Rights groups raise concerns about the legality of London Met Police’s surveillance software and its impact on privacy
To share best practice among ISPs the World Economic Forum and its global partners have published Cybercrime Prevention Principles for Internet Service Providers.
GE Healthcare’s Carescape patient monitoring devices have six high-severity security vulnerabilities, warned the US Cybersecurity and Infrastructure Agency
BitPyLock threat actors are now exfiltrating data before the ransomware encryption begins
Early this month several parties published exploits taking advantage of the vulnerability, putting unmitigated user systems at risk. Citrix users are recommended to run this tool as soon as possible
The Muhstik botnet harvests vulnerable Tomato routers and researchers report that Muhstik mainly launches cryptocurrency mining and DDoS attacks in IoT bots to earn profit.
NSO denies involvement in case of Jeff Bezos, alleged to have had his phone hacked via a video file from the WhatsApp account of Saudi Arabia's crown prince, Mohammed bin Salman.
CyberRisk Alliance ("CRA"), a US-based cyber-security & information risk management business intelligence company & owner of SC Media, has appointed David Longobardi as Chief Content Officer.
Employee data of co-working provider Regus breached after third party accidentally publishes sales staff performance data
Entries close soon for SC Awards Europe 2020 which early indications suggest will be the most successful yet; we are honoured to have the endorsement of BT Security as headline sponsor for this year's Awards.
Betting companies have accessed a large, detailed database of the personal details of 28 million UK children, held by the Learning Records Service
Stats and expert comments on developments in data regulation; AI and machine learning; cloudsecurity; IOT & IIOT; Next gen authentication.
Two-factor authentication is easily thwarted by social engineering hence Sim swap attacks risk making 2FA via smartphones obsolete, according to security researchers.
The UK is the European country most attacked by cyber-criminals and within the UK London is disproportionately the target, suffering as many breaches as several European countries combined.
The US FBI took down a website that sold access to billions more records that were leaked from breaches or exposed online
SC Media UK is delighted to announce its illustrious panel of judges for the SC Awards Europe 2020. Winners announced at a gala dinner at the London Marriott Grosvenor Square hotel London on 2nd June.
Thousands of files stored on an Amazon Web Services (AWS) S3 bucket -- HR documents belonging to a host of UK consultancy firms -- were found open to anyone with a browser
Salaries are changing in the cyber-security industry, but are women closing the gender gap, and what skills are most in demand? Which roles have peaked and which are rising?
A children's book that explains the concepts of cyber-security with kings, castles and gold rather than enterpriseses, networks and data.
How to priorise patching following Microsoft's Patch Tuesday announcement of Windows critical spoofing vulnerability in the CryptoAPI DLL (Crypt32.dll) - CVE-2020-0601.
Millions of personal computers worldwide running on Windows 7 operating system - including 76% of NHS PCs - will stop receiving security updates, as Microsoft is ending the support for the OS on 14 January
Bug alert: Organisations told to deploy mitigations against Citrix Netscaler remote code execution flaw
Organisations have been warned that they need to deploy workarounds for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability as working exploits have become available.
Amazon Web Service urges businesses to download and install new SSL/TLS certificates; five-year cycle too long, says security expert
Each UK company with an internet connection was attacked online more than once a minute in 2019
Project Zero goes public 90 days after disclosing the vulnerability to the affected organisation. Now, they have added a 14-day grace period on request
Facebook's announcement to add deepfakes to the categories of banned content is hardly a patch on the growing misinformation campaigns on the platform say privacy and security experts
Critical security vulnerability in enterprise VPN software is being used to deliver ransomware, hundreds of UK businesses still remain unpatched
F-Secure's report listed Austria as the second top destination for cyber-attacks in H1 2019, leaping up from the fifth position in H2 2018
From the expected to surprising, our 200+ predictions cover Brexit, cyber-treaties to IOT regulation, the negative impact of cyber insurance and the downsides of 5G, plus AI deepfake ransomware & much more.
Cisco released updates to its networking equipment operating system NX-OS after security researchers found three critical authentication bypass vulnerabilities
Malware attack on UK-based currency exchange company Travelex's systems spilled over to foreign exchange services of major financial brands
Based on the Scottish model, 10 new centres in England will promote cyber-security measures for business
The California Consumer Privacy Act came into effect on 1 Jan, UK companies under ambit as countries around the world consider privacy rules in the wake of GDPR.
In an exclusive interview with CTO at Octopi Managed Services, Ian Thornton-Trump, SC reports launch of The Octopi Hacking Archive, including1995 BBS files, provided free to aid understading of threat evolution.
A large-scale phishing campaign has been targeting online banking customers -- the majority of whom were Canadian -- for the last two years
A database holding more than 267 million user IDs, phone numbers and names of Facebook users was left exposed on the internet without requiring any form of authentication to access
Unsecure Elasticsearch cluster owned by the Honda Motor Company left 976 million records of about 26,000 customers open online
The UK Department of Works & Pensions' Enterprise Security and Risk Management (ESRM) team beat 450 global organisations to win 'GRC Journey' award at the 2019 UK GRC Summit.
EU Court of Justice likely to accept Standard Contractual Clauses (SCCs) to transfer data from the EU to third countries & Privacy Shield - but require companies and regulators to stop transfers if necessary.
Why did Facebook close its encrypted Tor service when its TLS cert expired (it had good reason to), how did it let the certificate expire, & are you any better at having the visibility to maintain your TLS certs?
Data ransomers have created a public website to expose data and named recent victim companies that chose to rebuild their operations instead of paying up
Smartphones, the devices most commonly used interchangeably for personal and work purposes, have opened doors for hackers
Two new vulnerabilities affecting pre-installed or bundled software on Asus and Acer PCs could potentially impact millions of business users
Researchers discover data breach at South African ICT major Conor; customer data on 80 million users across Africa, South America potentially exposed
Barco NV patches security vulnerabilities in its popular wireless presentation system Clickshare after alerted by F-Secure researchers
The election is over, the Conservatives have won, and Boris Johnson is promising to deliver on his pledge to 'get Brexit done' by the 31st January. What does that mean for the average CISO?
Unique malware varieties have risen by an eighth this year, according to The Kaspersky Security Bulletin: Statistics of the Year report, with Web skimmer files blamed for growth in unique malicious code.
Latest patch by Microsoft covers a zero-day privilege elevation loophole that was found to be actively exploited in the wild
The first time you got your hands on powerful penetration testing tools, you must have thought 'just think what I could do with this'. And that's just what the criminals think too - and then they do it.
Kaspersky teams up with Swedish designer Benjamin Waye and creative agency Archetype to make a ring that could present fake fingerprints for non-mandatory verifications
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout