London's top attractions have been attacked millions of times, including museums such as Imperial War Museum. Kew Gardens suffered 86 million recorded security incidents in the last financial year
The National Audit Office has criticised the Cabinet Office for failing to produce a business case for its £1.9 billion National Cyber Security Programme ahead of its implementation.
Phishing campaign attacker targets multiple customers and successfully executes payload without having to write the executable dropper or the payload to the disk by using process hollowing.
Trickbot modular banking trojan targets users' financial information & acts as a dropper for other malware to conduct system & network reconnaissance, harvest credentials & achieve network propagation
Zero-day vulnerability in versions 8 to 10 of the Microsoft Windows operating system allowed attackers to exploit a flaw in Windows' graphic subsystem to gain full control over a victim's computer.
Most controllers linked to the Emotet RAT resolve to IP addresses in South America, according to a report by Recorded Future.
Newly discovered point-of-sale (POS) malware programs skims or scrape payment card information from e-commerce websites or in-store checkout terminals; GMO JS Sniffer, DMSniff and GlitchPOS
Malicious actors are using the massive supply of previously stolen login credentials to help brute force their way into high-profile cloud-based business systems that cannot easily use 2FA for security.
A host of Twitter posts say Facebook is suffering its worst DDoS attack, with Facebook, Instagram, and WhatsApp users unable to get online, refresh feeds or post to the sites. Not so says Facebook.
China has been successfully attacking both the US Navy itself along with its suppliers and third-party vendors and stealing secrets to gain a military advantage says new Navy report.
More than two hundred malicious mobile apps with 250 million plus downloads globally used by their creators to spread adware and to steal sensitive data from devices in which they were installed.
Hacked software enables drones to bypass no-fly zone restrictions; Israeli MOD and the Israel Innovation Authority grant US$1.2 million to develop AI to mitigate cyber-attacks in drones and robotics.
New ransomware has been discovered, promoted by hackers on Twitter, that uses NSA vulnerabilities EternalBlue and DoublePulsar to infect other systems.
Adversis researchers have discovered that dozens of companies have leaked sensitive data as a result of misconfigured Box accounts.
A new phishing campaign targeting mainly iOS users asking them to login in with their Facebook account and give away their credentials.
Software firm Citrix has admitted that its networks have been accessed by hackers and data exfiltrated after the company recieved a tip off from FBI.
UK Foreign Secretary Jeremy Hunt calls for a strategy that deters hostile states from intervening in free elections, announced: "Britain now has a National Offensive Cyber Programme."
Google is recommending all Chrome users immediately update their browser to fix a zero-day issue that is being exploited in the wild in combination with another vulnerability found in Windows. Together, the two bugs could enable a security sandbox escape.
A flaw within the BigBobRoss ransomware's code has been identified that can be used to decrypt the AES-128 ECB encrypted files without paying the ransom and a decrypter is now available.
An updated version of the brute-force malware StealthWorker has been discovered by security researchers. The new version amasses an army of bots to brute force its way into infecting e-commerce sites and content management systems.
Pinchy Spider and its affiliated cyber-gangs are reacting to attempts to decrypt and defend against their flagship malware GandCrab by altering how the ransomware is deployed and recruiting new members to broaden the gang's cyber-skills.
What do the 3ve ad fraud campaign, the Magecart credit card skimming attacks and the Facebook-Cambridge Analytica scandal have in common? They were all made possible through the use of unmanaged third-party code
The explosion of IoT devices across the world, both consumer-oriented ones and the ones used by enterprises, has resulted in attackers shifting their tactics and targeting these devices regularly to breach industrial control systems.
WordPress continued to be the most attacked content management system (CMS) attracting an even higher percentage of CMS centered cyber-attacks in 2018, according to a new Sucuri report.
A newly discovered and heavily exploited Docker host vulnerability has allowed hundreds of websites to be illegally accessed and injected with a cryptocurrency miner.
Cyber-criminals used five different banking trojans so far in 2019 to target financial institutions: Egguard used to set proxies accompanied with false SSL certificates for MITM attacks, Adload creates backdoors...
A new UK government report, the 2018 FTSE 350 Cyber Governance Health Check, uncovered a lack of cyber-security nous at boardroom level, although progress has been made over 2017 in some areas
30 years ago, in 1989, the Berlin Wall came down, SC made its debut in the UK, and Sir Tim Berners-Lee was inventing the World Wide Web while at CERN, the European Particle Physics Laboratory.
North Korean hacking Lazarus Group's Operation Sharpshooter campaign, used "extremely convincing" job recruitment emails to target defence, government, finance, energy and critical infrastructure organisations across the world, according to McAfee researchers.
Five kiosk-based visitor management systems designed to securely check guests into business facilities or industrial buildings were found to contain vulnerabilities that could potentially allow attackers to physically intrude into spaces, break into private networks or steal information.
Although attackers are more persistent than ever, organisations are getting better at detecting breaches - on average discovering the intrusions about a week earlier.
New research on Chafer threat actor group - which is known for targeting Middle Eastern targets - found using a Python-based payload, shows an overlap with Oilrig.
Hacker group Anonymous successfully took over a million web pages associated with Israeli domains of Fiverr, Coca-Cola, McDonald's, and ToysRUs and attempted to inject ransomware for a short period.
Iranian actors that are possibly backed by segments of that nation's government are likely behind an on-going cyber-espionage campaign that most recently targeted the Australian Parliament.
Scammers using a major event to separate fools from their money is nothing new so several took advantage of the first live concert ever streamed through the massively popular video game Fortnite to sell non-existent tickets to gullible game players.
Researchers have discovered a malicious campaign injecting scripts that push fake browser updates onto site visitors.
An active malware campaign primarily targeting US corporations with a new polymorphic variant of the Qbot banking trojan has been compromising thousands of victims around the world, researchers have reported.
As proof that not all cyber-attacks leave victims broke and out of luck, the US New Jersey borough of Palisades Park received a US$ 200,000 (£151,038) advancement on its insurance claim this week.
Massive blindspot in the defence strategy of the average enterprise: social media-enabled attacks. One in five enterprises infected by malware originating from social media.
A recently discovered backdoor program designed to compromise Windows users has strong ties to HenBox, an Android-based malware known to target members of the Uyghur ethnic group in China, as well as smartphones from Chinese manufacturer Xiaomi.
Long-standing employees are one of the most overlooked root causes of data breaches & the average internal fraudster has usually worked for the organisation for seven years, so don't only vet new staff.
Cyber-criminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels.
A new ransomware has been found in the wild that targets systems running both Linux and Windows platforms and demands 20 bitcoin (£57,750) to decrypt hijacked websites belonging to victims.
The adoption of hybrid cloud solutions by enterprises across various sectors is taking place on such a grand scale that security teams are struggling to secure such solutions in a timely manner.
Attacks on the accommodation industry spiked in Q4 2018, according to a new report, which also highlighted the rising dangers of remote entry attacks.
The malvertising space may be seeing an influx of more advanced threat actors according one research report that found polyglot images now being used to disguise malvertising attacks.
TV series Holby City and Casualty are about to be hit by cyber-attack in a crossover joint episode. We asked several cyber-security experts to give their view on what dramatic scenarios might actually happen in an attack on the NHS.
Microsoft has moved to patch a flaw in its Internet Information Server (IIS) webserver software that could enable hackers to launch DDoS attacks.
A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout
Why do cyber security breaches continue to dominate the news headlines?
Brought to you in partnership with CrowdStrike