News

Hackers and cybercrime prevention

• October 21, 2015 21 Oct'15

  Infosec pros should start preparing for the future, say experts

  Information security professionals need to grow their skills, engage with the business, increase security awareness, set business goals and tailor their messages, says a panel of experts

• October 19, 2015 19 Oct'15

  Dow Jones denies it was target of insider trading hack

  Dow Jones says there is no information to support reports that it was the target of hackers seeking information for insider trading

• October 16, 2015 16 Oct'15

  Yahoo announces password-killing Account Key

  Yahoo Account Key uses push notifications to provide a fast and secure way to access Yahoo accounts from a mobile device

• October 13, 2015 13 Oct'15

  Cyber security innovation is crucial, says security evangelist

  Visibility and automation are key areas of cyber security innovation, but firms should concentrate first on the basics and not overlook the human element of security

• October 12, 2015 12 Oct'15

  Encryption is a double-edged sword, says Blue Coat

  Seven more security suppliers join Blue Coat encrypted traffic management programme amid fresh warnings of attackers using encryption to hide malicious activity

• October 09, 2015 09 Oct'15

  Apple removes more iOS apps over security concerns

  Apple has blocked more apps over security concerns just weeks after ridding the App Store of XcodeGhost malware

• October 08, 2015 08 Oct'15

  Samsung Pay isolated from LoopPay attack

  Hackers who compromised LoopPay’s computer systems had no access to Samsung Pay’s user data or other core information, says Samsung

• October 06, 2015 06 Oct'15

  Researchers find credential-stealing webmail server APT attack

  Security researchers have discovered a new and unique advanced persistent threat (APT) technique that involves a malicious module loaded onto a webmail server

• October 02, 2015 02 Oct'15

  David Jones online customers hit by data breach

  Hackers have accessed the personal details of an unknown number of David Jones online customers, but the retailer says payment details and passwords are not affected

• September 30, 2015 30 Sep'15

  Medical devices must be secure by design, say industry experts

  The information security industry is calling for medical device manufacturers to design and build cyber security into all internet-enabled devices after thousands are found to be hackable

• September 29, 2015 29 Sep'15

  120-day patching gap puts many firms at risk of cyber attack, study shows

  The probability of a vulnerability being exploited hits 90% between 40-60 days after discovery, but many firms are taking up to 60 days beyond that to patch, while others are failing to patch at all, a study shows

• September 18, 2015 18 Sep'15

  Public-private co-operation in the Nordics tackles growing cyber crime threat

  Nordic governments and businesses are putting cyber security at the centre of their planning as threats increase

• September 16, 2015 16 Sep'15

  BT launches ethical hacking service for bankers

  BT introduces a certified Crest Star ethical hacking test service for financial services customers

• September 15, 2015 15 Sep'15

  Most DDoS attacks hiding something more sinister, Neustar warns

  Smaller DDoS attacks can be more dangerous than a powerful attack that knocks a company offline but does not install malware or steal data, warns Neustar

• September 14, 2015 14 Sep'15

  RSA Group flags ID theft risk to Lloyds Bank customers following datacentre storage theft

  International insurance group has seen 500 customers take up offer of identity theft protection in wake of datacentre theft

• September 11, 2015 11 Sep'15

  Security industry welcomes GCHQ password guidelines

  GCHQ's guidance on password policy covers some of the most pressing issues facing UK businesses and employees today, according to Skyhigh Networks

• September 11, 2015 11 Sep'15

  DD4BC cyber extortion gang adds social media to arsenal

  Cyber extortion gang DD4BC is using social media campaigns to garner more attention for its ability to create service disruptions by publicly embarrassing large organisations

• September 10, 2015 10 Sep'15

  US health insurer Excellus BlueCross BlueShield hit by data breach

  Forensic investigation reveals a data breach at US health insurer Excellus BlueCross BlueShield exposing up to 11 million records 21 months after the first intrusion

• September 09, 2015 09 Sep'15

  Security pros failing to address digital certificate risks, survey shows

  Even though 90% of security professionals believe a leading CA will be compromised in next two years, only 13% have existing automation to deal with that happening

• September 09, 2015 09 Sep'15

  Conventional security measures hit productivity, study shows

  Most IT professionals say context-aware security would improve productivity without compromising security, a survey from Dell reveals

• September 09, 2015 09 Sep'15

  Security vulnerability management more than patching, warns Secunia

  Keeping track of what makes an IT environment vulnerable is an ongoing and complex task, according to Secunia

• September 04, 2015 04 Sep'15

  US State Department plans cyber security playbook

  The US State Department issues a request for information to determine the capabilities of commercial industry to provide and maintain a cyber security playbook

• September 01, 2015 01 Sep'15

  DDoS attack on NCA highlights need to be prepared, says Barracuda Networks

  A Lizard Squad DDoS attack the NCA says is a fact of life highlights the need for organisations to be prepared, according to Barracuda Networks

• September 01, 2015 01 Sep'15

  Use 2FA to mitigate KeyRaider iOS malware, says Rapid7

  KeyRaider iOS malware targeting iPhone users in China and 17 other countries including the UK has raised enterprise security concerns

• August 28, 2015 28 Aug'15

  Police arrest six UK teenagers for using DDoS cyber attack tool

  Police arrest six UK teenagers on suspicion of using a DDoS attack tool targeting a national newspaper, a school and online gaming companies and retailers

• August 27, 2015 27 Aug'15

  Rapid7 calls on router makers to eliminate backdoors

  Until manufacturers stop using default passwords, we will continue to see opportunistic attacks on home and small business routers, says Rapid7's Tod Beardsley

• August 26, 2015 26 Aug'15

  Many firms not getting to grips with third-party data security risk

  Supply chain data security risk is pervasive, but being unable to deal with it is down to basic failings, says a cyber risk expert

• August 25, 2015 25 Aug'15

  Sans Institute identifies top UK cyber talent

  The cream of UK cyber security talent selected from 24,000 candidates are set to begin eight weeks of intensive training in the first-ever intake at the Sans UK Cyber Academy

• August 20, 2015 20 Aug'15

  Mumsnet suffers multi-vector cyber attack

  Mumsnet has been hit by a DDoS attack, its admin hacked and data stolen, and then a hoax call sent armed police to the home of the organisation's co-founder, Justine Roberts

• August 20, 2015 20 Aug'15

  Premiership Rugby scores security and efficiency with Intralinks

  By setting access controls, Premiership Rugby can ensure that its partners get quick access only to role-appropriate content

• August 16, 2015 16 Aug'15

  Mobile phone users at risk as hackers bug and track victims

  An investigation by Australian TV show 60 Minutes demonstrates how hackers based thousands of miles away in Germany were able to record the calls of an Australian senator and track his movements

• August 11, 2015 11 Aug'15

  FBI uncovers cyber insider trading gang

  Nine suspects are expected to be charged in the US with insider trading based on corporate press releases stolen by hackers before they had been made public

• August 10, 2015 10 Aug'15

  BlackHat 2015: Industrial hacking - the untold story

  Hackers have been penetrating industrial control systems for at least a decade for extortion, yet little is known about how they gain access

• August 10, 2015 10 Aug'15

  Carphone Warehouse data breach hits 2.4 million UK customers

  Carphone Warehouse confirms the authorities have been notified about the breach, and urges customers to take steps to protect themselves

• August 03, 2015 03 Aug'15

  Why the time is ripe for security behaviour analytics

  Recent months have seen an uptick in announcements by security suppliers around behavioural analytics, but what is driving this trend?

• July 31, 2015 31 Jul'15

  Commercial software more secure than open source, finds report

  A study has found that commercial code is more compliant than open source code with security compliance standards, such as the Owasp top 10 and the CWE top 25

• July 29, 2015 29 Jul'15

  A third of employees will sell company data if the price is right, study reveals

  For £5,000, a quarter of employees polled said they would sell confidential company data, and risk both their job and criminal convictions

• July 24, 2015 24 Jul'15

  Contactless card fraud highlights need for 2FA

  A Which? report on contactless card fraud highlights the need for multi-factor authentication for payments, say security experts

• July 22, 2015 22 Jul'15

  Jeep hack raises questions about responsibility for security

  The hack of a Jeep raises the question whether users or car manufacturers should be responsible for protecting against cyber attackers

• July 21, 2015 21 Jul'15

  Information security governance maturing, says Gartner

  Increasing awareness of the impact of digital business risks, coupled with high levels of publicity regarding cyber security incidents, is making IT risk a board-level issue, says Gartner

• July 20, 2015 20 Jul'15

  Hackers threaten to expose ALM’s dating and cheating site users

  A hacking group, calling itself The Impact Team, claims to have compromised Avid Life Media’s user databases, source code repositories, financial records and email system

• July 17, 2015 17 Jul'15

  United Airlines begins bug bounty payouts

  United Airlines has paid out the maximum award to two hackers, which means the flaws are likely to be remote code execution vulnerabilities

• July 17, 2015 17 Jul'15

  UK man arrested for hacking into US government computers

  Briton Lauri Love is accused of hacking into various US agencies, including the US army, Nasa, the federal reserve and the environmental protection agency

• July 14, 2015 14 Jul'15

  Land Rover praised for recall over software security bug

  BT Security head Mark Hughes says Land Rover's recall of vehicles to fix a software security flaw is a sensible step to address evolving criminal threats

• July 14, 2015 14 Jul'15

  Symantec bets on simplicity, cloud and mobile

  Symantec is not trying to be all things to all people, but is instead focusing on threats and protecting information in the mobile and cloud environments

• July 10, 2015 10 Jul'15

  UK sales teams are the most exposed to cyber attacks, study reveals

  UK sales staff, callcentre agents and customer services teams are among the most highly targeted by cyber attacks, yet few firms give these groups IT security training, a study shows

• July 08, 2015 08 Jul'15

  Symantec uncovers Morpho cyber espionage operation

  A cyber espionage group has targeted high-profile technology, internet, commodities and pharmaceutical companies in the US, Europe and Canada, reports Symantec

• July 08, 2015 08 Jul'15

  MtGox chief Mark Karpeles arrested for fraud

  Former chief Mark Karpeles is under arrest on suspicion of $1m fraud and involvement in the disappearance of 650,000 bitcoins

• July 07, 2015 07 Jul'15

  Dashlane bullish about the future despite LastPass hack

  Password management firm Dashlane is confident its business model will evolve and continue to be relevant even if passwords eventually disappear

• July 06, 2015 06 Jul'15

  Italy’s Hacking Team gets hacked

  Unknown hackers have posted a torrent file-sharing link to more than 400GB of Hacking Team data, including source code, internal documents and emails that could reveal the identity of customers