News
Web application security
-
December 03, 2020
03
Dec'20
Lax Android app developers putting millions of users at risk
Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk
-
December 01, 2020
01
Dec'20
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020
-
November 24, 2020
24
Nov'20
Nominet introduces new resources for cyber scam victims
Domain name registrar is working with law enforcement to provide new information, guidance and resources for potential victims of online scams
-
November 23, 2020
23
Nov'20
NCSC issues retail security alert ahead of Black Friday sales
National Cyber Security Centre issues refreshed guidance as cyber criminals turn their eyes to the holiday shopping season
-
November 16, 2020
16
Nov'20
Human error blamed in Welsh Covid-19 patient data leak
Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked
-
November 11, 2020
11
Nov'20
Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates
November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of
-
November 10, 2020
10
Nov'20
Zoom rapped over historic security practices
The US Federal Trade Commission rules that Zoom’s practices undermined the security of its users
-
November 10, 2020
10
Nov'20
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals
-
November 09, 2020
09
Nov'20
EU moves closer to encryption ban after Austria, France attacks
Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week
-
November 06, 2020
06
Nov'20
ICO sued over ‘failure’ to address ad industry practices
Privacy campaigner the Open Rights Group claims the advertising technology industry is systematically breaching the GDPR, and the ICO is doing nothing about it
-
November 05, 2020
05
Nov'20
Microsoft to support next generation of security startups
Tech giant lends its support to the NCSC Cyber Accelerator scheme, which is seeking its seventh cohort of startups
-
October 28, 2020
28
Oct'20
Trump supporters targeted by cryptocurrency scammers
The successful breach of Donald Trump’s official website shows up lax security on his campaign team and is yet another timely warning that nobody is immune to cyber crime
-
October 28, 2020
28
Oct'20
Barracuda eyes Indochina markets
Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos
-
October 22, 2020
22
Oct'20
Protecting remote workers an opportunity to do security better
Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report
-
October 21, 2020
21
Oct'20
NSA’s top CVE list a timely reminder to patch
Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies
-
October 21, 2020
21
Oct'20
Trump and Biden campaign apps easy targets for cyber criminals
You don’t need a stellar IQ to exploit the dangerous StrandHogg Android vulnerability, and users of both Donald Trump’s and Joe Biden’s mobile apps are at risk of falling victim to it
-
October 21, 2020
21
Oct'20
Customer loyalty accounts in danger from cyber criminals
Billions of credential stuffing attacks are harvesting valuable customer data for the dark web economy
-
October 20, 2020
20
Oct'20
Police given access to self-isolation data
NHS Test and Trace self-isolation data will be made available to police after new guidance changes data-sharing rules
-
October 14, 2020
14
Oct'20
Microsoft fixes 87 bugs in October 2020 Patch Tuesday
Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019
-
October 13, 2020
13
Oct'20
Suppliers neglecting virtual appliance security, putting users at risk
Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report
-
October 12, 2020
12
Oct'20
Five Eyes spy group again demands access to private messages
Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms
-
October 12, 2020
12
Oct'20
Cyber security skills ad branded ‘crass’ by minister
Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic
-
October 09, 2020
09
Oct'20
Magecart strikes website of school payments service Wisepay
Magecart credit card skimmer harvested financial data of users of Wisepay’s platform over a two-day period
-
October 08, 2020
08
Oct'20
NCSC relaunches SME security guide with home working focus
The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020
-
October 05, 2020
05
Oct'20
Fake news tops list of online concerns worldwide
Receiving false information is a greater worry than other online risks such as cyber bullying and fraud, says the Lloyd’s Register Foundation
-
October 02, 2020
02
Oct'20
Find and fix your Adobe Flash dependencies, says NCSC
As Adobe’s Flash Player approaches end-of-life, the National Cyber Security Centre is urging organisations to fix their Flash dependencies
-
September 30, 2020
30
Sep'20
GitHub makes code vulnerability scanning feature public
Code-scanning service is now out of beta and generally available, helping teams to bake security into their code at the development stage
-
September 29, 2020
29
Sep'20
NCSC expands schools programme to north-east England and Northern Ireland
Following an initial roll-out in Gloucestershire and Wales, the NCSC’s CyberFirst Schools programme is being extended to north-east England and Northern Ireland
-
September 29, 2020
29
Sep'20
NatWest offers online banking customers free security services
Bank responds to a surge in cyber crime targeting users of online banking services
-
September 29, 2020
29
Sep'20
Remote working world reveals cloud/SaaS security concerns
Research reveals pivotal moment when the cloud is playing a more important role than ever to support mass remote working, with CISO concerns over cloud security remaining stubbornly high
-
September 28, 2020
28
Sep'20
TikTok ban stayed after last-minute court case
TikTok’s lawyers have staved off an imminent ban for the time being, after successfully arguing that it infringed rights guaranteed under the Constitution of the United States
-
September 28, 2020
28
Sep'20
Security now main driving force behind digital transformation
Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda
-
September 24, 2020
24
Sep'20
Third-party code bug left Instagram users at risk of account takeover
A critical vulnerability in Instagram’s image processing could have allowed attackers to take over not just their victim’s account, but their entire device
-
September 24, 2020
24
Sep'20
Government blasted over ‘reckless’ contact-tracing security
The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security
-
September 24, 2020
24
Sep'20
Race to patch as Microsoft confirms Zerologon attacks in the wild
Don’t be the organisation that made the headlines because it failed to patch. Microsoft says it is seeing cyber attacks ramping up around the Zerologon CVE-2020-1472 bug
-
September 23, 2020
23
Sep'20
Video gamers barraged with cyber attacks
From credential stuffing to SQL injection and DDoS, video game producers and players are seeing massive volumes of cyber attacks
-
September 22, 2020
22
Sep'20
Scam mobile apps spreading via rogue TikTok accounts
Malicious TikTok accounts are promoting a number of adware scam mobile apps
-
September 21, 2020
21
Sep'20
Big questions to be answered over TikTok and WeChat reprieve
TikTok and WeChat seem to have received a stay of execution, but big questions and contradictions remain
-
September 18, 2020
18
Sep'20
Congressman offered Julian Assange a ‘win-win’ deal that would help President Trump
Details have emerged of US congressman Dana Rohrabacher’s offer of a pardon to WikiLeaks founder Julian Assange in a ‘win-win deal that would benefit US President Donald Trump
-
September 18, 2020
18
Sep'20
US government deplatforms TikTok and WeChat
The Commerce Department of the US government has banned new downloads of TikTok and WeChat in the US, and announced new prohibitions on doing business with them
-
September 18, 2020
18
Sep'20
Rampant Kitten spent six years hacking Iranian dissidents
Details emerge of an ongoing campaign by Tehran-backed threat actors targeting dissidents and activists
-
September 17, 2020
17
Sep'20
Saudi Arabia sees cyber security boom as coronavirus bites
Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods
-
September 17, 2020
17
Sep'20
Assange revelations among most important in US history, says Daniel Ellsberg
Daniel Ellsberg, who leaked highly classified documents that changed the course of the Vietnam War in the 1970s, says WikiLeaks exposed a serious pattern of US war crimes
-
September 16, 2020
16
Sep'20
Retailers urged to get to grips with Magento as attacks spike
A huge spike in online retailers being hacked with Magecart credit card skimmers is being blamed on unsupported versions of Adobe Magento
-
September 16, 2020
16
Sep'20
Lorca security scaleups to get Splunk data expertise
Lorca inducts Splunk onto its co-marketing programme, giving security scaleups access to new data expertise
-
September 15, 2020
15
Sep'20
Risky development practice leaves company access keys exposed
Database stores, cloud storage and myriad other services are being put at risk by the accidental exposure of company access keys during development
-
September 15, 2020
15
Sep'20
TikTok-Oracle partnership moves forward for consideration
Joint venture proposal could create thousands of jobs and secure TikTok’s future outside China
-
September 15, 2020
15
Sep'20
Data of every Welsh Covid-19 patient leaked online
Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error
-
September 14, 2020
14
Sep'20
Microsoft drops out of TikTok talks, paves way for Oracle partnership
Microsoft confirms it is dropping out of the running to acquire the US operations of TikTok, leaving the way clear for an imminent partnership deal with Oracle
-
September 11, 2020
11
Sep'20
Travel industry websites are laughably insecure, claims Which?
The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation