News
Web application security
-
May 04, 2020
04
May'20
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability
-
May 04, 2020
04
May'20
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study
-
April 30, 2020
30
Apr'20
Critical SaltStack vulnerability affects thousands of datacentres
Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away
-
April 30, 2020
30
Apr'20
Mobile banking customers at risk from new EventBot trojan
Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan
-
April 28, 2020
28
Apr'20
Under the spotlight, video apps rush to strengthen security
Most popular videoconferencing applications now meet Mozilla’s minimum security standards, with fierce competition and public pressure driving rapid improvement
-
April 28, 2020
28
Apr'20
Almost half of security pros being redeployed during pandemic
Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic
-
April 28, 2020
28
Apr'20
Black Rose Lucy ransomware now posing as FBI porn warning
A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point
-
April 27, 2020
27
Apr'20
Microsoft patches .gif file vulnerability in Teams
Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts
-
April 24, 2020
24
Apr'20
The Security Interviews: Can AV go from dodgy scareware to cyber hero?
Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing
-
April 23, 2020
23
Apr'20
iOS zero-day leaves iPhone users dangerously exposed
Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices
-
April 23, 2020
23
Apr'20
Zoom to roll out fresh cyber security updates
New features include support for advanced AES 256-bit encryption
-
April 22, 2020
22
Apr'20
Coronavirus: Cyber criminals may be changing tactics
Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition
-
April 20, 2020
20
Apr'20
NCSC launches coronavirus cyber security campaign
The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic
-
April 20, 2020
20
Apr'20
Zoom and WebEx users targeted by credential stealing attempts
Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data
-
April 20, 2020
20
Apr'20
Dutch organisations address business email compromise fraud
Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks
-
April 17, 2020
17
Apr'20
EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing
EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus
-
April 15, 2020
15
Apr'20
Coronavirus: Standard Chartered bans employees from Zoom
Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom
-
April 15, 2020
15
Apr'20
Coronavirus: Researcher finds security vulnerability in Slack
Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher
-
April 15, 2020
15
Apr'20
Microsoft patches 19 critical bugs in another heavy Patch Tuesday
The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday
-
April 14, 2020
14
Apr'20
Coronavirus: Zoom user credentials for sale on dark web
IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web
-
April 10, 2020
10
Apr'20
Coronavirus: Warning over surge in Zoom security incidents
Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools
-
April 09, 2020
09
Apr'20
Coronavirus: Zoom restricted or banned at multiple organisations
Use of videoconferencing tool has been banned at Google and in parts of the German and US governments
-
April 08, 2020
08
Apr'20
Despite coronavirus, overall cyber crime volumes hold steady
The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being
-
April 07, 2020
07
Apr'20
Happy developers write secure code, report claims
DevOps specialist Sonatype claims to have found a direct correlation between satisfied developers and application security hygiene
-
April 07, 2020
07
Apr'20
Coronavirus: Criminals using Zoom installer to spread cryptominer
Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims
-
April 05, 2020
05
Apr'20
Google data shows high interest in security and remote working
An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis
-
April 02, 2020
02
Apr'20
Coronavirus: Magecart attacks on online retailers jump 20%
RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic
-
April 02, 2020
02
Apr'20
Coronavirus: Is Zoom safe and should security teams ban it?
Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright?
-
March 31, 2020
31
Mar'20
Too late to protect online privacy, say Brits
Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report
-
March 31, 2020
31
Mar'20
Houseparty denies hack as credential stuffing attacks spread
Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise
-
March 27, 2020
27
Mar'20
Lorca calls on security scaleups to tackle coronavirus challenge
Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges
-
March 26, 2020
26
Mar'20
Coronavirus: What are the latest free cyber security offers?
We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis
-
March 26, 2020
26
Mar'20
Tupperware fixes hacked site, but questions remain over response
Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it
-
March 26, 2020
26
Mar'20
Coronavirus: Be alert to rogue mobile apps exploiting outbreak
Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them
-
March 24, 2020
24
Mar'20
Tekya auto-clicker malware exploits kids’ Android apps
Google has removed multiple apps for children that were found to contain Tekya auto-clicker malware
-
March 23, 2020
23
Mar'20
Coronavirus: Kaspersky, Bitdefender make products free to NHS
Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies
-
March 23, 2020
23
Mar'20
Thousands of Netflix, Disney+ streaming accounts being stolen
Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts
-
March 20, 2020
20
Mar'20
Coronavirus: Sans Institute issues cyber security advice for parents
With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms
-
March 19, 2020
19
Mar'20
Volume of computer misuse incidents falling, says ONS
Downward trend comes despite an overall increase in fraud, according to new statistics
-
March 17, 2020
17
Mar'20
Covid-19: NCSC issues secure remote working guidance
With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them
-
March 13, 2020
13
Mar'20
Coronavirus-linked hacks likely as Czech hospital comes under attack
The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe
-
March 12, 2020
12
Mar'20
Cookie-stealing trojans found lurking on Android phones
Kaspersky discovers two new Android malware modifications that could give hackers control of their victims’ social media accounts
-
March 11, 2020
11
Mar'20
Microsoft locks down new vulnerability with EternalBlue echoes
Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update
-
March 11, 2020
11
Mar'20
Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday
March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical
-
March 10, 2020
10
Mar'20
Schoolgirl security experts prepare to do battle
The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent
-
March 10, 2020
10
Mar'20
VAT software supplier exposed data of millions
Eight million sales records belonging to UK and EU consumers left exposed due to misconfigured server
-
March 03, 2020
03
Mar'20
Singapore among world’s top sources of online threats
Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state
-
March 02, 2020
02
Mar'20
The Security Interviews: Inside the world of bug bounties
You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow
-
February 26, 2020
26
Feb'20
Fake CDNs obscuring credit card fraudsters
Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities
-
February 26, 2020
26
Feb'20
Cloud Snooper firewall bypass may be work of nation state
Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos