Some good samaritan has messed with the pernicious locky ransomware to deliver, not malware, but a joke.
The latest In Case You Missed It (ICYMI) looks at Lizard Squad DDoS, Botnet growth, Qatar bank breached by facists, Hidden Open Source flaws, Ransomware surge.
Spear-phishing attacks continue to make big profits for attackers and big losses for victims, according to a new Mimecast report.
NexusGuard's Q1 2016 report has found that one of the favorite targets of DDoS attackers are attack researchers
The second annual National Unplugging Day in the UK will be held this year on 26 June 2016 to encourage families to spend the day from start to finish without any technology.
Researchers found a series of malicious apps containing Android/Clicker.G on the Google Play store. The campaign targets mobile devices in Russia, but they affect apps that are available globally.
Anonymous launched an attack against the Bank of Greece as part of a 30-day campaign targeting central banks across the world.
New PCI regulation will include a heavy focus on multi-factor authentic, people, processes and encryption
Romanian jailed hacker Marcel Lehel Lazar, otherwise known as 'Guccifer', claims that he repeatedly breached the personal email server of US presidential candidate Hillary Clinton in early 2013 when she was Secretary of State.
Hold Security has bought hundreds of millions of email credentials off the dark web for less than £1
The Michigan Board of Water and Light has been beset with a ransomware infection.
Adults in the UK don't know where to go for advice when it comes to protecting themselves online or where to turn if they become victims of fraud.
A security bug in ImageMagick, the free open source image processing software, is allowing cyber-criminals to attack vulnerable servers from afar.
Criminal outfits are increasingly distributing "designer" spam and malware, customised to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.
Surprising no one, ransomware continues its relentless march into the systems of individuals and businesses despite our familiarity with the attack method and the best efforts of anti-malware products.
Online fraud transactions are expected to reach $25.6 billion (£17.6bn) by 2020, up from $10.7 billion (£7.4B) last year. Meaning that by the end of the decade, $4 (£2.7) in every $1,000 (£687) of online payments will be fraudulent.
The long-besieged Privacy Shield agreement proposed by US and European officials faces a new round of challenges following recent decisions by the US Foreign Surveillance Intelligence Court and the Supreme Court.
Nearly 40 percent of UK companies are more secure than they were this time last year, however the threat and consequences of security breaches are still a priority for IT pros.
The use of open source components in commercial software is more common than even vendors are aware of and it's leaving customers open to unpatched flaws.
5 May 2016 is World Password Day.
Israel-based cyber-threat specialists Cyberint insists it has found a serious flaw in Google security despite the tech giant's denials that email injection can bypass security filters.
UK PC users are making progress when it comes to patching software vulnerabilities, however big challenges still remain.
Cyber-risk remains the number one overall concern of the financial industry to the broader economy.
Pwnedlist - which provided data on billions of pwned credentials - contained a flaw that allowed users to monitor breaches for arbitrary domains.
Europol has signed a Memorandum of Understanding with Finnish online security company F-Secure. The agreement aims to improve information sharing for fighting crime.
Mobile attacks can workaround two-factor authentication on Android phones and inject malware onto iOS phones.
Lizard Squad is back with a vengeance, according to an advisory from Action Fraud UK which is advising organisations to report the attacks, keep detailed records and seek help from their ISPs.
The FBI recently pressed for a 29-year-old Los Angeles woman to provide her fingerprint to open her phone after she was sentenced in an identity theft case.
In a series of attacks, University of Michigan researchers hacked into Samsung SmartThing connected home systems and remotely unlocked doors.
Ransomware accounts for around a quarter of cyber-threats targeting internet users in the UK.
A supposedly legitimate French software firm, Tuto4PC, has actually infected an estimated 12 million PC users with a generic Trojan disguised as downloadable utilities programmes, according to an analysis from Cisco's Talos research division.
Marcher Madness continues with a new, stealthier iteration of the Marcher banking malware targeting Android users in Australia.
The 23-year-old mastermind behind the hack of the Commission on Elections (COMELEC) website, which led to the exposure of 55 million voter records, was arrested by the Cyber-crime Division of the National Bureau of Investigation in the Philippines Friday.
Zscaler researchers spotted an Android infostealer disguised as a Google Chrome update that is capable of terminating antivirus applications and even ending calls.
Botnets are getting bigger and DDoS attacks more frequent according to Kaspersky
To address the urgent need for more young people to enter the cyber-security industry, the Cyber Security Challenge UK and partners have launched the new EPQ qualification.
Qatar National bank has had 1.4 GB of internal files published online including the names of intelligence agents, government departments and the Qatari royal family. A turkish fascist group has claimed responsibility.
Belgium's minister of defence, Steven Vandeput has stated the importance of investing in technology for national security.
High Court judge Mr Justice Mann has ruled the go ahead for claims against The Sun newspaper for phone hacking.
In an effort to find the best hidden cyber-security talent, BT and the Cyber-security Challenge UK staged a mock investigation into a cyber-attack at London's BT Tower last weekend.
Hackers reportedly posted employee data and private documents belonging to a publicly listed gold-mining company on a paste site.
Wearables are the Internet of Things (IoT) devices most likely to emerge as a security threat or cause a breach, according to a new survey by Spiceworks and Cox Business.
Pro-ISIS hacking groups joining forces behind a super-hacker team, the United Cyber Caliphate, are sharpening their skills and showing a willingness to coordinate and amp up cyber-attacks, a new report revealed.
Researchers now think that Ransomware-as-a-Service can be exploited particularly effectively by those with insider knowledge of an organisation
The US, finally and for the first time has announced its intentions to wage cyber-war on Islamic State
It appears that the developer mode of MS Windows, otherwise known as 'God Mode', is being leveraged by attackers to hide malware.
According to Kaspersky, ATMs are far easier to get into that you might think
Over 10 percent of the UK population has pretended to be someone else online by snooping or sending messages through someone else's social media or email accounts without their permission.
Singapore Telecommunications (Singtel) has opened a new facility to help enterprises enhance cyber-security skills and test their networks in dealing with cyber-threats.
The financial messaging organisation SWIFT has issued a warning to its customers stating its system has undergone repeated attacks similar to those that lead to $81 million (£55.7M) from a Bangladesh bank.
Richard Nichols, RSA's head of EMEA strategy compared playing the violin to conducting an effective security strategy, to encourage businesses to harmonise security strategy and promote greater visibility of threats on the business.
The director of CERT UK laid out some of the problems facing UK cyber-space and outlined what cyber-security could do to help fix them.
The Gundremmingen nuclear power plant located 120 km northwest of Munich has been infected with computer viruses and malware.
IBM's X-Force reported today the actors behind the hybrid GozNym banking trojan have released a new configuration that is targeting European banks.
Though deeply unpopular in some circles, a new YouGov poll has shown broad approval for the enumeration of government surveillance powers in the Investigatory Powers Bill.
Nearly 70 percent of high-ranking technology professionals believe that security will be less of an obstacle to greater cloud and software-defined data centre (SDDC) adoption by the end of 2016.
The exclusive website was breached months ago and the information of over a million of its users has been sitting on the Dark Web ever since then.
Poor endpoint security is propelling the great ransomware epidemic of 2016 — and if allowed to fester, the threat will spread to new endpoints including IoT devices, cars and ICS and SCADA systems, a new report says.
Information technology and process automation, essential to modern industrial facilities, are under threat from hackers who are increasingly targeting ICS and SCADA systems, says Eugene Kaspersky.
CyberCenturion 2016, the competition which started with around 50 teams, was narrowed down to the final 10 who competed today at Bletchley Park for the crown.
With the bombardment of DDoS attacks fairly consistent worldwide throughout 2015, it's no longer a matter of if or when attacks might happen, but how often and how long the attack will last.
James Clapper, the Director of National Intelligence has said that the government is considering ways it might disclose information about Americans under government surveillance
James Clapper, director of national intelligence has blamed the NSA whistleblower Edward Snowden for making it harder for the US to monitor and arrest terrorists by advancing the development of more advanced and widely available encryption.
Verizon's new report shows, once again, that ransomware and phishing attacks are up.
A special bespoke malware seems to the at the centre of a massive cyber-fraud resulting in the theft of millions of dollars from Bangladesh Bank
Spotify may have experienced a security breach based on a list of customer account credentials discovered on Pastebin.
The electoral details of the full voting public of Mexico have been leaked and published
In a declassified ruling, a federal judge of the Foreign Intelligence Surveillance Court (FISC) ruled that the FBI's search of Americans' emails without a warrant during criminal investigations is not contradictory to the Constitution or the FISA Amendments Act.
In order to better improve and ensure cyber-security of government websites, Philippine senator Ralph Recto plans to recruit "bored" Filipino hackers to serve as "cyber-commandos".
Cisco issued five security alerts last week, issuing software updates to patch a series of vulnerabilities, any of which could potentially trigger a denial of service condition.
A teenager turned himself in to police in Staffordshire, UK, where he was arrested on charges stemming from a breach of internet services provider TalkTalk.
Whitehat's top 10 web hacking techniques of 2015 have been released and the freaks have topped the list.
A series of bug bountiers have apparently open and closed a vulnerability in the social media giant, Facebook.
The website of white supremacist group the Ku Klux Klan (KKK) has been shut down by hackers associated with the hacktivist group Anonymous.
The root of the problem with malicious smart city hacking lies in the fact that sensors typically collect 'raw' data and then merely pass it on.
Filipino voting records which were breached earlier this month have now been made public and searchable.
The adoption of EMV in the US is quickly closing off the lucrative trade in card details, driving up the price of stolen data.
Holidaymakers are being ripped off by a number of scams originating from online travel agents with fake reviews and rigged pricing.
Almost half (47 percent) of IT leaders in EU-based businesses are unaware of the geographical location of critical and personal data.
Attacks are getting fiercer and attackers more sophisticated and organised, according to the "2016 Trustwave Global Security Report," released this week.
Australian prime minister Malcolm Turnbull confirmed that the Australian Bureau of Meteorology was indeed a target of a cyber-attack last year.
According to a new report by Imperva, South Korea serves as the most prolific point of origin for global DDoS attacks.
After a hacker got into the phone of Democratic Congressman Ted Lieu, the California lawmaker is asking for an investigation.
The future of cyber-security looks part human and part machine, according to MIT's Computer Science and Artificial Intelligence Laboratory but what does the broader industry think?
Over half (51 percent) of senior decision-makers in large businesses are kept awake at night due to the threat of a data breach caused by a cyber-attack.
Cyber-attacks from US-based IP addresses have reached the highest point in the last three years.
From Q4 2015 to Q1 2016 there was a 17 percent rise in apps and websites leaking credit card data on enterprise mobile devices.
Aspiring hacktivists can now login to a chat service hosted by Anonymous to learn coding and encryption.
An Equifax study found millennials were more likely to store sensitive data on their personal devices.
Multigrain malware targets specific processes operating on point-of-sale systems and then exfiltrates data to command and control servers via DNS queries.
Trend Micro has dissected malware used in the Operation C-Major attack officers of the Indian army and tracked it back to malware that originated from Pakistan.
Although some would argue that cyber-war is still in its infancy, it is - according to our panel of experts at the SC Congress Amsterdam - well under way across the globe.
Some 26 nations and more than 550 computer experts are engaged in the worlds biggest 'live fire' international cyber-defence exercise - Locked Shields.
A panel convened at SC Congress Amsterdam's session on preventing cyber-crime. They agreed that we need to consider the threat, our response and how we might become equally and better organised than our opponents.
Jamie Randall, Elisabeth DeLeeuw and Dai Davis joined SC Congress Amsterdam's panel to talk about some of the problems, and potential benefits of the upcoming EU data protection regulations.
Microsoft patched various vulnerabilities in its products last week including the 'MouseJack' flaw, however it is still affecting most organisations.
Phineas Fisher, the hacker who claimed responsibility for breaching Hacking Team last year, published a how-to guide detailing his process in executing the attack.
A strain of malicious code written entirely in Python, dubbed PWOBot, has been discovered infecting a number of organisations based in Europe, specifically in Poland.
Cyber-security is the greatest threat since the atom bomb, said Apple co-founder Steve Wozniak.
SC Webcasts UK
Sign up to our newsletters
SC Magazine UK Articles
- Action Fraud warns of new wave of Lizard Squad DDoS attacks
- New PCI DSS version concentrates on multi-factor authentication and encryption
- Botnets getting bigger and stronger, says Kaspersky
- Qatar National Bank breached, files published, Turkish fascists claim responsibility
- Vendors hiding open-source security flaws in commercial software
- European Parliament approves GDPR
- New PCI DSS version concentrates on multi-factor authentication and encryption
- Have retailers secured themselves against the Insider threat before you head to the checkout?
- Court decisions erode Privacy Shield support
- Vendors hiding open-source security flaws in commercial software
- White hat hacker replaces malware payload in Locky ransomware with dud file
- ICYMI: Lizard DDoS; Botnet growth; Qatari breach; Open source flaws; Ransomware surge
- Spearphishing attack nets hundreds of thousands from investment firm
- DDoS researchers are among most DDoSed
- UK's National Unplugging Day 2016 set for 26 June