In Case You Missed It: 2015 in review

News by SC Staff

In case you missed them, here are the most popular stories from 2015. would like to wish all of our readers happy holidays and good fortune in 2016. The magazine is closed for UK Christmas and New Year Public Holidays and will be running a reduced service from 24 December until normal service resumes on 4 January 2016.

In case you missed them, here are 15 of the most popular stories from from January to December 2015.

Facebook Login hijacking tool offered to black hat hackers

In a direct call to black hat hackers in March, Sakurity created RECONNECT as a ready to use tool to hijack accounts on websites including,,, Stumbleupon,,, Vimeo and many others.  [Read more]

PC maker Lenovo exposes users to "massive security risk"

World number one PC maker Lenovo was accused in May of running a "massive security risk" because flaws in its online product update service allow hackers to download malware onto its users' systems through a man-in-the-middle (MiTM) attack. [Read more]

New EU data protection law to arrive in 2015

In January, the European Union indicated that the widely-awaited General Data Protection Regulation (GDPR) would come to fruition before the end of the year. [Read more]

Ashley Madison

Possible Ashley Madison extortion campaign identified

It was expected that Ashley Madison customers might be being extorted following the site's data breach, and this is indeed what began to happen in October, according to Digital Shadows. [Read more]

iCloud hole closed following brute force attack

In January, we reported that 2015 began, predictably, with a major hack of a global service provider, when on New Year's Day a tool to hack all accounts on Apple's iCloud was announced – a vulnerability that Apple moved quickly to patch. [Read more]

Tor network exit nodes found to be sniffing passing traffic

The very network nodes that relay anonymous Tor traffic for you, free of charge, may be sniffing or reading your data as it passes through. That was the conclusion in July of an investigation by a security researcher known as Chloe. [Read more]

CloudFlare criticised as Anonymous wages DDoS war on ISIS

CloudFlare criticised as Anonymous wages DDoS war on ISIS

Vigilante hactivists at Anonymous were preparing to launch DDoS attacks against hundreds of ISIS websites in April, the majority of which were hosted in the US or UK. CloudFlare, the content delivery network for around half of these sites, defended its lack of censorship. [Read more]

BMW ConnectedDrive flaw exposes 2 million cars to remote unlocking

In February, a German motoring organisation highlighted a weakness in BMW's ConnectedDrive technology, a flaw that could lead to unauthorised users being able to open the vehicles. [Read more]

Safe Harbour ruled invalid by European Court of Justice

In a decision with widespread implications for the international transfer and processing of data - and the companies that provide these services - the European Court of Justice ruled in October that the EU-US Safe Harbour pact was invalid. Experts warned of massive disruption to international business. [Read more]

Android ransomware poses as FBI warning, demands $500 to unlock phone

In June we reported that ransomware posing as an FBI warning had been sent to thousands of Android smartphones and tablets with hackers demanding a US$ 500 (£324) fee to unlock victim's devices. The news came as security researchers also uncovered a criminal ring that offered ransomware as a service, allowing hackers to easily create their own extortion malware. [Read more]

Hornet faster than Tor for anonymous browsing

In July, a London- and Zurich-based team of university security researchers said it had developed a method of anonymous web browsing that works at the same speed as ‘browsing exposed in public'. The high-speed masking technology is known as Hornet - High-speed Onion Routing at the Network Layer. [Read more]

Data-scraping Chrome extension steals more than a million users' data

Security researchers reported in April that they had unearthed a Google Chrome extension that potentially leaked the personal information of more than a million users back to a single IP address in the US. [Read more]

Emoji passwords get thumbs up for banking

Emoji passwords get thumbs up for banking

Rather than using a PIN code or password based on the digits 0 to 9, banking application developer Intelligent Environments developed a passcode system using emojis. [Read more]

Old-school router attack wreaking havoc to networks

In further proof that the old ones truly are the best ones, we reported in July that attackers were using routers running RIPv1 software from the 1980s to launch reflection and amplification DDoS attacks. [Read more]

Hackers use Windows 10 to install ransomware on computers

Users were warned in August not to fall for a scam that pretends to be a Windows 10 installer but in fact installs ransomware instead. The email scam was discovered by security researchers at Cisco. Hackers have sent out emails claiming to be from Microsoft with an email attachment. The scammers claim the zip file is the Windows 10 upgrade, but in fact is its origins are from an IP address in Thailand. [Read more]

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews