Ex-NSA contractor Harold T Martin admitted that he began pilfering classified documents from late 1990s through 31 August, 2016
A data breach at Lancaster University exposed data including undergraduate applicant information and student records
UK government delays decision on allowing Huawei to set up 5G network, but pledges to tighten up cyber-security in telecoms sector
Charge against Bulgarian cybersecurity worker Kristian Boykov has been reduced from computer crime against critical infrastructure to crime against information systems, which has a much lesser jail term
Hackers who stole 7.5 TB of data from Russian intelligence service contractor for FSB have been trying to crack the Tor browser
Equifax is facing a hefty fine for for its poor security practices, which had it missing an Apache Struts vulnerability responsible for the breach - not once, but twice.
Smartphone malware Pegasus can harvest individual user data from servers of the big five tech giants, says NSO's parent company Q-Cyber in product demonstration
DataSpii: 'Even the most responsible' Firefox & Chrome users at risk from browser extension data leak
"Catastrophic" leak of personally identifiable information from eight extensions used by around four million Firefox and Chrome users. Even the largest cyber-security corporations proved vulnerable to DataSpii.
WhatsApp and Telegram saves media files internally, making it easy for pre-existing malware to access or modify the files
The provisions of Securing Energy Infrastructure Act makes it difficult to attack the power grid in the US, as attackers would now have to be physically present at the facility to access it
Cylance's AI based antivirus product can be gamed so that attackers can bypass the system's machine learning algorithm and suspect code can be inserted from a file been previously marked as safe
The UK government has launched plans to make it safer for people to confirm their identity online and it is claimed that this could add three percent to the UK GDP by 2030, which should help the digital economy.
FaceApp is granting itself permission to use names, usernames and all likenesses in any media format without compensation whilst an impersonating app attacks users' devices with adware module, MobiDash.
Drupal released a security update to patch an access bypass vulnerability in Drupal Core, which could allow an attacker to take control of an affected website.
Malicious actors may use unique "identifying tokens" to circumvent anonymisation protections on Bluetooth Low Energy devices
Cisco released security updates for multiple products, some of which contain vulnerabilities that, if exploited would allow an attacker to take control of an affected system.
Mirai malware has branched out into more than 60 known variants since it first wreaked havoc in 2016
ElectionGuard assigns an encryption-enabled verification mechanism that distributes unique tracking codes to voters, which they can use to independently confirm that their votes were counted and not altered
Phishing campaigns gain strength by moving from forging mail to compromising legitimate accounts
Criminal cyber-infrastructures used to attack the UK have fallen with two thirds fewer IP addresses used by attackers in 2018 says the NCSC's latest Active Cyber Defence (ADC) report published earlier this week.
Threat of a Wannacry-style attack looms large, as many organisations harbour outdated, unpatched Windows systems despite repeated alerts
New versions of malware families linked to the Ke3chang APT group that operates out of China is being used to target political figures in Eastern Europe and the Americas
JetBlue flight halted as someone nearby - potentially a passenger - share the suicide vest picture to passengers and crew through Bluetooth
A new addition to the data breach reference website "Have I Been Pwned?" seemingly reveals that more than 100 million accounts were compromised in this year's data breach of the event-planning service Evite.
Hackers access Sprint customer account credentials via the Samsung.com, view details including subscriber ID, name and billing address
Human brains will be linked up to computers using 'flexible threads' created by Neuralink, the company founded by Elon Musk.
US senate committee members call Facebook "delusional" for launching Libra despite losing trust
Russia-linked Turla hacking group has developed new fileless malware to evade detection software
SC Media UK presents the biggest stories across the cyber-security sector over the last week, with thanks to our sponsor, Akamai.
The Dutch National Police Unit has arrested a hacker suspected of large-scale production and selling of malware such as Rubella and Dryad, aided by private companies including McAfee.
A new kind of phishing attack has been created and it uses server-parsed HTML as a base for its cyber-attack.
A flaw affects all WordPress websites where the Ad Inserter plugin version 2.4.21 or below is installed, and those affected are encouraged to update immediately
A researcher found a vulnerability that could allow attackers to pull and modify live information about drivers' vehicles through Tesla's customer service mechanism
GandCrab's developers last month publicly disclosed that they were retiring, but researchers say this announcement may have been misleading
A threat actor named Sweed has been active for more than two years, attacking countries across the globe, including the US Canada, Russia, China, Singapore and South Africa.
MobonoGram 2019, advertised as an unofficial version of the Telegram messaging application with more features, runs an endless stream of malicious websites in the background
Researchers detail file-leaking API vulnerability in Lenovo-EMC Iomega external Hard Drives
Facebook called up again for violation of privacy rights, as it continues embedding tracking data inside photos that users download
Traditional security architecture is giving way to zero-trust architecture, as mobile work devices alter the concept and scope of network perimeter
Assange was arrested in April at London on behalf of the US on conspiracy to conduct computer intrusion on the United States
MyDashWallet's associated external site serving CryptoJS scripts was compromised, with wallet private keys removed for a two-month period
Information-stealing malware TrickBot harvests addresses linked to several government agencies such as the US departments of Justice and the UK Ministry of Defence
There is no reason why applications can't be built securely but often they are not, BSI Cyber Security principal consultant Martin Pill told SC Media UK
Research by Immuniweb found 97 out of 100 largest banks are vulnerable to web and mobile attacks enabling hackers to steal sensitive data.
The Chartered Institute of Information Security hopes to play a bigger role in security regulation and professional accreditation after being formally conferred the Royal Charter in June
Fake Amazon website 16Shop phishing tool lures victims into divulging financial information as Amazon Prime day starts.
Hackers within Bluetooth range could take over Glamoriser smart hair straighteners with their own phones, because there is no secure pairing or bonding process
The Federal Trade Commission (FTC) fixes a billion-dollar penalty on Facebook after the commission approved settlement with the social media giant for violating a 2011 consent decree
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout