Hackers use spoofed video conferencing messages to steal Office 365 credentials as part of a ransomware campaign.
940% increase in cyber funding for startups during lockdown but primarily for growth phase, while seed phase startups suffer
Cyberattacks related to compromised managed service providers see upswing; even though you rely on an MSP or managed security service provider, you are still culpable for the information that you own.
Universal clipboard feature in iOS14 exposes how apps snoop on smartphone users, with LinkedIn found copying clipboard content from iOS devices with every keystroke.
Urgent patching advised following vulnerability found in configuration interface of the BIG-IP delivery controller used by some of the world’s biggest companies, governments, & enterprise networks.
Forty-six makes of router haven’t had a security update in a year leaving employees open to attack
Independent Investigatory Powers Commissioner will provide oversight of the UK’s use of the UK-US Data Access Agreement which completes its scrutiny process in the US Congress this month.
The absent are always wrong. Being present and visible at the scene of an incident is as important as what you do when you get there says Sir James Bevan in his Top Tips for incident management.
Among nearly two million targets in a £380 million BEC scamming operation were a Premier league football team, a US lawyer and an international bank. The alleged scammer was arrested in Dubai.
Missing the wood for the trees. Those with large numbers of tools must make sure the staff, expertise, and proper organisational alignments, expectations, and structures are in place.
Women can be set up for failure if they have not got the qualifications and experience to perform the role, and then are not supported. WFH requires more support & flexibility to have a life and do a job.
DNS tunnelling used to exfiltrate data from retail systems - primarily stolen credit card information.
Keynote speaker for SC Media UK's digital congress, NATO Cyber Security Centre chief Ian West tells delegates about how the agency faced the challenges posed by the Covid-19 pandemic.
CISOs from Microsoft, Aldermore Bank and EY joined the SC Magazine Virtual Conference in a session called CISO panel discussion: leadership lessons and best practice in unprecedented times.
A second chance to catch up on the expert presenters, panelists and demonstrators on staying secure in the new normal - including a candid update on how Nato's cyber command coped in Europe.
Windows Remote Desktop Protocol gets hit hard by hackers seeking to take advantage of employees working from home.
We are not getting our point across - we're seen as IT geeks. Even GDPR forced ‘Who Is’ to go dark and it's one of the first steps for law enforcement fighting crime to see who registered a domain.
The 30-year-old legislation is out of date, a coalition of cybersecurity experts and industry leaders tells the UK's Prime Minister Boris Johnson.
IT professionals are struggling to keep pace with the increased demands brought on by a massive increase in remote working, according to research from ManageEngine.
The ‘Inside the mind of a hacker’ cyber report from Bugcrowd also says that 78 per cent of hackers believe they will outperform AI for the next decade.
The Suspicious Email Reporting Service has received more than a million reports of scam emails, National Cyber Security Centre announces.
A large European bank suffered a huge DDoS attack earlier this week, according to a new report by Akamai. The attack was massive and quick.
GDPR has achieved many of its aims and been the biggest driver of cybersecurity spend, online safety and privacy, but it's not been without challenges in implementation, not something the EU dwelt upon.
‘Invisible god’ of networks: Comprehensive report analyses full impact of underground cyber heavyweight Fxmsp
Group-IB, a Singapore-based cybersecurity company, issues a comprehensive report on infamous seller Fxmsp who made a name for himself selling access to corporate networks.
Industry experts express concern as Twitter emails business clients to admit personal data like email addresses have potentially been compromised.
Online shops in Europe, US and South America compromised by attack using Google Analtics to bypass CSP - more barries advised.
This free, interactive Periodic Table of DevOps Tools quickly shows many of the leading tools and where they fit in the software delivery landscape.
The Cybersecurity Exposure Index (CEI) calculates the level of exposure to cybercrime by country from high to low with Afghanistan the most vulnerable and Finland the least.
Research shows that 16,352 people in the UK fell victim to online shopping fraud, with young people most at risk, posing a threat to trust in ecommerce as 76 percent see shopping online as risky.
‘Dangerous to speculate’ over state-based cyber-attack on Australia without evidence and threat intelligence
Experts have warned of the dangers of jumping to conclusions after Australia's Prime Minister Scott Morrison confirmed government and institutions were targeted.
Attack sneaks past antivirus detection and dupes users into bypassing protection from Apple’s built-in macOS security, Intego has discovered.
It's taken a while, but cybersecurity is now firmly on the agenda of politicians, whether talking about defence or crime, as two meetings this week demonstrate....
Nearly 20 zero day vulnerabilities in TCP/IP library, including critical vulnerabilities in the DNS protocol, could result in remote control of devices - impact, magnified by supply chain dissemination
Data compiled by Atlas VPN shows almost half of C-level officers suffered from a spyware attack last year.
Hackers could use D-link router flaws to exfiltrate data and upload malware
Web skimming hackers Magecart have breached three retail web stores including sports shop Intersport and two of the largest retail chains on the planet, Claire’s and Icing, according to reports.
Hackers have been finding unprotected Elasticsearch servers exposed on the internet quicker than search engines can index them, new research from Comparitech has found.
More than 100,000 wireless active cameras in UK businesses and homes may be vulnerable to hackers due to a combination of security flaws, an investigation has found.
The Enel Group was hit by a ransomware attack from EKANS (SNAKE) ransomware operators that affected its internal network, according to reports.
Security researchers have discovered a newly launched DDoS protection filter mechanism dubbed EndGame advertised on the dark web community forum Dread.
A combination of sophisticated techniques and copy-paste tactics are being used by cybercriminals, along with legitimate tools, in-depth research from Sophos about botnet Kingminer demonstrates.
The crosshairs from the ‘guns for hire’ Dark Basin group fell on senior government officials, advocacy groups, journalists and hedge funds around the world.
Twice entangled: Fake ransomware decryptor encrypts victims’ files again; Honda victim of ransomware
Bogus Stop Djvu lures people with the promise of getting their encrypted data back then delivers another ransomware. Honda falls victim to ransoware - Worm tech approach suggested.
Hackers using point-of-concept exploit code for the highly critical “SMBGhost” bug - aka EternalDarkness - that Microsoft patched in March in its Server Message Block 3.1.1 (SMBv3) protocol
Businesses face new cybersecurity risks with almost half of assets obsolete or ageing compared with just three years ago.
Some 80 percent of UK consumers believe organisations should refuse to pay ransoms, but still hold companies financially liable for their personal data, a Veritas Technologies report shows.
Last week Cisco Systems released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software.
Google has introduced multiple security fixes for the desktop edition of its Chrome browser and Mozilla has also done the same for Firefox and Firefox Extended Support Release.
Figures compiled in the ForgeRock data breach report show massive spend alongside rocketing levels of data breaches.
Two of the world’s biggest tech giants collaborate to support hardware security keys and devices that generate unique cryptographic keys.
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout