Russian president Vladimir Putin said there were 25 million attempted cyber-attacks targeting the country's "information infrastructure" linked to the World Cup - but experts ask, what constitutes an attack?
Hackers exploited a flaw at Spanish operator Telefonica early Monday and likely exposed all the personal data of millions of the company's customers.
Russia seeking cooperation on vulnerability database appears simply a ploy to access US software source code to exploit vulnerabilities and strengthen government control with little civil use.
Advance warning that malware could get WannaCry-style ability to proliferate with rumoured SMB exploits in Gandcrab v4.1 update found by researchers.
US Special Counsel Robert Mueller identifies Guccifer 2.0 and DCLeaks as fronts for influence campaigns staged by Russian operatives, Twitter suspends their accounts.
The average bug bounty reward for finding critical vulnerabilities increased year-over-year by six percent according to statistics compiled from HackerOne's bug disclosure platform in the year to April 2018
The Ukrainian Secret Service is blaming Russian intelligence for an attack it thwarted that was launched upon a chlorine distillation plan in the Dnipropetrovsk region using VPNFilter malware.
Oracle announced it will be releasing a critical patch tomorrow (17 July) which will address 334 security vulnerabilities, the most critical of which having a CVSS 3.0 Base Score of 9.8.
UK military must prioritise capabilities in cyber, space, electronic warfare and information operations
General Sir Nick Carter, Chief of the Defence Staff, said that UK armed forces need to change "fundamentally" to keep up with new threats posed by Russia and other nation state actors.
A Chinese cyber-espionage group is targeting Cambodian entities ahead of the country's July 2018 elections.
A weekend-long denial-of-service (DoS) attack which targeted Blizzard Entertainment causing severe lag for some players and preventing others from logging in at all, finally came to an end Monday morning.
An ongoing malware campaign that attempts to exploit web servers susceptible to the Drupalgeddon 2.0 bug in order to infect them with an XMRig-based cryptominer has generated around US$ 11,000 (£8,386) in profits.
Spectre is the CPU vulnerability that just keeps on giving. Revisions to CVE-2017-5753 and CVE-2018-3693 this week reveal that Spectre 1.1 and 1.2 have emerged from the shadows.
APT (advanced persistent threat ) operations have seen an upsurge during the second three months of 2018, particularly those based in Asia, and this includes both well-known and less familiar threat actors.
The Russian Central Bank has officially introduced new requirements for cyber-security in domestic Russian banks, restricting software used, calling for penetration tests and real time reporting of attacks.
Security researchers recently detected the sale of sensitive information on the United States' MQ-9 Reaper unmanned aerial vehicle and other military secrets on the Dark Web.
A penny-pinching cybercriminal doesn't even have to break a US$ 20 bill (£15) to gain the credentials to hack into an institution as critical as a major metropolitan airport, according to McAfee study.
Intruders who infiltrated Timehop's cloud infrastructure came in through an admin account not protected with two-factor authentication and exfiltrated access keys removed more data than originally believed.
Cyber-criminals managed to again compromise the Ammyy Admin website, this time on 13 & 14 June and they managed to have it serve malware in addition to the site's legitimate free remote administration tool.
Data made publicly accessible via the Polar fitness app was found to reveal the identities, home locations and activities of users employed at highly sensitive or secret locations.
Facebook's failure to ensure that Cambridge Analytica had deleted user data will cost it £500,000 ($663,306), according to the UK's Information Commissioner's Office.
Microsoft's July Patch Tuesday release covered more than 50 CVEs with 17 rated critical with the vast majority of these being in various Microsoft browsers.
Dan Cole, director of product management at ThreatConnect evaluating threat intelligence platforms (TIPs), comparing open-source and proprietary solutions,
The cost of "mega" data breaches, where the number of lost record is over one million, can be as much as US$ 350 million (£264 million), according to a new study from IBM Security.
Apple got a small head start on Patch Tuesday pushing out updates for seven products on 9 July, including, iTunes, Safari and iOS.
Cryptocurrency service Bancor robbed of billions; MyEtherWallet users targeted via malicious extension
Cryptocurrency token conversion service Bancor disclosed yesterday that hackers stole millions in funds from one of its online wallets.
Adobe issued an extensive Patch Tuesday roundup pushing out fixes for 104 Acrobat and Reader issues, with 51 being rated critical, along with updates for Flash Player, Connect and Experience Manager.
A new BankBot Anubis campaign targeting Turkish mobile users emerged last month, as attackers managed to infiltrate the Google Play store with at least 10 fake apps that actually download the Android banking trojan.
WordPress issued an out of band security and maintenance release yesterday with version 4.9.7 being pushed live patching 18 bugs in the content management system.
Cryptominers are the most common malware this month, although banking Trojans have increased by 50 percent during the past four months.
On July 2018 Patch Tuesday-eve one industry analyst is setting his forecast for the big day tomorrow.
A Marathon gas station in Detroit is reportedly out roughly US$ 1,800 (£1,359) after an unknown party apparently used a device to hack one of its pumps to dispense free gasoline.
The recent breach of Ticketmaster is now believed to be part of a massive digital credit card-skimming campaign by the threat group Magecart affecting over 800 e-commerce sites around the world.
What is being described as a "highly skilled" cyber-gang was using legitimate security certificates stolen from D-Link and Changing Information Technology to help spread Plead malware.
Twitter suspended more than 70 million fake accounts in May and June - about one million accounts a day, but its efforts to purge malicious and spam accounts may have contributed to a 9.8% plunge in stock.
The Pirate Bay (TPB) has started notifying its users that by just entering the site they give the peer-to-peer sharing site permission to take over their CPU to mine cryptocurrency.
Timehop has deauthorised all 21 million of its user accounts after hackers intruders infiltrated its cloud infrastructure on 19 December, 2017, through a poorly protected admin account pilfered information.
Today BAE Systems launched what it describes as 'The Intelligence Network' with the laudable aim of creating a safer society in the digital world.
A cryptojacking operation that injects legitimate websites with secret Coinhive shortlinks was recently discovered to be part of an even larger malicious infrastructure that redirects innocent site visitors.
Broadband gateways and routers from Swiss vendor ABD that are based on the Epicentro platform are vulnerable to three vulnerabilities CVE-2018-13108, CVE-2018-13109 and CVE-2018-13110.
A one-time employee of NSO Group, the Israeli cyber-espionage firm famous for developing Pegasus spy software for mobile devices, has reportedly been indicted on charges of stealing company secrets.
New malware has been discovered that can steal cryptocurrency without cracking passwords, reading wallets, copying private keys, without even making any network connections.
The New Zealand Court of Appeal has upheld a decision from a lower court in that country that found internet icon Kim Dotcom can be extradited to the United States.
The Stylish app, once the browser extension darling of web users looking to hide distractions and gussy up webpages, has been turned into what a software engineer calls a "covert surveillance tool,".
The UK will soon have its first court that will exclusively tackle cyber crime, fraud, and economic crime. Located in the Square Mile, the new court will contain18 modern courtrooms.
Dating agencies are now getting intelligence on known scammers direct from police forces to help prevent them registering on dating apps and websites.
The Russian Federal Security Service (FSB), together with the Russian Federal Agency on Technical Regulation and Metrology (Rosstandart), plans to design new standards of cryptographic protection of information.
Researchers from the Hebrew University of Jerusalem have been trying to prevent time-shifting threat actors.
A sophisticated phishing operation carried out by terrorist group Hamas using fake Facebook profiles and malicious spyware apps allowed the outfit to hack into smartphones used by Israeli soldiers.
Every vendor is pushing a threat intelligence feed, program, and/or product. How does a lean organisation separate the hype from the actual value?
Brought to you in partnership with Mimecast
Phishing has been around almost as long as the internet, but its still going strong and getting more sophisticated. Why? Because it works.
Brought to you in partnership with Cofense