Software company warns of threat that installs the NetSupport Manager remote administration tool to take over a system and execute commands remotely.
With a surge in people going back to work a chief constable warns of cybersecurity breaches and vulnerabilities in offices that were "abandoned" in the coronavirus lockdown.
Hack uses OAuth2 framework and OpenID Connect protocol to access user data, bypassing 2FA.
Top10 most exploited vulnerabilities - no excuses - 'absolutely critical to patch as soon as possible'
Attackers targeting vulnerabilities & misconfigurations caused by hasty deployment of cloud services during the dramatic shift to remote working: "its absolutely critical to patch as soon as possible."
The average darkweb cost of illegal privileged access to a single local network has shot up, with average costs of privileged access to a single local network now around £4,100.
The Information Commissioner's Office has not done enough when it comes to GDPR, some industry experts have claimed.
The Minisry of Defence Strategic Command’s innovation hub, jHub, is supporting NHSx to securely gather and share COVID-19 symptom data for project OASIS.
Reflective dynamic-link library (DLL) injection found being used to infect victims with Netwalker ransomware in hopes of making the attacks untraceable while frustrating security analysts.
ProLock ransomware also exploits unprotected Remote Desktop Protocol (RDP)-servers with weak credentials.
Leading educational facilities among those whose supercomputers were infected - in the UK, Switzerland Germany and one suspected in Spain - according to reports.
Coronavirus hasn't stopped our cyber-warriors continuing to excel, innovate, develop and deploy new solutions and raise up new champions, celebrated at the online SC Awards Europe 2020
43% or organisations have been reported to the ICO, and this increased IT compliance burden is soaking up IT security budgets with the focus on 3rd party data rather than the company's own assets.
Copperhedge, Taintedscribe and Pebbledash malware are the subject of recent analysis with all three believed to be operated by the North Korean operated Hidden Cobra APT group.
One of the UK government’s “strategic suppliers” is recovering from a cyberattack which took place over the weekend that may have seen the details of up to 100,000 people stolen.
Cheltenham set to be transformed into the UK’s 'Silicon Valley to build cybersecurity capacity and bridge the skills gap in the UK.
Organised criminal networks have been forced online to find new sources of cash because transporting drugs and committing robberies have become almost impossible, a chief constable says.
A month after hacker forum WeLeakData.com was closed, the content of its database, including hackers’ private messages, is for sale on the dark web.
New report finds average cost of recovery is US$ 1.4 million (£1.1 million) if organisations pay the ransom, but US$ 730,000 (£593,000) if they do not. A quarter of victims admit paying up.
Sophisticated “PerSwaysion” phishing attack sent from a legitimate but compromised vendor account allows emails to bypass any mass blocklists and filters.
Group-IB uncovers ‘tremendous increase’ of phishing resource blockages in the second half of 2019 as the duration of attacks grows.
A Nigerian cybercrime group SilverTerrier targets healthcare organisations critical to COVID-19 response. Organisations advised "apply extra scrutiny to COVID-19-related email attachments."
New details emerge after security researchers discovered another strain of malware specifically built to infect smart IoT devices and Linux-based servers.
Severe spike in cyber scams amid coronavirus pandemic, volume of all categories of cyber-attacks has increased by 33 percent, 118.7 million in March alone.
Massive growth in XSS flaw attacks on WordPress websites over past week - up 30 times - mostly from a single threat actor.
Malicious actors pounce on a pair of critical vulnerabilities found in SaltStack’s open-source, event-based IT automation & configuration management tool Salt. “Salt master” servers compromised.
Trials have begun this week on the Isle of Wight for a Coronavirus tracing app, and while security and privacy are a key component, news of a glitch in an Indian app mean the issue remains under scrutiny.
White hat hacker reveals potential for ‘crying wolf’ exploit of weakness in 1980s tech that could potentially cause collisions when planes are in autopilot by social engineering of IOT.
Credential stealing attack uses Microsoft Teams notificaiton, numerous URL redirects, to conceal from email protection services.
The virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalise on global fears, as well as dramatic shifts in supply and demand.
Microsoft Sway used to trick victims into giving up 365 log-in credentials in spear-phishing campaign.
Security researchers have warned that newly created mobile banking malware can not only grab passwords for more than 200 financial apps, but intercept two-factor authentication codes as well.
The SAS@home event ranged over a Vietnamese APT, Czech disinformation, using open source intel to identify your vulnerabilities, to why tools cluster 'pre-boom' rather than in remediation
Warwick University has reportedly kept secret from staff and student data breaches to its infrastructure. Breach happened after employee unwittingly installed malware.
Sophos and its customers were victimised when a previously unknown SQL injection vulnerability in the company’s physical and virtual XG Firewall units was exploited
Several Israeli Water Authority facilities suffer cyber-attack over the weekend - advised to change all passwords for internet accessing services.
The Defence and Security Accelerator (DASA) is awarding a further £1m in phase two funding to three teams to develop technology that predicts and counters cyber-attacks.
Scam reporting service launched to flag suspicious emails for the NCSC to assess and take down malicious content, Cyber Awareness campaign starts, includes advice on securing video-conferencing.
Nation-state-sponsored hackers are reportedly targeting companies tasked with researching COVID-19, in some cases intruding into systems and performing reconnaissance.
New report shows that Coronavirus lockdown has led to hackers targeting remote workers as a way into corporate networks.
The NCSC has announced the alpha release of its Secure Communications Principles.
New Agent Tesla malware module used to steal passwords from infected Wi-FI systems.
Last year 773,943 Kaspersky customers were attacked by banking trojans, down from 889,452 in 2018, but the percentage in the coporate sector that were attacked rose to a third (35.1 percent).
As cyber-criminals & nation-state attackers target the healthcare sector, Microsoft is making its AccountGuard threat notification service free of charge to "healthcare providers on the front lines."
New campaign by TA505 hacking gang harvests Active Directory credentials to aid movement
Reports of more than 500,000 Zoom accounts up for sale prompt password security concerns
Attack on Linux servers, Windows systems and Android devices world over went undetected for nearly a decade
NCSC and CISA say state-sponsored threat groups and cyber-criminals will continue with their plans to exploit the Coronavirus pandemic.
Cyber-security hygiene can help counter Coronavirus-themed cyber-attacks, says McAfee's Raj Samani
More and more home IoT devices are being connected to organisational networks as people across the globe work from home, increasing the potency of new botnet dark_nexus
Happy developers working in teams with mature DevSecOps practices make more secure software, survey showed; Workplace happiness tangible, says psychologist
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout