Sophisticated hacking tools and techniques like watering-hole attacks, once used only by nation states or proxies, now increasingly used by criminal hackers, fueling concerns that state-sponsored hackers may have gone rogue.
Slingshot malware targeted almost 100 victims in the Middle East and Africa since at least 2012
For an enterprise security team to attempt investigate who is behind an attack is extremely complicated and time consuming, and most importantly does very little to improve the organisation's defences against further attack.
Cyber-criminals are using social media and social engineering to dupe victims into downloading Advance Persistent Threat spyware disguised as the Kik messenger app.
A new mobile malware family, dubbed GnatSpy, that may be a much more dangerous variant of the earlier VAMP malware, has been reported in the wild.
Researchers believe a suspected Iranian APT group is responsible for a recent cyber-espionage operation that targeted a Middle Eastern government organisation.
With APT28 now using Microsoft's Dynamic Data Exchange (DDE) as an attack point, the company has issued an official advisory concerning the practice, along with possible mitigation methods.
The threat group APT28/Fancy Bear is now using a little used technique available in Microsoft Office that enables the cyber-gang to execute arbitrary code through a Word document, but without requiring macros to be enabled.
North Korean hackers have stolen the joint South Korean-US plans for war with the north, including plans to assassinate North Korean leader Kim Jung Un according to an FT report quoting South Korea's Democratic party.
Organisations must secure their encrypted tunnels or risk leaving themselves at the mercy of cyber-attackers says Nick Hunter who insists they can, and must, implement centralised intelligence and automated systems.
Cyber-criminal group and malware variant DarkHotel has changed its tactics, and has been actively infecting political figures through spear phishing techniques, and via peer-to-peer networks explains Bogdan Botezatu.
FireEye has laid out evidence that it believes connects the hacking of several US, Saudi Arabian and South Korean aerospace and petrochemical facilities to an Iranian cyber-group it has labeled APT33.
Bitdefender researchers spotted three new Pacifier APT backdoor components that appear to connect the group's cyber-espionage campaigns against government institutions to the Russia-linked Turla Group.
Travellers to Europe and the Middle East need to be aware of an on-going malware campaign that is targeting hotel and hospitality Wi-Fi networks and being used to glean guest and corporate information.
Putin's first meeting with Trump at the G20 concluded with an agreement to help fight political interference by creating an international cyber-unit - an agreement which Trump is now saying he did not really mean.
National Grid spokesperson tells SC "gas and electricity networks are isolated from our everyday business systems to ensure our networks remain safe and reliable."
A new survey from DomainTools reveals the effect cyber-security professionals think that Fake News has had on the UK's political landscape.
Clinton's presidential election campaign manager, Robby Mook, told a crowd in London about his experience of 'election hacking.'
Yet another case of cyber-criminals using NSA hacking tools has emerged, this time leveraged to mine crypto-currency.
A declassified report has slammed the NSA for not fully implementing the recommendations given to the agency after the Snowden leaks.
NSO Group spyware has been found attempting to surveil the communications of Mexican citizens, engaged in high profile corruption investigations.
The latest WikiLeaks dump shows off the CIA's exploitation of vulnerabilities in internet routers.
A report from Microsoft and RAND has called for an independent cyber-attribution body, to lend some credibility to a practice that is seen to be ridden with politicisation and hype.
Not much is known of the investigation by the NCSC into the attack, but experts disagree on the validity of the claims.
The US National Security Agency has announced it believes with 'moderate confidence' that North Korea was behind last month's WannaCry ransomware attacks.
SC spoke to Adam Meyers, VP of intelligence at Crowdstrike at this year's InfoSec Europe 2017 about attribution and why it could be useful even for smaller businesses.
The military conflict in Ukraine, and the accusations of Russian hackers targeting the Kremlin's political opponents in last November's US presidential election, have put cyber-security higher on the agenda of various countries in Eastern Europe. SC correspondent Jaroslaw Adamowski reports...
Vietnam has gotten its first designated APT group, notable for being used in regulatory matters, marking rise of advanced APT groups from even small countries.
If North Korea is behind the 11 May WannaCry attack, it would be the first known time a nation-state sponsored and perpetrated a ransomware attack.
What are we to make of Friday's events? how will we respond? and how might such an event shape our world in the days and months ahead?