This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

4% of Googlebots are fake and can launch attacks

4% of Googlebots are fake and can launch attacks

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.

Brit Lauri Love faces more US hacking charges

Brit Lauri Love faces more US hacking charges

Lauri Love, a 29-year-old British man from Stradishall in Suffolk, has been charged by a US court with hacking into multiple US government computers and stealing more than 100,000 employee and financial records.

More questions than answers as BBC outage fuels DDoS talk

More questions than answers as BBC outage fuels DDoS talk

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected to a distributed-denial-of-service (DDoS) attack.

StubHub ticketing agency taken for a million pounds

StubHub ticketing agency taken for a million pounds

Police around the world have arrested seven people - thought to have been tied into an international fraud ring - that allegedly defrauded the eBay-owned StubHub online ticketing service of around a million pounds (US$ 1.6m).

DDoS attacks grow as first DIY kits emerge

DDoS attacks grow as first DIY kits emerge

The latest report from Akamai Technologies has revealed another increase in DDoS attacks and the resurgence of botnets to carry out server-based attacks.

WordPress plugin flaw opens blogs up to cybercriminals

WordPress plugin flaw opens blogs up to cybercriminals

A WordPress plugin called MailPoet - which has been downloaded around 1.7 million times - has placed large numbers of WordPress-based websites at risk of incursion.

European Central Bank loses personal records after data breach

European Central Bank loses personal records after data breach

The European Central Bank admitted today that its website was hacked and said that some email addresses and other contact information was stolen.

Despite concerns, companies remain vague about targeted attacks

Though the majority of business executives are very apprehensive about targeted attacks, most don't know what type of data is vulnerable.

34 European banks hit by Android app security attacks

34 European banks hit by Android app security attacks

Banks need to put their heads together to develop common and more secure methodologies says Sarb Sembhi, STORM Guidance, following operation Emmental.

Entrepreneur develops hacked data search engine

Entrepreneur develops hacked data search engine

A Portuguese entrepreneur is said to have developed a specialised search engine that can allow access to leaked or allegedly stolen access credentials.

Insider threat levels from ex-staffers greater than expected

Insider threat levels from ex-staffers greater than expected

A third of of ex-employees have access to company data and 9 percent have used their access privileges, says new research.

WSJ the latest publisher to be hit by 'w0rm' hacker

WSJ the latest publisher to be hit by 'w0rm' hacker

The Wall Street Journal has become the latest US media organisation to be hacked, just days after similar attacks against Vice Media and Metro US.

Queen's website hosts controversial tracking technique

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.

Could MH17 sanctions push Russia to cyber warfare?

Could MH17 sanctions push Russia to cyber warfare?

A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber warfare.

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Crowds of people came out to see Daniel Ellsberg chat with Edward Snowden at HOPE X conference.

Apple accused of hiding backdoors in all 600 million iOS devices

Apple accused of hiding backdoors in all 600 million iOS devices

Apple has built backdoors in its iOS operating system that can leak the personal data of all 600 million iPhone and iPad users and may have been exploited by the US secret service, according to a new US research paper.

MH17 spammers direct Twitter users to Zeus-ridden websites

MH17 spammers direct Twitter users to Zeus-ridden websites

In the aftermath of the MH17 tragedy which saw almost 300 people lose their lives in an airplane crash over Ukraine, cyber-criminals are taking advantage by leading social media users to malicious websites.

EU's new cybercrime taskforce set to launch

EU's new cybercrime taskforce set to launch

Andy Archibald, deputy head of the UK's National Cyber Crime Unit (NCCU), is to chair a new cyber-crime taskforce based out of the European Cybercrime Centre (EC3) in The Hague in Netherlands.

Criminals get hold of 'Russian state malware'

Criminals get hold of 'Russian state malware'

One of the first cases of government-grade malware falling into the hands of common cyber criminals has been uncovered by US security firm Sentinel Labs.

ICYMI: Google's Project Zero, ICO breach & sharing intel on critical infrastructure

ICYMI: Google's Project Zero, ICO breach & sharing intel on critical infrastructure

This week's In Case You Missed It (ICYMI) column takes a look at Google's Project Zero, accusations of double-standards at the ICO and the need to share intelligence on critical infrastructure.

Snowden calls on businesses to encrypt data, shun Dropbox

Snowden calls on businesses to encrypt data, shun Dropbox

UK cyber experts side with NSA whistle-blower who urges companies to adopt encryption and to shun Dropbox because the cloud storage company is 'hostile to privacy'.

Android apps too free and easy with access permissions

Android apps too free and easy with access permissions

Android apps ask for far too many device and data permissions, with 68 percent of 75,000 apps scanned requiring the ability to generate text messages, according to new research.

Embedded Windows XP systems targeted by new Chinese malware

Embedded Windows XP systems targeted by new Chinese malware

Chinese firm uses unusual techniques to infected legacy computer systems.

Controversial DRIP bill set to become UK law

Controversial DRIP bill set to become UK law

The controversial DRIP (Data Retention and Investigatory Powers) bill completed its Lords committee stage without amendment yesterday, after effectively being rubber-stamped into the legislative books overnight.

eBay counts the cost after 'challenging' data breach

eBay counts the cost after 'challenging' data breach

John Donahoe, the chief executive officer of eBay, has confirmed that May's data breach has had a negative impact on revenues and user activity.

IT security pros prioritise new tech over training

IT security pros prioritise new tech over training

New research from IT security vendor Websense and Ponemon Institute indicates that security professionals want their companies to invest in new technology, but are doing little to 'upskill' existing staff.

NIST to NSA: get your hands off our encryption (please)

NIST to NSA: get your hands off our encryption (please)

NIST cryptographers want to be able to reject NSA guidance.

German loss of trust heralds return of typewriters

German loss of trust heralds return of typewriters

Many Germans have personally experienced mass state surveillance by the Stasi, hence the move to use typewriters to prevent NSA survellance.

Security vulnerabilities found on password managers

Security vulnerabilities found on password managers

The wide spectrum of discovered vulnerabilities makes a single solution unlikely - UC Berkley report

CISOs breaking free from IT control, missing board support

CISOs breaking free from IT control, missing board support

Some of the UK's chief information security officers (CISOs) are breaking away from IT budgets and reporting lines but are still missing C-level support, a new study reveals.

CNET loses data on 1 million users

CNET loses data on 1 million users

IT technology website lost data on one million users to Russian hackers.

Pitty Tiger APT exploits older version Office flaws

Pitty Tiger APT exploits older version Office flaws

The Pitty Tiger APT has been targeting telcos, defence companies and at least one government in a cyber-espionage campaign that relies on spear phishing and malware prying on vulnerabilities in Microsoft Office.

ICO wants more power as privacy complaints hit record levels

ICO wants more power as privacy complaints hit record levels

The UK's data privacy watchdog, the Information Commissioner's Office (ICO), has called on the government to give it more power, better funding and the ability to imprison people as it battles against a record number of data protection complaints.

96% suffer significant IT security incident

96% suffer significant IT security incident

More than 96 percent of organisations experienced a significant IT security incident in the past year.

CISOs still grappling with security awareness training

CISOs still grappling with security awareness training

A study of some of the UK's top chief information security officers (CISOs) has revealed that just 21 percent are conducting security awareness training on a regular basis.

British PM promises £800 million cyber defence fund

British PM promises £800 million cyber defence fund

British Prime Minister David Cameron today announced a £800 million investment in improving the country's cyber intelligence, reconnaissance and defence capabilities.

Game on for Gameover?

Game on for Gameover?

NatWest customers targeted by Gameover Zeus Trojan variant.

China accused of global zero-day attack on shipping firms

China accused of global zero-day attack on shipping firms

A suspected Chinese government cyber-attack called 'Zombie Zero' has been targeting shipping, logistics and manufacturing companies worldwide, according to US security research firm TrapX.

ICYMI: British spies, security researchers & finding value from BYOD

ICYMI: British spies, security researchers & finding value from BYOD

This week's In Case You Missed column looks at Britain's new surveillance laws, the sacking of a security researcher and questions on BYOD management.

Poor admin passwords allow global botnet attack

Poor admin passwords allow global botnet attack

BrutPos or @-Brt attacks have infiltrated POS systems with botnets largely thanks to weak admin passwords.

UK government criticised for opposing 'right to be forgotten'

UK government criticised for opposing 'right to be forgotten'

The British government has been criticised by the president of a leading UK data protection professional body for trying to water down the 'right to be forgotten' privacy protection now being instigated by Google.

NCA partners with FBI, Europol to disrupt Shylock Trojan

NCA partners with FBI, Europol to disrupt Shylock Trojan

The UK's National Crime Agency has been working with the FBI and Europol to disrupt the infrastructure behind Shylock Trojan, malware which siphons money from European bank accounts.

Malwarebytes raises more than £17 million in VC funding

San Francisco-based endpoint security company Malwarebytes announced today that it has received $30 million (approximately £17.53 million) in Series A funding from Highland Capital Partners.

UK government to increase surveillance

UK government to increase surveillance

The British government looks set to pass the Data Retention and Investigations Powers Bill - a law which will allow police and security services to access people's phone and internet records from telcos and ISPs.

Can Twitter spammers steal email addresses?

Can Twitter spammers steal email addresses?

Some Twitter users have claimed that cyber-criminals may have been able to spam the email addresses registered with the social networking giant.

Light bulb illuminates WiFi weakness: IOT security needs to improve

Light bulb illuminates WiFi weakness: IOT security needs to improve

Smart light bulb hacked to reveal WiFi password, research project highlights need for development of Internet of Things security.

Most UK firms expect to be targeted by cyber-attacks next year

Most UK firms expect to be targeted by cyber-attacks next year

Two-thirds of UK companies believe that they will be targeted by a cyber-attack within the next year, leading some industry observers to question whether business defences are up to scratch.

Deep Panda - three years of attacks to defend China's oil interests

Deep Panda - three years of attacks to defend China's oil interests

Attack vectors demonstrate the sophistication of malware available to cyber-criminals globally, says CheckPoint MD Keith Bird.

Critics slam ISACA's APT report

Critics slam ISACA's APT report

"Fighting off an APT attack using firewalls and anti-virus is akin to shooting at a nuclear warhead with a bow and arrow."

Mobile flaw hits most Android devices

Mobile flaw hits most Android devices

Researchers at Curesec have found a vulnerability that is potentially affecting 60 percent of Android devices connected to Google Play.

1990s Macro viruses back with a vengeance

1990s Macro viruses back with a vengeance

Reports are coming in that cyber-criminals are deploying an attack methodology that was last successful in the late 1990s.

Spamhaus seeks arrests of non-EU DDoS attackers

Spamhaus seeks arrests of non-EU DDoS attackers

Anti-spam organisation Spamhaus welcomes two arrests in the UK and Spain, and now seeks others outside the EU, which commentators believe is unlikely to happen.

All Microsoft-seized domains back with No-IP

All Microsoft-seized domains back with No-IP

Just over a week after Microsoft seized more than 20 domains from No-IP, the ISP now says that all of the domain names are back in its possession.

Hotel Hippo closes for good after data breach

Hotel Hippo closes for good after data breach

UK-based travel booking website Hotel Hippo appears to have closed just one week after an independent security consultant found that the firm had weak security and privacy controls.

Scottish companies warned on cyber security

Scottish companies warned on cyber security

The Scottish Business Resilience Centre (SRBC) has warned Scottish firms to step up their cyber security measures - especially if the internet is a fundamental part of their supply chain.

'Complacency' to blame for undetected data breaches

'Complacency' to blame for undetected data breaches

A new study from IT governance reveals that a half of IT staff believe that their company may have suffered a data breach without it being detected.

New surveillance law proposed to track mobiles

New surveillance law proposed to track mobiles

The three main political parties in the UK are in talks about introducing a new emergency law that would require phone companies to log records of phone calls, texts and internet usage.

Barclays receives Cyber Essentials certification for digital banking

Barclays receives Cyber Essentials certification for digital banking

Barclays bank has announced that it has received the UK government's Cyber Essentials certification for its digital banking services, including MyBarclays, BMB and Pingit.

InfoSec Skills launches cyber security skills programme

InfoSec Skills Ltd have embarked on a new scheme to help close the national 'skills gap' in information security.

Cyber security not a UK boardroom priority

Cyber security not a UK boardroom priority

New research from consulting firm KPMG claims that cyber security and data protection are only ranked third as priorities in UK boardrooms, following people skills and plant/machinery spending.

Germans reveal new NSA XKeyScore internet monitoring

Germans reveal new NSA XKeyScore internet monitoring

The German software revelation may have come from a second NSA leak/source other than Edward Snowden, says cryptography expert Bruce Schneier.

Bletchley Park cyber security centre opens

Bletchley Park cyber security centre opens

Bletchley Park, the forerunner to GCHQ and synonymous with the Enigma code breakers of WWII, opened its international cyber-security exhibition earlier this week.

CosmicDuke malware may hit European governments

CosmicDuke malware may hit European governments

A complex variant of the MiniDuke malware - first seen almost 18 months ago and which targets NATO and other European government IT systems - has been spotted.

Is your smartphone really switched off?

Is your smartphone really switched off?

"Anyone with an understanding of embedded systems could develop the technology to hibernate, rather than switch off, the handset" - Rob Bamforth, Quocirca

GCHQ sued by ISPs over state-sponsored hacking

GCHQ sued by ISPs over state-sponsored hacking

ISPs and Privacy International seek legal clarification on how far GCHQ can go with its state-sponsored surveillance activities.

MP says National Security Strategy must take cyber threat seriously

MP says National Security Strategy must take cyber threat seriously

Dame Margaret Beckett has criticised the government's National Security Strategy and says that the next version must do more to protect businesses from cyber threats.

Spam down in May says Kaspersky

The proportion of spam in email traffic fell 1.3 percent from April to May says Kaspersky.

90% of authentication is 'unnecessary'

90% of authentication is 'unnecessary'

A leading cyber security professor and researcher has urged companies to not make users the enemy, and says that a start would be removing layers of 'unnecessary' authentication.

ICO probes Facebook/HotelHippo data privacy

ICO probes Facebook/HotelHippo data privacy

The Information Commissioner's Office (ICO), is looking into possible privacy breaches by Facebook and UK-based booking site HotelHippo.com.

Cyberwarfare on the increase in Iraq

Cyberwarfare on the increase in Iraq

IntelCrawler reports a significant increase in malicious cyber-attacks taking place during the civil war in Iraq.

University of Surrey opens cyber security research centre

University of Surrey opens cyber security research centre

The Surrey Centre for Cyber Security (SCCS) has launched, and will be home to academia research on everything from privacy and data protection, to secure mobile communication and human-centric technology.

New Android RAT threatens mobile banking users

New Android RAT threatens mobile banking users

What is claimed to be the first mobile malware to combine the unholy trinity of private data theft, banking credential theft/spoofing and remote access, has been discovered by researchers at FireEye.

Cyber security skills gap a 'legacy problem'

Cyber security skills gap a 'legacy problem'

The much-debated cyber security skills gap was the topic of debate at two separate conferences in the UK on Tuesday.

Denmark gives in to NSA's demands

MS No-IP takedown hits 25% of APT attackers

MS No-IP takedown hits 25% of APT attackers

After facing a barrage of criticism for taking down the No-IP DNS server, Microsoft is now getting praise from some quarters for its impact on malware distribution - though critics remain.

Sink or swim - Titanic lessons for cyber security

Sink or swim - Titanic lessons for cyber security

CHAPS' Mark Hale drew an interesting parallel between cyber defence and the sinking of RMS Titanic in London yesterday.

SC Congress London mulls data breach responsibility

SC Congress London mulls data breach responsibility

Delegates and panelists debate breach liability, response, and the need for a plan of action.

Europol 15 today

Hidden cyber crime gang spotted

Hidden cyber crime gang spotted

Cisco researchers uncover a cyber criminal group that have been hiding since at least 2007, distributing malware almost entirely undetectable by anti-virus systems.

NCCU wants private sector support to beat cybercrime

NCCU wants private sector support to beat cybercrime

National Cyber Crime Unit deputy director Andy Archibald says that law enforcement must regain the trust of industry partners to beat cyber-criminals.

Millions are hit by MS' No-IP takedown

Millions are hit by MS' No-IP takedown

Microsoft accused of acting "excessively" - US court order used to take down servers exploited by threat actors also hits servers being used by millions of innocent internet users.

THREAT OF THE MONTH: Deperimeterisation

THREAT OF THE MONTH: Deperimeterisation

Mark D. Parker dissects deperimeterisation - what it is and how to prevent it.

Movers and makers: July - August

Movers and makers: July - August

The latest news on the people and companies at the forefront of information security.

News briefs: July - August

News briefs: July - August

The first update to the Computer Misuse Act since 1990, Operation Tovar combats infamous malware and more security news.

Working with third-parties: Make security a priority

Working with third-parties: Make security a priority

2 minutes on keeping security at the forefront by working with third-parties

Debate: Anti-virus is dead

Debate: Anti-virus is dead

Amichai Shulman and Sarb Sembhi whether or not anti-virus is dead

Talent has no gender

Talent has no gender

In the current print issue, SC Magazine UK talks to women in the industry about their experience, asks if data is secure when held by a cloud provider and assesses how ready we are for the new EU Data Protection Regulation.

Insurers want to protect critical infrastructure from cyber attack

Insurers want to protect critical infrastructure from cyber attack

A leading insurance underwriter told British politicians and security experts in London today that insurers must be involved in the fight against cyber warfare.

CryptoLocker returns after Operation Tovar

CryptoLocker returns after Operation Tovar

CryptoLocker is back and more popular than ever, less than one month on from the Operation Tovar campaign.

Portcullis shuts down Sophos antivirus bug

Portcullis shuts down Sophos antivirus bug

UK-based security services firm Portcullis has discovered a flaw in Sophos Antivirus that could allow attackers to inject malicious code and disable the software.

Verizon loses German contract over spying fears

Verizon loses German contract over spying fears

The German Government has cancelled a contract with US telecoms provider Verizon over fears it is obliged to hand over customer data to the US Government.

Sign up to our newsletters