The election is over, the Conservatives have won, and Boris Johnson is promising to deliver on his pledge to 'get Brexit done' by the 31st January. What does that mean for the average CISO?
Unique malware varieties have risen by an eighth this year, according to The Kaspersky Security Bulletin: Statistics of the Year report, with Web skimmer files blamed for growth in unique malicious code.
Latest patch by Microsoft covers a zero-day privilege elevation loophole that was found to be actively exploited in the wild
The first time you got your hands on powerful penetration testing tools, you must have thought 'just think what I could do with this'. And that's just what the criminals think too - and then they do it.
Kaspersky teams up with Swedish designer Benjamin Waye and creative agency Archetype to make a ring that could present fake fingerprints for non-mandatory verifications
Users cautious of what they put on the internet and aware of the host's free tools for protecting their services can avoid unsecure databases, says James Spiteri
A flaw that affects most Unix-based operating systems, including MacOS, Android and Linux, may allow attackers to defeat VPN security.
The UK ministry of defence confirms Strategic Command formed as part of JFC reorganisation to improve integration and enhance its role providing leadership in the cyber domain for the MOD.
MS threat analysis finds credentials of 44 million Azure AD and Microsoft Services Account details; password reuse rampant
Security researchers have disclosed a flaw in the Aviatrix VPN client that give a hacker unlimited access to a victim's system - now patched.
An international offensive headed by UK & US investigators identify Russians behind global bank fraud malware campaigns
Edited highlights from chief of the defence staff, General Sir Nick Carter's annual speech at the Royal United Services Institute highlights the need to integrate capabilities, innovate and cooperate with industry,
Departing employees account for more than half of all insider threat incidents; Two out of three professionals openly admit to taking data with them when they quit
A well-resourced and successful threat actor - the Lazarus Group, widely believed to be the North Korean state - has developed fileless malware aimed at macOS for criminal purposes.
If partners in your supply chain have access or information on your data or your network, their risk is your risk
Organisations warned of full intrusion with just flaw and one phish - due to flaw they should have fixed and is actively used by multiple threat actors.
Nato must agree a plan to respond to emerging and disruptive technologies; recognising two new operational domains in space and cyber-space; and develop plans to confront and deter hybrid tactics.
A vulnerability, named StrandHogg, allows malware to pose as any legitimate app, gain permissions and literally hijack the phone
Stake your claim to be recognised as the best in the industry by winning your category in the SC Awards Europe 2020 - and this year we have four new Awards up for grabs!
An example of how detailed and sophisticated phishing scams can be is provided by a current attack targeting Steam gamers - with financial loss now a concern.
Imminent Monitor Remote Access Trojan (IM-RAT) targetted in an international law enforcement takedown of Rat used across 124 countries and sold to more than 14,500 buyers - for less than £20 each.
A previously undetected ransomware attack has been discovered targeting Network Attached Storage (NAS) that poses new risks for back-up data usually stored on such devices.
Businesses that do not align their IT security teams targets with their overall performance are causing trouble for their chief executive officers
Despite repeated data breaches and hacking attempts, firms in the food and hospitality sector have spent the least on cyber-security in 2018-19, says a research report; unsurprisingly, finance tops the spend table.
RevengeHotels malware campaign looks for credit card details of hotel guests
The crucial factor that drives talent to the industry is deep and keen interest in security, assert cyber-security trainers
Common Weakness Enumeration list reveals the critical software errors that could impact enterprise security
Twitter warns users about possible data harvesting, Facebook issues alerts on SDKs by oneAudienceand Mobiburn
Stantinko botnet, which has been targeting former Soviet nations since at least 2012, adds a Monero cryptomining module to its arsenal.
Smart device certification programme informs consumers if certain products meet basic information security standards
IoT Security Foundation & IASME form partnership to offer what they describe as a low cost consumer IoT conformance scheme aimed at manufacturers and retailers to increase cyber-security assurance.
Polymorphic malware installed coinminer on up to 80,000 systems per day earlier this year say Microsoft researchers.
An error by an employee - in device hygiene, network safety or email security - can compromise an entire organisation's IT security this shopping season
A patched vulnerability in the WhatsApp for Android can still affect thousands of additional apps that have not been patched
Increasing numbers of ready-made 'exploit kits' are using extremely stealthy fileless attacks to compromise victims, creating a big challenge for defenders...
The New York City Police Department's fingerprint database was hit with ransomware in October 2018
Cyber-criminals devise card-skimming scheme that involves creating a phishing page that impersonates a retailer's third-party payment service platform
Cyber-criminals demand £11 million ransom to unlock computers of Virtual Care Provider, which caters to to roughly 110 nursing homes around the US
Security researchers have discovered an updated form of the Trickbot malware that has been changed to steal OpenSSH private keys and OpenVPN passwords and config data.
The FBI in the US issues private bulletin to a select group of automobile companies that bad actors are trying to access and infiltrate their networks
T-Mobile discloses a data breach incident that impacts certain customers with prepaid service accounts.
Russian warns US Republican lawmakers on spreading "a fictional narrative" about Ukraine meddling in the 2016 US presidential election
Four billion records on 1.2 billion people was found on an unsecured Elasticsearch server
Former Monsanto employee charged with economic espionage for stealing proprietary software
Two vulnerabilities in SatLink 2000 VSAT modem could enable hackers to carry out cross-site scripting attacks and sniff sensitive data traversing the modem
European hotel booking platform provider Gekko Group mistakenly stores over 1 terabyte of information on a publicly configured server
A security research firm has been tracking a botnet that first popped onto its radar back in August that for some reason declines to make use of its DDos capabilities.
WeWork client data left exposed and accessible to the public via GitHub; web portal leak information on prospective customers
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout