News

Web application security

• April 20, 2020 20 Apr'20

  NCSC launches coronavirus cyber security campaign

  The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic

• April 20, 2020 20 Apr'20

  Zoom and WebEx users targeted by credential stealing attempts

  Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 17, 2020 17 Apr'20

  EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing

  EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus

• April 15, 2020 15 Apr'20

  Coronavirus: Standard Chartered bans employees from Zoom

  Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom

• April 15, 2020 15 Apr'20

  Coronavirus: Researcher finds security vulnerability in Slack

  Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher

• April 15, 2020 15 Apr'20

  Microsoft patches 19 critical bugs in another heavy Patch Tuesday

  The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday

• April 14, 2020 14 Apr'20

  Coronavirus: Zoom user credentials for sale on dark web

  IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web

• April 10, 2020 10 Apr'20

  Coronavirus: Warning over surge in Zoom security incidents

  Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools

• April 09, 2020 09 Apr'20

  Coronavirus: Zoom restricted or banned at multiple organisations

  Use of videoconferencing tool has been banned at Google and in parts of the German and US governments

• April 08, 2020 08 Apr'20

  Despite coronavirus, overall cyber crime volumes hold steady

  The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being

• April 07, 2020 07 Apr'20

  Happy developers write secure code, report claims

  DevOps specialist Sonatype claims to have found a direct correlation between satisfied developers and application security hygiene

• April 07, 2020 07 Apr'20

  Coronavirus: Criminals using Zoom installer to spread cryptominer

  Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims

• April 05, 2020 05 Apr'20

  Google data shows high interest in security and remote working

  An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis

• April 02, 2020 02 Apr'20

  Coronavirus: Magecart attacks on online retailers jump 20%

  RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic

• April 02, 2020 02 Apr'20

  Coronavirus: Is Zoom safe and should security teams ban it?

  Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright?

• March 31, 2020 31 Mar'20

  Too late to protect online privacy, say Brits

  Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report

• March 31, 2020 31 Mar'20

  Houseparty denies hack as credential stuffing attacks spread

  Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Tupperware fixes hacked site, but questions remain over response

  Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it

• March 26, 2020 26 Mar'20

  Coronavirus: Be alert to rogue mobile apps exploiting outbreak

  Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them

• March 24, 2020 24 Mar'20

  Tekya auto-clicker malware exploits kids’ Android apps

  Google has removed multiple apps for children that were found to contain Tekya auto-clicker malware

• March 23, 2020 23 Mar'20

  Coronavirus: Kaspersky, Bitdefender make products free to NHS

  Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies

• March 23, 2020 23 Mar'20

  Thousands of Netflix, Disney+ streaming accounts being stolen

  Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts

• March 20, 2020 20 Mar'20

  Coronavirus: Sans Institute issues cyber security advice for parents

  With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms

• March 19, 2020 19 Mar'20

  Volume of computer misuse incidents falling, says ONS

  Downward trend comes despite an overall increase in fraud, according to new statistics

• March 17, 2020 17 Mar'20

  Covid-19: NCSC issues secure remote working guidance

  With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them

• March 13, 2020 13 Mar'20

  Coronavirus-linked hacks likely as Czech hospital comes under attack

  The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe

• March 12, 2020 12 Mar'20

  Cookie-stealing trojans found lurking on Android phones

  Kaspersky discovers two new Android malware modifications that could give hackers control of their victims’ social media accounts

• March 11, 2020 11 Mar'20

  Microsoft locks down new vulnerability with EternalBlue echoes

  Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update

• March 11, 2020 11 Mar'20

  Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday

  March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical

• March 10, 2020 10 Mar'20

  Schoolgirl security experts prepare to do battle

  The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent

• March 10, 2020 10 Mar'20

  VAT software supplier exposed data of millions

  Eight million sales records belonging to UK and EU consumers left exposed due to misconfigured server

• March 03, 2020 03 Mar'20

  Singapore among world’s top sources of online threats

  Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state

• March 02, 2020 02 Mar'20

  The Security Interviews: Inside the world of bug bounties

  You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow

• February 26, 2020 26 Feb'20

  Fake CDNs obscuring credit card fraudsters

  Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities

• February 26, 2020 26 Feb'20

  Cloud Snooper firewall bypass may be work of nation state

  Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos

• February 25, 2020 25 Feb'20

  The Security Interviews: Gil Shwed’s 10-year vision for security

  Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years

• February 24, 2020 24 Feb'20

  McAfee buys Light Point to enhance web browser protection

  Acquisition of Light Point Security will extend the capabilities of multiple McAfee products

• February 24, 2020 24 Feb'20

  Open security group unveils common OpenDXL language

  Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework

• February 21, 2020 21 Feb'20

  Labour condemns Google data plans

  Shadow digital minister Chi Onwurah challenges the government to stop Google’s plans to move UK user data out of the EU

• February 21, 2020 21 Feb'20

  Malicious apps still getting past Google controls

  Check Point researchers have found multiple malware-infected apps in the Google Play store, including a clicker called Haken, which has been downloaded more than 50,000 times

• February 21, 2020 21 Feb'20

  F-Secure’s AI reads mean tweets to fight abuse and trolls

  Researchers working on F-Secure’s Project Blackfin have developed a model for clustering tweets to help pinpoint abuse and harassment

• February 19, 2020 19 Feb'20

  Cost of cloud misconfigurations set at $5tn

  Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months

• February 18, 2020 18 Feb'20

  Girlguiding hosts interactive cyber security workshop

  100 Guides from South West England took part in an NCSC event to learn more about security fundamentals

• February 17, 2020 17 Feb'20

  Ex-soldiers to become ethical hackers

  A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking

• February 12, 2020 12 Feb'20

  Internet Explorer zero day among 99 Patch Tuesday problems

  After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities

• February 11, 2020 11 Feb'20

  Mac-based security threats outpacing Windows

  Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes

• February 07, 2020 07 Feb'20

  Joaquin Phoenix’s Joker is ‘most dangerous’ movie

  Ahead of the 2020 Oscars, Kaspersky researchers say they found more than 300 files masquerading as the Joker movie