Google Cloud services suffered minor outages overnight as traffic was rerouted through China servers.
Android users who download from Google Play are less likely to install potentially harmful apps than those who download from unofficial third-party stores, according to the inaugural edition of Google's quarterly Android Ecosystem Security Transparency Report.
A WordPress plug-in that's supposed to help with GDPR compliance contains a dangerous privilege escalation vulnerability that attackers have been actively exploiting to compromise websites.
Just one month after a proof of concept (PoC) was released by the research firm Cymulate showing how the online video feature in Microsoft Word can be used to deliver malware, a sample of such an attack has been found in the wild.
Unpatched ColdFusion servers at risk from critical file upload vulnerability which is being exploited by a Chinese APT, according to security researchers.
Cryptor families of ransomware are still a major risk for computer users in Asia where attacks continue to proliferate, according to Kaspersky Lab.
A recent study found customers would cease engaging with a brand after it experienced a breach and that overall, most respondents were unwilling to pay extra for the protection of their personal data.
The high return rate offered by cryptocurrency mining operations is encouraging cybercriminals to put extra thought into how to hide their mining malware so it can function for as long as possible before discovery.
Kaspersky Lab describes 8 most interesting issues from its recent event, covering criminals' data use; APT attribution; skills gap; ICS water attack; brain implant hack; false memories; lethal AI & data privacy.
A researcher has apparently found a way to exploit the new Group FaceTime feature in iOS 12.1 in order to access iPhone users' contact information.
Some 40 UK financial industry firms, including banks, are taking part in a 'desk-based' stress test organised by the Bank of England to see how they respond to a cyber-attack
Cisco Systems yesterday issued 17 security advisories, disclosing vulnerabilities in multiple products, including at least three critical flaws.
Check Point Researchers developed an attack to hijack DJI drone user accounts that may contain the user's sensitive information as well as access to the device itself.
Symantec researchers have uncovered several crucial details behind how the cybergang Lazarus, (AKA Hidden Cobra) has successfully conducted dozens of ATM hacks resulting in the machines literally spewing money out on the group's command.
WordPress is the most popular content management systems, and WooCommerce one of the biggest names in e-commerce plugins for the platform with more than 4 million users.
The government is about to define who counts as 'operators of essential services', required to ensure their technology, data and networks are secured and cyber-resilient in line with the NIS Directive requirements.
Cyber Security Connect UK: Police reorganisation needed to keep up with cross-border cyber-crime says chief constable
UK policing is reaching a 'tipping point' where it will have to reform to keep up with the changing face of crime which is increasingly online, and especially if there is a no-deal Brexit say police chiefs.
Researchers from Radboud University Nijmegen in the Netherlands yesterday disclosed a pair of vulnerabilities in the hardware full-disk encryption mechanisms of self-encrypting solid state drives (SSDs) from Samsung and Crucial.
An unsecured MongoDB server has exposed personal data on 689,272 American Express India customers.
A malicious actor compromised the platform of leading web analytics firm StatCounter in a supply chain attack that targeted the cryptocurrency exchange gate.io with a bitcoin-stealing script.
Kaspersky Labs researchers have noticed a recent switch in tactics by malicious actor's intent on conducting blackmail operations.
A spyware program fraudulently disguised as a Spanish-language banking app was found last month collecting users' device data and messages, which were later leveraged in smishing schemes.
Four leading European cyber-security organisations agree roadmap to avoid duplication of effort while working to make cyber-space a safer place.
Security researchers have discovered a flaw in virtual machine software VirtualBox which enables threat actors to leave the virtual environment of the guest machine.
The Apache Software Foundation released an advisory addressing a vulnerability in Apache Struts which could allow a remote attacker to take control of an affected system.
HSBC confirmed today it suffered a data breach last month affecting about one percent of its US accounts and exposing an extensive amount of customer information.
Nearly 30 banking trojans were removed from the Google Play Store but not before being downloaded by nearly 30,000 users.
Hong Kong's privacy commissioner has launched an investigation into the Cathay Pacific airlines data breach that exposed the data of 9.4 million of its customers.
Steps must be taken to protect the global internet routing system, built on the back of the border gateway protocol (BGP), from rogue operators such as China Telecom, according to a white paper from the Internet Society.
The cyber-security operations arm of US Cyber Command has begun posting virus samples to VirusTotal, the online repository of malware samples.
UK electronics retailer Kitronik has told customers the Magecart gang managed to infiltrate the company's payment system gaining access to some of their information.
A new ransomware was discovered installing DiskCryptor on the infected computer and rebooting the infected device to reveal a customised ransom letter.
Ranking countries whose data is availabe on the dark web, the UK came out third - ie third worst - for having its data exposed - after the US and Canada - albeit using TDLs as a proxy for source.
Iran officials are reportedly claiming that a variant of the Stuxnet worm that disrupted their country's nuclear program in the late 2000s was used in an attack on their telecommunications infrastructure last week.
Thousands of Moscow's wealthiest residents had their information compromised after Moscow-based internet provider Akado Telecom experienced a leak.
Attackers more likely to steal credentials to spy on energy and utility firms, according to a new report from Vectra.
Facebook is reportedly suggesting that malicious browser extensions may be behind yet another data breach affecting users of the social platform - this one involving at least 257,256 stolen profiles, including 81,208 with private messages.
Multiple Bluetooth Low-Energy microcontrollers from Texas Instruments were discovered to have one of two critical remote code execution vulnerabilities that can be exploited to compromise Wi-Fi access points from Cisco Systems, Cisco Meraki and Aruba Networks.
The US Department of Defense is said to have prepared a cyber-counterattack to be launched against Russia if the nation meddles in next Tuesday's election.
A couple of vulnerabilities in Sophos HitmanPro.Alert could enable an attacker to build a stable exploit to gain SYSTEM rights on the local machine.
The Radisson Hotel Group reported its Radisson Rewards program was hit with a data breach sometime before 1 October exposing member's personally identifiable information.
The Mozilla Foundation yesterday issued updates for its Firefox and Thunderbird products, fixing a total of five vulnerabilities, one critical.
An unknown threat actor has been targeting organisations with botnet malware that communicates with its command-and-control server via the Internet Relay Chat application layer protocol.
Apple's latest lineup of Macbook includes a security feature to prevent threat actors from carrying out attacks on the device's microphone that would allow them to eavesdrop on unsuspecting victims.
Misconfigured web services and risky employee behaviour continues to place organisations at high risk of data leakage and regulatory noncompliance, according to a report from McAfee.
A pair of new research reports are providing details on an ongoing "sextortion" scam in which malicious actors use publicly available lists of breached email addresses and passwords to contact victims and then blackmail them.
Eurostar is forcing all of its customers to reset their passwords following an incident in which an unauthorised individual attempted to access user accounts.
A team of Chinese intelligence agents and their cyber-criminal minions were indicted by the Department of Justice for hacking into a US and French company that were jointly developing a new turbofan engine for use on commercial airliners.
Fifa officials have declined to say what information was stolen in a recent data breach, but a consortium of media outlets say they will publish stories based on leaked documents later this week.
A cryptocurrency ticker app is installing backdoors onto the devices of unsuspecting Mac users for purposes that are as of yet unclear.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense