Royal chartered status on the cards for cyber-security profession as government seeks bidders for new council
The government is offering a grant of £1 million to £2.5 million to create a council for the cyber-security profession that would lead to royal chartered status.
The Rocke hacking group is disabling Alibaba and Tencent security software on cloud servers to install cryptocurrency miners on unpatched Linux servers.
Researchers at Trend Micro and RiskIQ have pulled the curtain away from a new Magecart sub-group that managed to insert card skimmer code into more than 200 companies by using a third-party vendor as an unwitting accomplice.
The lethal LoJax malware thought to be the handiwork of hacker group Fancy Bear (APT28) came to light only this past May, but most likely had been wreaking havoc since late 2016.
The large collection of files on the MEGA cloud service that exposed nearly 773 million unique emails and 21 million unique passwords and was posted on a hacking forum, came from a number of breaches and sources.
Enforcing a previously announced new policy, Google Play this week began monitoring and potentially rejecting apps that request phone call logs and SMS permissions if they don't abide by a set of rules in an effort to protect user privacy.
Research from Forcepoint Security Labs has revealed that the Telegram encrypted messaging service isn't quite as secure as users might like to think.
The National Cyber Security Centre has created cyber-security courses just for girls to encourage more female candidates to consider studying the subject at A-level and university.
A series of vulnerabilities in the hugely popular online survival game Fortnite could have allowed malicious actors to take over players' accounts, prompting developer Epic Games to fix the issues before a major incident transpired.
The Department of Justice has charged two Ukrainian nationals for hacking into the Security and Exchange Commission's (SEC) computer system to steal confidential corporate information and sell it to the highest bidder or to make trades.
Dutch law enforcement intercepted the communications of Mexican drug suspected drug lord and former leader of the Sinaloa Cartel Joaquín Guzmán, also known as "El Chapo," after his IT consultant turned informant.
Oracle pushed out 248 patches as part of the company's quarterly security update affecting a wide range of its products.
The World Economic Forum has identified cyber as one of the top risks to stability in the world in its Global Risks Report 2019 published this morning.
Five popular hosting platforms were found to have glaring security weaknesses in a study by Website Planet.
A recently discovered vulnerability in the Amadeus online reservation system made it possible to access and change reservations with just a booking number.
Attempts by companies to harness the wisdom of the crowd, or cut corners on security research depending on your perspective, by launching bug bounty programmes are misguided, researchers say.
New report reveals UK is particularly exposed to IoT security failings, in spite of industry guidelines introduced by government last year.
A malicious Windows shortcut file disguised as a movie on The Pirate Bay torrent tracker is capable of injecting malicious content from the attacker into high-profile websites as well as for stealing cryptocurrency.
In a case of cyber-security converging with physical security, researchers have disclosed four vulnerabilities in IDenticard Corp.'s PremiSys building access control system that attackers could exploit to sneak into restricted locations.
Positive Technologies researchers have released details concerning the vulnerabilities patched last month in the Schneider Electric car charging stations.
Chinese telecom manufacturer Huawei has fired a company executive who had been arrested in Poland on charges of spying for China.
Security researchers discover DNS hijacking attacks are targeting telecoms firms and governments and are being linked back to attackers in Iran.
Multiple researchers are linking the Ryuk ransomware that disrupted the operations of multiple US newspapers in late 2018 to the Emotet and TrickBot trojans.
The man accused of hacking into Pippa Middleton's iCloud account is now wanted by US authorities for allegedly blackmailing healthcare companies.
A man convicted of launching DDoS attacks against two Boston-area health care facilities was sentenced in US District Court on Thursday to 10 years in prison.
Zurich insurance is subject to a $100 million damages claim by US food company Mondelez for not paying out a claim related to the NotPetya cyber-attacks with the insurer citing war exclusion clause.
Intel has been forced to release patches for five bugs in its systems, three of which enable escalation of privileges, allowing hackers access to infrastructure
Cisco issued 18 fixes for vulnerabilities spanning its product line including a critical flaw which could be triggered by a malicious email and another flaw which could enable a permanent DoS condition forcing the affected device to stop scanning and forwarding messages.
Microsoft Corp. this Tuesday released two software updates that reportedly rendered some Windows 7-based machines useless by mistake.
Hyatt Hotels has partnered with HackerOne to launch a bug bounty program to help stave off cyber-attacks similar to what the hotel chain suffered in 2017 and the much larger Marriott breach that exposed millions of customers data.
After experiencing several allegations of shady ties to the Russian government, in a twist of events it turns out that Kaspersky Lab may have assisted the National Security Agency (NSA) in capturing an alleged data thief.
Some Reddit users discovered they were locked out of their own accounts earlier this week after an apparent credential stuffing attack compelled the popular website to invoke password security measures.
"Every customer that we see is going through some form of digital transformation (so we are talking about) ... how security plays into that, and what some of the challenges are in managing digital risk."
Citing personal reasons, the recently appointed CISO at the NHS Robert Coles has resigned from the role that was created in response to the WannaCry attack.
Google's introduction of DNS-over-TLS is another step in securing the internet's inherently insecure legacy domain resolution system.
A Polish security researcher has created an automated tool for cracking two-factor authentication systems in phishing attacks, a tool he has made publicly available.
Microsoft kicked off 2019 with a light Patch Tuesday listing 47 vulnerabilities with seven rated as critical.
A new malware dubbed ICEPick-3PM is stealing device IP addresses en masse since at least spring 2018.
Researchers from a combination of academic and corporate backgrounds have disclosed a newly discovered side-channel attack technique that targets the operating system page cache and affects devices regardless of hardware architecture or OS.
Deloitte's Digital Disruption Index finds that more graduates have the right skills but gap still persists
The National Security Agency (NSA) will demonstrate a free and open-source tool for reverse engineering malware with the hopes of improving security rather than undermining it.
The US Supreme court Monday declined to hear Fiat Chrysler's appeal in a class action lawsuit claiming the automaker knew its vehicles were vulnerable to cyberattacks as early as 2011.
Following an out of band update issued last week for Acrobat and Reader, Adobe today released "important" rated patches for Adobe DigitalEditions and Adobe Connect as part of its normal Patch Tuesday update.
A 20-year-old man arrested in connection with the release of personal details of nearly 1,000 politicians, celebrities and journalists in Germany has reportedly confessed to his involvement.
At least one threat actor is using a combination of the info stealer Vidar and GandCrab ransomware to put a double whammy on their victims.
The data on about 285 Singapore Airlines' Krisflyer frequent flyer program members was exposed after a software glitch following a website update allowed frequent flyers see the data of others.
An old hoax targeting WhatsApp users has reportedly reemerged, attempting to scare users by falsely warning them not to download a supposed video that contains dangerous malware.
Web fonts are being used as a substitution cypher in a novel attack to bypass security scanners, according to new research from Proofpoint.
Marriott International may have bumped down the number of records affected by a breach of its Starwood division to 383 million, but the hotel chain admitted that five million passport numbers stolen in the incident by an unknown hacker were unencrypted.
Google finally got around to patching a three-year-old vulnerability in its Chrome for Android browser, which reveals a phone model and build.
Weds 21st Nov, 3pm
A practical risk-based approach to implementing GDPR and building a security-aware culture in your organisation.
Brought to you in partnership with Metacompliance
Mon 19th Nov
Brought to you in partnership with Mimecast