This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Cyber Security Challenge joins with GCHQ for security development programme

Cyber Security Challenge joins with GCHQ for security development programme

The Cyber Security Challenge is linking with GCHQ to develop counter-espionage and cyber security skills for the real world.

China may be targeting medical firms for IP data

China may be targeting medical firms for IP data

Very little companies can do to defend themselves against state-sponsored attacks, says Storm Guidance director Sarb Sembhi.

Video games company hit by 38-day DDoS attack

Video games company hit by 38-day DDoS attack

51,000-plus terabits of data thrown against client, says IP security firm

US Nuclear Regulatory Commission successfully hacked three times

US Nuclear Regulatory Commission successfully hacked three times

The US Nuclear Regulatory Commission (NRC), which houses detailed classified records about nuclear reactors, radioactive material storage and uranium processing plants, has been hacked three times over the past three years, according to a new report.

Targeted spear phishing campaign targets governments, law enforcement

Targeted spear phishing campaign targets governments, law enforcement

Kaspersky Lab claims to have identified a highly targeted spear phishing campaign that picks on high profile victims - including government, military, law enforcement agencies and embassies.

Malaysian investigators 'hacked' for confidential MH370 records

Malaysian investigators 'hacked' for confidential MH370 records

Around 30 computers at Malaysian law enforcement agencies looking into the disappearance of the MH370 airplane have reportedly been hacked, with perpetrators making off with confidential data on the aircraft.

75,000 reasons not to jailbreak your iPhone or iPad

75,000 reasons not to jailbreak your iPhone or iPad

Malicious AdThief malware replaces adverts appearing on Apple users screens

Industry divided as Met Police recommends smartphone PINs

Industry divided as Met Police recommends smartphone PINs

After two years of quietly lobbying mobile phone manufacturers such as Apple and Samsung, the Metropolitan Police have gone public with its request for all mobile phone vendors to implement PIN protection as a default setting on a handset.

New TorrentLocker ransomware trades on fear of CryptoLocker

New TorrentLocker ransomware trades on fear of CryptoLocker

A new breed of ransomware called TorrentLocker that mimics more feared versions like CryptoLocker and CryptoWall has been discovered targeting users in Australia.

UK Ministry of Defence launches £2 million cyber defence competition

UK Ministry of Defence launches £2 million cyber defence competition

The British government has kicked-off a £2 million contest to find new ways to protect the Ministry of Defence (MoD) computer systems from cyber-attacks using automated threat response.

GCHQ tries to hack every server in 27 countries

GCHQ tries to hack every server in 27 countries

British spy agency GCHQ has been scanning every public-facing server in 27 countries for years to find any weak systems it can hack, according to the latest media reports.

UK cyber experts star in BBC 'house of hacking horrors' test

UK cyber experts star in BBC 'house of hacking horrors' test

Security experts from Sophos, NCC Group and Nettitude have taken centre stage in an experiment run by the BBC to find out how insecure smart home devices like TVs, fridges and webcams are.

Tesco tablets vulnerable to file recovery issues

Tesco tablets vulnerable to file recovery issues

Sensitive data stored on Android devices such as the Tesco Hudl can still be accessed even if a user has carried out a factory reset, the BBC has learned.

Card fraud costing small businesses dearly says research

Card fraud costing small businesses dearly says research

Small businesses are easy prey to fraud - Dave Hobday, Worldpay

50% of corporate passwords crackable within a few minutes

50% of corporate passwords crackable within a few minutes

Security admins need to be more creative when it comes to developing security systems, says Adrian Davis of ISC(2).

Security industry beats Apple to address iOS flaw

Security industry beats Apple to address iOS flaw

US-based risk management firm Stroz Friedberg has backed up claims that Apple iOS devices can be wirelessly compromised if the desktop pairing files are stolen. The firm is now offering a free open-source tool to protect enterprise users and consumers.

Research: Almost 1 in 5 company devices infected

Research: Almost 1 in 5 company devices infected

New research claims to show that enterprises are seeing around 18.5 per cent - that's almost one in five units - of their corporate devices being infected , suggesting a major rise in successful infections by malware and other electronic trickery.

Fake Tor website serves up malware

Fake Tor website serves up malware

A new website, Torbundlebrowser.org, may look almost identical to the original Tor Project but is in fact a fake serving up malicious software.

New Zeus Gameover employs novel approach to malware

New Zeus Gameover employs novel approach to malware

NewGOZ could be upgraded with Cryptolocker-like software in the future, says Lancope's Tom Cross.

US can launch automated cyber-attacks, says Snowden

US can launch automated cyber-attacks, says Snowden

Problems with attribution mean that automated responses to say DDoS attacks could hit those spoofed or used for routing attacks.

UK watchdog ICO complains about limited powers

UK watchdog ICO complains about limited powers

The Information Commissioner's Office (ICO) has once again hit out at its limited powers, but might get more resources and money when new EU data protection laws go live.

Android 'wide open' as SMS attack hits 100,000 users

Android 'wide open' as SMS attack hits 100,000 users

SMS phishing malware such as the recent Heart App attack - which sent out 20 million messages and infected 100,000 Android users in China - could spread epidemically in future and cannot be stopped even by the newer versions of 'wide open' Android, researchers have warned.

Retailers install shopper-tracking mannequins

Retailers install shopper-tracking mannequins

"Creepy" innovation raises privacy fears as it sends electronic beacons out to consumers passing by stores and helps them buy.

Security naivety forces NCA to debut online awareness campaign

Security naivety forces NCA to debut online awareness campaign

The UK's National Crime Agency has formed a new partnership with the government's Cyber Streetwise campaign after new figures from the Office of National Statistics revealed that there were 10,731 adult victims of cyber-crime last year.

European Commission backs Microsoft in privacy fight with US

European Commission backs Microsoft in privacy fight with US

Microsoft has won the European Commission's support as it battles in court to prevent the US Government getting hold of one of its customer's emails, stored at its Dublin data centre.

Krysanec RAT hides in fake Android apps

Krysanec RAT hides in fake Android apps

Anti-virus vendor ESET says that a new Android 'backdoor' Remote Access Trojan (RAT), Krysanec, has been masquerading as free and paid-for applications on third-party app stores.

Africa's cybercrime gangs move way beyond 419 scams

Africa's cybercrime gangs move way beyond 419 scams

African cyber-criminals have expanded far beyond the simple '419' Nigerian scams they are notorious for, and are now using sophisticated botnets, RATs and targeted attack techniques, according to Trend Micro.

Google Nest hacked 'in 15 seconds' as reality bites for Internet of Things

Google Nest hacked 'in 15 seconds' as reality bites for Internet of Things

Security researchers quickly rooted Google's Nest at Black Hat over the weekend, with one describing the internet-connected thermostat as a "computer you cannot patch".

FBI informant 'Sabu' leads cyber attacks against Turkish government

FBI informant 'Sabu' leads cyber attacks against Turkish government

The US government is being questioned over its involvement in several cyber-attacks against the Turkish government, which were reportedly carried out by hacker turned FBI informant Hector Xavier Monsegur.

Russia extends Snowden stay

WordPress and Drupal flaw hits 23% of world's websites

WordPress and Drupal flaw hits 23% of world's websites

Up to 230 million websites, including the US White House and the UK's main government data site, are at risk from a denial of service flaw in their WordPress and Drupal content management systems. The two suppliers have rushed out a fix.

Mobiles hijacked without user knowledge

Mobiles hijacked without user knowledge

Android is extremely susceptible to malware within its advertisement libraries says FireEye.

More than 40 governments hit by suspected Russian-state cyber attack

More than 40 governments hit by suspected Russian-state cyber attack

A likely Russian state cyber-attack has hit a Western European government ministry, a US medical organisation and more than 45 Eastern Bloc and Middle East governments, according to new information from Kaspersky and Symantec.

2 billion mobile devices vulnerable: Black Hat report

2 billion mobile devices vulnerable: Black Hat report

Up to two billion mobile devices could have hiddent controls according to a Black Hat conference report.

Wikipedia contests EU ruling on 'right to be forgotten'

Wikipedia has been criticised for deciding not to comply with the 'right to be forgotten', a key proponent of the forthcoming EU General Data Protection Law, with UK watchdog ICO also voicing concerns over logistics.

Government spyware exposed after massive data breach

Government spyware exposed after massive data breach

Gamma International Ltd - an Anglo-German company that makes and sells FinFisher spyware to various European, American and Asia Pacific governments and law enforcement agencies - has been bit by a big data breach, revealing hundreds of confidential documents.

Website encryption boosted by Google promotion of HTTPS

Website encryption boosted by Google promotion of HTTPS

The latest change in Google's search engine optimisation (SEO) algorithm looks set to boost the uptake of encryption for websites by rating sites using HTTPS higher than those with HTTP.

Half of all UK adults shun mobile banking

Half of all UK adults shun mobile banking

Billion plus credentials hacked by Russian gang: industry reaction

Billion plus credentials hacked by Russian gang: industry reaction

US security firm Hold Security claims to have discovered the biggest ever hack, with 4.5 billion records stolen, but it also sought to charge hacked websites for confirmation of breach.

CryptoLocker victims can recover encrypted files

CryptoLocker victims can recover encrypted files

A new online portal allows the estimated 545,000 CrytoLocker victims to freely recover files that were once encrypted by the ransom-demanding malware.

RAT uses Yahoo Mail to fool security teams

RAT uses Yahoo Mail to fool security teams

German security research firm G Data is warning of a newly discovered RAT called IcoScript that hides behind popular email services like Yahoo Mail, giving corporate security teams another attack 'vector' to worry about.

New banking Trojan 'Kronos' attacks French banks

New banking Trojan 'Kronos' attacks French banks

The much-rumoured banking Trojan 'Kronos' has appeared in the wild and is stealing money unbeknown to the French bank account holders that it targets.

Teenage Aussie hacker reveals PayPal flaw

Teenage Aussie hacker reveals PayPal flaw

17-year-old hacker divides industry opinion by going public before PayPal fixes problem.

Chinese TV channel hacked while on air

Chinese TV channel hacked while on air

Hacktivists in China put anti-government messages up over broadcast programmes while Wenzhou TV station was on air.

UK government proposes public sector data sharing

UK government proposes public sector data sharing

A leaked document reveals that the British government plans to revise data collection laws so that it can share personal details on earnings, tax and criminal records, benefits payments and more with all agencies in the public sector.

Security researcher to demo airplane Wi-Fi hack

Security researcher to demo airplane Wi-Fi hack

IOActive security researcher Ruben Santamarta claims to have figured out how to hack the satellite communication equipment on airplanes, by infiltrating on-board Wi-Fi and entertainment systems.

Gameover Trojan 'surges' after police takedown

Gameover Trojan 'surges' after police takedown

What constitutes winning in the fight against malware, and what's the value of a takedown ask commentators in the wake of Gameover Zeus' bounceback.

Privacy fears as US court rules against Microsoft

Privacy fears as US court rules against Microsoft

A New York court has told Microsoft it must hand over customer data to the US Government even though it's held overseas - reigniting a privacy debate that has also dragged in the UK Government's controversial new 'DRIP' law.

GCHQ certifies six MSc cyber security degrees

GCHQ certifies six MSc cyber security degrees

Francis Maude, Minister for the Cabinet Office, announced today that six Master's degree courses in cyber security are to be certified by GCHQ.

Researcher develops BadUSB code to compromise USB sticks - and their computer hosts

Researcher develops BadUSB code to compromise USB sticks - and their computer hosts

Karsten Nohl also reveals how an enhanced security approach can beat his USB architecture compromise.

What's the odds? Paddy Power loses 650,000 records in 2010 breach

What's the odds? Paddy Power loses 650,000 records in 2010 breach

Popular bookmaker Paddy Power has admitted that a data breach it suffered it 2010 affected 649,055 people - around a third of all customers - but stresses that no financial information or passwords were compromised.

Cybercrime threat landscape evolving rapidly

Cybercrime threat landscape evolving rapidly

New research claims to show that, whilst spam levels fell to a five-year low last month, the increasing complexity of cyber-criminal attacks shows no sign of easing, with increasing levels of malware attacks and dangerous PDFs rapidly becoming the norm.

Tor Project unearths attack that identifies users

Tor Project unearths attack that identifies users

Users of The Onion Router (TOR) network have been warned of an attack that could deanonymise them if they used the service from February to July this year.

Hackers tap flaws in Amazon cloud to host DDoS botnets

Hackers tap flaws in Amazon cloud to host DDoS botnets

Profitable and easy-to-use vulnerability exploited by cybercriminals says security researcher

China allegedly behind attack on Canadian research group

China allegedly behind attack on Canadian research group

One day on from claims that Chinese hacker group 'Comment Crew' was behind the theft of confidential documents on an Israeli missile defense system, the country is also being cited for more recent attacks against a Canadian government research organisation.

UK Lords slams EU ruling on "right to be forgotten"

UK Lords slams EU ruling on "right to be forgotten"

A committee sitting in the UK's House of Lords has said that the EU's ruling on the 'right to be forgotten', which requires companies to delete data on request where appropriate, is 'unworkable'.

Fake ID Android flaw allows apps to be impersonated

Fake ID Android flaw allows apps to be impersonated

A new and potentially serious flaw has been discovered in all Android devices, from version 2.1 upwards. The flaw, dubbed `Fake ID' by BlueBox Labs, allows malware to impersonate trusted applications.

Internet of Things creates new set of security headaches

Internet of Things creates new set of security headaches

New research claims to show that the Internet of Things (IOT) is riddled with potential security inconsistencies, which make the IP interconnection of electrical devices - a key feature of the IoT - extraordinarily difficult to secure in practice.

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers compromised the computer systems of three Israeli defence contractors between 10 October 2011 and 13 August 2012 to steal hundreds of confidential documents on Israel's Iron Dome missile defence system.

Security researcher finds exploitable flaws in 14 antivirus engines

Security researcher finds exploitable flaws in 14 antivirus engines

Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has found exploitable local and remote flaws in 14 of the 17 major antivirus (AV) engines used by most major AV manufacturers.

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the anonymous Tor network.

UK watchdog warns firms on Big Data risks

UK watchdog warns firms on Big Data risks

UK watchdog The Information Commissioner's Office (ICO) has released a comprehensive report into big data which warns companies that their data analytics activities must adhere to existing data protecting laws.

4% of Googlebots are fake and can launch attacks

4% of Googlebots are fake and can launch attacks

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.

Brit Lauri Love faces more US hacking charges

Brit Lauri Love faces more US hacking charges

Lauri Love, a 29-year-old British man from Stradishall in Suffolk, has been charged by a US court with hacking into multiple US government computers and stealing more than 100,000 employee and financial records.

More questions than answers as BBC outage fuels DDoS talk

More questions than answers as BBC outage fuels DDoS talk

The British Broadcasting Corporation was hit by a prolonged outage on its website and iPlayer video-on-demand service (VOD) last weekend, raising questions about the cause and whether it was subjected to a distributed-denial-of-service (DDoS) attack.

StubHub ticketing agency taken for a million pounds

StubHub ticketing agency taken for a million pounds

Police around the world have arrested seven people - thought to have been tied into an international fraud ring - that allegedly defrauded the eBay-owned StubHub online ticketing service of around a million pounds (US$ 1.6m).

DDoS attacks grow as first DIY kits emerge

DDoS attacks grow as first DIY kits emerge

The latest report from Akamai Technologies has revealed another increase in DDoS attacks and the resurgence of botnets to carry out server-based attacks.

WordPress plugin flaw opens blogs up to cybercriminals

WordPress plugin flaw opens blogs up to cybercriminals

A WordPress plugin called MailPoet - which has been downloaded around 1.7 million times - has placed large numbers of WordPress-based websites at risk of incursion.

European Central Bank loses personal records after data breach

European Central Bank loses personal records after data breach

The European Central Bank admitted today that its website was hacked and said that some email addresses and other contact information was stolen.

Despite concerns, companies remain vague about targeted attacks

Though the majority of business executives are very apprehensive about targeted attacks, most don't know what type of data is vulnerable.

34 European banks hit by Android app security attacks

34 European banks hit by Android app security attacks

Banks need to put their heads together to develop common and more secure methodologies says Sarb Sembhi, STORM Guidance, following operation Emmental.

Entrepreneur develops hacked data search engine

Entrepreneur develops hacked data search engine

A Portuguese entrepreneur is said to have developed a specialised search engine that can allow access to leaked or allegedly stolen access credentials.

Insider threat levels from ex-staffers greater than expected

Insider threat levels from ex-staffers greater than expected

A third of of ex-employees have access to company data and 9 percent have used their access privileges, says new research.

WSJ the latest publisher to be hit by 'w0rm' hacker

WSJ the latest publisher to be hit by 'w0rm' hacker

The Wall Street Journal has become the latest US media organisation to be hacked, just days after similar attacks against Vice Media and Metro US.

Queen's website hosts controversial tracking technique

Queen's website hosts controversial tracking technique

Advertising tracking called 'canvas fingerprinting' is used on many websites and identifies unique individuals and their browsing habits and works surreptitiously.

Could MH17 sanctions push Russia to cyber warfare?

Could MH17 sanctions push Russia to cyber warfare?

A leading cyber security academic has warned the US and European governments that tougher sanctions on Russia relating to the MH17 airplane crash could result in the start of cyber warfare.

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Snowden, Ellsberg ask hackers to help obscure whistleblower activity

Crowds of people came out to see Daniel Ellsberg chat with Edward Snowden at HOPE X conference.

Apple accused of hiding backdoors in all 600 million iOS devices

Apple accused of hiding backdoors in all 600 million iOS devices

Apple has built backdoors in its iOS operating system that can leak the personal data of all 600 million iPhone and iPad users and may have been exploited by the US secret service, according to a new US research paper.

MH17 spammers direct Twitter users to Zeus-ridden websites

MH17 spammers direct Twitter users to Zeus-ridden websites

In the aftermath of the MH17 tragedy which saw almost 300 people lose their lives in an airplane crash over Ukraine, cyber-criminals are taking advantage by leading social media users to malicious websites.

EU's new cybercrime taskforce set to launch

EU's new cybercrime taskforce set to launch

Andy Archibald, deputy head of the UK's National Cyber Crime Unit (NCCU), is to chair a new cyber-crime taskforce based out of the European Cybercrime Centre (EC3) in The Hague in Netherlands.

Criminals get hold of 'Russian state malware'

Criminals get hold of 'Russian state malware'

One of the first cases of government-grade malware falling into the hands of common cyber criminals has been uncovered by US security firm Sentinel Labs.

ICYMI: Google's Project Zero, ICO breach & sharing intel on critical infrastructure

ICYMI: Google's Project Zero, ICO breach & sharing intel on critical infrastructure

This week's In Case You Missed It (ICYMI) column takes a look at Google's Project Zero, accusations of double-standards at the ICO and the need to share intelligence on critical infrastructure.

Snowden calls on businesses to encrypt data, shun Dropbox

Snowden calls on businesses to encrypt data, shun Dropbox

UK cyber experts side with NSA whistle-blower who urges companies to adopt encryption and to shun Dropbox because the cloud storage company is 'hostile to privacy'.

Android apps too free and easy with access permissions

Android apps too free and easy with access permissions

Android apps ask for far too many device and data permissions, with 68 percent of 75,000 apps scanned requiring the ability to generate text messages, according to new research.

Embedded Windows XP systems targeted by new Chinese malware

Embedded Windows XP systems targeted by new Chinese malware

Chinese firm uses unusual techniques to infected legacy computer systems.

Controversial DRIP bill set to become UK law

Controversial DRIP bill set to become UK law

The controversial DRIP (Data Retention and Investigatory Powers) bill completed its Lords committee stage without amendment yesterday, after effectively being rubber-stamped into the legislative books overnight.

eBay counts the cost after 'challenging' data breach

eBay counts the cost after 'challenging' data breach

John Donahoe, the chief executive officer of eBay, has confirmed that May's data breach has had a negative impact on revenues and user activity.

Sign up to our newsletters