Unsigned firmware computer accessories used by major manufacturers could allow hackers to plant malware stealthily
Email-based extortion scheme targets website owners serving banner ads through Google AdSense
Despite the harm data breaches do to business reputation, several UK enterprises remain alarmingly unprepared in cyber-defence, even complacent
New Metamorfo trojan targets 32 financial institutions and bitcoin transactions, marks escalation in ongoing campaign
Ransomware operators have started using legitimate, digitally signed hardware drivers to delete security products from targeted computers
Hackers modified Emotet Trojan to spread through unprotected wireless networks
Ransomware operators change operation and extortion tactics including using Active Directory domain controllers to spread the ransomware and publicly naming victims
Phishing campaign specifically targets users of Android devices to deliver Anubis, a malware that was originally used for cyber-espionage, now retooled as a banking trojan
Security professionals tasked with implementing zero-trust systems admit lack of confidence in their ability to apply it to the organisational security access architecture
Compensation was paid to most (71 percent) organisations hit by a supplier-related data incident if they had specific data usage guidelines for partners and subcontractors
Global malware attacks fell for only the second time in five years, dropping six percent to 9.9 billion, down from 10.5 billion, but there are rises in more stealthy attacks including encrypted threats up 27%
The hackers behind Trickbot have added a new Windows 10 UAC bypass to the malware to in order to execute code without the victim knowing.
Diana Kelley, cyber-security field CTO at Microsoft, listed the seven habits of highly trusted cloud providers at Cybertech Tel Aviv
More than a million passengers’ details have been extracted from an unencrypted database backup of Indian airline operator SpiceJet.
DMA attacks enable attackers to read & write memory off a victim system directly, bypassing the main CPU & OS. Using Dell and HP laptops, researchers found two different vulnerabilities, now mitigated.
CEOs are increasingly concerned about sophisticated cyber attacks on their own companies with four-in-five executives fearing cyber-attacks on their own company modifying their own online behaviour.
EU announces guidelines that its 28 member countries can restrict or ban high-risk 5G vendors from core parts of their telecoms networks, and are advised to use multiple suppliers, following UK lead.
The government today confirmed that it will allow Chinese manufacturer Huawei to help build the country’s 5G network - with restrictions - in defiance of US objections,
Building & ensuring trust are recurrent themes from our commentators, which also include education, awareness, going beyond compliance, implementing best practice, & a host of other concerns.
German car parts maker Gedia Automotive Group has had to shut down its IT operations following a massive cyber-attack. Poland, Hungary, Spain, China, India, USA and Mexico operations also affected
The Emotet malware has dominated the malware threat landscape despite an overall fall in malware over the last quarter of 2019.
To share best practice among ISPs the World Economic Forum and its global partners have published Cybercrime Prevention Principles for Internet Service Providers.
Kumar Ritesh, chairman and CEO at CYFIRMA, discusses the rising tide of data breaches in 2019, as SC Media UK collates the top 10 data breaches disclosed last year
BitPyLock threat actors are now exfiltrating data before the ransomware encryption begins
The Muhstik botnet harvests vulnerable Tomato routers and researchers report that Muhstik mainly launches cryptocurrency mining and DDoS attacks in IoT bots to earn profit.
NSO denies involvement in case of Jeff Bezos, alleged to have had his phone hacked via a video file from the WhatsApp account of Saudi Arabia's crown prince, Mohammed bin Salman.
Massive campaign by APT group targets pharma companies in the US, Mexico, Germany, Japan and Australia amongst other regions and sectors
New online fraud scheme uses the pretext of offering compensation for personal data leaks
Unlike your typical business email compromise (BEC) attack, hackers get an insider view into organisation and business deals, with the potential to lead to similar impacts to BEC, but via a different route
67% of healthcare organisations suffered a cyber-security incident in the last 12 months, 39% down to staff, investment too low, too few training programmes to ensure staff use systems correctly.
Bapco, the national oil company of the Arabian Gulf island nation of Bahrain, was reportedly hit 29 December by a disk wiper attack that officials believe originated from Iranian-backed hackers.
A Russian cyber-crime gang has developed a new hacking tool called PowerTrick in a bid to move around target networks undetected
Threat actor Lazarus Group launched sequel of its AppleJeus operation, creating fake cryptocurrency-related websites to sow malware in the systems of those who fell for the ruse
Each UK company with an internet connection was attacked online more than once a minute in 2019
The 31 December malware attack on UK-based currency exchange company Travelex turns out to be ransomware; foreign exchange services affected
From the expected to surprising, our 200+ predictions cover Brexit, cyber-treaties to IOT regulation, the negative impact of cyber insurance and the downsides of 5G, plus AI deepfake ransomware & much more.
A Clop ransomware variant can now take down a total of 663 Windows processes including new Windows 10 apps, programming languages, debuggers, terminal programs, and programming IDE software
Malware attack on UK-based currency exchange company Travelex's systems spilled over to foreign exchange services of major financial brands
Ransomware attack takes an unidentified US maritine base offline for more than 30 hours says US Coast Guard; Security cameras, door-access control systems & critical monitoring systems affected.
In an exclusive interview with CTO at Octopi Managed Services, Ian Thornton-Trump, SC reports launch of The Octopi Hacking Archive, including1995 BBS files, provided free to aid understading of threat evolution.
Cross-site scripting or XSS is the most popular attack vector globally in 2019, accounting for 40 per cent of all cyber-attacks
A large-scale phishing campaign has been targeting online banking customers -- the majority of whom were Canadian -- for the last two years
A cryptomining botnet is using code hidden in a Taylor Swift photo to infect computers around the world.
Canadian health diagnostics company conceded paying to cyber-criminals to retrieve customer data stolen in a recent cyber-attack
Researchers at Proofpoint have found a widely-used remote access trojan being sold for below US$20 on underground forums
Data ransomers have created a public website to expose data and named recent victim companies that chose to rebuild their operations instead of paying up
Smartphones, the devices most commonly used interchangeably for personal and work purposes, have opened doors for hackers
Echobot malware has resurfaced with an increased number of vulnerabilities it can exploit in devices.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout