Daniel Kaye, aged 30 from Egham in Surrey, pleaded guilty today at Blackfriars Crown Court to three offences under the Computer Misuse Act.
Victims caught out by deceptive Office 365 non-delivery receipts as phishers fake Microsoft administrative messages.
Microsoft Word's ability to download remote templates, which can contain malicious macros, is being exploited by the threat group Sofacy using a two-stage download strategy and some carefully crafted phishing documents authored by 'Joohn'.
Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests
The malware used to disrupt the global operations of Italian energy contractor Saipem S.p.A. earlier this week was none other than Shamoon, a disk wiper that's been used in two prior attacks against Saudi interests.
Google Thursday said it would not sell facial recognition surveillance products without first addressing the drawbacks and potential abuse of the technology.
Threat actors are playing by the rules, or at least tricking your browser into thinking they are, in order to deliver more effective attacks.
Save the Children was hit last year with a business email compromise scam that cost the charity US$ 1 million (£795 thousand).
Session-hijacking side-channel attacks can risk exposing users messages in full, researchers at Cisco Talos Intelligence Group have found.
An advisory from the NCSC warns that the popularity of Office 365 is making it an attractive target for cyber-criminals to worm their way into organisations.
A global phishing campaign called Operation Sharpshooter was discovered using fake job recruitment documents to infect defence, government and critical infrastructure organisations with a malicious backdoor implant, presumably for cyber-espionage purposes.
Mozilla released security updates to address vulnerabilities in Firefox and Firefox ESR which could allow a remote attacker to take control of an affected system.
More than 120 million unique identification numbers issued by the Brazilian Federal Reserve to Brazilian citizens and tied to tax-paying resident aliens, spent months earlier this year publicly exposed on the internet.
Italian oil and gas industry contractor Saipem S.p.A. has reportedly confirmed that a Monday cyber-attack impacted its servers and infrastructure in the Middle East as well as in Scotland.
ESET has come across an Android trojan capable of defeating the multifactor authentication required to access the official PayPal app.
The Financial Conduct Authority (FCA) has issued a report warning that many boards are not prepared to deal with cyber-security issues but should not rely too heavily on third-party providers to fill the gap.
The cable broadband provider Virgin Media has fixed multiple flaws in its Super Hub 3.0 which were identified by researchers from NCC Group.
Microsoft addressed nearly 40 vulnerabilities including and actively exploited zero-day, in its December 2018 Patch Tuesday release.
A cyber-criminal phishing operation designed to infect victims with a malicious backdoor was recently discovered using command-and-control domains that intentionally spoofed the real-life domains of various Russian critical infrastructure firms.
This Patch Tuesday, Adobe has published a security bulletin for Adobe Acrobat and Reader to address?critical?and important vulnerabilities, which could lead to arbitrary code execution in the context of the current user.
Over the last year and a half, attackers compromised more than 40,000 credentials for various global government websites and portals, using a combination of spyware tools and phishing tactics.
At sixth place, Mac-based malware makes its debut in the top ten most common types of malware reported by WatchGuard's quarterly Internet Security Report, tricking victims into installing fake cleaning software.
A detailed new report into new malware from financial cyber-crime Cobalt Group reveals inner workings and operational activity.
NHS trusts are woefully understaffed when it comes to cyber-security and are struggling to meet minimum staff training needs, according to new research.
A political agreement has been reached in Europe to rebrand ENISA as the EU Agency for Cybersecurity and create a one-stop shop for cyber-security product certification.
After a second, newly discovered, bug affected 52.5 million Google+ users, Google has decided to shutter the social network earlier than originally planned.
Researchers used an attack on a Brazilian-embassy computer to uncover additional details on the year-old cyber-espionage group Seedworm, including a new backdoor the group is now using.
In the latest rendition of a sextortion plot that has been using public breach data to trick victims into thinking they were hacked, cyber-criminals have added the inevitable ransomware update to the scam.
A two-month Monero cryptomining campaign targeted both Linux-based servers and Internet of Things devices with a newly discovered malware family called "Linux Rabbit," researchers have reported.
A Moldovian national was sentenced to time served by a federal court for his crime of conspiracy and damaging a computer.
New research finds that companies feel that they are not being given enough support by the government to defend their infrastructure from attack.
The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates.
After its breach, which compromised the personal data of 500 million customers, Marriott has agreed to pay for new passports if it has found that "fraud has taken place."
A Russian company that claims to specialise in decrypting ransomware is actually just secretly brokering deals with the malware distributors and charging victims for this middle-man service, researchers say.
ESET researchers examined the inner workings of 21 different Linux malware families all operating as trojanised versions of the OpenSHH client.
Threat actors have created a botnet army using 20,000 infected Word Press sites that is, in turn, assaulting other Word Press websites using dictionary-style brute force attacks in an attempt to gain access.
The DanaBot banking trojan is branching out into new territories, adding email address harvesting and spam distribution to its bag of tricks, while apparently partnering with the actors behind GootKit, another banking malware program.
A cyber-bank robbery outfit proved to the detriment of several Eastern European banks the necessity of physically securing computer assets that could give an attacker direct access to their network.
Citrix forced its users to reset their passwords after cyber-criminals began carrying out credential stuffing attacks against ShareFile accounts.
Law enforcement will be given access to snoop on anybody under legislation passed by Australian parliament yesterday.
Reports suggest Microsoft may adopt the Chromium browser as the basis for a complete rebuild of Edge which could address some security issues but introduce an even deeper vulnerability.
Apple has released security updates for several of its products to address vulnerabilities that could allow an attacker to take control of an infected system.
Ericsson has confirmed that it is working on a fix for a network problem that has caused a blackout in the O2 data network in the UK.
In a move as sneaky as a criminal calling the cops on rival gangs, malware authors have been impersonating Ubisoft, Steam and other large game companies to serve Google DMCA 1201 notices to irreversibly takedown their competitors.
Adobe Systems today issued an emergency security update for Flash Player following the discovery of a critical vulnerability that attackers were actively exploiting in a 29 November phishing operation targeting a Russian state health care institution.
Special Counsel Robert Mueller recommended Tuesday night that former National Security Adviser Gen. Michael Flynn avoid prison time for lying to the FBI since he has offered "substantial assistance" on a number of ongoing investigations.
Sometimes a basic data breach is just the first step in a larger campaign.
Facebook has objected to the publication of confidential documents and emails of internal discussions about the controversial use of friends data.
Security researchers have unearthed problems in a couple of machine-to-machine (M2M) protocols that could lead to hackers carrying out industrial espionage, denial-of-service and targeted attacks.
MI6 chief Alex Younger says the agency will pioneer partnerships with the private sector to combat 'existential threat' from cyber
A UK/Nigerian cybergang with US-based co-conspirators has obtained a list of more than 50,000 corporate officials to be targeted in future Business Email Compromise (BEC) phishing campaigns.
Weds 21st Nov, 3pm
A practical risk-based approach to implementing GDPR and building a security-aware culture in your organisation.
Brought to you in partnership with Metacompliance
Mon 19th Nov
Brought to you in partnership with Mimecast