This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

NCA/FBI/Europol launch global cyber crime-busters, J-CAT

NCA/FBI/Europol launch global cyber crime-busters, J-CAT

The UK's National Crime Agency (NCA) has joined forces with the FBI and Europol to launch a new global crime fighting team, led by the NCA's Andy Archibald.

NATO members to get cyber war protection

NATO members to get cyber war protection

Nato cyber defence policy to declare that a cyber attack on any one member country is an attack on them all.

DEBATE: Insuring against regulatory penalties

DEBATE: Insuring against regulatory penalties

Sarah Stephens and Becky Pinkard discuss cyber insurance

Movers and makers: September-October

Movers and makers: September-October

The latest news on the people and companies at the forefront of information security.

THREAT OF THE MONTH: SVPENG

THREAT OF THE MONTH: SVPENG

Etay Maor dissects SVPENG - what it is and how to prevent it.

NEWS BRIEFS: September - October

NEWS BRIEFS: September - October

Six Masters degree courses in cyber security to be certified by GCHQ, the highly controversial Data Retention and Investigatory Powers bill is passed and more security news.

Turn off WPS on routers for WiFi security

Turn off WPS on routers for WiFi security

A Swiss researcher is advocating turning off WPS to secure routers after finding a flaw that eliminates the randomness of codes generated by some routers when WPS is switched on...

Apple's iCloud hacked, nude celeb photos posted

Apple's iCloud hacked, nude celeb photos posted

Questions have been raised about the security of Apple's iCloud service, after a hacker posted nude pictures of celebrities to the 4Chan forum, claiming they were obtained after a hack of the iCloud system.

1 in 5 corporate networks host child sex abuse content

1 in 5 corporate networks host child sex abuse content

One in five companies have someone who has downloaded child sex abuse images at work. But in just 3.5 per cent of cases this has led to a criminal investigation and in 69 percent of the incidents nothing happened.

UK's Racing Post leaks 677,000 customer names and passwords

UK's Racing Post leaks 677,000 customer names and passwords

SQL injection to blame for Racing Post incursion

NSA has 850 billion pieces of searchable metadata

NSA has 850 billion pieces of searchable metadata

The National Security Agency (NSA) is reported to have developed its own search engine to sift through the billions of phone calls, emails and other electronic communications it harvests and monitors from around the world.

PCI Security Standards Forum warns on Backoff malware

PCI Security Standards Forum warns on Backoff malware

Malware around since last year, but only now visible to anti-virus security software.

Hundreds of Norwegian energy companies hit by cyber-attacks

Hundreds of Norwegian energy companies hit by cyber-attacks

Approximately 300 oil and energy companies in Norway have been hit by one of the biggest cyber-attacks ever to have happened in the country, a government official is reported to have claimed.

US-Russia relations may spill over into cyberspace

US-Russia relations may spill over into cyberspace

Pro-Russian hackers may be taking a leaf out of their Chinese counterparts. They are alleged to have systematically attacked the servers of US banks, and allied financial organisations, since the middle of the month

Google chairman sees future of 'unbreakable' encryption

Google chairman sees future of 'unbreakable' encryption

Google chairman Eric Schmidt believes that unbreakable encryption will become reality in 'our lifetime'.

Mobile flaw means 92% of Gmail accounts are hackable

Mobile flaw means 92% of Gmail accounts are hackable

Researchers with the University of California's College of Engineering and the University of Michigan have identified a weakness they believe exists across Android, Windows and iOS operating systems that could allow malicious apps to obtain personal information.

Heartbleed: Still a security risk

Heartbleed: Still a security risk

The Heartbleed security issue may be six months old, but it remains a major problem.

IEEE looks to raise security standards among software developers

IEEE looks to raise security standards among software developers

The Institute of Electrical and Electronics Engineers (IEEE) has formed a new advisory group with the private sector, and is already advising software developers to ensure that their applications are secure.

New Trojan targets 'happy to help' customer service people

New Trojan targets 'happy to help' customer service people

UK and European companies in industries including automotive, finance, energy and telecoms are being attacked by new Trojan malware called 'Carbon Grabber' that steals online banking password and other credentials.

Global regulator says cyber-attack could hurt financial markets

Global regulator says cyber-attack could hurt financial markets

Global market watchdog International Organisation of Securities Commissions (Iosco) has warned that the next major financial shock - or 'black swan event' - could come from a cyber-attack.

Sony hit by DDoS attackers who maybe trolls or Jihadists

Sony hit by DDoS attackers who maybe trolls or Jihadists

Microsoft and other online game providers also disrupted, while Sony president's plane is diverted by bomb hoax.

Ministry of Justice fined £180,000 for prisoner data loss

The UK's Information Commissioner's Office (ICO) has fined the Ministry of Justice £180,000 for losing information on almost 3,000 prisoners.

CISOs offered new way to secure Android devices

CISOs offered new way to secure Android devices

US and German researchers have come up with a novel way to secure the notoriously flaw-ridden Android - a framework that allows corporate and other users to rapidly add security enhancements to Android devices without having to touch the firmware or operating system itself.

Rogue UK and US spies 'help safeguard Tor network'

Rogue UK and US spies 'help safeguard Tor network'

Extremists and paedophiles protected by 'white hat' hackers in GCHQ and NSA, says unconfirmed BBC report.

Cyber Security Challenge joins with GCHQ for security development programme

Cyber Security Challenge joins with GCHQ for security development programme

The Cyber Security Challenge is linking with GCHQ to develop counter-espionage and cyber security skills for the real world.

China may be targeting medical firms for IP data

China may be targeting medical firms for IP data

Very little companies can do to defend themselves against state-sponsored attacks, says Storm Guidance director Sarb Sembhi.

Video games company hit by 38-day DDoS attack

Video games company hit by 38-day DDoS attack

51,000-plus terabits of data thrown against client, says IP security firm

US Nuclear Regulatory Commission successfully hacked three times

US Nuclear Regulatory Commission successfully hacked three times

The US Nuclear Regulatory Commission (NRC), which houses detailed classified records about nuclear reactors, radioactive material storage and uranium processing plants, has been hacked three times over the past three years, according to a new report.

Targeted spear phishing campaign targets governments, law enforcement

Targeted spear phishing campaign targets governments, law enforcement

Kaspersky Lab claims to have identified a highly targeted spear phishing campaign that picks on high profile victims - including government, military, law enforcement agencies and embassies.

Malaysian investigators 'hacked' for confidential MH370 records

Malaysian investigators 'hacked' for confidential MH370 records

Around 30 computers at Malaysian law enforcement agencies looking into the disappearance of the MH370 airplane have reportedly been hacked, with perpetrators making off with confidential data on the aircraft.

75,000 reasons not to jailbreak your iPhone or iPad

75,000 reasons not to jailbreak your iPhone or iPad

Malicious AdThief malware replaces adverts appearing on Apple users screens

Industry divided as Met Police recommends smartphone PINs

Industry divided as Met Police recommends smartphone PINs

After two years of quietly lobbying mobile phone manufacturers such as Apple and Samsung, the Metropolitan Police have gone public with its request for all mobile phone vendors to implement PIN protection as a default setting on a handset.

New TorrentLocker ransomware trades on fear of CryptoLocker

New TorrentLocker ransomware trades on fear of CryptoLocker

A new breed of ransomware called TorrentLocker that mimics more feared versions like CryptoLocker and CryptoWall has been discovered targeting users in Australia.

UK Ministry of Defence launches £2 million cyber defence competition

UK Ministry of Defence launches £2 million cyber defence competition

The British government has kicked-off a £2 million contest to find new ways to protect the Ministry of Defence (MoD) computer systems from cyber-attacks using automated threat response.

GCHQ tries to hack every server in 27 countries

GCHQ tries to hack every server in 27 countries

British spy agency GCHQ has been scanning every public-facing server in 27 countries for years to find any weak systems it can hack, according to the latest media reports.

UK cyber experts star in BBC 'house of hacking horrors' test

UK cyber experts star in BBC 'house of hacking horrors' test

Security experts from Sophos, NCC Group and Nettitude have taken centre stage in an experiment run by the BBC to find out how insecure smart home devices like TVs, fridges and webcams are.

Tesco tablets vulnerable to file recovery issues

Tesco tablets vulnerable to file recovery issues

Sensitive data stored on Android devices such as the Tesco Hudl can still be accessed even if a user has carried out a factory reset, the BBC has learned.

Card fraud costing small businesses dearly says research

Card fraud costing small businesses dearly says research

Small businesses are easy prey to fraud - Dave Hobday, Worldpay

50% of corporate passwords crackable within a few minutes

50% of corporate passwords crackable within a few minutes

Security admins need to be more creative when it comes to developing security systems, says Adrian Davis of ISC(2).

Security industry beats Apple to address iOS flaw

Security industry beats Apple to address iOS flaw

US-based risk management firm Stroz Friedberg has backed up claims that Apple iOS devices can be wirelessly compromised if the desktop pairing files are stolen. The firm is now offering a free open-source tool to protect enterprise users and consumers.

Research: Almost 1 in 5 company devices infected

Research: Almost 1 in 5 company devices infected

New research claims to show that enterprises are seeing around 18.5 per cent - that's almost one in five units - of their corporate devices being infected , suggesting a major rise in successful infections by malware and other electronic trickery.

Fake Tor website serves up malware

Fake Tor website serves up malware

A new website, Torbundlebrowser.org, may look almost identical to the original Tor Project but is in fact a fake serving up malicious software.

New Zeus Gameover employs novel approach to malware

New Zeus Gameover employs novel approach to malware

NewGOZ could be upgraded with Cryptolocker-like software in the future, says Lancope's Tom Cross.

US can launch automated cyber-attacks, says Snowden

US can launch automated cyber-attacks, says Snowden

Problems with attribution mean that automated responses to say DDoS attacks could hit those spoofed or used for routing attacks.

UK watchdog ICO complains about limited powers

UK watchdog ICO complains about limited powers

The Information Commissioner's Office (ICO) has once again hit out at its limited powers, but might get more resources and money when new EU data protection laws go live.

Android 'wide open' as SMS attack hits 100,000 users

Android 'wide open' as SMS attack hits 100,000 users

SMS phishing malware such as the recent Heart App attack - which sent out 20 million messages and infected 100,000 Android users in China - could spread epidemically in future and cannot be stopped even by the newer versions of 'wide open' Android, researchers have warned.

Retailers install shopper-tracking mannequins

Retailers install shopper-tracking mannequins

"Creepy" innovation raises privacy fears as it sends electronic beacons out to consumers passing by stores and helps them buy.

Security naivety forces NCA to debut online awareness campaign

Security naivety forces NCA to debut online awareness campaign

The UK's National Crime Agency has formed a new partnership with the government's Cyber Streetwise campaign after new figures from the Office of National Statistics revealed that there were 10,731 adult victims of cyber-crime last year.

European Commission backs Microsoft in privacy fight with US

European Commission backs Microsoft in privacy fight with US

Microsoft has won the European Commission's support as it battles in court to prevent the US Government getting hold of one of its customer's emails, stored at its Dublin data centre.

Krysanec RAT hides in fake Android apps

Krysanec RAT hides in fake Android apps

Anti-virus vendor ESET says that a new Android 'backdoor' Remote Access Trojan (RAT), Krysanec, has been masquerading as free and paid-for applications on third-party app stores.

Africa's cybercrime gangs move way beyond 419 scams

Africa's cybercrime gangs move way beyond 419 scams

African cyber-criminals have expanded far beyond the simple '419' Nigerian scams they are notorious for, and are now using sophisticated botnets, RATs and targeted attack techniques, according to Trend Micro.

Google Nest hacked 'in 15 seconds' as reality bites for Internet of Things

Google Nest hacked 'in 15 seconds' as reality bites for Internet of Things

Security researchers quickly rooted Google's Nest at Black Hat over the weekend, with one describing the internet-connected thermostat as a "computer you cannot patch".

FBI informant 'Sabu' leads cyber attacks against Turkish government

FBI informant 'Sabu' leads cyber attacks against Turkish government

The US government is being questioned over its involvement in several cyber-attacks against the Turkish government, which were reportedly carried out by hacker turned FBI informant Hector Xavier Monsegur.

Russia extends Snowden stay

WordPress and Drupal flaw hits 23% of world's websites

WordPress and Drupal flaw hits 23% of world's websites

Up to 230 million websites, including the US White House and the UK's main government data site, are at risk from a denial of service flaw in their WordPress and Drupal content management systems. The two suppliers have rushed out a fix.

Mobiles hijacked without user knowledge

Mobiles hijacked without user knowledge

Android is extremely susceptible to malware within its advertisement libraries says FireEye.

More than 40 governments hit by suspected Russian-state cyber attack

More than 40 governments hit by suspected Russian-state cyber attack

A likely Russian state cyber-attack has hit a Western European government ministry, a US medical organisation and more than 45 Eastern Bloc and Middle East governments, according to new information from Kaspersky and Symantec.

2 billion mobile devices vulnerable: Black Hat report

2 billion mobile devices vulnerable: Black Hat report

Up to two billion mobile devices could have hiddent controls according to a Black Hat conference report.

Wikipedia contests EU ruling on 'right to be forgotten'

Wikipedia has been criticised for deciding not to comply with the 'right to be forgotten', a key proponent of the forthcoming EU General Data Protection Law, with UK watchdog ICO also voicing concerns over logistics.

Government spyware exposed after massive data breach

Government spyware exposed after massive data breach

Gamma International Ltd - an Anglo-German company that makes and sells FinFisher spyware to various European, American and Asia Pacific governments and law enforcement agencies - has been bit by a big data breach, revealing hundreds of confidential documents.

Website encryption boosted by Google promotion of HTTPS

Website encryption boosted by Google promotion of HTTPS

The latest change in Google's search engine optimisation (SEO) algorithm looks set to boost the uptake of encryption for websites by rating sites using HTTPS higher than those with HTTP.

Half of all UK adults shun mobile banking

Half of all UK adults shun mobile banking

Billion plus credentials hacked by Russian gang: industry reaction

Billion plus credentials hacked by Russian gang: industry reaction

US security firm Hold Security claims to have discovered the biggest ever hack, with 4.5 billion records stolen, but it also sought to charge hacked websites for confirmation of breach.

CryptoLocker victims can recover encrypted files

CryptoLocker victims can recover encrypted files

A new online portal allows the estimated 545,000 CrytoLocker victims to freely recover files that were once encrypted by the ransom-demanding malware.

RAT uses Yahoo Mail to fool security teams

RAT uses Yahoo Mail to fool security teams

German security research firm G Data is warning of a newly discovered RAT called IcoScript that hides behind popular email services like Yahoo Mail, giving corporate security teams another attack 'vector' to worry about.

New banking Trojan 'Kronos' attacks French banks

New banking Trojan 'Kronos' attacks French banks

The much-rumoured banking Trojan 'Kronos' has appeared in the wild and is stealing money unbeknown to the French bank account holders that it targets.

Teenage Aussie hacker reveals PayPal flaw

Teenage Aussie hacker reveals PayPal flaw

17-year-old hacker divides industry opinion by going public before PayPal fixes problem.

Chinese TV channel hacked while on air

Chinese TV channel hacked while on air

Hacktivists in China put anti-government messages up over broadcast programmes while Wenzhou TV station was on air.

UK government proposes public sector data sharing

UK government proposes public sector data sharing

A leaked document reveals that the British government plans to revise data collection laws so that it can share personal details on earnings, tax and criminal records, benefits payments and more with all agencies in the public sector.

Security researcher to demo airplane Wi-Fi hack

Security researcher to demo airplane Wi-Fi hack

IOActive security researcher Ruben Santamarta claims to have figured out how to hack the satellite communication equipment on airplanes, by infiltrating on-board Wi-Fi and entertainment systems.

Gameover Trojan 'surges' after police takedown

Gameover Trojan 'surges' after police takedown

What constitutes winning in the fight against malware, and what's the value of a takedown ask commentators in the wake of Gameover Zeus' bounceback.

Privacy fears as US court rules against Microsoft

Privacy fears as US court rules against Microsoft

A New York court has told Microsoft it must hand over customer data to the US Government even though it's held overseas - reigniting a privacy debate that has also dragged in the UK Government's controversial new 'DRIP' law.

GCHQ certifies six MSc cyber security degrees

GCHQ certifies six MSc cyber security degrees

Francis Maude, Minister for the Cabinet Office, announced today that six Master's degree courses in cyber security are to be certified by GCHQ.

Researcher develops BadUSB code to compromise USB sticks - and their computer hosts

Researcher develops BadUSB code to compromise USB sticks - and their computer hosts

Karsten Nohl also reveals how an enhanced security approach can beat his USB architecture compromise.

What's the odds? Paddy Power loses 650,000 records in 2010 breach

What's the odds? Paddy Power loses 650,000 records in 2010 breach

Popular bookmaker Paddy Power has admitted that a data breach it suffered it 2010 affected 649,055 people - around a third of all customers - but stresses that no financial information or passwords were compromised.

Cybercrime threat landscape evolving rapidly

Cybercrime threat landscape evolving rapidly

New research claims to show that, whilst spam levels fell to a five-year low last month, the increasing complexity of cyber-criminal attacks shows no sign of easing, with increasing levels of malware attacks and dangerous PDFs rapidly becoming the norm.

Tor Project unearths attack that identifies users

Tor Project unearths attack that identifies users

Users of The Onion Router (TOR) network have been warned of an attack that could deanonymise them if they used the service from February to July this year.

Hackers tap flaws in Amazon cloud to host DDoS botnets

Hackers tap flaws in Amazon cloud to host DDoS botnets

Profitable and easy-to-use vulnerability exploited by cybercriminals says security researcher

China allegedly behind attack on Canadian research group

China allegedly behind attack on Canadian research group

One day on from claims that Chinese hacker group 'Comment Crew' was behind the theft of confidential documents on an Israeli missile defense system, the country is also being cited for more recent attacks against a Canadian government research organisation.

UK Lords slams EU ruling on "right to be forgotten"

UK Lords slams EU ruling on "right to be forgotten"

A committee sitting in the UK's House of Lords has said that the EU's ruling on the 'right to be forgotten', which requires companies to delete data on request where appropriate, is 'unworkable'.

Fake ID Android flaw allows apps to be impersonated

Fake ID Android flaw allows apps to be impersonated

A new and potentially serious flaw has been discovered in all Android devices, from version 2.1 upwards. The flaw, dubbed `Fake ID' by BlueBox Labs, allows malware to impersonate trusted applications.

Internet of Things creates new set of security headaches

Internet of Things creates new set of security headaches

New research claims to show that the Internet of Things (IOT) is riddled with potential security inconsistencies, which make the IP interconnection of electrical devices - a key feature of the IoT - extraordinarily difficult to secure in practice.

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers steal confidential documents on Israeli missile defence system

Chinese hackers compromised the computer systems of three Israeli defence contractors between 10 October 2011 and 13 August 2012 to steal hundreds of confidential documents on Israel's Iron Dome missile defence system.

Security researcher finds exploitable flaws in 14 antivirus engines

Security researcher finds exploitable flaws in 14 antivirus engines

Joxean Koret, a security researcher at Singapore-based consultancy COSEINC, has found exploitable local and remote flaws in 14 of the 17 major antivirus (AV) engines used by most major AV manufacturers.

Russian government promises £60k bounty to Tor hackers

Russian government promises £60k bounty to Tor hackers

The Russian Ministry of Internal Affairs (MVD) is offering a 3.9 million ruble (approximately £64,600) reward to anyone who can find a way of identifying and tracking users of the anonymous Tor network.

UK watchdog warns firms on Big Data risks

UK watchdog warns firms on Big Data risks

UK watchdog The Information Commissioner's Office (ICO) has released a comprehensive report into big data which warns companies that their data analytics activities must adhere to existing data protecting laws.

4% of Googlebots are fake and can launch attacks

4% of Googlebots are fake and can launch attacks

Admins' fear of damaging their SEO gives malicious search engine bots a 'VIP pass' into sites.

Sign up to our newsletters