Let’s Encrypt project revoked over three million digital certificates after discovering a flaw in its certificate authority code
We audit to understand AI decision-making, but not for the risk of subversion; security comes in last. 2019 saw a big increase in commodity malware abusing SSH machine identities in various ways.
Building & ensuring trust are recurrent themes from our commentators, which also include education, awareness, going beyond compliance, implementing best practice, & a host of other concerns.
Stats and expert comments on developments in data regulation; AI and machine learning; cloudsecurity; IOT & IIOT; Next gen authentication.
Facebook's announcement to add deepfakes to the categories of banned content is hardly a patch on the growing misinformation campaigns on the platform say privacy and security experts
From the expected to surprising, our 200+ predictions cover Brexit, cyber-treaties to IOT regulation, the negative impact of cyber insurance and the downsides of 5G, plus AI deepfake ransomware & much more.
Firewall automation might be in the headlines, but enterprises are struggling to make sense of the opportunity on the ground, potentially leading to increased security risk, according to a new report
Anyone who is promoting their product as true AI its just talking bullshit, Eugene Kaspersky told delegates, via video, at Kaspersky's Next Conference in Lisbon on Monday.
AI algorithms don't see the world as we see it, and this has created either unnecessary panic or outlandish claims, says mathematician Hanna Fry
Whether its down to cost or understanding, neither SMEs nor enterprises have any room for complacency about their cyber-defence capabilities according to a recent UK survey.
Debate on the moral and legal aspects of facial recognition surveillance have been going on around the world. Where does the individual affected stand?
It may take a lot of work to create convincing deep fake videos, but using AI, fake voice frauds are easier and quicker - and likely to increase following this apparently successful CEO fraud.
Enterprises are increasingly monitoring employees by way of their email and social media usage, often by AI-powered technologies. There are ethical questions that have to be asked. So SC Media UK asked them.
Autonomous vehicle sensors can be tricked by using drones, which project road images too quick for humans to see but slow enough for the vehicle's sensors
Digital transformation knocks cyber-security off its perch, staff incentives not working, the skills gap impacts maturity & business' ability to quantify security risk, says Brennan P Baybeck, ISACA board chair.
Prime Minister, Boris Johnson, has appointed Dominic Cummings, former Vote Leave campaign director; Tories now targetting electors using methods compared to Cambridge Analytica in "The Great Hack".
Research by Immuniweb found 97 out of 100 largest banks are vulnerable to web and mobile attacks enabling hackers to steal sensitive data.
Up to £850k of funding now available for the second phase of the DASA's Predictive Cyber Analytics competition to develop a deployable solution to predict and counter future cyber-threats.
A new research survey claims that humans are still in the driving seat of vulnerability research when compared to ML/AI tools - AI yet to claim a bug-bounty
Russia claims a lead in Fintech with Moscow's digitisation project roaring ahead, while keeping an eye on cyber-security, but personal privacy is seen as a thing of the past.
In cyber-space, they can still hear you type: AI mimics user's keyboard behaviour; reads sound of key taps
AI is being used to mimic a victim's keyboard user-behaviour characteristics, automatically generating and sending disguised malicious keystrokes, while another attack listens to your key taps to read the message.
Despite some flaws, most organisations aim to fix their vulnerabilities within 30-days or less when spotted
A website designed to create secure, random, offline crypto wallets may have been compromised in an ingenious manner, according to reports
CISOs are turning to drink, drugs & meditation to overcome the inevitability of breaches in the face of inadequate human or financial resources to defend their organisations; as 1 in 5 are available 24/7.
The 'Genesis' market is different from the norm: cyber-criminals are selling digital fingerprints with the full data of more than 60,000 users already being traded.
Survey finds that organisations are struggling with IT system complexity with nearly two-thirds of businesses (60 percent) suffering a severe certificate-related outage within the past 12 months.
Facebook will pivot toward privacy over the next few years, "building a privacy-focused messaging and social networking platform" that includes end-to-end encryption, CEO Mark Zuckerberg said Wednesday.
What do the 3ve ad fraud campaign, the Magecart credit card skimming attacks and the Facebook-Cambridge Analytica scandal have in common? They were all made possible through the use of unmanaged third-party code
The drive-in fast food chain Sonic is being sued by the American Airlines Federal Credit Union for US$ 5 million (£3.8 million) in an attempt to recoup money the credit union lost due to Sonic's data breach in 2017.
30 years ago, in 1989, the Berlin Wall came down, SC made its debut in the UK, and Sir Tim Berners-Lee was inventing the World Wide Web while at CERN, the European Particle Physics Laboratory.
North Korean hacking Lazarus Group's Operation Sharpshooter campaign, used "extremely convincing" job recruitment emails to target defence, government, finance, energy and critical infrastructure organisations across the world, according to McAfee researchers.
Although attackers are more persistent than ever, organisations are getting better at detecting breaches - on average discovering the intrusions about a week earlier.
Can hype-scarred cyber-security pros dare to be hopeful about artificial intelligence as a means to ease the acute information security labour shortage?
A number of factors including the lack of open source governance programmes has resulted in a 71 percent rise in open source breaches over the past five years.
"Microsegmentation is the means to a zero-trust security network because it is identity-driven and able to isolate threat actors on a network at a granular level. It protects an organisation's critical assets and minimises the impact of cyber-attacks."
Scammers using a major event to separate fools from their money is nothing new so several took advantage of the first live concert ever streamed through the massively popular video game Fortnite to sell non-existent tickets to gullible game players.
New report finds stories in the media affect firms approach and priorities. Data breaches reported in the media is having a significant affect on the approaches to a business's cyber-security and the priorities of its strategy, a new report found.
A vulnerability in both the Bigscreen virtual reality app and the Unity game development platform on which it's built makes it possible for hackers to listen to conversations and access user computers, according to researchers at the University of New Haven.
A new phishing campaign distributing the credential-stealing malware Separ has over the last few weeks reportedly affected hundreds of business organisations, primarily those located in Southeast Asia and the Middle East.
Attackers can access the master password of many popular password managers, researchers have found, exposing users to massive risk of credential theft.
The hacker known as Gnosticplayers has placed a third set of databases up for sale on the Dream Market dark web marketplace.
The integrity of democracy itself is being undermined by the failure of Facebook and other social media giants to control 'fake news', MPs have said.
New version of TrickBot bolsters its information stealing capabilities by targeting passwords for Virtual Network Computing (VCN), PuTTY, and Remote Desktop Protocol (RDP).
A dark web marketplace this week reportedly began selling stolen data linked to roughly 617 million user accounts from 16 different websites.
Law firms are increasingly being asked to supply ever-greater amounts of evidence of data management safeguards to their corporate clients for GDPR compliance.
Facebook will no longer be allowed to combine German users' data taken from WhatsApp, Instagram and Facebook Messenger, according to the German competition authority.
An unauthorised party illegally accessed data from TV and movie "scrobbling" service Trakt more than four years ago, but only now are users learning about it.
Google has rolled out a new Chrome extension that will inform users if their passwords have been compromised.
The Huddle House restaurant chain reported it has closed a point-of-sale data breach that existed one of its third-party vendors from August 2017 until now.
New deception campaign on YouTube has tricked over 70,000 people into parting with personal details.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout