Cyber-criminals are increasingly using legitimate programming tools and their default libraries to evade malware detection.
Denmark launches cyber-security strategy with boost to cyber-defence expenditures in the wake of Maersk hack, but cyber chief warns memories are short and ongoing awareness initiatives needed.
Detections of cryptomining malware has increased by 459 percent since last year, according to a new report released today by the Cyber Threat Alliance (CTA), citing statistics collected from several of its member companies.
Malicious phishing apps have once again made their way into the Google Play Store, this time imitating six online banks and a cryptocurrency exchange.
In a repeat of the attacks against British Airways and Ticketmaster, it appear that online retailer Newegg.com has been hit by the credit card harvesting gang known as Magecart.
Human rights organisation says spyware found in countries with dubious human rights records, report claims.
Facebook Monday announced it is expanding its bug bounty program to include vulnerabilities related to access token exposure.
An attack 'similar to' ransomware forced airport staff to take key information screens offline at Bristol Airport, and four days later full service has not yet been resumed.
A threat actor has been targeting Windows and Linux servers with a self-propagating malware mash-up that's comprised of botnet, ransomware, disk wiper, cryptomining and worm elements all in one.
Multiple vulnerabilities, including a zero-day, have been uncovered in NUUO NVRMini2 video software that, if exploited, could expose thousands of surveillance cameras to remote code execution.
Dutch and Swiss authorities identified and arrested two Russian agents who were planning to hack into a Swiss lab analysing samples of Novichok from Salisbury and sarin gas from Syria.
North Korean officials have denounced and denied a US indictment that accuses one of its citizens of helping carry out the 2017 WannaCry global ransomware attack.
Students and staff could be responsible for attacks on the infrastructure of universities and colleges, according to claims made by Jisc, the UK provider of IT services to the UK's education sector.
Threat actors such as the Cobalt Group and other APT gangs are using lightweight modular downloaders to scout and "fingerprint" target machines before launching their malware.
The Cobalt Gang cybercrime group has launched a new round of phishing campaigns targeting primarily Russian and Romanian banking customers with CobInt, a recently discovered malicious backdoor and downloader.
Attackers are increasingly turning to advanced obfuscation techniques, including tools in the PowerShell library, to evade security software, researchers say.
The National Cyber Security Centre initiated the request that led to the company that hosted BAways.com blocking the site, but the hosting company still has not been contacted by British police, the company told SC Magazine UK.
BlackBerry is not dead, it just moved from the physical to the digital world where it aims to utilise the mobile, security and privacy expertise gained from phones to secure the world of connected Things.
A data breach at Cork City Park by Phone service in Ireland has affected more than 5,000 people.
A Russian man allegedly part of a series of hacks targeting the financial industry and resulting in the theft of data on more than 80 million people, has been extradited from the nation of Georgia to the US.
Researchers for the first time have discovered a variant of the Mirai Internet of Things botnet that targets a vulnerability found in unpatched versions of the open-source Apache Struts web app development platform.
Threat group Magecart, known as a web-based card skimmer, has been identified byRisk IQ as the British Airways hacker, using digital skimming code injected into payment forms to steal confidential data.
An analysis of the British Airways payment page shows that the site is loading files from seven external domains that have little or nothing to do with payment processing, according to a security expert
Two Trend Micro apps have been removed from the Apple app store in the past few days after allegations surfaced that they were exfiltrating user data
Security researchers have discovered a new mobile malware campaign targeting Iranian citizens as well as evidence that the Iranian government might be behind the operation.
Attackers are leveraging a newly discovered exploit kit in an international malvertising campaign that's been observed delivering GandCrab ransomware and the SmokeLoader malicious downloader.
Cyber-security researchers have developed a decryption tool to unlock machines infected by Ransom Warrior ransomware.
Trend Micro researchers believe the data involved in the Huazhu Hotels Group breach has already appeared for sale on the Dark Web.
Security researchers have broken the 512-bit RSA key in the Chainshot malware enabling them to decrypt the exploit and malware payloads.
British Airways reported that its website and web app had been breached by attackers who downloaded customer data including credit card details, email addresses and postal addresses.
US names and indicts Park Jin Hyok, a North Korean, for the WannaCry and Sony hacks and conspiring with others to steal £62 million in the SWIFT bank hack in Bangladesh, implicating N Korean government.
Energy management and automation firm Schneider Electric updated its Modicon M221 programmable logic controller for industrial controls systems after researchers discovered a vulnerability.
Agreed definitions of cyber-attack & defence abilities, such as STIX, provide greater precision, enabling more meaningful security discussions, more closely matching defence & threat levels, says NCSC.
Lower-level management workers were at the receiving end of 60 percent of all email fraud attacks, but upper-level managers received a disproportionately large share of attacks at 23.5 percent.
The UK will push for new EU sanctions against those responsible for cyber-attacks and gross human rights violations - and for new listings under the existing regime against Russia.
A new financial malware camouflaged as a security module and dubbed "CamuBot" is targeting Brazilian Banking customers.
Over the last six months, a recently discovered, highly prolific payment card-scraping campaign managed to infect more than 7,000 online stores running on the open-source Magento e-commerce software platform.
Former President Barack Obama may have blown through his US$ 65 million (£51 million) book deal and has resorted to blackmailing unsuspecting internet users in ransomware attacks judging by the name of a recent ransomware.
International intelligence cooperation organisation Five Eyes says its governments would seek access to encrypted communications through whatever means necessary if tech companies 'impede' access.
What can we learn from reading about the exploits of a successful Russian cyber-criminal, and are there lessons we can implement?
Spanish bank DDoS'd reaction; 100 days on from GDPR...And 500 for the end of Windows 7; Chinese hackers target Japan & west; Fiserv online banking flaw fixed; CEOs most impersonated
An FBI official has denied an accusation echoed by President Donald Trump that Chinese hackers infiltrated Hillary Clinton's private server and accessed classified information.
New forms of algorithm can rewrite bits of their own code, making their inner workings unknowable to their human creators, hence new controls need to be created now, before mass-deployment of 'genetic AI.'
A newly discovered mobile malware implant nicknamed BusyGasper might leave a few Android users breathless, if they knew about the unusual set of features the spyware uses to snoop on them.
There were fears about the level of data breaches that would be revealed by GDPR's requirement for organisations to report them - and the initial results show reported breaches have more than doubled.
Researchers have discovered a point-of-sale malware program, RtPOS, that saves payment card data locally but does not exfiltrate it to a command-and-control server, perhaps so its activity is less likely to be detected as anomalous.
The incredible advancements that have turned what were once standalone pieces of medical equipment into IoT devices do enable better care for patients, but at the same time open these devices up to cyber-attacks.
The Bank of Spain's website hit by a distributed denial-of-service attack on Sunday which disrupted access to the site.
Phishing has become the most effective way to steal cryptocurrency and tokens of ICO projects, according to results of a recent study of the Russian Group-IB.
Impersonation attacks have increased 80 percent quarter on quarter, according to a new report. The latest figures show that Impersonation or Business Email Compromise (BEC) attacks have spiked enormously.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense