeline.

UK cyber-security firms join Cameron for 'controversial' US trip

UK cyber-security firms join Cameron for 'controversial' US trip

PM's Washington visit includes promoting UK cyber-skills and seeking to circumvent encryption.

CryptoWall ransomware rises again with Tor and I2P

CryptoWall ransomware rises again with Tor and I2P

A new version of the file-encrypting CryptoWall ransomware has emerged, and it has Tor and Invisible Internet Project (I2P) in tow.

New banking malware carries out 'virtual muggings'

New banking malware carries out 'virtual muggings'

Banking malware uses victim's computer to perpetrate fraud.

Prime minister wrong on encryption say experts

Prime minister wrong on encryption say experts

Prime minister David Cameron's perceived criticism of encryption technologies has prompted a staunch defence from the information security community.

British man suspected of Pentagon Twitter hack

British man suspected of Pentagon Twitter hack

A 20-year-old man from Birmingham is suspected of being the leader of hacking group "CyberCaliphate" which took over the Pentagon's Twitter account on Monday.

'Skeleton Key' malware used to attack global HQ in London

'Skeleton Key' malware used to attack global HQ in London

Researchers have discovered malware, called "Skeleton Key," which bypasses authentication on Active Directory (AD) systems using only passwords (single-factor auth) for access.

OS X Spotlight bug leaves users vulnerable

Cameron: re-elect me and MI5 can snoop on all emails

Cameron: re-elect me and MI5 can snoop on all emails

Call for greater surveillence powers by intelligence agencies strengthened in the wake of Paris killings.

Breaches get UK consumers thinking about online security

A new study has found that almost half (47 percent) of UK consumers are taking a greater interest in being safe online.

New security concerns on air-gapped laptops and smartphones

New security concerns on air-gapped laptops and smartphones

Security researchers believe that hackers could intercept and read the low-power electronic signals emitted by laptops and smartphones - even if they're not connected to the internet.

RIP Steve Gold: 1956-2015

RIP Steve Gold: 1956-2015

Steve Gold, one of the UK's most respected information security journalists, who helped found SC Magazine and was renowned for helping his family, friends and colleagues, has died.

Pro-ISIS attackers compromise US Central Command Twitter and YouTube accounts

Pro-ISIS attackers compromise US Central Command Twitter and YouTube accounts

US Central Command confirmed to SCMagazine.com that two of its social media accounts were hacked on Monday afternoon.

GCHQ hiring InfoSec pros for new Manchester office

GCHQ hiring InfoSec pros for new Manchester office

GCHQ has opened a new site in Manchester and is already looking to hire software developers, engineers and information security professionals to fill the space.

'Bizarre' Google stops WebView patching on older Androids

'Bizarre' Google stops WebView patching on older Androids

Google today ended support for patching the WebView tool that is used on Android 4.3 Jelly Bean and earlier versions of the operating system.

UK National Grid under constant cyber-attack

UK National Grid under constant cyber-attack

A senior government figure says that the UK's power grid is under "minute-by-minute" attacks from computer hackers but information security experts aren't so sure.

Microsoft's Patch Tuesday preview will no longer be made public

Microsoft's Patch Tuesday preview will no longer be made public

Microsoft said the change to its patching was made because customers no longer use the previewing system the same way they did in the past.

CERT-UK publishes DDoS guidance

Sony CEO: Data breach won't impact financial results

Sony CEO: Data breach won't impact financial results

Sony president and chief executive Kazuo Hirai has surprisingly claimed that last November's cyber-attack will not have a huge impact on the firm's financial results.

New data privacy law could be delayed until 2016

New data privacy law could be delayed until 2016

Objections from the UK could delay implementation of a new data protection bill until 2016

APT threat actors behind quarter of data breaches

APT threat actors behind quarter of data breaches

A new study reveals that 97 percent of companies have been breached, and increasingly they are compromised by 'advanced' malware from APT threat actors.

Thunderstrike opens backdoor to Apple Macs

Thunderstrike opens backdoor to Apple Macs

The first malware bootkit for Apple OS X devices has been built by security researcher Trammell Hudson, a move that some say has dented Apple's reputation for secure systems.

Ukraine PM accuses Russian secret service for attack on German government websites

Ukraine PM accuses Russian secret service for attack on German government websites

Ukraine's premier has accussed the Russian secret service of a DDoS attack that brought down German government websites.

New CryptoWall hunts for victims with Tor

New CryptoWall hunts for victims with Tor

CryptoWall 2.0 is more stealthy and powerful than its predecessor.

Banking credential theft hits German speakers

Banking credential theft hits German speakers

German language spam campaign delivers malware to steal banking credentials.

Smart meters steal our data say consumers

Smart meters steal our data say consumers

Consumers have become smarter about the use of their data - and as a result they don't trust smart meters according to a new report.

Bitstamp to resume trading after theft

Bitstamp to resume trading after theft

Bitstamp said today that it expects to resume trading within 24 hours following a breach on 4th January.

MWR goes on TV to demonstrate ad-based flaws on mobiles

MWR goes on TV to demonstrate ad-based flaws on mobiles

MWR 'proves' ad flaws can be used to hijack mobile phones.

Register to protect stolen property has security flaw

Register to protect stolen property has security flaw

A "burglar's goldmine" of UK property details has potentially been accessible due to a flaw in the registration service.

Morgan Stanley employee reportedly fired for stealing data on 350K clients

Morgan Stanley employee reportedly fired for stealing data on 350K clients

Multinational financial services corporation Morgan Stanley has fired an employee who stole data on 350,000 clients, according to reports.

iCloud hole closed following brute force attack

iCloud hole closed following brute force attack

A hole in iCloud's security allowed attackers to access any iCloud account via a brute force attack that side-stepped blocks - but it is now reported to have been patched.

UK police arrest suspected Lizard Squad member

UK police arrest suspected Lizard Squad member

British and US police may be closing in on cyber-vandal group that said it hit Sony and Microsoft games networks over Christmas, helped the Sony Picture hack and has launched a low-cost DDoS attack tool.

Google finds 'severe' bug in MS Windows

Google finds 'severe' bug in MS Windows

Google researchers accused of being "reckless" for disclosing flaw before Microsoft has patched it.

Movers and Makers: January-February 2015

Movers and Makers: January-February 2015

Here's the latest on the movers and makers in the industry

ISC website compromised, possibly due to vulnerable WordPress plugin

ISC website compromised, possibly due to vulnerable WordPress plugin

The ISC website was quickly taken down after researchers with Cyphort Labs identified that the main page was ultimately redirecting visitors to the Angler Exploit Kit.

German government says Regin malware not on Merkel staffer's laptop

A spokesperson for the German government has refuted reports that the Regin spyware made its way onto the laptop of the Chancellor's top aide.

Gmail service possibly restored in China following four-day outage

China-based Gmail users reported issues accessing their accounts via third-party email services, but service may have since been restored.

North Korea's internet downed by suspected DDoS attacks

North Korea's internet downed by suspected DDoS attacks

North Korea suffered two major internet outages on Tuesday and Wednesday but - contrary to rumours of a post-Sony breach retaliation by the US government - the likely explanation looks more mundane.

Eastern hackers use phishing-led APT to steal millions from banks

Eastern hackers use phishing-led APT to steal millions from banks

Security researchers say a hacking group called 'Anunak' has stolen £11 million (US$ 17 million) from banks, retailers and others firms since 2013.

North Korea threatens US with cyber-warfare

North Korea threatens US with cyber-warfare

A war of words has broken out between the US and North Korea over the Sony data breach, with Pyongyang now threatening to battle Obama's administration 'in all war spaces including cyber-warfare space'.

Sony hack and ISIS claims point to start of cyber-enabled warfare

Sony hack and ISIS claims point to start of cyber-enabled warfare

Cyber-terrorism is becoming an increasingly likely scenario, experts warn

Denmark launches cyber-security strategy

FBI blames North Korea for Sony cyber-attack

FBI blames North Korea for Sony cyber-attack

The US government is now officially blaming the North Korean governments for the cyber-attacks against Sony Pictures.

German iron plant hit by APT attack

German iron plant hit by APT attack

A German federal agency has detailed in a new report how an Advanced Persistent Threat (APT) attack physically damaged an unnamed iron plant in the country.

Millions of routers and PCs vulnerable to decade-old cookie flaw

Millions of routers and PCs vulnerable to decade-old cookie flaw

A critical software vulnerability that was supposedly patched in 2005 is still affecting at least 200 types of home and small business internet routers, and could also be used by hackers to compromise millions of networked PCs and IoT devices.

UK firms turning to cyber-security contractors

UK firms turning to cyber-security contractors

New research reveals that UK firms are turning to contractors to plug the widening skills gap in the cyber-security field.

Hidden backdoor in up to 10m Android phones

Hidden backdoor in up to 10m Android phones

Chinese manufacturer Coolpad installs hidden backdoor in Android phones allowing permanent control of the device.

US government reportedly blaming North Korea for Sony hack

US government reportedly blaming North Korea for Sony hack

US officials have concluded that North Korea was "centrally involved" in the cyber-attack on Sony Pictures, according to American national media and TV reports.

ICANN hacked

Sony faces lawsuits over data privacy

Sony faces lawsuits over data privacy

New York film premier cancelled after Sony hackers issue threats

Quantum physics behind 'unhackable' security authentication

Quantum physics behind 'unhackable' security authentication

A team of Dutch scientists is proposing a new security system for credit cards and passports which uses the power of quantum physics - and which is apparently 'impossible to hack'.

Grinch vulnerability could hit Linux systems

Grinch vulnerability could hit Linux systems

Security researchers uncover 'grinch' vulnerability that could affect all Linux systems

SoakSoak bug hits 100,000 websites using old plugin flaw

SoakSoak bug hits 100,000 websites using old plugin flaw

WordPress sites have been hit by a malware campaign from a Russian domain using a plugin flaw identified months ago.

GCHQ faces new Belgacom hack allegations

GCHQ faces new Belgacom hack allegations

New leaks from NSA whistle-blower Edward Snowden reveal that the alleged GCHQ cyber-attack on Belgacom used Regin malware and was undiscovered for two years before it was detected. Plus, there are now concerns that the clean-up operation was not successful.

Hackers now offer '100% satisfaction guaranteed'

Hackers now offer '100% satisfaction guaranteed'

The underground hacker market has become so commercialised that cyber-criminals are offering "100% satisfaction" guarantees on stolen credit cards, or they will be replaced.

Film producers shaken (not stirred) as Sony hackers steal James Bond script

Film producers shaken (not stirred) as Sony hackers steal James Bond script

Eon Productions, the producers behind the upcoming James Bond film 'Spectre', have confirmed that an 'early version' of the script has been stolen and leaked by the Guardians of Peace (GOP) hackers.

Constant attack a growing reality

Constant attack a growing reality

Persistant attacks have become a state of permanent attack for some organisations according to a new report.

Tor darknets rise again after Operation Onymous

Tor darknets rise again after Operation Onymous

A month since the joint FBI/Europol crackdown on more than 400 dark markets and a new report claims that action hasn't been as successful as first thought.

APT attacks move to mobile devices

APT attacks move to mobile devices

Kaspersky predicts future sale of APT software to more dubious customers.

SC eConference 17 Feb 2015

Sign up to our newsletters