Researcher warns of cyber-threat to mergers and acquisitions

Researcher warns of cyber-threat to mergers and acquisitions

A FireEye researcher has warned of cyber-criminals trying to exploit million dollar mergers and acquisition deals

FBI investigating possible Russian hack of NY Times

The FBI is investigating the possible hack by Russian intelligence agencies of the New York Times and other news organisations, according to a CNN report.

47% of NHS Trusts in England admit to falling victim to ransomware

FOI request shows cyber assault on healthcare sector.

Singapore to shut off internet access for government agencies

Singapore to shut off internet access for government agencies

The government of Singapore is to shut off access to the internet of government agencies in an effort to preempt a cyber-attack or a data breach.

French submarine builder DCNS suffers data breach

French submarine builder DCNS suffers data breach

22,000 documents have leaked from French shipbuilder DCNS which is building submarines for the Indian navy.

NATO to spend €70 million on 'cyber-refresh'

The NATO Information Assurance and Cyber Defence Symposium (NIAS) in Mons is expected to outline the alliance's vision and plans to boost capabilities including cyber-security expenditure priorities.

6 in 10 universities hit by ransomware, 2/3 hit multiple times

6 in 10 universities hit by ransomware, 2/3 hit multiple times

Freedom of Information requests filed by security company SentinelOne have shown that ransomware attacks appear to be rife within the UK higher education sector.

After NSA leaks, a renewed interest in vulnerability disclosure

After NSA leaks, a renewed interest in vulnerability disclosure

Code leaked by the Shadow Brokers group has set off calls from security researchers and tech groups in the US for a national conversation about vulnerability disclosure policy.

Is the IT industry to blame for the success of Point-of-Sale malware?

Is the IT industry to blame for the success of Point-of-Sale malware?

Eddie Bauer is the latest in an alarmingly long, and growing, list of data breach victims hit by PoS malware

Kaspersky launches self-titled OS to protect ICS

Kaspersky launches self-titled OS to protect ICS

Kaspersky Lab has reportedly finished its self-titled OS which has been built from the ground up with the aim of protecting industrial control systems.

Google says 'Allo, we're now encrypted too!'

Google says 'Allo, we're now encrypted too!'

Google's upcoming chat app is to feature opt-in encrypted chat options, which will use the same technology that forms the basis of Whatsapp and Signal.

EU ministers rattle sabres at encrypted ISIS jihadi comms channels

EU ministers rattle sabres at encrypted ISIS jihadi comms channels

France and Germany discuss 'tapping' encrypted end-to-end networks such as WhatsApp and Skype

Ransomware rise, email scams spread, Flash & IOT vulnerabilities up

The top three findings from Trend Micro's TrendLabs six-monthly threat trends are the doubling of ransomware families, geographic spread of business email scams and increasing Flash and IOT vulnerabilities spotted.

Epic hack, thousands of salted logins stolen

Epic hack, thousands of salted logins stolen

A hacker has stolen around 808,000 accounts from two forums run by Epic Games, the games maker has confirmed the hack and is investigating what happened.

India threatens jail for visiting forbidden sites

Visiting a 'forbidden' website is now punishable with a three-year jail term in India - even without downloading anything. NordVPN predicts a surge of VPN subscriptions in India by Internet users to protect online freedom.

Russia's Central Bank introduces new mandatory cyber-security regulations

Russia's Central Bank introduces new mandatory cyber-security regulations

Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank

Shadow Broker's leaked files confirmed real by Snowden docs

Shadow Broker's leaked files confirmed real by Snowden docs

A dubious offering by a dubious group calling themselves The Shadow Brokers has been at least partly legitimised by disclosures from Snowden's 2013 leak

IP Bill gets approval from terror laws watchdog

IP Bill gets approval from terror laws watchdog

David Anderson QC, the UK anti-terror laws watchdog, has published a detailed report explaining why he is in favour of the Investigatory Powers Bill.

Twitter suspends 235,000 terrorist linked accounts in six months

The social media giant listed these stats in a statement last week detailing the firm's most recent efforts to combat terrorism on its platform.

Brazilians targeted in free Olympic ticket giveaway phishing scam

The 2016 Olympics may be winding down, but cyber-criminals are not slacking off in their efforts to use the sporting event as a way to lure victims.

SWIFT did not monitor weak security practices of its users - report

SWIFT did not monitor weak security practices of its users - report

Former board members and senior employees at SWIFT, said the company did not monitor or make attempts to improve the poor security practices of its clients.

ICYMI: Russian cyber-weapons, Sage breach, the skills gap, team viewer and more Snowden

ICYMI: Russian cyber-weapons, Sage breach, the skills gap, team viewer and more Snowden

This week: cyber weapons of the battlefield, TeamViewer being used for nefarious ends, an insider breach at Sage, How to close the skills gap and some fascinating insight from the leaker of all leakers.

Crafty downloads: they had you at 'free'

Crafty downloads: they had you at 'free'

Security researchers from Google have published the results of a year-long investigation into the practice of pay-per-install software bundling - and they aren't impressed.

Locky ransomware spread in global campaign against health sector

Locky ransomware spread in global campaign against health sector

FireEye researchers have spotted a Locky ransomware campaign targeting the healthcare sector around the world

Operation Ghoul attacks terrorise industrial and engineering orgs

Kaspersky researchers spotted a wave of attacks that has affected more than 130 organisations in at least 30 countries.

SMS scam targets friends and family of 'Sarah'

Malwarebytes researchers spotted a SMS scam in the UK targeting parents and adults who know someone by the name Sarah.

China launches first quantum satellite for "hack-proof" quantum comms

China launched an orbital carrier rocket early Tuesday morning carrying the 'Micius' satellite, believed to be the world's first quantum satellite.

Is Android as easy to secure as the latest AV-TEST results appear to suggest?

Is Android as easy to secure as the latest AV-TEST results appear to suggest?

An independent IT security research facility has reviewed Android, and despite constant charges of insecurity, found the mobile platform to be far from wanting ?

Private firms to chase cyber-criminals for cash bounties, say police

Private firms to chase cyber-criminals for cash bounties, say police

The City of London Police is working with solicitors and private investigators on how to chase cyber-criminals through the civil courts in a bid to seize the proceeds of criminal activity.

WikiLeaks postings of Turkish emails included active links to malware

WikiLeaks postings of Turkish emails included active links to malware

WikiLeaks' practice of delivering unfiltered information to its readers backfired after a researcher discovered that its collection of leaked Turkish government emails contained over 300 active links to malware files hosted on the controversial site.

Cisco reportedly shedding 20% of its workforce

The world's biggest networking equipment company, Cisco Systems, will layoff about 14,000 employees.

Researcher infects tech scammer with Locky for messing with his mother

A cyber-vigilante took internet justice into his own hands when he infected the computer of an tech support scammer with Locky ransomware.

We have the power: 'Smart' sockets could be enslaved to create botnet

We have the power: 'Smart' sockets could be enslaved to create botnet

Bitdefender has discovered vulnerabilities in a popular brand of 'smart' electrical socket which could lead to attacks on your local area network or the recruitment of the IoT device as part of a global botnet.

Okta research says slow tech upgrades puts companies at risk

Okta research says slow tech upgrades puts companies at risk

Research from security company Okta is claiming that companies which aren't agile on technology upgrades are putting themselves at risk of cyber-attacks.

Unsecure network file folders are 'biggest vulnerability'

In the past year, 38 percent of organisations have experienced one or more information security breaches.

Woman arrested in connection with Sage investigation

City of London Police arrested a woman who works for Sage on suspicion of conspiracy to defraud. The arrest occurred at Heathrow Airport.

Shark ransomware-as-a-service chomps its way to a 20% commission

A new type of ransomware called Shark is being offered for rent on an 'as-a-service' basis payable with a 20 percent cut of the payments it generates to its creators.

Lack of process, security culture leaving firms open to cyber-attack

Lack of process, security culture leaving firms open to cyber-attack

A new QinetiQ white paper warns firms that security training alone will not change employee behaviours.

Snowden says Shadow Broker leak is likely a warning from Russia

Snowden says Shadow Broker leak is likely a warning from Russia

The leaker to end all leakers has taken to Twitter to provide some insight in to the recent high profile auction of NSA hacking tools.

Researcher finds Windows flaw that permits fileless UAC bypass

Researcher finds Windows flaw that permits fileless UAC bypass

Windows vulnerability would allow hackers to subvert PowerShell to bypass the UAC, leaving no trace of having accessed the system.

New Zeus Sphinx banking trojan hitting Brazil

New Zeus Sphinx banking trojan hitting Brazil

Capitalising on Olympics activity, a new version of Zeus Sphinx has been targeting banks in Brazil and Colombia.

Trojan affecting TeamViewer comes knocking on European and US doors

Another backdoor Trojan, BackDoor.TeamViewerENT.1, has been detected installing legitimate TeamViewer components on infected machines to spy on users.

Iran investigating possible cyber angle on oil fires

Iran investigating possible cyber angle on oil fires

Iran's Supreme National Cyber-space Council is investigating whether a recent string of oil and petrochemical fires were caused by a cyber-attack.

Pen-testing made easy with Datasploit social engineering toolset

Pen-testing made easy with Datasploit social engineering toolset

GUI friendly social-engineering toolset made available as open source software - great for penetration testing, not bad for criminals either.

New Locky using WSF spotted in Brazilian underground

Trend Micro researchers spotted a new variant of Locky ransomware using Windows Scripting Files (WSF) as a downloader.

A step in the right direction for security in the world of IoT?

A step in the right direction for security in the world of IoT?

Security companies appear to have woken up to the IoT threat, as Bullguard acquires "Security of Things" company Dojo Labs and F-Secure launches an IoT security monitor.

Is the EU to blame for further prompting privacy issues with OTT services?

Is the EU to blame for further prompting privacy issues with OTT services?

The European Commission to looking to tighten its regulatory grip on US-based tech companies which are slowly replacing traditional telcos in the services they provide.

HEI Hotels hacked! Malware targets POS systems

Hackers have attacked 20 hotels in the US run by HEI Hotels and Resorts with a targeted malware. The hotels included 12 Starwood, six Marriott, one Hyatt and one InterContinental.

More cyber-crime but no one know the true cost, claims ENISA

More cyber-crime but no one know the true cost, claims ENISA

An EU cyber-security body calls for harmonised method of determining losses from rampant cyber-crime, but struggles to even measure it

Scotland Yard setting up Twitter police task force

Scotland Yard is to setup a Twitter task force which will hunt offensive online comments, and bring those posting them to justice.

Leaked report reveals Russian battlefield cyber-weapons

Leaked report reveals Russian battlefield cyber-weapons

A report leaked from the UK armed forces to the media has shown a shocking new cyber dimension of tactical warfare and come to some worrying conclusions about how the UK army would fare in a shooting war against Russia.

Research firm finds MICROS hackers infected more POS vendors

Research firm finds MICROS hackers infected more POS vendors

Trailing not too far behind the news that hackers have compromised a leading point-of-sale system is the new revelation that at least five more vendors have been hit with similar breaches

Interior Dept must update access control standards to meet NIST guidelines - report

Interior Dept must update access control standards to meet NIST guidelines - report

The Inspector General has said that the U.S. Department of the Interior has to beef up its access controls if it wants to meet current standards

Sage suffers data breach from insider

Sage suffers data breach from insider

Software company Sage has reportedly suffered a data breach orchestrated by an insider of the company. The police are investigating and the ICO has been informed.

'Video jacking' attack allows attacker to see what you see

Aries Security researchers' "video-jacking" attack highlight yet another attack vector to consider when charging phone in unfamiliar locations.

Google to add sender authentication to Gmail

Google to add sender authentication to Gmail

In a bid to protect its users from phishing and malware, Google has adopted the DMARC protocol and will warn users if it can't authenticate the source of emails.

34% of users click on links due to human curiosity

With nearly a quarter of ID fraud victims being savvy users of mobile and social media platforms in the UK last year, regular device updates nor computer literacy are stopping users from engaging in harmful online behaviour.

Volkswagon bug: 100M vehicles vulnerable to door unlocking hack

Nearly 100 million Volkswagen vehicles are affected by a vulnerability that would allow an attacker to remotely and discreetly unlock a car without a key.

Linux malware turns victim's machines into crypto-currency miners

Linux malware turns victim's machines into crypto-currency miners

Linux.Lady malware exploits flaw in Redis NoSQL to infect servers and turn them into crypto-currency miners working for the attackers.

US government accuses Hinkley point partner of nuclear espionage

US government accuses Hinkley point partner of nuclear espionage

Major partners in the controversial nuclear power plant at Hinkley Point have been accused in American courts of attempting to steal US nuclear technology.

Trump beats Clinton in presidential election spam race

Trump beats Clinton in presidential election spam race

The infamy of Donald Trump is being leveraged by canny cyber-criminals for everything from spam to credential phishing.

ICYMI: IoT alarms, Russia v Clinton v2, FireEye layoffs, cyber-crime Olympics

ICYMI: IoT alarms, Russia v Clinton v2, FireEye layoffs, cyber-crime Olympics

In case you missed it (ICYMI) this week, concerns over IOT burglar alarm, more attacks to come on Clinton campaign, FireEye redundancies and the Olympics of cyber-crime.

Email accounts of Hillary Clinton and 100+ Democratic officials hacked

As the FBI investigation into the hack of the Democratic National Committee broadens, it is being reported that the private email accounts of Hillary Clinton and more than 100 Democratic officials also have been breached.

Pokemon GO CEO linked to Google 'Wi-Spy' privacy scandal

Pokemon GO CEO linked to Google 'Wi-Spy' privacy scandal

Even after quelling the initial privacy issues that arose from the launch of Pokemon Go, Niantic Labs CEO John Hanke has a spotted history

Israeli parliament recommends creation of national cyber-authority

Israeli parliament recommends creation of national cyber-authority

The Israeli Knesset waits on the passage of a bill which would see the amalgamation of Israel's cyber-defences into one central authority

CMA cracks down on undeclared paid-for promotional tweets

CMA cracks down on undeclared paid-for promotional tweets

The Competitions and Markets Authority has warned two companies and dozens of online personalities against tweeting paid-for promotional messages disguised as unbiased recommendations.

Three major flaws found in Ruckus Enterprise APs

Three major flaws found in Ruckus Enterprise APs

Craig Young, a researcher at Tripwire has found several major security flaws in Ruckus Enterprise APs

New Indian subcontinent APT group emerges

New Indian subcontinent APT group emerges

A new APT group has emerged on the Indian subcontinent, identified by ForcePoint as 'Monsoon'

Incomplete version of 'Hitler-Ransonware' discovered

AVG malware analyst Jakub Kroustek discovered an unfinished version of a new strain of ransomware, dubbed Hitler-Ransomware.

Oz banks seek Apple tech for mobile transactions, Apple says no

A group of four banks in Australia want customers to be able to use the banks' own mobile apps when conducting financial transactions with Apple Pay.

Australian Bureau of Statistics 2016 census website hit by DDoS attack

The Australian Bureau of Statistics (ABS) 2016 census website was hit by a DDoS attack only hours after boasting that its website would not crash.

Most Met police computers still using Windows XP

Most Met police computers still using Windows XP

The large majority of London police computers are apparently still using the 14-year-old Windows XP operating system and jeopardising security

New malware campaign spreads backdoors instead of ransomware

New malware campaign spreads backdoors instead of ransomware

Nemucod changes tactics to infect systems - Trojan spreads backdoors instead of ransomware

Video: PIN is still the secret sauce for simple, effective security

Video: PIN is still the secret sauce for simple, effective security

Protecting consumers' online digital personas is as important for the organisations collecting the data as it is for the people who are putting their faith in them.

Patch Tuesday: Nine bulletins, five critical, as Microsoft patches focus on desktop

Patch Tuesday: Nine bulletins, five critical, as Microsoft patches focus on desktop

Five of the nine security bulletins released by Microsoft this Patch Tuesday are rated "critical."

Elektrilevi joins European network for cyber-security

Estonia power company joins European network for cyber-security to improve its cyber-resilience.

Millions of Russians' personal data may be put at risk

Millions of Russians' personal data may be put at risk

A planned national database of personal data on Russian citizens could become a magnet for criminal cyber-attacks warn analysts.

Groups oppose EU funding of Romanian intelligence agency's facial recognition data program

European privacy groups have voiced opposition to a planned surveillance data project that would significantly expand the technology capabilities of Romania's domestic intelligence service.

Concern about Chinese involvement at Hinkley Point is misdirected, say experts

Concern about Chinese involvement at Hinkley Point is misdirected, say experts

Experts say that government concerns over cyber-security at the new nuclear power plant at Hinkley Point are misdirected and that the Chinese are not the real worry.

76% of organisations suffer loss or theft of data in past two years

Over the past two years, three out of every four organisations have been hit by the loss or theft of important data.

Kaspersky: ProjectSauron, aka Strider, rivals the most elite APTs in sophistication

Kaspersky: ProjectSauron, aka Strider, rivals the most elite APTs in sophistication

The cyber-espionage group identified as Strider by Symantec researchers is as sophisticated a threat as any known APT in history -- including Duqu, Flame, The Equation Group and Regin -- according to an analysis by Kaspersky Lab.

FireEye layoffs as cyber-criminals gorge on low-hanging ransomware

FireEye layoffs as cyber-criminals gorge on low-hanging ransomware

Paradoxically, 'good' news for businesses and ransomware cyber-criminals alike appears to be bad news for security platform provider FireEye.

Researcher warns of flaws in Samsung Pay tokenisation and mag stripe features

A researcher claims to have found vulnerabilities in Samsung Pay's tokenisation mechanism and its magnetic secure transmission (MST) technology that could allow hackers to steal users' tokens and make fraudulent purchases.

O2 confirms USBs distributed in marketing campaign contain virus

USB pens distributed by the UK-based mobile network O2 as part of a promotional campaign for an eBook were discovered to contain a "Windows specific virus", according to a company statement.

DEF CON 24: US government retains dozens, not thousands, of zero-days

DEF CON 24: US government retains dozens, not thousands, of zero-days

The number of vulnerabilities in the US federal government arsenal hovers in the dozens, Columbia University senior research scholar Jason Healey told a DEF CON 24 audience.

Black Hat Las Vegas: Apple offers bug bounty programme

Black Hat Las Vegas: Apple offers bug bounty programme

Apple is offering up to $200,000 to researchers reporting critical security vulnerabilities in Apple software, including its underlying operating system.

Rate of unpatched non-Microsoft programs on the rise in the UK

The percentage of unpatched Windows operating systems was on the decline in the second quarter of 2016, leading to an overall decrease in the number of exploitable Windows vulnerabilities.

Black Hat Las Vegas: Miller, Valasek unveil new attack, retire from car hacking

Black Hat Las Vegas: Miller, Valasek unveil new attack, retire from car hacking

Chris Valasek and Charlie Miller hung up their car hacking spikes Friday at Black Hat announcing at the end of their presentation that they were moving on, but not before revealing a few more vulnerabilities in a Jeep Cherokee.

Black Hat Las Vegas: NATO cyber ambassador reflects on cyberwar ethics

Black Hat Las Vegas: NATO cyber ambassador reflects on cyberwar ethics

NATO's recent proclamation that cyberspace is an official domain of warfare, along with Russia's reported cyberaggressions against the U.S. and Ukraine, raises interesting questions about how one can responsibly manage cyberwarfare.

Strider hackers in highly-targeted 'espionage' malware campaign

Strider hackers in highly-targeted 'espionage' malware campaign

Previously unknown bad actor used Remsec to infect just 36 machines in what appears to be a quiet cyber-espionage operation.

Italian RAT targets Android devices in China by IMEI codes

Researchers discovered a RAT that targets Android phones in China and Japan and appears to select victims based on their devices' IMEI codes.

Insurance firm now offering discount on use of IoT alarm

Insurance firm now offering discount on use of IoT alarm

Insurance firm Zurich is offering a discount on monthly insurance fees should a customer use the IoT alarm offered by Cocoon, despite security concerns over IoT devices.

23% of all UK ID fraud victims in 2015 were tech-savvy individuals

The most prolific users of mobile and social technology, making up 7.7 percent of the UK population, accounted for 23 percent of all ID fraud victims in 2015.

Will Rio Olympics herald a carnival of cyber-crime?

Will Rio Olympics herald a carnival of cyber-crime?

Brazil puts concerns over cyber-attacks at number 23 despite hosting the Olympic games, whereas the US, Germany and Japan put cyber-attacks at number one - hence extensive cybercrime is expected during the games.

Black Hat Las Vegas: Researchers detail efforts against Iranian dissidents

Two independent cyber-security researchers took the stage at Black Hat to diagram how groups possibly controlled by the Iranian government are targeting dissidents.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US