Is Android security really too difficult for Motorola?

Is Android security really too difficult for Motorola?

Motorola has, perhaps strangely, concluded that it will not be releasing monthly updates for its new Moto Z smartphone. A strange thing to announce, according to the wider industry

Stampado RaaS reflective of market trends

Stampado RaaS reflective of market trends

Trend Micro researchers spotted a new ransomware as a service (RaaS), dubbed Stampado, which may be indicative of ransomware market trends.

POS-terminals become target of cyber-attacks in Russia this year

POS-terminals become target of cyber-attacks in Russia this year

POS-terminals have increasingly become a target for cyber-attackers in Russia, posing a threat to ordinary buyers and shoppers, according to analysts of FinCERT

Passwords begone: two LastPass vulns found and promptly fixed, update now!

Passwords begone: two LastPass vulns found and promptly fixed, update now!

Two security vulnerabilities have been found and fixed in password manager LastPass. One by prolific security-vulnerability finder Tavis Ormandy, and the other by Mathias Karlsson of Detectify Labs.

Rival cyber-gang leaks private keys of Chimera ransomware

Creators of the rival Petya and Mischa ransomware programmes have leaked the private keys of Chimera ransomware.

BYOD policies essential to keep data secure in the public sector

Several organisations within the public sector still need to give 'Bring Your Own Device' (BYOD) initiatives proper consideration. Only then can security risks be avoided and the benefits of BYOD completely achieved.

Arab-Americans join privacy groups in DNC anti-surveillance push

An Arab-American policy organisation has joined with civil liberties and privacy groups to address domestic surveillance policies that target Arab American and American Muslim communities.

UK testing social media logins for authentication

To enhance the use of its web portal, gov.uk, the UK government is testing the use of its subscribers' social media logins as an authentication method.

Security researchers discover over 100 suspicious Tor nodes snooping on traffic

Security researchers discover over 100 suspicious Tor nodes snooping on traffic

New research claims to show that up to three percent of hidden services directories, the backbone of the Tor anonymous router system, have been compromised, which could enable the identification of users in some cases.

Intelligence officials have 'high confidence' Russian gov hacked DNC

Intelligence officials have 'high confidence' Russian gov hacked DNC

Highly placed intelligence officials are pretty sure that the hackers who breached the Democratic party just over a month ago were backed by the Russian government.

Anonymous breaches Turkish Natural Gas company

A tranche of data from a Turkish natural gas company, Izmir Gaz, has been leaked online by the hacktivist group Anonymous in a seemingly convoluted attempt to get at the Turkish government

23% of businesses say they stop a data breach every day

Nearly a quarter (23 percent) of businesses claim that they stop a data breach every day.

Euro Data Chief: security is no excuse for flaky privacy

Euro Data Chief: security is no excuse for flaky privacy

Privacy vs security is a contradiction in terms, according to the European Data Protection Supervisor Giovanni Buttarelli who has been reaffirming his opposition to encryption backdoors.

Europe unhappy with Privacy Shield, holding off until 2017

Europe unhappy with Privacy Shield, holding off until 2017

Europe's data protection committee is going to let Privacy Shield operate for a year, promising to hold off on legal challenges until its first joint annual review happens in 2017.

Estonia in talks to back up data in UK

Fearing a Russian cyber-attack, Estonia is reportedly negotiating with the UK and Luxembourg governments to store citizen data in the UK.

Trump's Russian interests and Guccifer 2.0

Trump's Russian interests and Guccifer 2.0

A flood of information has emerged that connects GOP presidential nominee Donald Trump to a questionable cast of characters who are linked to Russian interests.

69% of email attacks with malicious attachments in Q2 contained Locky

The first five months of 2016 were dominated by malicious email campaigns, the quick emergence of new ransomware variants, one of the largest botnets in the world went dark, and the Angler exploit kit (EK) went silent

O2 customers' details sold on darkweb

O2 customers' details sold on darkweb

Customers of the popular mobile network O2 are having their details sold on a dark web marketplace

Cash if you get ransomware on your machine

Cash if you get ransomware on your machine

Security company SentinelOne is now offering US$ 1000 (£762) per machine or up to US$ 1 million (£762,000) per company as compensation if a ransomware infection occurs while their product is installed.

IHS Markit says video doorbell use is on the rise, but are they safe?

IHS Markit says video doorbell use is on the rise, but are they safe?

Information and data experts at IHS Markit are reporting exponential growth of video doorbells which are outpacing conventional video door phones. But are they safe?

HID Global releases mid-year updates for top security trends in 2016

HID Global releases mid-year updates for top security trends in 2016

A mid-year update to HID's top 2016 security trends has been released. During the first six month's of the year, HID stated continued progression in market adoption of mobile solutions and interest in the Internet of Things (IoT).

New smartphone case tells users when their phone is being hacked

NSA Whistleblower Edward Snowden and hacker Andrew Huang have co-designed a smartphone case that tells its owner when their phone is being hacked.

Privacy implications in store for users of "Trump Yourself"

A new Facebook app from Hillary Clinton's presidential campaign which invites users to "Trump Yourself" could contain privacy implications.

[Updated with video] Final arguments heard in Lauri Love extradition case

[Updated with video] Final arguments heard in Lauri Love extradition case

Counsel for Lauri Love and the US government rehearsed their final arguments as Tom Reeve reports from Westminster Magistrates' Court yesterday.

Foreign government requests for cyber-crime information up 44%

Cyber-crime requests triple in three years as international agencies seek greater cooperation to combat the threat.

Proliferation of hacker culture helped keep Anonymous from being branded terrorist org

How has Anonymous avoided being labeled as a terrorist group? That is a serious question that was proposed by an anthropologist during the HOPE Conference in New York City.

Patchwork cyber-espionage campaign branches out to strike businesses

Patchwork cyber-espionage campaign branches out to strike businesses

The cyber-gang behind the Patchwork, aka Dropping Elephant, cyber-espionage campaign has expanded its reach outside of government organisations and is now hitting the private sector.

Clinton campaign accuses Russia of DNC hack

Clinton campaign accuses Russia of DNC hack

The leak of 19,000 embarrassing emails from the Democratic Party has got the Clinton campaign talking about Russian involvement and how foreign actors may be trying to manipulate the outcome of November's election.

2.3 million 'Warframe,' 'Clash of Kings' accounts compromised

More than 2.3 million users records were compromised as two separate gaming companies announced they suffered data breaches.

Bugs in SAP HANA allowed remote code execution

Bugs in SAP HANA allowed remote code execution

Researchers have found several security vulnerabilities in SAP HANA and SAP Trex, which left thousands open to remote code execution attacks

Turkey publishes WhatsApp messages of coup officers

Turkey publishes WhatsApp messages of coup officers

WhatsApp messages of Turkish military officers involved in last week's failed coup have been published by state-run media outlets, prompting questions as to how exactly the Turkish government got in to the encrypted messaging app.

PowerWare ransomware variant poses as Locky, but can be decrypted

The ransomware PowerWare that commandeers Microsoft's PowerShell utility to download and run malicious code, now has a variant that mirrors Locky ransomware.

Germany proposes 'black boxes' on cars with autopilot

Self-driving cars in Germany may soon be required to carry a black box to help determine fault.

Law enforcement and IT security companies join forces to fight ransomware

Law enforcement and IT security companies join forces to fight ransomware

The Dutch National Police, Europol, Intel Security and Kaspersky Lab have joined forces to launch an initiative which will see the cooperation fight ransomware.

Fake Tinder sites lure users to give up financial info

In the UK, 41 percent of online daters have been spammed or scammed when using online dating services.

65% of IT pros would be grounded by Mum for their messy firewall rules

Nearly two-thirds (65 percent) of IT security pros would be grounded in some capacity for the messy state of their firewall rules.

Google recieved record 4677 data requests in latest transparency report

Google's latest transparency report displays a continued increase in data requests the company received from government authorities.

ICYMI: BT outage; Euro CNI vulnerable; 4 rail attacks; Polish telecom hack: ransomware uses cloud

ICYMI: BT outage; Euro CNI vulnerable; 4 rail attacks; Polish telecom hack: ransomware uses cloud

The latest In Case You Missed It (ICYMI) looks at BT outage; Euro CNI vulnerable; 4 rail attacks; Polish telco breached; ransomware uses cloud

BlackBerry & Apple rumble: CEO calls helping law enforcement 'civic duty'

BlackBerry & Apple rumble: CEO calls helping law enforcement 'civic duty'

Cooperating with law enforcement is "our basic civic responsibility," BlackBerry CEO John Chen told reporters at a media Q&A at the BlackBerry Security Summit in New York.

WordPress Summer of Pwnage: 64 holes in 21 days

WordPress Summer of Pwnage: 64 holes in 21 days

As the Pwnage summer heat rages on, hackers find 64 holes in popular publishing platform, WordPress

Pokemon Go 'a western cyber-espionage tool'?

Pokemon Go 'a western cyber-espionage tool'?

Cyber-security experts in Russia are concerned about the data collecting abilities of apps such as Pokemon Go, even speculating whether they were specifically created by western security services as cyber-espionage tools

Cyber-crime now included in government crime stats

Cyber-crime now included in government crime stats

With the first concrete inclusion of cyber-crime and fraud stats, the Office of National Statistics has shown that cyber-crime is nearly high as all other kinds combined.

WhatsApp blocked then unblocked by Brazilian courts

WhatsApp blocked then unblocked by Brazilian courts

In the third such scenario in the last eight months a Brazilian judge has ordered WhatsApp to be blocked in Brazil, before a higher circuit judge overturned that block.

Second BT outage calls into question security of critical infrastructure

Second BT outage calls into question security of critical infrastructure

Two internet outages on consecutive days in separate internet exchanges in Docklands, London, calls into question the security of the country's critical communications infrastructure.

Wassenaar Arrangement 'inhibits international cyber-security efforts'

Wassenaar Arrangement 'inhibits international cyber-security efforts'

The Wassenaar Arrangement for regulating the international arms trade is threatening to choke the international cyber-security community and ultimately make us less secure, cyber-security experts are saying.

Tor used to secure IoT

The Guardian Project has integrated Tor security into the Internet of Things (IoT), creating a Tor Onion Service Configuration for the Home Assistant open source platform.

IT jobs volume hits peak despite slow start in 2016

Despite a slow start at the beginning of 2016, the IT jobs market in London experienced an upturn in the number of jobs with June being the highest month so far for job volume in 2016.

Turkey blocks access to WikiLeaks after 300K emails released

Turkey blocked access to WikiLeaks after almost 300,000 emails from the Justice and Development Party (AKP Party) were released Tuesday.

'Right Sector' hackers attempt to blackmail Polish government

'Right Sector' hackers attempt to blackmail Polish government

A group claiming to be a far-right Ukrainian nationalist group has attempted to blackmail the Polish ministry of defence.

Demand for DDoS network engineering skills high in UK, US and China

Over the last six months, global demand for network engineers who have DDoS mitigation skills has continued to grow. China is seeing the most demand for these skills, with roughly 47 percent annual growth.

A pox on your servers: dormant vulnerability patched after 15 years

A pox on your servers: dormant vulnerability patched after 15 years

Admins scramble to patch HTTP proxy header flaw, Httpoxy, that leaks data via PHP, Go and Python scripts running in a CGI environment.

Average ransomware demand is £525, 57% of attacks target consumers

Organisations are increasingly being targeted by ransomware and more often than not pay the ransom to regain control of their data.

Neutrino EK adopts new exploit after open source POC release

The Neutrino exploit kit (EK) added a former Internet Explorer zero-day vulnerability to its arsenal.

BT Broadband outage blamed on power failure [updated]

BT Broadband outage blamed on power failure [updated]

BT Broadband has suffered a major outage this morning and it's pointing the finger at a power-outage in one of its central London service providers.

Ammyy Admin site delivers drive-by-download attacks

Kaspersky Lab researchers spotted the Ammyy Admin being used as a dropper trajan to install the Lurk trojan and other malware.

White paper: 100 new ransomware families ID'd in 2015, as campaigns adopt APT tactics

White paper: 100 new ransomware families ID'd in 2015, as campaigns adopt APT tactics

In its new special report Ransomware and Businesses 2016, Symantec declares that within the last year, ransomware has rapidly advanced in maturity and severity, while also exploding in terms of overall numbers.

Apple patches remote code execution flaws

Apple patches remote code execution flaws

Apple patches critical vulnerabilities in iOS and OS X that could allow remote code execution.

Bulk data collection 'can only be used to fight serious crime'

Bulk data collection 'can only be used to fight serious crime'

Europe's highest justice court, the European Court of Justice (ECJ), has ruled that bulk data collection 'can only be used to fight serious crime'.

Security teams can better enable digital transformation if invited earlier to the party

Security teams can better enable digital transformation if invited earlier to the party

According to new global research from Dell's Digital Transformation Security Survey, security is often seen as a barrier to digital transformation, therefore brought into the process too late to make a meaningful impact.

79% of businesses lack comprehensive strategies to manage risk

79% of businesses lack comprehensive strategies to manage risk

Study reveals majority of CISOs and CIOs recognise risk of material attacks that originate on the internet, but need better resources & infrastructure to identify and mitigate threats.

Deal with the devil: Ransomware experiment proves you can negotiate price down

Deal with the devil: Ransomware experiment proves you can negotiate price down

Ironically, the cyber-criminals holding your computer files for ransom may be offering you a better customer experience than your average cable provider or insurance company.

Lurk banking Trojan propagated via 'legitimate' software

Lurk banking Trojan propagated via 'legitimate' software

Kaspersky researchers have spotted the Lurk banking Trojan lurking around as legitimate pieces of software on Ammyy.com

Polish telecom suffers major data breach following hack

Polish telecom suffers major data breach following hack

Customer data including bank details entered on web forms lost in major data breach at Polish telecom operator.

Three arrested in £1.8mil ($2.5M) Taiwanese ATM malware heist

Three suspects were arrested after a network of Eastern European and Russian cyber-criminals used malware to steal £1.8mil ($2.5 million) in cash from dozens of machines around the country.

Ransomware writers adopt cloud services

Ransomware writers adopt cloud services

Cyber- criminals have noticed the lucrative opportunities for wrong-doing in leveraging cloud services and evolved new techniques to their benefit.

Pokémon Go service downed, DDoSers rush to claim glory

Pokémon Go service downed, DDoSers rush to claim glory

Two separate groups are claiming responsibility for a supposed DDoS attack on Pokemon Go servers. Pokemon Go's developers say that it's merely too popular

38% of UK orgs have no data loss prevention solutions

Most security pros (88 percent) say that they are happy with their organisation's security strategy, but 38 percent admit that their company doesn't have dedicated data loss prevention solutions in place.

Video: Percentage of women in security is still decreasing

Jane Frankland talks about her upcoming book on women in the security industry and also invites readers to take part in her survey of men and women about gender equality.

Critical infrastructure in Europe exposed to hackers

Critical infrastructure in Europe exposed to hackers

Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers

Video: How Facebook turned the insider threat to its advantage

At a recent SC Roundtable event, we caught up with Jim McCoy, technical lead for security tools and operations at Facebook. He told us how Facebook used its experience dealing with inside threats to combat external attackers.

DARPA competition looks to AI to be cybercrooks

DARPA competition looks to AI to be cybercrooks

DARPA are starting a competition to help automate defence and see how artificial intelligence can combat cyber-threats.

NATO CCDCOE considers cyber-warfare cooperation

NATO CCDCOE considers cyber-warfare cooperation

NATO CCDCOE urged to promote cooperation in training of cyber-defence experts as the cyber realm declared a theatre of war.

Crypto student accuses WhatsApp of blocking calls to Saudi numbers

A cryptography Ph.D. student has accused WhatsApp of blocking calls to Saudi Arabia phone numbers and deceiving users

US court rules in favour of Microsoft, gov't can't force access to email on Irish server

US court rules in favour of Microsoft, gov't can't force access to email on Irish server

Privacy advocates have hailed the Second Circuit's ruling as a victory for Microsoft and, if it holds, it will likely inspire confidence among privacy advocates and European privacy regulators about the fortitude of the US' privacy posture.

IP Bill: the end-to-end-to-end encryption?

IP Bill: the end-to-end-to-end encryption?

A debate in the House of Lords has unearthed some previously unnoticed powers included in the much maligned investigatory powers bill including the desire to break end-to-end encryption.

ICYMI: Spotting encrypted malware; Russia attacked; Power plant malware; Malicious Pokemon; Amazon breached?

ICYMI: Spotting encrypted malware; Russia attacked; Power plant malware; Malicious Pokemon; Amazon breached?

The latest In Case You Missed It (ICYMI) looks at Spotting encrypted malware; attacks on Russia; Malware in power plant and more

Chinese aerospace executive charged with hacking for China

Chinese aerospace executive charged with hacking for China

Su Bin, the head of an aviation company, has pleaded guilty to conspiring with Chinese officials to steal information from US military defence contractors

New banking malware stops customers from cancelling payment cards

Symantec has spotted a new banking malware that stops a victim from cancelling a compromised payment card by blocking calls from the infected device to the bank's customer service department.

After Tor exploit, researchers develop new anonymity network

A team of researchers has created an anonymity network methodology that they believe is more efficient and more secure than existing anonymous networks such as Tor.

US government CIOs repeatedly covered up breaches

US government CIOs repeatedly covered up breaches

A US Congress committee has condemned the Federal Deposit Insurance Corporation for covering up a number of breaches

Malware suspected in ATM heist in Taiwan

ATMs in Taiwan were spewing money over the weekend in what authorities believe were malware-aided thefts.

68% of Europeans want to use biometric authentication for payments

68% of Europeans want to use biometric authentication for payments

Over two thirds (68 percent) of consumers across Europe are interested in using biometrics when making a payment, especially when integrated with other security measures.

BT Security strikes deal with (ISC)2 to train 900 cyber-security staff

BT Security strikes deal with (ISC)2 to train 900 cyber-security staff

BT Security has struck a deal with ISC(2) to offer those training through the BT Security Academy Certified Information Systems Security Professional (CISSP) and the Systems Security Certified Practitioner (SSCP) certifications.

The hunt for the best cyber security talent in Europe begins

The hunt for the best cyber security talent in Europe begins

Cyber Security Challenge UK is searching for the best amateur cyber-talent to represent the UK in the European Cyber-Security Challenge in Germany in October later this year.

Is it ethical to use malware when disrupting cyber-crime?

Is it ethical to use malware when disrupting cyber-crime?

As the FBI declares its malware-like software cannot be malware as it is used with non-malicious intent, we ponder the ethics of the good guys using the same tools as the bad guys.

Malicious versions of Pokémon GO found, company apologises for privacy issues

Malicious versions of Pokémon GO found, company apologises for privacy issues

Security researchers find malicious versions of Pokemon GO app, while the firm behind new gaming frenzy Pokémon GO, Niantic, apologises for privacy mishaps.

SFG malware discovered in European energy company

SFG malware discovered in European energy company

A new piece of malware has been discovered skulking around the systems of an unnamed European energy company, according to Sentinel One Labs.

Digital skills shortage poses a security risk

The Commons Science and Technology Committee reports that by 2017, the UK will need 745,000 more workers with digital skills and warns that organisations lacking the necessary digital skills face increased security threats and failed cloud migrations if the problem is not addressed.

Shadow IT increases vulnerability to cyber-attacks say most IT depts

Most (88 percent) IT decision makers in UK and German organisations believe that shadow IT makes them more vulnerable to cyber-attacks.

Hidden voice commands could hijack smartphones

Hidden voice commands could hijack smartphones

Borg-like voice commands from your phone could take control of nearby Android devices using a newly demonstrated voice recognition vulnerability.

53% of organisations around the world still use Windows Server 2003

Over half (53 percent) of companies have at least one instance of Windows Server 2003 still running even though its end of life (EOL) date passed on 14 July 2015.

Florida researchers claim to discover cure for the common ransomware

Florida researchers claim to discover cure for the common ransomware

By analysing changes in files, security researchers believe they have discovered a way to detect ransomware in the early stages of encrypting your data.

Russia reports increase in cyber-attacks by Western special services

Russia reports increase in cyber-attacks by Western special services

Just as Western governments are concerned about Chinese or Russian state hackers, the Kremlin worries that its government agencies are under increasing western attack, and is concerned about skill shortages in government.

Business email compromise (BEC) netting billions for scammers

Business email compromise (BEC) netting billions for scammers

Your next scam du jour: targeted stings and swindles based on impersonating key personnel are hitting as many as 400 companies a day.

SC job board launched for information security professionals

SC job board launched for information security professionals

Haymarket and SC Magazine launch SC Jobs - a new job site dedicated to information security professionals.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US