CIOs and security professionals need to ensure that company security policies are established and enforced, whether employees access company sensitive data from home offices, public Wi-Fi networks or hotels says Gerald Beuchelt.
The UEA has suffered another data breach; an email was sent to about 300 students in the social science faculty which included the personal health information of a member of staff, in a repeat use of a flaw not fixed previously.
Scientists use vision algorithms to sidestep security systems and machine-read CAPTCHA security words like a human.
Some 20 percent of Greater Manchester Police's computers are at risk of a ransomware hack due to still running Windows XP, according to research from Top10VPN.com
Sophisticated attackers will subvert trusted suppliers of executable code such as software updates, consequently, Martin Lee says that a sophisticated response is required.
Millions could have been exposed to malware bug in LinkedIn Messenger
According to the t-shirt 'There's no place like 127.0.0.1' but just how secure is this particular home? And should recommendations become instructions to end ambiguity?
Attackers are always on the lookout for new vectors and unmonitored devices are attractive targets; Paul McKiernan warns, ensure that a security stack covers every attack vector - below the OS, in the OS and above the OS.
The vulnerability could execute malicious Windows scripts in Linux.
Popular IoT home security device could allow hackers to turn burglar alarms on and off and switch on siren, says researcher who dissected it.
Multiple SQL injection flaws in EMC products could allow hackers to gain web access and take information from applications.
Security researchers have found yet another SQL injection vulnerability in a WordPress plugin.
What could possibly go wrong?
A massive ransomware campaign attacked countless endpoints for the second time in just over a month, exploiting a vulnerability that had been patched months earlier. SC asks, why does this keep happening?
In the latest episode in the WannaCry saga, the infamous piece of ransomware has locked up dozens of speed cameras in the south eastern region of Victoria.
Yet another case of cyber-criminals using NSA hacking tools has emerged, this time leveraged to mine crypto-currency.
As cyber-concerns make their way up the boardroom agenda, companies involved in mergers and acquisitions are increasingly conducting cyber due-diligence.
In a new campaign, attackers are locking out activists from their social media accounts.
The latest WikiLeaks dump shows off the CIA's exploitation of vulnerabilities in internet routers.
Security researchers have found that the encryption key used for custom configurations of Virgin Media broadband routers is the same for all hubs across the UK.
Gloucester City Council must pay £100,000 to the Information Commissioner after it fell victim to the HeartBleed vulnerability, months after it had been patched.
An exploit used to propagate WannaCry is now being used to deliver other malware.
Is the world's most popular content management system riddled with holes, exploits and vulnerabilities? and what can be done to change that? SC's Davey Winder reports...
The developers of the free, open-source Samba suite of SMB/CFIS-based interoperability applications for *NIX machines issued an important patch on Wednesday, following the discovery of a remote code execution vulnerability.
Hadar Blutrich discusses some of the common ways of handling malware distribution through ads and suggests 'next generation sandboxes' around websites might be able to reduce of these risks.
The German Chaos Computer Club (CCC) hackers has found a way to cheat the biometric verification safety feature found on the Samsung Galaxy S8
A recently discovered flaw in Google Chrome could allow cyber-criminals to steal windows credentials, infect victims with malware and allow SMB relay attacks, according to security engineer Bosko Stankovic.
Mark Kedgley discusses the concept of alert fatigue and the need for forensic level, real-time integrity change monitoring, combined with blacklist/whitelist based analysis for breach detection.