Security researchers recently discovered the presence of 38 malicious apps on the Google Play Store that were not only disguised as games and education apps but also redirected victims to install other apps from the Play Store that displayed advertisements and loaded blog URLs in the background without obtaining user consent.
SC Media UK gathered a group of cyber-security and data professionals to discuss where emails fit into the framework, and what risks they might pose to breaching GDPR compliance. It's a truism that email is the de facto means of communication and information transfer in business, regardless of whether it's always the most appropriate or safest way to move information around.
Grey Sloan Memorial Hospital's network was taken over by a hacker who demanded millions in Bitcoin, in what was essentially a ransomware attack. After a two-month hiatus – during which time Bitcoin plummeted in value (sorry, extortionist) – the ABC drama resolved the cliffhanger in its 18 January mid-season premiere.
The same hackers behind the unauthorised access of celebrities' iCloud accounts and the subsequent postings of nude photographs are believed to be behind the recent leak of nude photos of "Fifty Shades" actress Dakota Johnson.
The first documented native IPv6 DDoS attack has been spotted in the wild over the weekend. The DNS dictionary attack originated from around 1,900 different native IPv6 hosts, on more than 650 different networks and targeted authoritative DNS service Neustar's network. The distributed attack demonstrates that that hackers are deploying new methods for IPv6 attacks, as widely predicted, not simply replicating IPv4 attacks using IPv6 protocols, according to Neustar.
From high level hard tech to senior leadership and management, our 50 women list exemplifies women contributing to the cyber-security sector at every level, despite representing just 10 percent of the workforce.
Marcell Gogan discusses the threat of privileged user access and how it often goes largely ignored. New malware and inventive ways to hack into systems emerge constantly, prompting companies to invest heavily into keeping their security up to date. However, it also means that while zero-day exploits and other new tools in the arsenal of cyber-criminals can be very dangerous, for the most part, security is advanced enough to provide a reliable protection against most external threats, provided that you sufficiently invest in it and follow all the best practices.
Tracey Stretton and Lauren Grest look at the EU-US Privacy Shield and the consequences of the Schrems judgement for international data transfers and how it (or any successor) fits into the EU GDPR.
Cyber-crime joins environmental disasters, large-scale involuntary migration and illicit trade as one of the most notable risks in the world this year, according to the latest Global Risks Report just brought out by WEF.
Swedish telecoms company Ericsson has confirmed that it is working to fix a problem that has caused a complete failure of the O2 data network in the UK and the SoftBank data network in Japan.
Session-hijacking side-channel attacks can risk exposing users messages in full, researchers at Cisco Talos Intelligence Group have found.
A cyber-attack that left computer screens at Hancock Regional Hospital in Greenfield, Indiana, USA, displaying a Bitcoin ransom message has caused the entire network at the hospital to go offline to minimise risk to patient data.
An analysis of the British Airways payment page shows that the site is loading files from seven external domains that have little or nothing to do with payment processing, according to a security expert.
Offensive cyber-attacks against Russia are reported to be among options under consideration by the UK if it is dissatisfied with Russia's explanation by midnight today of the use in this country of Russian nerve agent Novichok.
Cisco has confirmed a critical security vulnerability in its SSL VPN solution, Adaptive Security Appliance (ASA), one of the most widely-deployed SSL VPNs on the market, which would have allowed hackers to run code on VPN box.
Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.
There has been speculation about the impact of incoming GDPR on government schemes that monitise the data of citizens given to them for the delivery of a service, which is then sold on without the data owner's consent.
Two Trend Micro apps have been removed from the Apple app store in the past few days after allegations surfaced that they were exfiltrating user data.
The Government has set out a series of minimum cyber-security standards which will now be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply.
An advisory from the NCSC warns that the popularity of Office 365 is making it an attractive target for cyber-criminals to worm their way into organisations.