The first time you got your hands on powerful penetration testing tools, you must have thought 'just think what I could do with this'. And that's just what the criminals think too - and then they do it.
Users cautious of what they put on the internet and aware of the host's free tools for protecting their services can avoid unsecure databases, says James Spiteri
The UK ministry of defence confirms Strategic Command formed as part of JFC reorganisation to improve integration and enhance its role providing leadership in the cyber domain for the MOD.
MS threat analysis finds credentials of 44 million Azure AD and Microsoft Services Account details; password reuse rampant
Security researchers have disclosed a flaw in the Aviatrix VPN client that give a hacker unlimited access to a victim's system - now patched.
An international offensive headed by UK & US investigators identify Russians behind global bank fraud malware campaigns
Edited highlights from chief of the defence staff, General Sir Nick Carter's annual speech at the Royal United Services Institute highlights the need to integrate capabilities, innovate and cooperate with industry,
Departing employees account for more than half of all insider threat incidents; Two out of three professionals openly admit to taking data with them when they quit
A well-resourced and successful threat actor - the Lazarus Group, widely believed to be the North Korean state - has developed fileless malware aimed at macOS for criminal purposes.
Organisations warned of full intrusion with just flaw and one phish - due to flaw they should have fixed and is actively used by multiple threat actors.
Nato must agree a plan to respond to emerging and disruptive technologies; recognising two new operational domains in space and cyber-space; and develop plans to confront and deter hybrid tactics.
Stake your claim to be recognised as the best in the industry by winning your category in the SC Awards Europe 2020 - and this year we have four new Awards up for grabs!
An example of how detailed and sophisticated phishing scams can be is provided by a current attack targeting Steam gamers - with financial loss now a concern.
The usual suspects pulled in for questioning at CSC19, between appearing on panels, in presentations & conducting one-to-one meetings with delegates: Peter Goodman, Martin Peters & Shelton Newsham
Imminent Monitor Remote Access Trojan (IM-RAT) targetted in an international law enforcement takedown of Rat used across 124 countries and sold to more than 14,500 buyers - for less than £20 each.
A previously undetected ransomware attack has been discovered targeting Network Attached Storage (NAS) that poses new risks for back-up data usually stored on such devices.
Despite repeated data breaches and hacking attempts, firms in the food and hospitality sector have spent the least on cyber-security in 2018-19, says a research report; unsurprisingly, finance tops the spend table.
RevengeHotels malware campaign looks for credit card details of hotel guests
Stantinko botnet, which has been targeting former Soviet nations since at least 2012, adds a Monero cryptomining module to its arsenal.
Polymorphic malware installed coinminer on up to 80,000 systems per day earlier this year say Microsoft researchers.
Cyber-criminals devise card-skimming scheme that involves creating a phishing page that impersonates a retailer's third-party payment service platform
Security researchers have discovered an updated form of the Trickbot malware that has been changed to steal OpenSSH private keys and OpenVPN passwords and config data.
T-Mobile discloses a data breach incident that impacts certain customers with prepaid service accounts.
Russian warns US Republican lawmakers on spreading "a fictional narrative" about Ukraine meddling in the 2016 US presidential election
Four billion records on 1.2 billion people was found on an unsecured Elasticsearch server
Former Monsanto employee charged with economic espionage for stealing proprietary software
European hotel booking platform provider Gekko Group mistakenly stores over 1 terabyte of information on a publicly configured server
WeWork client data left exposed and accessible to the public via GitHub; web portal leak information on prospective customers
I'm not saying you can't do business in China. But ....China loves five-year plans; Its 13th defines the areas in which it wants world dominance and if you are in those industries China is targeting your IP.
Black Friday has kickstarted the pre-Christmas holiday shopping spree, leaving businesses wary of possible online scams and cyber-attacks
Staff of CHU Rouen used pen and paper to run the daily affairs after ransomware attack bricked 6,000 computers at the hospital
Database belonging to PayMyTab leaks PII on customers who dined at restaurants using the mobile payment system
Twitter account of Arron Banks, chairman of the pro-Brexit UK political campaign organisation Leave.EU, was hacked, his private message history leaked online
Spam campaign infects systems with the Cyborg ransomware by spoofing email from Microsoft about Windows update
Brand-new user Disney+ accounts hawked online, days after the service went live
Misconfigured legacy database of game publisher Wizards of the Coast expose information of hundreds of thousands of online gamers
Attackers target an NGINX/php-fpm vulnerability to infect users of the NextCloud file sync and share service with a recently discovered ransomware called NextCry
Security researchers have discovered a new phishing campaign that targets Microsoft Office 365 administrators to compromise domains.
Iranian threat actor APT33 employs more than a dozen secret botnets to infiltrate and spy on the networks of various Middle Eastern, US and Asian organisations
A new strain of ransomware is being used to encrypt files on production servers in enterprises
Graphika chief innovation officer Camille Francois recounts how Russian trolls crept in and disrupted the US electorate views
Threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organisations with various forms of malware
The alleged operator of a website that sold payment card numbers stolen from hacked entities faced the courtroom after Israel extradited him
Attacks against healthcare organisations have risen by nearly two-thirds (60 percent) in the first three quarters of 2019 compared with all of 2018
Since August 2019, no other WordPress-targeting malware has yielded a higher rate of new infections than WP-VCD
APT34 hacker group behind PowerShell-based malicious code
MegaCortex ransomware changes Windows passwords, threatens to publish stolen data if targets fail to pay
Microsoft confirms ongoing BlueKeep exploit; teams up with security researchers who initially spotted the attack
Zurich Insurance has rolled out new industry-specific endorsements to its cyber-insurance policies to provide coverage for manufacturers
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout