The UK is the European country most attacked by cyber-criminals and within the UK London is disproportionately the target, suffering as many breaches as several European countries combined.
The US FBI took down a website that sold access to billions more records that were leaked from breaches or exposed online
SC Media UK is delighted to announce its illustrious panel of judges for the SC Awards Europe 2020. Winners announced at a gala dinner at the London Marriott Grosvenor Square hotel London on 2nd June.
Thousands of files stored on an Amazon Web Services (AWS) S3 bucket -- HR documents belonging to a host of UK consultancy firms -- were found open to anyone with a browser
Salaries are changing in the cyber-security industry, but are women closing the gender gap, and what skills are most in demand? Which roles have peaked and which are rising?
A children's book that explains the concepts of cyber-security with kings, castles and gold rather than enterpriseses, networks and data.
How to priorise patching following Microsoft's Patch Tuesday announcement of Windows critical spoofing vulnerability in the CryptoAPI DLL (Crypt32.dll) - CVE-2020-0601.
Millions of personal computers worldwide running on Windows 7 operating system - including 76% of NHS PCs - will stop receiving security updates, as Microsoft is ending the support for the OS on 14 January
Bug alert: Organisations told to deploy mitigations against Citrix Netscaler remote code execution flaw
Organisations have been warned that they need to deploy workarounds for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability as working exploits have become available.
Amazon Web Service urges businesses to download and install new SSL/TLS certificates; five-year cycle too long, says security expert
Each UK company with an internet connection was attacked online more than once a minute in 2019
Project Zero goes public 90 days after disclosing the vulnerability to the affected organisation. Now, they have added a 14-day grace period on request
Facebook's announcement to add deepfakes to the categories of banned content is hardly a patch on the growing misinformation campaigns on the platform say privacy and security experts
Critical security vulnerability in enterprise VPN software is being used to deliver ransomware, hundreds of UK businesses still remain unpatched
F-Secure's report listed Austria as the second top destination for cyber-attacks in H1 2019, leaping up from the fifth position in H2 2018
From the expected to surprising, our 200+ predictions cover Brexit, cyber-treaties to IOT regulation, the negative impact of cyber insurance and the downsides of 5G, plus AI deepfake ransomware & much more.
Cisco released updates to its networking equipment operating system NX-OS after security researchers found three critical authentication bypass vulnerabilities
Malware attack on UK-based currency exchange company Travelex's systems spilled over to foreign exchange services of major financial brands
Based on the Scottish model, 10 new centres in England will promote cyber-security measures for business
The California Consumer Privacy Act came into effect on 1 Jan, UK companies under ambit as countries around the world consider privacy rules in the wake of GDPR.
In an exclusive interview with CTO at Octopi Managed Services, Ian Thornton-Trump, SC reports launch of The Octopi Hacking Archive, including1995 BBS files, provided free to aid understading of threat evolution.
A large-scale phishing campaign has been targeting online banking customers -- the majority of whom were Canadian -- for the last two years
A database holding more than 267 million user IDs, phone numbers and names of Facebook users was left exposed on the internet without requiring any form of authentication to access
Unsecure Elasticsearch cluster owned by the Honda Motor Company left 976 million records of about 26,000 customers open online
The UK Department of Works & Pensions' Enterprise Security and Risk Management (ESRM) team beat 450 global organisations to win 'GRC Journey' award at the 2019 UK GRC Summit.
EU Court of Justice likely to accept Standard Contractual Clauses (SCCs) to transfer data from the EU to third countries & Privacy Shield - but require companies and regulators to stop transfers if necessary.
Why did Facebook close its encrypted Tor service when its TLS cert expired (it had good reason to), how did it let the certificate expire, & are you any better at having the visibility to maintain your TLS certs?
Data ransomers have created a public website to expose data and named recent victim companies that chose to rebuild their operations instead of paying up
Smartphones, the devices most commonly used interchangeably for personal and work purposes, have opened doors for hackers
Two new vulnerabilities affecting pre-installed or bundled software on Asus and Acer PCs could potentially impact millions of business users
Researchers discover data breach at South African ICT major Conor; customer data on 80 million users across Africa, South America potentially exposed
Barco NV patches security vulnerabilities in its popular wireless presentation system Clickshare after alerted by F-Secure researchers
The election is over, the Conservatives have won, and Boris Johnson is promising to deliver on his pledge to 'get Brexit done' by the 31st January. What does that mean for the average CISO?
Unique malware varieties have risen by an eighth this year, according to The Kaspersky Security Bulletin: Statistics of the Year report, with Web skimmer files blamed for growth in unique malicious code.
Latest patch by Microsoft covers a zero-day privilege elevation loophole that was found to be actively exploited in the wild
The first time you got your hands on powerful penetration testing tools, you must have thought 'just think what I could do with this'. And that's just what the criminals think too - and then they do it.
Kaspersky teams up with Swedish designer Benjamin Waye and creative agency Archetype to make a ring that could present fake fingerprints for non-mandatory verifications
Users cautious of what they put on the internet and aware of the host's free tools for protecting their services can avoid unsecure databases, says James Spiteri
A flaw that affects most Unix-based operating systems, including MacOS, Android and Linux, may allow attackers to defeat VPN security.
The UK ministry of defence confirms Strategic Command formed as part of JFC reorganisation to improve integration and enhance its role providing leadership in the cyber domain for the MOD.
MS threat analysis finds credentials of 44 million Azure AD and Microsoft Services Account details; password reuse rampant
Security researchers have disclosed a flaw in the Aviatrix VPN client that give a hacker unlimited access to a victim's system - now patched.
Organisations warned of full intrusion with just flaw and one phish - due to flaw they should have fixed and is actively used by multiple threat actors.
A vulnerability, named StrandHogg, allows malware to pose as any legitimate app, gain permissions and literally hijack the phone
Stake your claim to be recognised as the best in the industry by winning your category in the SC Awards Europe 2020 - and this year we have four new Awards up for grabs!
Despite repeated data breaches and hacking attempts, firms in the food and hospitality sector have spent the least on cyber-security in 2018-19, says a research report; unsurprisingly, finance tops the spend table.
RevengeHotels malware campaign looks for credit card details of hotel guests
Common Weakness Enumeration list reveals the critical software errors that could impact enterprise security
Twitter warns users about possible data harvesting, Facebook issues alerts on SDKs by oneAudienceand Mobiburn
Is Zero Trust really achievable given the complexity in finance service organisations?
Brought to you in partnership with Forescout