Orders up 23 percent year-on-year in UK; scamsters target card details and user info as more and more stay online
An unpatched flaw in iOS 13.3.1 and later could prevent VPNs from encrypting all traffic, according to security researchers, enabling hackers to snoop on private data
Security executive shares personal insights for SC UK readers working remotely
Hackers have compromised WordPress-based websites of corporate sites and news blogs to plant backdoors onto victim’s systems. Compromised websites redirect victims to phishing sites.
Margaret Sale, a founding member of the Saving Bletchley Park campaign, member of the board of Bletchley Park Trust and trustee of The National Museum of Computing, has died aged 87.
Have you made it onto the shortlist as a finalist for the SC Awards Europe - the industry’s premier Awards? Check below now.
Concerns have been raised over recent warnings from Windows Defender that scans are not completing as expected
Attackers are exploiting unpatched Windows zero day flaws; “limited targeted attacks” could leverage two unpatched remote code executive (RCE) vulnerabilities in Windows.
A flaw found last month is used by hackers to compromise and controlZyxel NAS devices under attack from Mukashi Mirai variant
While businesses are closed there will be a greater need for both physical and cyber-security professionals to both protect vital personal information in closed offices; and what about apprentices?
More than five billion records were exposed after an elasticsearch “data breach database” housing a trove of security incidents from the last seven years was left unprotected.
Twitter released new content guidelines regarding Covid-19 tweets after Facebook’s AI fails to differentiate between verified content and spam
Amazon patches S3 buckets of Doxzoo after vpnMentor researchers find 343 GB trove
Cyber-criminals use coronavirus tracking map created by Johns Hopkins University to deliver Android spyware
Oxford researchers are working with European governments on the feasibility of a mobile app for instant contact tracing of possible Covid-19 patients
Difficult to exploit, new flaw discovered in Intel processors could allow hackers to steal data from the CPU's cache memory.
Better data, not more data required. in some cases security monitoring tools are producing more than 50 percent false positives according to new research
Find out what excites & will retain staff; be flexible in hiring eg teams working remotely in other parts of the country. It's not just about pay and benefits, but 'is it the right place to be, to grow and develop?'
Microsoft issues security advisory two days after it acknowledged the existence of the vulnerability, which it missed in this month’s Patch Tuesday update
Close to 394,000 cyber security-related vacancies were announced over the past three years, but companies could fill only two-thirds of them
Some major sponsors pulled out of attending cloud Expo 2020 leaving unmanned stands at the show, including Sophos, IBM, Tripwire, Neustar, Appgate, ISC(2), Crest & others - but the show went on.
Senior security executives in UK prefer to work with organisations that publish thought leadership over ones that don’t - and are willing to pay a premium.
Microsoft acknowledged 'wormable' pre-auth remote code execution vulnerability in the Server Message Block 3.0 (SMBv3) network communication protocol
Businesses are spending millions on data protection compliance and insurance, but visibility of network endpoints remains a serious weak spot, according to a new report
Closing the gender gap in cyber-security could boost the UK economy by £12.6 billion - so why is it not happening? And how do women overcome these barriers and succeed in cyber-security?
International Women's Day. Sexual harassment and discrimination: The dark side of cyber-security conferences
International Women’s Day is a time to celebrate the role of women in cyber-security. So why are sexual harassment and discrimination still taking place at conferences?
Sound advice for women (largely applicable to men too) on why you should consider a career in cyber-security and how to go about it.
New campaign uses fake digital certificate updates to infect systems of visitors to websites that have been compromised
"We need more cyber to protect us in cyberspace, more sigint, more electronic warfare and special operations capabilities ...will mean we should work even more strongly with the US" Defence Secretary
Platform encryption keys can be compromised enabling attackers to steal data due to Intel chipset Rom error.
A little over a billion attacks were recorded by F Secure honeypots for the whole of 2018; by 2019 the total was 5.7 billion attacks - dominated by attacks hitting the Server Message Block (SMB) protocol.
Let’s Encrypt project revoked over three million digital certificates after discovering a flaw in its certificate authority code
Working remotely without proper oversight or preparation, especially the presence of unsecured IoT devices in houses, raises security concerns
MediaTek-su bug impacted huge numbers of mid-range Android devices, including the ones from Amazon, Nokia and LG
All the entries are now in for the SC Awards Europe 2020, the judging is underway and the booking website live and ready to book your ticket to attend the Awards event itself.
Attackers actively scanning networks for CVE-2020-0688 remote code execution flaw, a major vulnerability affecting nearly every supported version of Microsoft Exchange Server. Apply patch now.
Facial recognition company's customers, including law enforcement agencies, affected by the data breach
The number of 'blacklisted' malicious apps have declined in 2019, but feral apps continue to work undetected, warns RiskIQ report
MAT recorded a two-digit growth in detected installation packages, while stalkerware incidents grew at least twice from that of 2018, reported Kaspersky
Ethical hackers contracted via HackerOne earned a total of US$40m (£31m) in 2019 - nearly as much as the US$42m (£32.5m) that the company has been paid for bounties since start up in 2012.
Around 60 apps at risk of data slurp by criminals by malware dubbed Racoon which has been discovered to extract data from up to 60 applications.
“Clients want someone as trustworthy as approved staff, acting diligently, not causing an outage or leak. But they want to simulate a real attacker, who acts with impunity & runs wild. It's difficult to reconcile.” Laurie Love
Phishing campaign in the guise of Google Docs forms asks for updating of Office 365 accounts to create fake Microsoft login pages to harvest corporate user credentials.
Joker spyware reappeared on the Google Play store over the last few months, a few samples at a time
Default password could let anyone gain access to Cisco Smart Software Manager On-Prem
CISOs across the world expect cyber-security talent shortage to worsen; 66 percent struggle to recruit senior talent, says survey
Increasingly tech needs to be coupled with an ability to see the big picture, strategise and articulate problems and potential solutions to policy makers - which is where the Cyber 9/12 Challenge comes in.
A survey by Egress says 97 percent of respondents listed insider data breaches are a major point of worry
Despite the harm data breaches do to business reputation, several UK enterprises remain alarmingly unprepared in cyber-defence, even complacent
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout