Cyber-espionage platform Attor was utilised to target Russian-speaking individuals for at least seven years, finds ESET researchers
Zero-day vulnerability in Apple iTunes for Windows allows hackers to bypass antivirus detection on Windows devices
US homeland security dept. post falls vacant for the fifth time in just under three years, as acting secretary Kevin McAleenan plans to leave
Data beach at Imperva was caused by a series of missteps during the migration to a cloud-based database service, says company CTO
Juniper Networks issues 27 software security advisories covering 84 product vulnerabilities, 31 of them critical
Panelists at DTX agreed that the focus needs to be on people, both users of cyber-security technologies and the general public, whether at home or at work, with technology subservient to secure usage.
There is a lack of formal education in cyber-security, says Tom Van de Wiele, principal security consultant, F-Secure
Security researchers have said that the FIN7 cyber-criminal gang is back with two new tools that are said to have been altered to evade detection.
The one thing that punches the steam out of a scam method is open acknowledgement, says television personality Alexis Conran
Grandmaster Garry Kasparov says its not the technology but the misuse of it by authoritarian governments that we have to be careful about
A US Defense Intelligence Agency analyst was arrested for supplying top secret national defense information on a foreign country's weapons systems to two journalists
Twitter discloses that it gave advertisers access to email addresses and phone numbers that users had supplied for two-factor authentication purposes
A newly published survey reveals that some 68 percent of IT security stakeholders don't know if they've experienced a Pass the Hash (PtH) attack. That isn't necessarily a cause for too much concern.
AI algorithms don't see the world as we see it, and this has created either unnecessary panic or outlandish claims, says mathematician Hanna Fry
People need to know the company takes data theft seriously, and if colleagues are to report on suspicious behaviour, they need assurances of confidentiality - usually better achieved via HR than security teams.
Second Senate Intel committee report confirms Russia social media campaign to influence 2016 election, skewer Clinton
US Senate Intelligence Committee confirms Russia's role in a sweeping social media campaign to influence the election by supporting Trump and skewering rival Hillary Clinton
Medical and personal information of about one million people was exposed after a breach at a primary health organisation located in New Zealand
Magecart hackers infiltrated Sesame Street's online store by compromising e-commerce and shopping cart service provider Volusion
California governor Gavin Newsom blocked police from using facial recognition technology in their body cameras
UK & US governments warn Windows, macOS & Linux users to update systems following discovery of multiple advanced persistent threat (APT) groups using a VPN exploit to remotely control computers.
Samy 'mypace' Kamkar credits environment as the most common factor that leads impressionable and talented teenagers to cyber-crime
Power politics, economic, military and technological rivalry will replace interdependence leading to balkanisation of the internet and a bid to control AI - to rule the world - says ex MI6 chief.
Microsoft releases latest batch of security updates, fixing 59 vulnerabilities, nine of them critical
Decryptors are now publicly available for a Muhstik and HildaCrypt ransomware programs that recently emerged onto the scene
FBI issues an alert, warning about possible high-impact ransomware attacks targeting US businesses and organisations.
There has been a surge in female applicants for the NCSC's 2019 CyberFirst cyber-security summer courses (held in Cardiff, Belfast, Paisley, Newcastle, Birmingham and London), up 47 percent on 2018.
Data hoarded without any immediate use also could turn toxic for organisations, warn cyber-security experts
Research into DevOps reveals siloed thinking, lack of expertise and correct tools contributing to nearly half of firms not having completed developing their DevOps strategies, leaving companies vulnerable.
Several members-only dark web forums trade a stolen government database featuring the personal information of 92 million Brazilian citizens
Former Yahoo! software engineer pleads guilty of using his access privileges at the company to hack users' accounts and download private images and videos of young women
US healthcare operator DCH Health System purchases decryption key from ransomware attackers in order to expedite recovery
"All devices will go online regardless of their utility because of the data they can generate": cyber-security guru Mikko Hyppönen
Cyber-attacks tend to have a trickle down effect via a pyramid structure, with the top slot often occupied not by the cliched men in hoodies but by state intelligence organisation
Google's Pixel phone as well as devices from Samsung, Huawei, and Motorola affected by Android zero-day flaw.
Threat group Phosphorus, believed to be linked to Iran's government, targets email accounts associated with a US presidential campaign as well as American government officials
Malware marks victims' TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later
Cisco issues a series of security updates, in the process disclosing 29 vulnerabilities, including 16 high-impact ones
Microsoft re-releases security update for a critical remote execution bug in Internet Explorer that has been actively exploited
Cyber-security readiness can have both positive and negative affects on company valuations when assessing acquisition targets. So how do you assess cyber-capability for M&A purposes?
Researchers assemble playbook on PKPLUG, a suspected Chinese threat actor targeting Asians with an assortment of malware used for cyber-espionage purposes
Security firms Malwarebytes and HYAS string together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group
A "double-free" bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content
New feature in Google's password manager will study a person's passwords and then inform them on its strength and whether it has been compromised
Sir Brian Leveson to lead the IPCO, providing independent oversight and authorisation of the use of investigatory powers by intelligence agencies, police forces and other public authorities.
Kaspersky products were triggered on 41.6 percent of ICS computers in the energy sector globally in just the first six months of 2019.
Researchers uncover large Android banking trojan scheme that may have impacted hundreds of millions of Russians
DCH Health Systems, USA, is turning away all but the most critical patients from its three hospitals in response to its computer network being rendered unusable by a ransomware attack
Ghostcat-3PC, a malvertising operation designed to infect online publishers with browser-hijacking malware, launches at least 18 separate infection campaigns in three months
CISA issues advisory, warning of vulnerabilities in several medical IoT devices that could lead to remote code execution
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout