Merchant supply chain compromise group linked to high-level bank espionage gang via domain registration details
NordVPN confirms year-old hacker attack; Peer VPN providers VikingVPN and TorGuard too may be hit, say reports
Reservations management system Autoclerk exposed personal and travel information on hotel guests, including members of the US government, military and homeland security
Avast's internal network accessed through a temporary and loosely protected VPN profile with compromised credentials
Russian hacker group Turla disguised itself as Iranians and stole state secrets from multiple countries, UK, US authorities say
A lawsuit on the 2017 data breach allege that Equifax staffers used the default - 'admin' - as the username and password to secure customer information portal
Trojanised version of Tor private browser targets Russian-speaking dark web marketplace visitors, lets cyber-criminals steal from their e-wallet transactions
The UK government plans to pump more than £50m into a new programme to improve cyber-security including £36m for work with chipmaker ARM Holdings.
Apt 29/The Dukes, best known as being the primary suspect behind the Democratic National Committee breach during the run-up to the 2016 US presidential election, is back in action
Two online recruitment companies leave AWS buckets holding CVs of more than 200,000 job-hunters public
APT actors up their game; is it only a government concern or do enterprises need to pay more attention?
CISOs roll their eyes when they hear 'APT', or say they're not a real threat to most organisations, but they are on the rise, and their hacking techniques do pose a threat as they get weaponised by cyber-criminals.
Cyber-criminal group TA505 has develops new downloader tool and remote access trojan, both of which were observed in a sequence of phishing campaigns that began this past September.
Crpytojacking worm Graboid spreads to and from compromised containers in the Docker Engine
The top 30 leading Android and iOS apps in the travel and tourism business fare poorly in security and privacy tests
A Swedish hacker has been discovered trying to sell a new, undocumented remote access tool
North Korean hackers create fake company and corresponding cryptocurrency trading app that actually infects users with malware
BriansClub, a large underground store for buying stolen credit card data, has been hacked
Latest announcement indicates that UK's cyber offensive strategy still at the planning stage
Cyber-espionage platform Attor was utilised to target Russian-speaking individuals for at least seven years, finds ESET researchers
Data beach at Imperva was caused by a series of missteps during the migration to a cloud-based database service, says company CTO
There is a lack of formal education in cyber-security, says Tom Van de Wiele, principal security consultant, F-Secure
Security researchers have said that the FIN7 cyber-criminal gang is back with two new tools that are said to have been altered to evade detection.
The one thing that punches the steam out of a scam method is open acknowledgement, says television personality Alexis Conran
Twitter discloses that it gave advertisers access to email addresses and phone numbers that users had supplied for two-factor authentication purposes
A newly published survey reveals that some 68 percent of IT security stakeholders don't know if they've experienced a Pass the Hash (PtH) attack. That isn't necessarily a cause for too much concern.
Second Senate Intel committee report confirms Russia social media campaign to influence 2016 election, skewer Clinton
US Senate Intelligence Committee confirms Russia's role in a sweeping social media campaign to influence the election by supporting Trump and skewering rival Hillary Clinton
Medical and personal information of about one million people was exposed after a breach at a primary health organisation located in New Zealand
Magecart hackers infiltrated Sesame Street's online store by compromising e-commerce and shopping cart service provider Volusion
Samy 'mypace' Kamkar credits environment as the most common factor that leads impressionable and talented teenagers to cyber-crime
Power politics, economic, military and technological rivalry will replace interdependence leading to balkanisation of the internet and a bid to control AI - to rule the world - says ex MI6 chief.
Decryptors are now publicly available for a Muhstik and HildaCrypt ransomware programs that recently emerged onto the scene
FBI issues an alert, warning about possible high-impact ransomware attacks targeting US businesses and organisations.
Data hoarded without any immediate use also could turn toxic for organisations, warn cyber-security experts
Several members-only dark web forums trade a stolen government database featuring the personal information of 92 million Brazilian citizens
Former Yahoo! software engineer pleads guilty of using his access privileges at the company to hack users' accounts and download private images and videos of young women
US healthcare operator DCH Health System purchases decryption key from ransomware attackers in order to expedite recovery
Cyber-attacks tend to have a trickle down effect via a pyramid structure, with the top slot often occupied not by the cliched men in hoodies but by state intelligence organisation
Threat group Phosphorus, believed to be linked to Iran's government, targets email accounts associated with a US presidential campaign as well as American government officials
Malware marks victims' TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later
Researchers assemble playbook on PKPLUG, a suspected Chinese threat actor targeting Asians with an assortment of malware used for cyber-espionage purposes
Security firms Malwarebytes and HYAS string together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group
Kaspersky products were triggered on 41.6 percent of ICS computers in the energy sector globally in just the first six months of 2019.
Researchers uncover large Android banking trojan scheme that may have impacted hundreds of millions of Russians
How to go from central planning research under communism to defending global corporations as head of your own successful cyber-security business - plus, what's next?
Hackers have restarted a campaign to spread ransomware in a bid to extort millions of pounds from victims with Dridex and NetSupport used to drop BitPaymer or DoppelPaymer ransomware
Danish hearing aid manufacturer Demant faces a £78 million bill associated with a cyber-incident that struck the company in early September
"I feel I am now at war" says General Sir Nick Carter, UK chief of defence staff, as UK ups investement in offensive cyber-capabilities and Nato says ""Cyber-attack on one NATO state is an attack on all"
The one big thing to impact the industry is the use of the MITRE ATT&CK framework. Proactivity will continue to achieve better security which should make cyber-security pros become more confident overall.
Researchers found that it would take malicious actors about 30 days and just a few thousand dollars to either boost a company's online stature or tear it down
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout