Company insiders behind 1 in 4 data breaches – study Ransomware, external hackers dominate 2018 probe, natch Security10 Apr 2018 | 14
Botched upgrade at Belgian bank Argenta sparks phishing frenzy Fraudsters seize advantage as transfers, balances grind to halt Security06 Apr 2018 | 7
1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak Borked FTP, SMB, rsync, and S3 buckets fingered Security05 Apr 2018 | 55
Gosh, these 'hacker' nerds are only getting more sophisticated Trustwave report flags up the security flashpoints of 2017 Security05 Apr 2018 | 8
US spanks EU businesses in race to detect p0wned servers 175 days from breach to action could prove very expensive when GDPR kicks in Security05 Apr 2018 | 17
Badmins: Magento shops brute-forced to scrape card deets and install cryptominers Change your passw... ugh, what's the point? Security03 Apr 2018 | 19
One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools Call for software to throw badly behaved biz in fake data tar pits Security03 Apr 2018 | 97
Creaking protocols are threat to EU's telecom infrastructure security Y'all better bake in safeguards before 5G rollout, says ENISA Security29 Mar 2018 | 7
Internet of insecure Things: Software still riddled with security holes Which means devices could be pwned by crooks Security28 Mar 2018 | 15
Most FTSE 100 boards kept in the dark about cyber resilience plans Infosec bods worry it could be used against firms if disclosed Security28 Mar 2018 | 6
Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb Coinkidink? Nah. Crooks are switching tactics Security27 Mar 2018 | 14
GCHQ's infosec crew plans to 'scale up' Web Check to improve uk.gov site security That's the National Cyber Security Centre when it's at home Security27 Mar 2018 | 8
UK surgeon suspects his PC was hacked to target Syrian hospital Not the only possible theory, say infosec types Security21 Mar 2018 | 41
Symantec cert holdout sites told: Those Google Chrome warnings are not a good look Users will stop trusting you, warns researcher Security21 Mar 2018 | 25
Leading by example: UK.gov's secure server setup is patchy at best Many .gov websites 'broken, misconfigured or insecure' Security20 Mar 2018 | 19
Coverity Scan code checker's systems crypto-jacked to run cheeky mining op Freebie tool restored after 4 weeks offline Security19 Mar 2018 | 2
Crooks opt for Monero as crypto of choice to launder ill-gotten gains Study examines the cutting edge of cybercrime Security16 Mar 2018 | 12
Ugh, of course Germany trounces Blighty for cyber security salaries Britons never, never, never shall be wage slaves. Oh wait Security16 Mar 2018 | 47
Intel: Our next chips won't have data leak flaws we told you totally not to worry about Meltdown, Spectre-free CPUs coming this year, allegedly Security15 Mar 2018 | 62
Researchers slap SAP CRM with vuln combo for massive damage Directory traversal + log injection = I can see your privates Security15 Mar 2018 |
MailChimp 'working' to stop hackers flinging malware-laced spam from accounts What can you do about it for now? Sweet 2FA Security15 Mar 2018 | 28
Ex-GCHQ boss: All the ways to go after Russia. Why pick cyberwar? Adds his 2 cents as PM, security council meet about Salisbury poisoning Security14 Mar 2018 | 140
SecurEnvoy SecurMail, you say? Only after this patch is applied, though Flaws meant others could read, meddle with encrypted emails Security13 Mar 2018 | 2
China ALTERED its public vuln database to conceal spy agency tinkering – research Report claims vuln-botherers share building with Ministry of State Security Security12 Mar 2018 | 14
DVLA denies driving licence processing site is a security 'car crash' PCI compliance? Yep, we've heard of it too Security09 Mar 2018 | 62
Your entire ID is worth £820 to crooks on dark web black market Fullz and their money are soon parted Security08 Mar 2018 | 41
Buffer overflow in Unix mailer Exim imperils 400,000 email servers Bug already plugged, get updating Security07 Mar 2018 | 13
CryptoLurker hacker crew skulk about like cyberspies, earn $$$ Miner prying by minor spying Security06 Mar 2018 | 4
Spring break! Critical vuln in Pivotal framework's Data parts plugged Similar to Apache Struts flaw that stuffed Equifax Security05 Mar 2018 | 2
RedDrop nasty infects Androids via adult links, records sound, and fires off premium-rate texts Baidu users, beware Security02 Mar 2018 | 12
23,000 HTTPS certs will be axed in next 24 hours after private keys leak Trustico, DigiCert come to blows as browsers prepare to snub Symantec-brand SSL Security01 Mar 2018 | 61
Got that itchy GandCrab feeling? Ransomware decryptor offers relief Claw back your stuff without paying asshat for pricey cracker Security28 Feb 2018 | 6
XM-Hell strikes single-sign-on systems: Bugs allow miscreants to masquerade as others Yeah, I’m so totally Sarah from accounts… Security28 Feb 2018 | 13
Use of HTTPS among top sites is growing, but weirdly so is deprecated HTTP public key pinning Better than nothing! Security27 Feb 2018 | 47
Fender's 'smart' guitar amp has no Bluetooth pairing controls Updated Bum note: you could Rickroll an artist live on stage Security27 Feb 2018 | 101
Opt-in cryptomining script Coinhive 'barely used' say researchers We wouldn't say 'barely', says Coinhive Security27 Feb 2018 | 6
Until last week, you could pwn KDE Linux desktop with a USB stick Tweak VFAT volume to execute arbitrary code Security12 Feb 2018 | 59
Cryakl ransomware antidote released after servers seized Don't pay the miscreants – don't even fix a price Security12 Feb 2018 | 10
Ghost in the DCL shell: OpenVMS, touted as ultra reliable, had a local root hole for 30 years Patches available, bug affects Alpha and Itanic mainframes On-Prem06 Feb 2018 | 97
GCHQ unit claims it has 'objectively' made the UK a less desirable target to cybercrims 'Active defence' strategy review says all is peachy one year on Security05 Feb 2018 | 48
Bluetooth 'Panty Buster' 'smart' sex toy fails penetration test Yep, it's yet another dildon’t Security02 Feb 2018 | 73
On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan Apparently, senior NHS Trust managers will be held accountable... stop giggling Security02 Feb 2018 | 55
Hey, you know what the internet needs? Yup, more industrial control systems for kids to hack Go on, shove another power plant or factory on the web Security02 Feb 2018 | 18
Johnny Hacker hauls out NSA-crafted Server Message Block exploits, revamps 'em Yep, vulns of WannaCry infamy. Why haven't you patched yet? Security31 Jan 2018 | 7
Oracle point-of-sale system vulnerabilities get Big Red cross Patched, Oracle? Speedily Security31 Jan 2018 | 3
Been bugging the boss for a raise? Now's the time to go into infosec Security specialists to command 7% salary hikes, survey finds On-Prem31 Jan 2018 | 23
Kremlin social media trolls aren't actually that influential, study finds дураки вы западники, ничего не знаете Security30 Jan 2018 | 68
Scammers become the scammed: Ransomware payments diverted with Tor proxy trickery Of course this does nothing for victims' encrypted files Security30 Jan 2018 | 23
Crooks make US ATMs spew million-plus bucks in 'jackpotting' hacks If you could keep an eye on miscreants cracking open your boxes, that would be great Security30 Jan 2018 | 27
Intel alerted Chinese cloud giants 'before US govt' about CPU bugs 'We certainly would have liked to have been notified of this' says Homeland Security Security29 Jan 2018 | 40
What do you press when flaws in Bluetooth panic buttons are exposed? Researcher able to DoS and track personal protection kit Security29 Jan 2018 | 18
Text bomb, text bomb, you're my text bomb! Naughty HTML freezes Messages, Safari, etc Apple font code on iOS, macOS knackered by texted link Personal Tech19 Jan 2018 | 35
And Oracle E-biz suite makes 3: Package also vulnerable to exploit used by cryptocurrency miner Hat trick! Security18 Jan 2018 | 1
VTech fondleslabs for kids 'still vulnerable' despite sanctions Researchers claim flaws remain more than two years later Security18 Jan 2018 | 12
Android snoopware Skygofree can pilfer WhatsApp messages Sophisticated nasty also able to listen in based on location Security16 Jan 2018 | 18
New Mirai botnet species 'Okiru' hunts for ARC-based kit Researchers: Code designed to hit Linux devices Security16 Jan 2018 | 11
Now Meltdown patches are making industrial control systems lurch Automation and SCADA-flingers admit fix has affected products Security15 Jan 2018 | 25
Boffins split on whether Spectre fix needs tweaked hardware Analysis It's not like a recall is possible, says chip security expert Security12 Jan 2018 | 40
Intel AMT security locks bypassed on corp laptops – fresh research Updated Easy as A, B, CTRL+P Security12 Jan 2018 | 41