Hackers use spoofed video conferencing messages to steal Office 365 credentials as part of a ransomware campaign.
Cyberattacks related to compromised managed service providers see upswing; even though you rely on an MSP or managed security service provider, you are still culpable for the information that you own.
Forty-six makes of router haven’t had a security update in a year leaving employees open to attack
Among nearly two million targets in a £380 million BEC scamming operation were a Premier league football team, a US lawyer and an international bank. The alleged scammer was arrested in Dubai.
DNS tunnelling used to exfiltrate data from retail systems - primarily stolen credit card information.
Keynote speaker for SC Media UK's digital congress, NATO Cyber Security Centre chief Ian West tells delegates about how the agency faced the challenges posed by the Covid-19 pandemic.
CISOs from Microsoft, Aldermore Bank and EY joined the SC Magazine Virtual Conference in a session called CISO panel discussion: leadership lessons and best practice in unprecedented times.
A second chance to catch up on the expert presenters, panelists and demonstrators on staying secure in the new normal - including a candid update on how Nato's cyber command coped in Europe.
Windows Remote Desktop Protocol gets hit hard by hackers seeking to take advantage of employees working from home.
We are not getting our point across - we're seen as IT geeks. Even GDPR forced ‘Who Is’ to go dark and it's one of the first steps for law enforcement fighting crime to see who registered a domain.
The 30-year-old legislation is out of date, a coalition of cybersecurity experts and industry leaders tells the UK's Prime Minister Boris Johnson.
IT professionals are struggling to keep pace with the increased demands brought on by a massive increase in remote working, according to research from ManageEngine.
The ‘Inside the mind of a hacker’ cyber report from Bugcrowd also says that 78 per cent of hackers believe they will outperform AI for the next decade.
The Suspicious Email Reporting Service has received more than a million reports of scam emails, National Cyber Security Centre announces.
A large European bank suffered a huge DDoS attack earlier this week, according to a new report by Akamai. The attack was massive and quick.
‘Invisible god’ of networks: Comprehensive report analyses full impact of underground cyber heavyweight Fxmsp
Group-IB, a Singapore-based cybersecurity company, issues a comprehensive report on infamous seller Fxmsp who made a name for himself selling access to corporate networks.
Industry experts express concern as Twitter emails business clients to admit personal data like email addresses have potentially been compromised.
Online shops in Europe, US and South America compromised by attack using Google Analtics to bypass CSP - more barries advised.
The Cybersecurity Exposure Index (CEI) calculates the level of exposure to cybercrime by country from high to low with Afghanistan the most vulnerable and Finland the least.
Research shows that 16,352 people in the UK fell victim to online shopping fraud, with young people most at risk, posing a threat to trust in ecommerce as 76 percent see shopping online as risky.
‘Dangerous to speculate’ over state-based cyber-attack on Australia without evidence and threat intelligence
Experts have warned of the dangers of jumping to conclusions after Australia's Prime Minister Scott Morrison confirmed government and institutions were targeted.
Attack sneaks past antivirus detection and dupes users into bypassing protection from Apple’s built-in macOS security, Intego has discovered.
Nearly 20 zero day vulnerabilities in TCP/IP library, including critical vulnerabilities in the DNS protocol, could result in remote control of devices - impact, magnified by supply chain dissemination
Data compiled by Atlas VPN shows almost half of C-level officers suffered from a spyware attack last year.
Web skimming hackers Magecart have breached three retail web stores including sports shop Intersport and two of the largest retail chains on the planet, Claire’s and Icing, according to reports.
Hackers have been finding unprotected Elasticsearch servers exposed on the internet quicker than search engines can index them, new research from Comparitech has found.
More than 100,000 wireless active cameras in UK businesses and homes may be vulnerable to hackers due to a combination of security flaws, an investigation has found.
The Enel Group was hit by a ransomware attack from EKANS (SNAKE) ransomware operators that affected its internal network, according to reports.
Security researchers have discovered a newly launched DDoS protection filter mechanism dubbed EndGame advertised on the dark web community forum Dread.
A combination of sophisticated techniques and copy-paste tactics are being used by cybercriminals, along with legitimate tools, in-depth research from Sophos about botnet Kingminer demonstrates.
The crosshairs from the ‘guns for hire’ Dark Basin group fell on senior government officials, advocacy groups, journalists and hedge funds around the world.
Twice entangled: Fake ransomware decryptor encrypts victims’ files again; Honda victim of ransomware
Bogus Stop Djvu lures people with the promise of getting their encrypted data back then delivers another ransomware. Honda falls victim to ransoware - Worm tech approach suggested.
Hackers using point-of-concept exploit code for the highly critical “SMBGhost” bug - aka EternalDarkness - that Microsoft patched in March in its Server Message Block 3.1.1 (SMBv3) protocol
Businesses face new cybersecurity risks with almost half of assets obsolete or ageing compared with just three years ago.
Some 80 percent of UK consumers believe organisations should refuse to pay ransoms, but still hold companies financially liable for their personal data, a Veritas Technologies report shows.
Figures compiled in the ForgeRock data breach report show massive spend alongside rocketing levels of data breaches.
Two of the world’s biggest tech giants collaborate to support hardware security keys and devices that generate unique cryptographic keys.
Top secret nuclear missile data has been stolen from a US military contractor by hackers in an extortion attempt.
The REvil ransomware group has added a self-hosted online auction feature to its dark web presence. It uses stolen data as leverage when it comes to demanding the ransom is paid,
Autonomous cars face new cybersecurity checks to provide oversight, stability and transparency when it comes to creating processes and protocols during product development.
Cybersecurity experts add to growing fears that people will be returning to work to find malware on their office computers. "Now is the time to get ahead of the game.”
Valak malware, once used as a loader for other malware, has been retooled to steal sensitive data and credentials from enterprises, suggesting criminal collaboration, requiring behaviour-change monitoring.
Fourth-year of Cyber Discovery launches early to capitalise on the thousands of young people who are currently unable to attend school.
Cyber professionals are warning of new scams such as an SMS-phishing attack that tells people that they have been in contact with someone who has COVID-19.
Asked why he robbed banks, bank robber Willie Sutton quipped, "because that's where the money is." Now healthcare's the target & cybercrimals might well respond, “because that’s where the data is.”
A deep dive into this key industry report looks at the conclusions drawn from 32,000 security incidents and 3,950 confirmed breaches from 81 countries. Experts give their takeaways.
Ethical hackers on the HackerOne platform are reported to have earned a cumulative US£100 million finding and reporting vulnerabilities through bug bounty programmes.
A memory corruption vulnerability in GNU Glibc leaves smart vehicles open to attack according to Cisco's Customer Experience Assessment & Penetration Team (CX APT).
Users of iPhones, iPads and iPod Touches that run on iOS 11 through 13.5 can now jailbreak their devices with new downloadable software from the hacking group Unc0ver.
Software company warns of threat that installs the NetSupport Manager remote administration tool to take over a system and execute commands remotely.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout