What were the most popular stories on SC in 2018?

News by SC Staff

Readers clicked on a wide range of stories during the year, but you might be surprised by the ones that got the most attention.

(Pic: AlexLMX/Getty Images)

1. 38 "games and educational apps" kicked out from Google Play Store

Security researchers recently discovered the presence of 38 malicious apps on the Google Play Store that were not only disguised as games and education apps but also redirected victims to install other apps from the Play Store that displayed advertisements and loaded blog URLs in the background without obtaining user consent.

2. SC Roundtable: How much of a liability is email in GDPR compliance?

SC Media UK gathered a group of cyber-security and data professionals to discuss where emails fit into the framework, and what risks they might pose to breaching GDPR compliance. It's a truism that email is the de facto means of communication and information transfer in business, regardless of whether it's always the most appropriate or safest way to move information around.

3. Grey's Anatomy resolves hospital hacker plot, security experts analyse plot

Grey Sloan Memorial Hospital's network was taken over by a hacker who demanded millions in Bitcoin, in what was essentially a ransomware attack. After a two-month hiatus – during which time Bitcoin plummeted in value (sorry, extortionist) – the ABC drama resolved the cliffhanger in its 18 January mid-season premiere.

4. Hackers leak more celeb nude pics - Dakota Johnson joins Miley Cyrus

The same hackers behind the unauthorised access of celebrities' iCloud accounts and the subsequent postings of nude photographs are believed to be behind the recent leak of nude photos of "Fifty Shades" actress Dakota Johnson.

5. 'First true' native IPv6 DDoS attack spotted in wild

The first documented native IPv6 DDoS attack has been spotted in the wild over the weekend. The DNS dictionary attack originated from around 1,900 different native IPv6 hosts, on more than 650 different networks and targeted authoritative DNS service Neustar's network. The distributed attack demonstrates that that hackers are deploying new methods for IPv6 attacks, as widely predicted, not simply replicating IPv4 attacks using IPv6 protocols, according to Neustar.

6. The 50 most influential women in cyber-security UK

From high level hard tech to senior leadership and management, our 50 women list exemplifies women contributing to the cyber-security sector at every level, despite representing just 10 percent of the workforce.

7. The threat of privileged user access – monitoring and controlling privilege users

Marcell Gogan discusses the threat of privileged user access and how it often goes largely ignored. New malware and inventive ways to hack into systems emerge constantly, prompting companies to invest heavily into keeping their security up to date. However, it also means that while zero-day exploits and other new tools in the arsenal of cyber-criminals can be very dangerous, for the most part, security is advanced enough to provide a reliable protection against most external threats, provided that you sufficiently invest in it and follow all the best practices.

8. How will the new EU-US privacy shield fit with the upcoming General Data Protection Regulation?

Tracey Stretton and Lauren Grest look at the EU-US Privacy Shield and the consequences of the Schrems judgement for international data transfers and how it (or any successor) fits into the EU GDPR.

9. Cyber-attacks one of the biggest threats to the world in 2018 says WEF

Cyber-crime joins environmental disasters, large-scale involuntary migration and illicit trade as one of the most notable risks in the world this year, according to the latest Global Risks Report just brought out by WEF.

10. Ericsson software issue causes O2 data network outage

Swedish telecoms company Ericsson has confirmed that it is working to fix a problem that has caused a complete failure of the O2 data network in the UK and the SoftBank data network in Japan.

11. Researchers reveal how easily Signal, Telegram and WhatsApp messages can be hijacked

Session-hijacking side-channel attacks can risk exposing users messages in full, researchers at Cisco Talos Intelligence Group have found.

12. Cyber-attack shuts down US Regional Hospital's online system

A cyber-attack that left computer screens at Hancock Regional Hospital in Greenfield, Indiana, USA, displaying a Bitcoin ransom message has caused the entire network at the hospital to go offline to minimise risk to patient data.

13. British Airways 'breaking credit card security rules' on its website payment page

An analysis of the British Airways payment page shows that the site is loading files from seven external domains that have little or nothing to do with payment processing, according to a security expert.

14. Cyber-attacks against Russia may follow attempted nerve agent killing in UK

Offensive cyber-attacks against Russia are reported to be among options under consideration by the UK if it is dissatisfied with Russia's explanation by midnight today of the use in this country of Russian nerve agent Novichok.

15. Cisco warns of a critical vulnerability in its SSL VPN solution

Cisco has confirmed a critical security vulnerability in its SSL VPN solution, Adaptive Security Appliance (ASA), one of the most widely-deployed SSL VPNs on the market, which would have allowed hackers to run code on VPN box.

16. New Word malware attacks infect systems without using macros

Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.

17. DVLA selling details to parking firms seeking fines criticised

There has been speculation about the impact of incoming GDPR on government schemes that monitise the data of citizens given to them for the delivery of a service, which is then sold on without the data owner's consent.

18. Trend Micro apps removed from Apple app store

Two Trend Micro apps have been removed from the Apple app store in the past few days after allegations surfaced that they were exfiltrating user data.

19. UK Government issues minimum cyber security standards

The Government has set out a series of minimum cyber-security standards which will now be incorporated into the Government Functional Standard for Security, obliging government departments and suppliers to comply.

20. NCSC warns of vulnerabilities in Office 365 being exploited by cyber-criminals

An advisory from the NCSC warns that the popularity of Office 365 is making it an attractive target for cyber-criminals to worm their way into organisations. 


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews