Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

One in five Magecart-infected stores get reinfected within days

15/11/18

When does fIrefox alert for breached sites?

14/11/18

Data breach notification from Sodexo Group

14/11/18

Setting new foundations for the CCP scheme

14/11/18

'Ugly' mistake sends Google data to China

13/11/18

Google goes down after major BGP mishap routes traffic through China

13/11/18

Details of Pathe Nederlands E19.2m Loss to 'CEO fraud' Revealed

12/11/18

Internet Vulnerability Takes Down Google

12/11/18

Car crash data thief 'unlucky' to be jailed

12/11/18

Six month prison sentence for motor industry employee in first ICO computer misuse act prosecution

12/11/18

Vulnerability Summary for the Week of November 5, 2018

12/11/18

Top banks in cyber-attack 'war game'

09/11/18

Weekly Threat Report 9th November 2018

09/11/18

Sector resilience exercise

08/11/18

Pakistan Banks not Breached, but Probably Skimmed

08/11/18

StatCounter fingers cache-poisoning caper for Bitcoin-slurping JavaScript hijack

08/11/18

Hackers seed StatCounter with nasty JavaScript in elaborate Bitcoin cyber-heist caper

06/11/18

HSBC bank confirms US data breach

06/11/18

Vulnerability Summary for the Week of October 29, 2018

05/11/18

Weekly Threat Report 2nd November 2018

02/11/18

Web domain owners paid EasyDNS to cloak their contact info from sight. It was blabbed via public Whois anyway

02/11/18

HSBC Data Breach Notification

02/11/18

How can we stop being cyber idiots?

02/11/18

BBC micro:bit vendor kitronik says customers' deets nicked, fingers Magecart malware

02/11/18

Private messages from 81,000 hacked Facebook accounts for sale

02/11/18

The CIA's communications suffered a catastrophic compromise. It started in Iran.

02/11/18

AusCERT Week in Review for 2n November 2018

02/11/18

I know what you're thinking: Outsource or in-source IT security? I've worked both sides, so here's my advice

02/11/18

Website Security

01/11/18

NCSC 's advice in response to the increase in sextortion scams

01/11/18

Comodo CA Rebrands as Sectigo

01/11/18

TV Report: Israel silent as Iran hit by computer virus more violent than Stuxnet

31/10/18

Nice work if you can get it: GandCrab ransomware nets millions even though it has been broken

31/10/18

Eurostar resets customer passwords after hack attack

31/10/18

Check this out: Radisson Hotel Group 'fesses up to 'security incident'

31/10/18

Francisco Parnters Announces Acquisition of Comodo's Certificate Authority (SSL) Business

31/10/18

CyberUK to be held in Glasgow

31/10/18

UK Construction Firms Hemorrhage Log-Ins to Dark Web

30/10/18

Paylogic breach exposes personal info of Tomorrowland Ticket Holders

30/10/18

Cell Phone Security and Heads of State

30/10/18

UK Cyber Security Sectoral Analysis

30/10/18

Red Hat takes over IBM

30/10/18

Iranian Hackers Hit U.K. Cybersecurity Universities

29/10/18

For The Love of Money: Finding & Exploiting Vulnerabilities in Mobile Point of Sales Terminals

29/10/18

Analysis of British Airways breach uncovers sophisticated techniques

29/10/18

Securonix Threat Research: British Airways Breach: Magecart Formgrabbing Supply Chain Attack Detection

29/10/18

'Remini' App Used by Schools Left Personal Info Open to the World

29/10/18

Vulnerability Summary for the Week of October 22, 2018

29/10/18

Weekly Threat Report 26th October 2018

26/10/18

AusCERT Week in Review for 26th October 2018

26/10/18

Facebook fined £500,000 for Cambridge Analytica scandal

25/10/18

Update on British Airways cyber attack

25/10/18

BA investigation into website hack reveals more victims

25/10/18

Supply Chain Attacks Back on the Agenda

25/10/18

ICO issues maximum £500,000 fine to Facebook for failing to protect users' personal information

25/10/18

FTC Releases Cyber Resources for Small Business

25/10/18

China's Hacking of the Border Gateway Protocol

24/10/18

Cathay Pacific flags data breach affecting 9.4 million passengers

24/10/18

Super Micro trashes Bloomberg chip hack story in recent customer letter

23/10/18

Multiple Odays used by Magecart

23/10/18

Banks need mandatory cyber security tests says RBA, EU Central Bank

23/10/18

Morrisons loses data leak challenge

22/10/18

Vulnerability Summary for the Week of October 15, 2018

22/10/18

Investigating Implausible Bloomberg Supermicro Stories

22/10/18

Hack on 8 adult websites exposes oodles of intimate user data

20/10/18

CMS Responding to Suspicious Activity in Agent and Broker Exchanges Portal

19/10/18

PCI Compliance and the Contact Centre: The Challenges and Solutions

19/10/18

Weekly Threat Report 19th October 2018

19/10/18

Zero-day in popular jQuery plugin actively exploited for at least three years

19/10/18

You like HTTPS. We like HTTPS. Except when a quirk of TLS can smash someone's web privacy

19/10/18

AusCERT Week in Review for 19th October 2018

19/10/18

ECSC Group ready to bounce back as cyber crime concerns grow

18/10/18

VestaCP compromised in a new supply-chain attack

18/10/18

Name checks to begin on bank payments

18/10/18

Shopping Online Gets a Security Upgrade from Mastercard

17/10/18

Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months

17/10/18

Symantec Legacy PKI

17/10/18

PCI Software Security Standards Coming Soon

17/10/18

Evolving Chrome's security indicators

17/10/18

Visa to stop Australian online merchants from storing credit card numbers

17/10/18

Liverpool Football Club Breach

16/10/18

UK's National Cyber Security Cebtre gives itself a big 'ol pat on the back in annual review

16/10/18

UK cyber-centre thwarts hostile hackers

16/10/18

NCSC deals with 1,100 cyber attacks in first two years

16/10/18

NCSC Annual Review 2018

16/10/18

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019

16/10/18

GCHQ asks tech firms to pretty please make IoT devices secure

15/10/18

MoD secrets exposed in dozens of cyber security breaches

15/10/18

Cybersecurity is Everyone's Job

15/10/18

Vulnerability Summary for the Week of October 8, 2018

15/10/18

Taking a Shine off Certificates

15/10/18

Pentagon reveals cyber breach of travel records

13/10/18

Securing cyber resilience in health and care - Progress update October 2018

12/10/18

It is 2018 and the NHS is still counting the cost of WannaCry. Carry the 2, + aftermath.. um.. £92m

12/10/18

UK's NCSC to monitor internet routing to stop DDoS and hijacks

12/10/18

AusCERT Week in Review for 12th October 2018

12/10/18

Weekly Threat Report 12th October 2018

12/10/18

MS-ISAC Releases Advisory on PHP Vulnerabilities

12/10/18

Security in a World of Physically Capable Computers

12/10/18

Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution

12/10/18

In the two years since Dyn went dark, what have we learned? Not much, it appears

11/10/18

Mozilla grants distrusted Symantec certs a stay of execution, claims many sites yet to make switch

11/10/18

Joint report on publicly available hacking tools

11/10/18

Publicly Available Tools Seen in Cyber Incidents Worldwide

11/10/18

UK.gov teams up with Five Eyes chums to emit spotters' guide for miscreants' hack tools

11/10/18

WhatsApp fixes booby-trap video call bug

11/10/18

Measuring All the DNS Things

10/10/18

Delaying Further Symantec TLS Certificate Distrust

10/10/18

Council hit by cyber attack reveals £2m cost

10/10/18

Workplace services-flinger Sodexo pulls Engage website after division hit by malware smackdown

10/10/18

Sodexo breach notification

10/10/18

Annual Report Trust Services Security Incidents 2017

10/08/18

Google exposed data for hundreds of thousands of users

10/08/18

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom

09/10/18

It's a cert: Hundreds of big sites still unprepared for starring role in that Chrome 70's show

09/10/18

The Magecart Seal of Approval: Card-Skimming Group Executes Scaled Supply Chain Attack on Shopper Approved

09/10/18

Payment-card-skimming Magecart strikes again: Zero out of five for infecting e-retail sites

09/10/18

Chinese Super Micro 'spy chip' story gets even more strange as everyone doubles down

09/10/18

The Cybersecurity World Is Debating WTF Is Going on With Bloomberg's Chinese Microchip Stories

09/10/18

Security researcher source in supermicro chip hack report casts doubt on story

09/10/18

ENISA publishes annual report on trust services security incidents 2017

08/10/18

Google now minus Google Plus: Social mini-network faces axe in data leak bug drama

08/10/18

Google chose not to go public about bug that exposed Google Plus users' data

08/10/18

Google Exposed User Data, Feared Repercussions of Disclosing to Public

08/10/18

Department of Homeland Security and GCHQ back Apple and Amazon's denials they were hacked by China

08/10/18

Super Micro China super spy chip super scanadl: US Homeland Security, UK spies back Amazon, Apple denials

08/10/18

Google+ shutting down after users' data is exposed

08/10/18

Project Strobe: Protecting your data, improving our third-party APIs, and sunsetting consumer Google+

08/10/18

Heathrow fined for USB stick data breach

08/10/18

ICO: Heathrow Airport

08/10/18

Vulnerability Summary for the Week of October 1, 2018

08/10/18

Statement from DHS Press Security on Recent Media Reports of Potential Supply Chain Compromise

06/10/18

SAP bug beatdowns, Apple gets nasty with MAC repairs, Struts woe, and more from infosec

06/10/18

Weekly Threat Report 5th October 2018

05/10/18

The fur is not gonna fly: Uncle Same charges seven Russians with Fancy Bear hack sprees

05/10/18

The Latest: Russian envoy rejects reports of cybercrimes

05/10/18

Click2Gov Servers Infected with Malware that steals PCI

04/10/18

Facebook Platform Hack - Critical Access Token Vulnerabilities

04/10/18

Decoding the Chinese Super Micros super spy-chip super-scandal: What do we know - and who is telling the truth?

04/10/18

Setting the Record Straight on Bloomberg BusinessWeek's Erroneous Article

04/10/18

Supermicro Refutes Claim in Bloomberg Article

04/10/18

What Businessweek got wrong about Apple

04/10/18

Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way

04/10/18

The Big Hack: Statements From Amazon, Apple, Supermicro, and the Chinese Government

04/10/18

'China spy attack hits Apple and Amazon'

04/10/18

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S.Companies

04/10/18

Russia 'tried to hack Foreign Office', says British diplomat

04/10/18

UK pins 'reckless campaign of cyber attacks' on Russian military intelligence

04/10/18

Russia cyber-plots: US, UK and Netherlands allege hacking

04/10/18

Russia GRU claims: UK points finger at Kremlin's military intelligence

04/10/18

Reckless campaign of cyber attacks by Russian military intelligence service exposed

04/10/18

Facebook data breach probe launched by Irish watchdog

03/10/18

Facebook Login Update

03/10/18

Facebook gives third-party apps the all-clear

03/10/18

What do Zuck, Sergy, @Jack and Bezos have in common? They don't want encryption broken

03/10/18

Alert: Advanced Persistent Threat Activity Exploiting Managed Service Providers

03/10/18

Australia's surveillance laws could damage internet security globally, overseas critics say

02/10/18

Facebook Breach:Signle Sign-On of Doom

02/10/18

Alert: HIDDEN COBRA - FASTCash Campaign

02/10/18

North Korean Malicious Cyber Activity

02/10/18

Another Facebook Security Breach

01/10/18

A web where the user has complete control of their data? Sounds Solid, Tim Berners-Lee

01/10/18

Financial Conduct Authority fines Tesco Bank £16.4m over 2016 security breach

01/10/18

Tesco Bank fined £16.4m over cyber-attack

01/10/18

Vulnerability Summary for the Week of September 24, 2018

01/10/18

Exclusive: Tim Berners-Lee tells us his radical new plan to upend the World Wide Web

29/09/18

Conservative Party conference app reveals MP's numbers

29/09/18

Facebook security breach: Up to 50m accounts attacked

29/09/18

Discussion regarding Single Sign On

29/09/18

One Small Step for the Web

28/09/18

Security Update

28/09/18

Weekly Threat Report 28th September

28/09/18

Advisory: Trickbot banking trojan

28/09/18

AusCERT Week in Review for 28th September 2018

28/09/18

Bupa fined £175,000 for systematic data protection failures

28/09/18

Cyber Actors Increasingly Exploit The Remote desktop Protocol To Conduct Malicious Activity

27/09/18

Prioritization to Prediction

27/09/18

Bulletproof TLS Newsletter #45

27/09/18

Secret Service Warns of surge in ATM 'Wiretapping' Attacks

27/09/18

Council CTO on Verizon's 2018 Payment Security Report

25/09/18

2018 Payment Security Report

25/09/18

2018 Payment Security Report - Executive Summary

25/09/18

Verizon 2018 Payment Security Report

25/09/18

Get a head start with QUIC

25/09/18

Internet be nimble, internet be QUIC, Cludflare shows off new networking shtick

25/09/18

The QUICening

25/09/18

Domain registrar oversteps taking down Zoho domain, impacts over 30Mil users

25/09/18

Patching All The Things May Not Be The Best Strategy

24/09/18

'Shockingly low' amount of fraud cases being solved

24/09/18

Scammers steal half-a-billion pounds from UK banking customers

24/09/18

Victims report losing more than £21 million in one year to Computer Software Service fraud

24/09/18

Vulnerability Summary for the Week of September 17, 2018

24/09/18

That syncing feeling when you realise you may be telling Google more than you thought

24/09/18

Google Chrome Made a Small UI Tweak, and People Are Freaking Out

24/09/18

Why I'm done with Chrome

23/09/18

Reports of frauds on the elderly are 'tip of the iceberg'

23/09/18

RCPM and privacy commissioner probe alleged NCIX data breach

21/09/18

August 2018 Cyber Attacks Statistics

21/09/18

Over 90% of US Retailers Fail PCI DSS

21/09/18

Unwiped Drives and Servers from NCIX Retailer for Sales on Craigslist

21/09/18

Weekly Threat Report 21st September 2018

21/09/18

NCIX, Able Auctions, and Bowra Group Data Breach

20/09/18

Sealed with an XSS: IT pros urge Lloyds Group to avoid web cross talk

20/09/18

Equifax fined by ICO over data breach that hit Britons

20/09/18

Credit reference agency Equifax fined for security breach

20/09/18

ICO: Equifax Ltd

20/09/18

NCIX Data Breach

18/09/18

Magecart Strikes Again: Newegg in the Crosshairs

19/09/18

Hackers stole customer credit cards in Newegg data breach

19/09/18

US Dept of State says attack on email system exposed employees' personal data

19/09/18

ABS-CBN next series of high profile breaches

18/09/18

Hackers selling research phished from universities on WhatsApp

18/09/18

Extended Validation Certificates are Dead

18/09/18

TV Licensing admits: We directed 25,000 people to send their bank details in the clear

18/09/18

GovPayNow.com Leaks 14M+ Records

17/09/18

Vulnerability Summary for the Week of September 10, 2018

17/09/18

16-31 August Cyber Attacks Timeline

17/09/18

Microsoft Security Servicing Criteria for Windows

17/09/18

Equifax IT staff had to rerun hackers' database queries to work out what was nicked - audit

17/09/18

Cyber attack led to Bristol Airport blank screens

16/09/18

Wegmans Suffers From A Supply Chain Attack

15/09/18

magecart are coming for you, are you ready?

15/09/18

Veeam holds its hands up, admits database leak was plain 'complacency'

14/09/18

Quantum Computing and Cryptography

14/09/18

AusCERT Week in Review for 14th September 2018

14/09/18

ICO Receiving 500 Breach-Related Calls a Week Since GDPR Took Effect

14/09/18

So Brave: Browser biz sics Brit watchdogs on Google's info slurpage

13/09/18

British Airways: Customer data theft

13/09/18

Five questions for boards to get on their agenda

12/09/18

CBI Cyber Security: Business Insight Conference

12/09/18

Report from Dr Johnny Ryan - Behavioural advertising and personal data

12/09/18

Regulatory compliant concerning massive, web-wide data breach by Google and other 'ad tech' companies under Europe's GDPR

12/09/18

TV Licence website said it was secure. It wasn't

12/09/18

Back up a minute: Veeam database config snafu exposed millions of customer records

12/09/18

1-15 August 2018 Cyber Attacks Timeleine

12/09/18

Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS

12/09/18

Feedify Hacked with Magecart Information Stealing Script

12/09/18

NCSC releases core questions to help Britain's biggest boards understand their cyber risk

12/09/18

Board toolkit: five questions for your board's agenda

12/09/18

Information Commissioner's Office (ICO) - written evidence to the House of Lords Communications Committee

12/09/18

Generally Disclosing Pretty Rapidly: GDPR strapped a jet engine on hacked British Airways

12/09/18

A Rallying Cry To All CEOs...You Need To Get More Technical!

12/09/18

Ciaran Martin's speech at the CBI Cyber Conference

12/09/18

British Airways hack: Infosec experts finger third-party scripts on payment pages

11/09/18

The Effectiveness of Publicly Shaming Bad Security

11/09/18

Law firm launches £500 million group action over British Airways hack

10/09/18

Vulnerability Summary for the Week of September 3, 2018

10/09/18

So, about that BA hack

07/09/18

Weekly Threat Report 7th September 2018

07/09/18

Vulnerability Summary for the Week of August 6, 2018

13/08/18

FBI Warns of 'Unlimited' ATM Cashout Blitz

12/08/18

Weekly Threat Report 10th August 2018

10/08/18

Setting up two-factor authentication (2FA)

08/08/18

Cyber-attack! Would your firm handle it better than this?

07/08/18

Facebook cracks open its bottle of Fizz - a carbonated TLS 1.3 lib

06/08/18

Facebookincubator/fizz

06/08/18

Deploying TLS 1.3 at scale with Fizz, a performant open source TLS library

06/08/18

Our commitment to the CCP scheme

06/08/18

Vulnerability Summary for the Week of July 30, 2018

06/08/18

[Outages-discussion] [outages] Problem with credit card machine processing? "Datawire"

04/08/18

CreditCard Issuer TCM Bank Leaked Applicant Data for 16 Months

03/08/18

Web doc iCliniq plugs leaky bucket stuffed full of medical records

03/08/18

BGP/DNS Hijacks Target Paymen Systems

03/08/18

Further BGP hijacks of high value authoritative DNS servers' IP space

03/08/18

Weekly Threat Report 3rd August 2018

03/08/18

MikroTik routers grab their pickaxes, descend into crypto mines

03/08/18

Mass MikroTik Router Infection - First we cryptojack Brazil, then we take the World?

03/08/18

AusCERT Week in Review for 3rd August 2018

03/08/18

Did you know: Lawyers can certify web domain ownership? Well, not no more they ain't

02/08/18

Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally

02/08/18

NCSC advice for Reddit users

02/08/18

New CAB Forum Validation Rules go Into effect Today

01/08/18

Back Packets Report

01/08/18

Clarksons: Update on 2017 Data Breach - Regulatory Notice

01/08/18

Holy Ship! UK shipping biz Clarksons blames megahack on single point of pwnage

01/08/18

On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation

01/08/18

Three Members of Notorious International Cybercrime Group Fin7 In Custody Role in Attacking Over 100 u.S. companies

01/08/18

GCHQ on Quantum Key Distribution

01/08/18

Backdoors in Cisco Routers

01/08/18

Reddit: We had a security incident. Here's what you need to know

01/08/18

Dixons Carphone: Update on Investigation into Unauthorised Data Access

31/07/18

Dixons Carphone says data breach affected 10 million

31/07/18

1-15 July 2018 Cyber Attacks Timeline

31/07/18

Let's Encrypt: Domain Resolution Interruption

30/07/18

Introducing Web Authentication in Microsoft Edge

30/07/18

A Malvertising Campaign of Secrets and Lies

30/07/18

Vulnerability Summary for the Week of July 23, 2018

30/07/18

UK CNP Fraud Drops as Banks Fight Back

30/07/18

1.4 million online fashion shoppers exposed after data breach at UK ecommerce provider

30/07/18

Telstra customer stumbles across contact details of 66,000 fellow customers

27/07/18

Weekly Threat Report 27th July 2018

27/07/18

'Petty cybercriminals' adopt supply chain attacks

27/07/18

Boffins: Mixed -Signal silicon can SCREAM your secrets to all

27/07/18

AusCERT Week in Review for 27th July 2018

27/07/18

New iOS 12 Feature Risks Exposing Users to Online Banking Fraud

27/07/18

Screaming Channels. When Electromagnetic Side Channels Meet Radio Transceivers

26/07/18

How to (slowly) steal secrets over the network from chip security holes: NetSpectre summoned

26/07/18

New Spectre attack enables secrets to be leaked over a network

26/07/18

Netspectre: Read Arbitrary Memory over Network

26/07/18

NetSpectre

26/07/18

Alert:Widespread phishing campaign affecting transport, engineering and defence organisations

26/07/18

Hacking Swan & FLIR/lorex home security camera video

26/07/18

Hacking IoT Cameras with s/swnb479e7d24/swn1bf9f32f2/g

26/07/18

Swann's home security camera recordings could be hijacked

26/07/18

Advisory: Phishing campaign

25/07/18

LifeLock Bug Exposed Millions of Customer Email Addresses

25/07/18

Schneier on Financial Fraud

25/07/18

Insecure web still too prevalent: Boffins unveil HSTS wall of shame

24/07/18

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

24/07/18

Unsecured server exposes 157 GB of highly sensitive data from Tesla, Toyota and more

23/07/18

Why No HTTPS?

23/07/18

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

23/07/18

ICO July Newsletter

23/07/18

June 2018 Cyber Attacks Statistics

23/07/18

Vulnerability Summary for the Week of July 16, 2018

23/07/18

24 Defendants Sentences in Multimillion Dollar India-Based Call Centre Scam Targeting U.S. Victims

20/07/18

Half a Billion IoT Devices Vulnerable to DNS Rebuilding Attacks

20/07/18

Crypto gripes, election security, and mandatory cybersec school: Uncle Sam's cyber task force emits todo list for govt

20/07/18

Weekly Threat Report 20th July 2018

20/07/18

Singapore personal data hack hits 1.5m, health authority says

20/07/18

Developing the cyber security profession - have your say!

20/07/18

Backdoors Keep Appearing In Cisco's Routers

19/07/18

Red Hat Blog

19/07/18

UK criticises security of Huawei products

19/07/18

Human Resources Firm ComplyRight Breached

19/07/18

Hackers Breach Russian Bank and Steal $1 Million Due to Outdated Router

19/07/18

Cyber security advice issued to law firms in first legal threat report

19/07/18

Brit tech forges alliance to improve cyber security as MPs moan over 'acute scarcity' of experts

19/07/18

Retail data breaches continue to reach new highs

19/07/18

The cyber threat to UK legal sector 2018 report

19/07/18

New NCSC report highlights threats to the UK legal sector

19/07/18

16-30 June 2018 Cyber Attacks timeline

19/07/18

Hundreds of thousands US voters data appeared online again

18/07/18

Who's leaving Amazon S3 buckets open online now? Cybercrooks, US election autodialers

18/07/18

2018 Thales Data Threat Report - Retail Edition

18/07/18

2018 Credential Spill Report

18/07/18

Hackers account for 90% of login attempts at online retailers

18/07/18

Call records breach let users feel like Movistarts (with everyone watching who they're talking to)

18/07/18

[Outages-discussion] [outages] Problem with credit card machine processing? "Datawire"

17/07/18

Yar, thar she blows: Corp-cash-stealing email whaling attacks now a $12.5bn industry

17/07/18

Can we manage our cyber risks?

17/07/18

Digital laundry: how credit card thieves use free-to-play apps to launder their ill-gotten gains

16/07/18

Pattern: Safely Importing Data

16/07/18

Import data, not malware

16/07/18

Social Media (An Apology)

16/07/18

Newsmaker Interview: Bruce Schneier on 'Going Dark' and the Crypto Arms Race

16/07/18

Vulnerability Summary for the Week of July 9, 2018

16/07/18

Passwords for Tens of Thousands of Dahua Devices Cached in IoT Search Engine

15/07/18

[outages] Problem with credit card machine processing? "Datawire"

13/07/18

Weekly Threat Report 13th July 2018

13/07/18

JavaCard: The execution environment you didn't know you were using

13/07/18

Phone in the right hand? You're a hacker!

13/07/18

Business email compromise the 12 billion dollar scam

12/07/18

1-15 June 2018 Cyber Attacks Timeline

12/07/18

Postmortem for Malicious Packages Published on July 12th, 2018

12/07/18

Compromised version of eslint-scope published

12/07/18

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

12/07/18

Access to airport's security system sold on dark web

11/07/18

Brit privacy watchdog reports on political data harvets: We've read the lot so you don't have to

11/07/18

Emma's Diary faces fine for selling new mums' data to Labour

11/07/18

Timehop Security Incident, July 4th, 2018

11/07/18

Macy's, Bloomingdales Alert Online Customers of Data Breach

10/07/18

Findings, recommendations and actions from ICO investigation into data analytics in political campaigns

10/07/18

Malware Found in Arch Linux AUR Package Repository

10/07/18

Ticketmaster breach was part of a larger credit card skimming effort, analysis shows

10/07/18

The 111 Million Record Pemiblanc Credential Stuffing List

10/07/18

Web biz DomainFactory confirms: We were hacked in January 2018

09/07/18

Inside and Beyond Ticketmaster: The Many Breaches of Magecart

09/07/18

Case #18: I know what you did last summer - and also what you will be doing this one

09/07/18

Poor security at Thomas Cook airlines leads to simple extraction of fliers' personal data

09/07/18

City of London Police: £28 million lost by cyber crime victims

09/07/18

Web biz DomainFactory confirms: We were hacked in January 2018

09/07/18

Timehop Breach Hits 21 Million Customers

09/07/18

Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach

09/07/18

recent wave of Smart Contract vulns - out of scope?

09/07/18

Vulnerability Summary for the Week of July 2, 2018

09/07/18

Chinese hackers breach ANU, putting national security at risk

06/07/18

CIS Releases 2017 Year in Review

06/07/18

AusCERT Week in Review for 6th June 2018

06/07/18

Weekly Treat Report 6th July 2018

06/07/18

Gentoo GitHub repo hack made possible by these 3 rookie mistakes

05/07/18

Introduction to logging for security purposes

05/07/18

Learn to love logging

05/07/18

The SC Media UK Global Top 50 Companies in the Cyber-Security Market

05/07/18

Hands up if you didn't lose data in the Typeform breach

04/07/18

World-class fraud and cybercrime court approved for London's Fleetbank House site

04/07/18

Cyber resilience - nothing to sneeze at

04/07/18

Whitbread Sounds Breach Alarm After PageUP Incident

03/07/18

Budget hotel chain, UK political party, Monzo Bank, Patreon caught in Typeform database hack

03/07/18

Dear Samsung mobe owners:It mat leak your private pics to randoms

03/07/18

Report of the Attorney General's Cyber Digital Task Force

02/07/18

150,000 GP records wrongly shared as patient data preferences 'not upheld'

02/07/18

Minister says opt-out data requests for 150,000 patients missed

02/07/18

NHS Digital and TPP statement about type 2 objections error

02/07/18

NHS data breach affects 150,000 patients in England

02/07/18

Vulnerability Summary for the Week of June 25, 2018

02/07/18

Surveys-as-a-service outfit Typeform spilled a backup in May

02/07/18

Regional College staff's personal data at risk after massive security breach

30/06/18

Breach of Typeform back up file - which included some elector data

30/06/18

UK Researcher Says One Line Of Code Caused Ticket Master Breach

30/06/18

California Privacy Act Unanimously Approved

29/06/18

Google weeps as its home state of California passes its own GDPR

29/06/18

We suspect some data has been compromised in the Typeform breach. All money is safe.

29/06/18

Typeform: Our June 2018 data breach & what it means for you

29/06/18

Typeform Announces Breach After Hacker Grabs Backup File

29/06/18

Weekly Threat Report 29th June 2018

29/06/18

AusCERT Week in Review for 29th June 2018

29/06/18

How to get away with financial fraud

28/06/18

Project:Infrastructure/Incident Reports/2018-06-28

28/06/18

Responsible vulnerability disclosure in Europe

28/06/18

Every Android Device Since 2012 Impacted by RAMpage Vulnerability

28/06/18

May 2018 Cyber Attacks Statistics

28/06/18

Contactless Payments: PCI SSC on Plans to Develop Security Standard for Payment Acceptance on Merchant COTS Devices

28/06/18

Will new UK rules reduce the harm of push-payment fraud?

28/06/18

adidas alerts certain consumers of potential data security incident

28/06/18

Protecting customers from the Ticketmaster breach: Monzo's story

28/06/18

Systemic Risk Survey Results - 2018 H1

27/06/18

Swann home security camera sends video to wrong user

27/06/18

Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records

27/06/18

NCSC: Statement: Ticketmaster cyber incident

27/06/18

NCA statement on Ticketmaster cyber incident

27/06/18

Inbenta and the Ticketmaster Data Breach

27/06/18

Ticketmaster admits personal data stolen in hack attack

27/06/18

MISP 2.4.93 released (aka ATT&CK integration)

27/06/18

Don't glamorise cyberthreats - just ask basic questions

27/06/18

Defending Against Illicit Cryptocurrency Mining Activity

26/06/18

16-31 May 2018 Cyber Attacks Timeline

26/06/18

In non-startling news, EFF says STARTTLS email crypto is mostly done wrong

26/06/18

Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider

26/06/18

UK Minister of Fun Matt Hancock opens London infosec upstart creche

26/06/18

Bypassing Passcodes in iOS

26/06/18

NCSC to work with boards to better prepare businesses for cyber incidents

26/06/18

We're Baking Have I Been Pwned into Firefox and 1Password

26/06/18

Vulnerability Summary for the Week of June 18, 2018

25/06/18

India tells its banks to get Windows XP off ATMs - in 2019!

25/06/18

Watchtower: we shall fight on the breaches

25/06/18

Minimum Cyber Security Standard

25/06/18

Testing Firefox Monitor, a New Security Tool

25/06/18

Announcing STARTTLS Everywhere: Securing Hop-to-Hop Email Delivery

25/06/18

OpenBSD chief de Raadt says no easy fix for new Intel CPU bug

25/06/18

Changes in WebAssembly Could Render Meltdown and Spectre Browser Patches Useless

24/06/18

PDQ: Important Information for our Guests On Data Breach

22/06/18

Weekly Threat Report 22nd June 2018

22/06/18

Fake WannaCry emails demanding payment

22/06/18

Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about

22/06/18

REF URL require ToU/Conduct policy

22/06/18

Researchers develop SafeSpec to overcome vulnerabilities like Spectre and Meltdown

22/06/18

Schneier warns of 'perfect storm': Tech is becoming autonomous, and security is garbage

22/06/18

Global Threats to Information Systems

21/06/18

Oregon.Gov Email Domain Remains Blacklisted

21/06/18

Infographic: Patching

20/06/18

Bithumb: Hackers 'rob crypto-exchange of $32m'

20/06/18

Private sector needs a little sumthin' sumthin' to get it sharing threat intel - US security chap

20/06/18

Council demanded payment card details via email

20/06/18

Google, Roku, Sonos to Fix DNS Rebinding Attack Vector

20/06/18

Setting arbitrary request headers in Chromium via CRLF injection

20/06/18

I discovered a browser bug

20/06/18

Microsoft Edge bug odyssey shows why we can't have nice things

20/06/18

OpenBSD disables Intel's hyper-threading

20/06/18

Flightradar24 suffers security breach

20/06/18

PayPal reminds users: TLS 1.2 and HTTP/1.1 are no longer optional

20/06/18

Cisco Releases Security Updates for Multiple Products

20/06/18

Oregon state employees unable to email the public after computer 'hijacked' by phishing email

19/06/18

So you want to be a security engineer?

19/06/18

Attacking Private Networks from the Internet with DNS Rebinding

19/06/18

Millions of Streaming Devices Are Vulnerable to a Retro Web Attack

19/06/18

Pass gets a fail: Simple Password Store suffers GnuPG spoofing bug

19/06/18

Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies

19/06/18

China-based campaign breached satellite, defense companies: Symantec

19/06/18

Compromised GitHub Account Spreads Malicious Syscoin Installers

18/06/18

US CERT Vulnerability Summary for the Week of June 11, 2018

18/06/18

From here on, Red Hat's new GPLv2 software projects will have GPLv3 cure for license violators

18/06/18

Finding phishing sites with CT

18/06/18

The GPL cooperation commitment and Red Hat projects

18/06/18

Joint statement on the PageUp Limited data incident

18/06/18

Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix

16/06/18

Liberty systems breached in hack

16/06/18

NCSC: Weekly Threat Report 15th June 2018

15/06/18

Multi-factor authentication for online services

15/06/18

UK law enforcement: an uphill struggle to fight hackers

15/06/18

Canadian clarinet player sues ex for deleting his scholarship offer

15/06/18

AusCERT Week in Review for 15th June 2018

15/06/18

Stepping up to multi-factor authentication

14/06/18

Statement: Dixons Carphone data breach

13/06/18

Update on Dixons Carphone plc cyber incident

13/06/18

The Great (belated) Mozilla Firefox CVE Dump

13/06/18

Technical Advisory: "ROHNP"- Key Extraction Side Channel in Multiple Crypto Libraries

13/06/18

Dixons Carphone admits huge data breach

13/06/18

Investigation Into Unauthorised Data Access

13/06/18

Cryptojacking invades cloud. How modern containerization trend is exploited by attackers

12/06/18

Yahoo! Fined £250,000 after systemic failures put customer data at risk

12/06/18

Yahoo fined £250,000 over cyber-attack

12/06/18

UK! watchdog! slaps! Yahoo! with! £250k! fine! for! 2014! data! Breach!

12/06/18

Wakefield cyber security consultancy acquired

12/06/18

Yahoo fined

12/06/18

SaaS security - surely it's simple?

11/06/18

Weight Watchers IT Infrastructure Exposed via No-Password Kubernetes Server

11/06/18

US-CERT Vulnerability Summary for the Week of June 4, 2018

11/06/18

Data Provided by the Estonian Central Criminal Police is Now Searchable on Have I Been Pwned

11/06/18

Router Vulnerability and the VPNFilter Botnet

11/06/18

VPNFilter, a Nation State Operation

11/06/18

Understanding Software as a Service (SaaS) security

11/06/18

US arrests 74 in global email scam crackdown

11/06/18

SaaS security principles

11/06/18

SaaS security collection

11/06/18

74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes

11/06/18

Handbook on European data protection law - 2018 edition

08/06/18

Cisco Talos VPN Filter malware findings

08/06/18

NCSC Weekly Threat Report 8th June 2018

08/06/18

Hackers Crashed a Bank's Computers While Attempting a SWIFT Hack

08/06/18

Russia appears to be 'live testing' cyber attacks - Former UK spy boss Robert Hannigan

08/06/18

Bible Society fined £100,000 after security failings put supporters' personal data at risk

08/06/18

AusCERT Week in Review for 8th June 2018

08/06/18

#Infosec18: Interview, Robert Hannigan, Former Director General, GCHQ

07/06/18

Notice of Solarbotics Credit Card Processing Breach & Update of Terms & Service

07/06/18

An Encryption Upgrade Could Upend Online Payments

06/06/18

How IPv6 deployment is growing in U.S. and other countries

06/06/18

Job application tool PageUp suspects data breach

06/06/18

Serve websites over HTTPS (always)

06/06/18

Amazon will stop selling connected toy filled with security issues

05/06/18

Here's a transaction Transamerica regrets: Transgressors swipe retirees' personal info

05/06/18

Exclusive: Aussie Firm Loses $6.6M to Backdoored Cryptocurrency

05/06/18

1-15 May 2018 Cyber Attacks Timeline

05/06/18

Loose .zips sink chips: How poisoned archives can hack your computer

05/06/18

Ticketfly Data Breach Means Music Fans Need to Go Elsewhere for Tickets

04/06/18

US CERT Vulnerability Summary for the Week of May 28, 2018

04/06/18

MyHeritage Statement About a Cybersecurity Incident

04/06/18

Ticketfly breach may have exposed data of 26 million customers

03/06/18

Ticketfly Cyber Incident Update

03/06/18

Bitcoin Redux: crypto crime, and how to tackle it

01/06/18

Visa Card Payment Systems Go Down Across Europe

01/06/18

Internet engineers tear into United Nations' plan to move us all to IPv6

30/05/18

Frag Grenade! A Remote Code Execution Vulnerability in the Steam Client

30/05/18

April 2018 Cyber Attacks Timeline

29/05/18

DNS is Changing. Are you Ready?

29/05/18

Hackers threaten to reveal personal data of 90,000 Canadians caught in bank hack

29/05/18

US CERT Vulnerability Summary for the Week of May 21, 2018

28/05/18

Adobe to Acquire Magento Commerce

25/05/18

Security vs Performance Discussion with the Return of "Spectre" Vulnerability

25/05/18

Unauthorised Activity on IT System

25/05/18

NCSC Weekly Threat Report 25th May 2018

25/05/18

Data Protection Act 2018 Overview

25/05/18

Beyond 2018 - data protection laws built to last

23/05/18

VPNFilter Destructive Malware

23/05/18

Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats

22/05/18

16-30 April 2018 Cyber Attacks Timeline

22/05/18

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

21/05/18

US CERT Vulnerability Summary for the Week of May 14, 2018

21/05/18

GDPR Security Outcomes

18/05/18

NCSC Weekly Threat Report 18th May 2018

18/05/18

AusCERT Week in Review for 18th May 2018

18/05/18

Was the Efail disclosure horribly screwed up?

17/05/18

Hardcoded Password Found in Cisco Enterprise Software, Again

17/05/18

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

17/05/18

Increased Cyber Threats: Security steps to take

16/05/18

[Cryptography] Vulnerability found in badly broken email apps that use PGP and S/MIME

16/05/18

Hacker Breaches Securus, the Company That Helps Cops Track Phones Across the US

16/05/18

EFail and Thunderbird, What You Need To Know

16/05/18

UPnP joins the 'just turn it off on consumer devices, already' club

16/05/18

Spray you, spray me: defending against password spraying attacks

15/05/18

No, PGP is not broken, not even with the Efail vulnerabilities

15/05/18

Cybersecurity Roundup: May 15, 2018

15/05/18

New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation

14/05/18

OpenPGP, S/MIME Mail Client Vulnerabilities

14/05/18

Cyber attack on Family Planning NSW client database

14/05/18

Rail Europe had a three-month long credit card breach

14/05/18

Huge new Facebook data leak exposed intimate details of 3m users

14/05/18

Detecting Cloned Cards at the ATM, Register

14/05/18

US-CERT Vulnerability Summary for the Week of May 7, 2018

14/05/18

National Crime Agency publishes 2018 analysis of serious and organised crime threats

14/05/18

Mexico Says Possible Bank Hack Led to Large Cash Withdrawals

13/05/18

NCSC: Weekly Threat Report 11th May 2018

11/05/18

Researchers Come Up With a Way to Launch Rowhammer Attacks via Network Packets

11/05/18

UK cell giant EE left a critical code system exposed with a default password

11/05/18

Malicious Chrome extensions infect 100,000-plus users, again

10/05/18

Second wave of Spectre-like CPU security flaws won't be fixed for a while

09/05/18

Raising the bar - consent under the GDPR

09/05/18

Android App With 10 Million Downloads Left Users' Photos and Audio Messages Exposed to Public

08/05/18

Data stolen in Sheffield Credit Union cyber attack

08/05/18

Red Hat smitten by secure enclaves 'cos some sysadmins are evil

08/05/18

RAID doesn't work!

08/05/18

Equifax breach exposed millions of driver's licenses, phone numbers, emails

08/05/18

1-15 April 2018 Cyber Attacks Timeline

08/05/18

NCSC Weekly Threat Report 4th May 2018

08/05/18

US-CERT Vulnerability Summary for the Week of April 30, 2018

07/05/18

Latest Internet Crime Report Released

07/05/18

LibreSSL 2.7.3 Released

05/05/18

Report: Chinese government is behind a decade of hacks on software companies

05/05/18

New regulatory powers for the digital age

04/05/18

Vulnerability Note VU#283803 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")

03/05/18

The Helium Factor and Hard Drive Failure Rates

03/05/18

US military base stores pull Huawei, ZTE kit off the shelves

03/05/18

Just Eat 'phishing' scammer faces jail

02/05/18

On Comodo CA's Recent Revocation of an SSL Certificate for Kentucky-based Stripe, Inc.

02/05/18

Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin

02/05/18

ZTE: NCSC advice to select telecommunications operators with national security concerns

02/05/18

Australia's Largest Bank Lost The Personal Financial Histories Of 12 Million Customers

02/05/18

86% of Passwords are Terrible (and Other Statistics)

02/05/18

Hard Drive Stats for Q1 2018

01/05/18

Lojack Becomes a Double-Agent

01/05/18

Consolidation of UK Payment Systems Operators

01/05/18

Bulletproof TLS Newsletter #40 Certificate Transparency logging is now mandatory

30/04/18

The NIS Guidance Collection

30/04/18

US CERT Vulnerability Summary for the Week of April 23, 2018

30/04/18

NCSC Weekly Threat Report 27th April 2018

27/04/18

HPE servers targeted by ransomware criminals

27/04/18

AusCERT Week in Review for 27th April 2018

27/04/18

A Few Thoughts on Cryptographic Engineering

26/04/18

The NCSC supports industry drive towards common standards for secure communication

26/04/18

TSB outage, day 5: What do you mean you can't log in? Our systems are up and running. Up and running, we say!

25/04/18

International operation shuts down notorious cyber crime website

25/04/18

Patch Drupal now: Yet another critical website bug found - a sequel to 'Drupalgeddon2'

25/04/18

Cyber-attack website Webstresser taken down

25/04/18

Drupal Releases Critical Security Updates

25/04/18

Will you be ready for GDPR before 25 May?

25/04/18

Cyber Security Breaches Survey 2018

25/04/18

Scheme to Recognise Academic Centres of Excellence in Cyber Security Research (ACE-CSR)

24/04/18

Hijack of Amazon's internet domain service used to reroute web traffic for two hours unnoticed

24/04/18

Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency

24/04/18

ICANN takes Whois begging bowl to Europe, comes back empty

24/04/18

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

24/04/18

BGP leaks and cryptocurrencies

24/04/18

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

24/04/18

'Check your readiness for a cyber attack', UK SMEs urged

24/04/18

Data Protection/Privacy Issues Update: Summarizing our Recent Meeting with Article 29

23/04/18

US-CERT Vulnerability Summary for the Week of April 16, 2018

23/04/18

A Quarter of UK Manufacturers Suffer Cyber-Attack Losses

23/04/18

Industry urged to boost cyber defence as almost 50 per cent of manufacturers report attack - EEF/AIG survey

23/04/18

Brit bank TSB TITSUP* after long-planned transfer of customer records from Lloyds

23/04/18

'TSB gave me access to someone's £35,000'

23/04/18

Security services 'to get more power to stop attacks'

22/04/18

Protecting the UK from the increasing cyber threat - the next steps

22/04/18

A serious cyber attack on Britain is a matter of 'if', not 'when'

21/04/18

GCHQ warns public 'absolute protection not possible' as it briefs power and transport firms on cyber attacks

21/04/18

NCSC Weekly Threat Report 20th April 2018

20/04/18

New FAQs on Software-based PIN Entry on COTS

20/04/18

German supreme court rejects ad-block challenge

20/04/18

Unmasked: The Mystery Hacker Who Stole Data on 168 Million People

19/04/18

Nominet drains mug of tea, leans back, calmly explains how to make Whois GDPR-compliant

19/04/18

Response to proposed changes to .UK policy arising from GDPR

19/04/18

PCI Council releases vastly expanded cards-in-clouds guidance

19/04/18

Flash! Ah-ahhh! WebEx pwned for all of us!

19/04/18

March 2018 Cyber Attacks Statistics

19/04/18

OK, this time it's for real: The last available IPv4 address block has gone

18/04/18

48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download

18/04/18

Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others

18/04/18

Crypto Elite Down on Blockchain's Security Applications, Call for Hardware Bug-Disclosure Improvements

18/04/18

First non-bank payment service provider (PSP) directly accesses UK payment system

18/04/18

Oblivious DNS

18/04/18

How a bad microcode fix could brick billions of chips

18/04/18

UK commits to a safer Commonwealth in cyber space

17/04/18

mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies

17/04/18

16-31 March 2018 Cyber Attacks Timeline

17/04/18

Ikea app TaskRabbit reveals security breach

17/04/18

Malicious Russian cyber activity: what does it mean for small organisations?

17/04/18

Signing pledge to fight cyberattacks, 34 leading companies promise equal protection for customers worldwide

17/04/18

Beware the Dot.

16/04/18

NIST Releases Version 1.1 of its Popular Cybersecurity Framework

16/04/18

NCSC advice to telecommunications sector about ZTE

16/04/18

US-CERT Vulnerability Summary for the Week of April 9, 2018

16/04/18

Russia accused of global net hack attacks

16/04/18

China's ZTE 'poses risk to UK security'

16/04/18

TLS 1.3 support is coming this spring

16/04/18

CYBERUK 2018: Growing in confidence

16/04/18

NCSC Advisory: Russian state-sponsored cyber actors targeting network infrastructure devices

16/04/18

Joint US - UK statement on malicious cyber activity carried out by Russian government

16/04/18

US-CERT: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

16/04/18

Whois is dead as Europe hands DNS overlord ICANN its arse

14/04/18

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections

13/04/18

Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code

13/04/18

NCSC Weekly Threat Report 13th April 2018

13/04/18

Cloudflare promises to tend not two, but 65,535 ports in a storm

13/04/18

Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox

12/04/18

Abusing Linux's firewall: the hack that allowed us to build Spectrum

12/04/18

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

12/04/18

UK launched cyber-attack on Islamic State

12/04/18

Juniper Networks Releases Security Updates

12/04/18

Director's speech at CYBERUK 2018

12/04/18

Extended Validation (EV) Certificates Abused to Create Insanely Believable Phishing Sites

12/04/18

New Cyber Attack categorisation system to improve UK response to incidents

12/04/18

Intelligence agency GCHQ to open new base in Manchester

11/04/18

Imagine you're having a CT scan and malware alters the radiation levels - it's doable

11/04/18

Amber Rudd earmarks £9m to fight 'dark web' criminals

11/04/18

Great Western Railway accounts breached

11/04/18

OAIC report reveals 63 data breach notifications in first six weeks of NDB scheme

11/04/18

Fixing reachability to 1.1.1.1, GLOBALLY!

10/04/18

Cyber summit launches with report showing growing threat to UK businesses

10/04/18

Despacito YouTube music video hacked plus other Vevo clips

10/04/18

NCSC: The cyber threat to UK business 2017-2018 report

10/04/18

World-leading cyber centre to be developed in London's Olympic Park

10/04/18

US-CERT - Ongoing Threat of Ransomware

09/04/18

The dots do matter: how to scam a Gmail user

09/04/18

Four cents to deanonymize: Companies reverse hashed email addresses

09/04/18

US-CERT Vulnerability Summary for the Week of April 2, 2018

09/04/18

Cinema voucher-pusher tells customers: Cancel your credit cards, we've been 'attacked'

09/04/18

1-15 March 2018 Cyber Attacks Timeline

09/04/18

Small Business Guide: Actions

08/04/18

NCSC Weekly Threat Report 6th April 2018

06/04/18

Is it a bird? Is it a plane? No, it's a terrible leak of drone buyers' data

06/04/18

Foster family received death threats after data leak

06/04/18

AusCERT Week in Review for 6th April 2018

06/04/18

February 2018 Cyber Attacks Statistics

06/04/18

Best Buy hit by [24]7.ai data breach, too

05/04/18

Advisory: Hostile state actors compromising UK organisations with focus on engineering and industrial control companies

05/04/18

How the NCSC thinks about security architecture

05/04/18

GDPR Compliance and Magento Marketplace

05/04/18

Gosh, these 'hacker' nerds are only getting more sophisticated

05/04/18

1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak

05/04/18

Sears Holding, Delta Air hit by customer data breach at tech firm

05/04/18

Secret Service Warns of Chip Card Scheme

05/04/18

[Python-Dev] ssl module and LibreSSL CVE-2018-8970

04/04/18

2018 Trustwave Global Security Report

04/04/18

Panera Bread's half-baked security

04/04/18

They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender

04/04/18

Sunderland Council care files found on car boot laptop

04/04/18

Statement on [24]7.ai cyber incident

04/04/18

Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed

04/04/18

Stealing Credit Cards from FUZE via Bluetooth

04/04/18

Bitcoins seized and IT worker sentenced for computer fraud offences

03/04/18

Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters

03/04/18

Decrypters for Some Versions of Magniber Ransomware Released

03/04/18

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

02/04/18

How to Sign with Google's Private Key

02/04/18

US-CERT Vulnerability Summary for the Week of March 26, 2018

02/04/18

Compromised Magento Sites Delivering Malware

02/04/18

No, Panera Bread Doesn't Take Security Seriously

02/04/18

Panerabread.com Leaks Millions of Customer Records

02/04/18

NCCIC FY 2017 Year in Review Now Available

02/04/18

Fin7 Syndicate Hacks Saks Fifth Avenue and Lord & Taylor Stores

01/04/18

With paper and phones, Atlanta struggles to recover from cyber attack

31/03/18

Cisco Smart Install Remote Code Execution

29/03/18

Europe dumps 300,000 UK-owned .EU domains into the Brexit bin

29/03/18

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix

29/03/18

eBPF, Sockets, Hop Distance and manually writing eBPF assembly

29/03/18

AusCERT Week in Review for 29th March 2018

29/03/18

Fixing Hacks Has Deadly Impact on Hospitals

28/03/18

Facebook privacy settings revamped after scandal

28/03/18

It's Time to Make Our Privacy Tools Easier to Find

28/03/18

New Payment System Operator (NPSO) replies to PSR's open letter

28/03/18

Protecting a Web Server from DDoS Attacks Using nScrub

28/03/18

Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE

28/03/18

Creating and Managing Strong Passwords

27/03/18

Brute Force Attacks Conducted by Cyber Actors

27/03/18

Hurrah! TLS 1.3 is here. Now to implement it and put it into software

27/03/18

Political ad campaign biz AggregateIQ exposes tools, DB logins online

26/03/18

Thousands of etcd installs are leaking secret server keys online

26/03/18

US-CERT Vulnerability Summary for the Week of March 19, 2018

26/03/18

As predicted, more branch prediction processor attacks are discovered

26/03/18

NMap New Version 7.70 Released With Hundred of New OS And Service Fingerprints, 9 New NSE Scripts

26/03/18

The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

26/03/18

UK.gov unveils cyber security export strategy - only thing missing is the strategy

26/03/18

AggregateIQ Created Cambridge Analytica's Election Software, and Here's the Proof

26/03/18

Weekly Threat Report 23rd March 2018

23/03/18

Reflection of a QR code on PoS scanner used to own mobile payments

23/03/18

An accessible overview of Meltdown and Spectre, Part 2

22/03/18

Symantec cert holdout sites told: Those Google Chrome warnings are not a good look

21/03/18

TLS 1.3 Handshake: Taking a Closer Look

20/03/18

Now that's a bad trip: 880k credit cards 'likely' stolen by Orbitz hackers

20/03/18

Apple moves on HSTS abuse in Safari

20/03/18

Leading by example: UK.gov's secure server setup is patchy at best

20/03/18

CIS Controls? Version 7 Launched Today

19/03/18

16-28 February 2018 Cyber Attacks Timeline

19/03/18

US-CERT Vulnerability Summary for the Week of March 12, 2018

19/03/18

Weekly Threat Report 16th March 2018

16/03/18

Whois? More like WHOWAS: Domain database on verge of collapse over EU privacy

16/03/18

Evolved Prilex malware lets cybercriminals clone chip and PIN cards

16/03/18

AusCERT Week in Review for 16th March 2018

16/03/18

A minimal Denial Of Service response plan

15/03/18

Kaspersky Lab finds Prilex POS malware evolving to target chip and PIN-protected cards

15/03/18

Mitigating speculative execution side channel hardware vulnerabilities

15/03/18

The Chicago Way: An Electronic Voting Firm Exposes 1.8M Chicagoans

14/03/18

Speculative Execution Bounty Launch

14/03/18

Let's Encrypt updates certificate automation, adds splats

14/03/18

RHEL7 core crypto components

13/03/18

Security vulnerabilities fixed in Firefox ESR 52.7

13/03/18

IT Pros and CIOs: sign up to try Firefox Quantum for Enterprise

13/03/18

AMD has a Spectre/Meltdown-like security flaw of its own

13/03/18

US-CERT Vulnerability Summary for the Week of March 5, 2018

12/03/18

Distrust of Symantec TLS Certificates

12/03/18

Is Software More Vulnerable Today?

12/03/18

China ALTERED its public vuln database to conceal spy agency tinkering - research

12/03/18

Keeping Subscribers Safe: Partner Best Practices

09/03/18

Unidentified hax0rs told not to blab shipping biz Clarksons' stolen data

09/03/18

TLS 1.3: better for individuals - harder for enterprises

09/03/18

AusCERT Week in Review for 9th March 2018

09/03/18

NSCS Weekly Threat Report 9th March 2018

09/03/18

NCSC IT: Installing software updates without breaking things

08/03/18

Hackers, Not Users, Lose Money in Attempted Cryptocurrency Exchange Heist

08/03/18

New measures to boost cyber security in millions of internet-connected devices

07/03/18

Making or selling Internet of Things (IoT) devices? Six reasons you need to be thinking about data protection

07/03/18

Smart device security guidelines 'need more teeth'

07/03/18

Secure by Design

07/03/18

Meltdown and Spectre - The Gifts That Keep On Giving

06/03/18

Porn check critics fear data breach

06/03/18

1-15 February 2018 Cyber Attacks Timeline

06/03/18

Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing

06/03/18

The real cause of large DDoS - IP Spoofing

06/03/18

UK regulator moots data protection sandbox for organisations to play in

05/03/18

4G LTE pried open to reveal a slew of new protocol-level attacks

05/03/18

Cyber Aware's NEW Perception Gap Report

05/03/18

US-CERT Vulnerability Summary for the Week of February 26, 2018

05/03/18

NCSC: Weekly Threat Report 2nd March 2018

02/03/18

New LTE attacks can snoop on messages, track locations and spoof emergency alerts

02/03/18

AusCERT Week in Review for 2nd March 2018

02/03/18

Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves

01/03/18

Cloud Burst: How A Software Provider Exposed A Financial Giant

01/03/18

Gits club GitHub code tub with record-breaking 1.35Tbps DDoS drub

01/03/18

ISC Releases Security Advisories for DHCP, BIND

01/03/18

Equifax peeks under couch, finds 2.4 million more folk hit by breach

01/03/18

Nuance says NotPetya attack led to $92 million in lost revenue

28/02/18

Fancy Bear: Germany investigates cyber-attack 'by Russians'

28/02/18

RIP CERT.org - You Will Be Missed

28/02/18

Let's talk about PCI-DSS

28/02/18

DigiCert Statement on Trustico Certificate Revocation

28/02/18

Traffic directions, port mirrors and taps

28/02/18

Popular cache utility exploited for massive reflected DoS attacks

28/02/18

Bulletproof TLS Newsletter #38

28/02/18

Duo Finds SAML Vulnerabilities Affecting Multiple Implementations

27/02/18

[openssl-announce] OpenSSL version 1.1.1 pre release 2 published

27/02/18

PCI Software-based PIN Entry on COTS: Understanding New Test Requirements

26/02/18

US-CERT Vulnerability Summary for the Week of February 19, 2018

26/02/18

Time for security policy review

26/02/18

Preparing for AWS Certificate Manager (ACM) Support of Certificate Transparency

26/02/18

Peak DNSSEC?

26/02/18

Big Changes Ahead for Core Internet Protocols

26/02/18

I've Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned

26/02/18

Alexa Top 1 Million Analysis - February 2018

26/02/18

The Trouble with Phishing

26/02/18

Contactless card fraud overtakes cheque scams for first time

24/02/18

Weekly Threat Report 23rd February 2018

23/02/18

Why we need to do more to reduce certificate lifetimes

23/02/18

AusCERT Week in Review for 23rd February 2018

23/02/18

Testing of resilience to Cyber Attacks is no longer the domain of large corporates.

22/02/18

Chase 'Glitch' Exposed Customer Accounts

22/02/18

2018 Global Economic Crime and Fraud Survey: Pulling fraud out of the shadows

22/02/18

January 2018 Cyber Attacks Statistics

22/02/18

Global Economic Crime Survey 2018: UK findings

22/02/18

After Intel & Equifax Incidents, SEC Warns Execs Not to Trade Stock While Investigating Security Incidents

22/02/18

I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download

22/02/18

Young Brits 'lack cyber-security awareness'

21/02/18

A crime against statistics that is probably worse than the cyber attacks faced in County Durham

21/02/18

World's cyber attacks hit us much harder in past year - major infosec chief survey

21/02/18

16-31 January 2018 Cyber Attacks Timeline

21/02/18

Councils 'unprepared' for cyber-attacks, report says

20/02/18

How to tune your WAF installation to reduce false positives

20/02/18

Mandatory data breach reporting starts for small business

20/02/18

Coping with Spectre and Meltdown: What sysadmins are doing

19/02/18

Crims pull another SWIFT-ie, Indian bank stung for nearly US$2m

19/02/18

US-CERT Vulnerability Summary for the Week of February 12, 2018

19/02/18

John McCain receives 2018 Kleist Award

18/02/18

Global security crackdown, a host of code nasties, Brit cops mocked, and more

17/02/18

NCSC: Weekly Threat Report 16th February 2018

16/02/18

CEA Report: The Cost of Malicious Cyber Activity to the U.S. Economy

16/02/18

Siemens and partners sign joint charter on cybersecurity

16/02/18

AusCERT Week in Review for 16th February 2018

16/02/18

Hackers stole $6 million from Russian bank via SWIFT system: central bank

16/02/18

Newly Discovered Variants Of Meltdown/Spectre Exploit Cache Coherency Across Cores

15/02/18

Unsecured server exposed thousands of FedEx customer records

15/02/18

FedEx Customer Records Exposed

15/02/18

Not perfect, but better: improving security one step at a time

15/02/18

Extracting data from an EMV (Chip-And-Pin) Card with NFC technology

15/02/18

PCI Council and X9 Committee to combine PIN security standards

15/02/18

Russian military 'almost certainly' responsible for destructive 2017 cyber attack

15/02/18

KPMG acquire Silicon Valley online security firm Cyberinc

14/02/18

Search tool accesses firms' documents in the cloud

14/02/18

While Western Union wired customers' money, hackers transferred their personal deets

13/02/18

Browsealoud Security Response Plan

13/02/18

Zero-day vulnerability in Telegram

13/02/18

Uh-oh. How just inserting a USB drive can pwn a Linux box

12/02/18

Equifax under pressure after data breach update

12/02/18

US-CERT Vulnerability Summary for the Week of February 5, 2018

12/02/18

NCSC advice: Malicious software used to illegally mine cryptocurrency

12/02/18

ACSC statement on cryptocurrency miner inserted into BrowseAloud

12/02/18

Cryptocurrency Mining Hack That Compromised Thousands of Sites 'Could Have Been a Catastrophe'

12/02/18

UK Government Websites Infected with Cryptocurrency Mining Code

12/02/18

Domain Theft Strands Thousands of Web Sites

12/02/18

Meltdown's Linux patches alone add big load to CPUs, and that's just one of four fixes

12/02/18

Hackers hijack thousands of government websites to mine Bitcoin

12/02/18

Government websites hijacked by cryptomining plugin

12/02/18

Equifax hackers may have stolen more data than originally revealed

11/02/18

Hackers hijack government websites to mine crypto-cash

11/02/18

NCSC statement: Malware being used to illegally mine cryptocurrency

11/02/18

Protect your site from Cryptojacking with CSP + SRI

11/02/18

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

11/02/18

Amazon EC2 Cloud Compute Performance: December vs. February

10/02/18

Cisco Confirms Critical Firewall Software Bug Is Under Attack

09/02/18

KPTI/KAISER Meltdown Initial Performance Regressions

09/02/18

Weekly Threat Report 9th February 2018

09/02/18

Free Decryption Tool Released for Cryakl Ransomware

09/02/18

PoS Malware Steals Credit Card Data via DNS Requests

09/02/18

NCSC: Mitigating Malware

09/02/18

Wish you could log into someone's Netgear box without a password? Summon a &genie=1

09/02/18

NCSC: Preventing Lateral Movement

09/02/18

AusCERT Week in Review for 9th February 2018

09/02/18

Multiple Vulnerabilities in NETGEAR Routers

07/02/18

Swisscom data breach: Personal details of one in ten Swiss citizens stolen

07/02/18

ReelPhish: A Real-Time Two-Factor Phishing Tool

07/02/18

Security Issue Update: Progress Continues on Firmware Updates

07/02/18

NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

07/02/18

Business Wire Suffers Week-Long DDoS Attack

07/02/18

Beware the looming Google Chrome HTTPS certificate apocalypse!

07/02/18

CSS Code Can Be Abused to Collect Sensitive User Data

06/02/18

It's Hard To Change The Keys To The Internet And It Involves Destroying HSMs

06/02/18

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told

06/02/18

K31404801: F5 BIG-IP TMM vulnerability CVE-2017-6169

06/02/18

Announcing the NCSC's new Phishing Guidance

06/02/18

1-15 January 2018 Cyber Attacks Timeline

06/02/18

Bad Influence: How A Marketing Startup Exposed Thousands of Social Media Stars

05/02/18

security things in Linux v4.15

05/02/18

12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach

05/02/18

US-CERT Vulnerability Summary for the Week of January 29, 2018

05/02/18

Linux Kernel Release Model

05/02/18

Jon Masters On Understanding Spectre & Meltdown CPU Vulnerabilities

05/02/18

Active Cyber Defence - one year on

05/02/18

Pioneering programme defends UK from millions of cyber attacks

05/02/18

Millions of cyber threats blocked every month, report reveals

05/02/18

Weekly Threat Report 2nd February 2018

02/02/18

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

02/02/18

There is no evidence in-the-wild malware is using Meltdown or Spectre

02/02/18

Meltdown-Spectre: Malware is already being tested by attackers

01/02/18

Announcing Draft Plan For Continuing With The KSK Roll

01/02/18

Backblaze Hard Drive Stats for 2017

01/02/18

We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities

01/02/18

Bulletproof TLS Newsletter #37: Cloud provider vulnerability causes Let's Encrypt to disable SNI domain validation

31/01/18

AMD vs Spectre: Our new Zen 2 chips will be protected, says CEO

31/01/18

New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices

31/01/18

Preventing data leaks by stripping path information in HTTP Referrers

31/01/18

End user devices: factory reset and reprovisioning

31/01/18

The Document Foundation announces LibreOffice 6.0: power, simplicity, security and interoperability from desktop to cloud

31/01/18

[elrepo] Announcement: EL7 New kernel-ml Release [4.15.0-1]

31/01/18

Denial of Service (DoS) guidance collection

31/01/18

Oracle point-of-sale system vulnerabilities get Big Red cross

31/01/18

Meltdown/Spectre Update

30/01/18

Reckoning The Spectre And Meltdown Performance Hit For HPC

30/01/18

Car-share biz GoGet became data share biz after 2017 hack attack

30/01/18

Ugly, perfect ten-rated bug hits Cisco VPNs

30/01/18

Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability

29/01/18

US-CERT Vulnerability Summary for the Week of January 22, 2018

29/01/18

The hidden well-known phishing sites

29/01/18

UK infrastructure firms to face £17m fine if their cybersecurity sucks

29/01/18

Estimating the Cost of Internet Insecurity

29/01/18

You can't ignore Spectre. Look, it's pressing its nose against your screen

29/01/18

Thar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombs

29/01/18

Fitness tracking app Strava gives away location of secret US army bases

28/01/18

Government acts to protect essential services from cyber attack

28/01/18

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

28/01/18

First 'Jackpotting' Attacks Hit U.S. ATMs

27/01/18

The Effects of the Spectre and Meltdown Vulnerabilities

26/01/18

Linux and Intel slowly hack their way to a Spectre patch

26/01/18

Introducing nProbe Cento 1.4 with Hardware Flow Offload

26/01/18

Alphabet launches new cybersecurity company, Chronicle, out of its X moonshot factory

25/01/18

ClamAV 0.99.3 has been released!

25/01/18

Intel alerted computer makers to chip flaws on Nov 29 - new claim

25/01/18

Dutch agencies provide crucial intel about Russia's interference in US-elections

25/01/18

Mastercard to Implement Biometrics for In-Store Card Payments

25/01/18

Digital Charter will set new online standards for years to come

25/01/18

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

25/01/18

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation bliz

25/01/18

NHS deploys Microsoft threat detection service on just 30,000 devices

24/01/18

Give Good the Advantage

24/01/18

[openssl-project] 1.1.1 Release timetable (again)

24/01/18

SentinelOne Releases Free Linux Tool to Detect Meltdown Vulnerability Exploitations

24/01/18

New PCI Software-Based PIN Entry on COTS Standard

24/01/18

Death notice: Moore's Law. 19 April 1965 - 2 January 2018

24/01/18

Police probing Bell Canada data breach; up to 100,000 customers affected

23/01/18

Major cyber-attack on UK a matter of 'when, not if' - security chief

23/01/18

Meltdown and Spectre Patching Has Been a Total Train Wreck

23/01/18

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature

22/01/18

CYBERUK 2018 - registration now open

22/01/18

US-CERT Vulnerability Summary for the Week of January 15, 2018

22/01/18

Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web

22/01/18

ICO investigates Age UK after two data breaches

22/01/18

Meltdown/Spectre week three: World still knee-deep in something nasty

22/01/18

Network Monitoring 101: A Beginner's Guide to Understanding ntop Tools

22/01/18

Xen Project Spectre / Meltdown FAQ (Jan 22 Update)

22/01/18

Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

21/01/18

Teen accessed top US security officials' emails

19/01/18

OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks

19/01/18

NCSC Weekly Threat Report 19th January 2018

19/01/18

We need more phishing sites on HTTPS!

19/01/18

AusCERT Week in Review for 19th January 2018

19/01/18

Meltdown and Spectre Linux Kernel Status - Update

19/01/18

Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

18/01/18

Deprecating SPDY

18/01/18

Intel fix causes reboots and slowdowns

18/01/18

Red Hat slams into reverse on CPU fix for Spectre design blunder

18/01/18

Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised

18/01/18

However improbable: The story of a processor bug

18/01/18

Into the Implementation of Spectre

17/01/18

Red Hat reverts microcode update to mitigate Spectre, refers to hardware vendors for fix

17/01/18

How a 22 Year-Old Discovered the Worst Chip Flaws in History

17/01/18

GCC 7.3 Preparing For Release To Ship Spectre Patches

17/01/18

Some thoughts on security after ten years of qmail 1.0

17/01/18

Some thoughts on Spectre and Meltdown

17/01/18

2017 Cyber Attacks Statistics

17/01/18

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

16/01/18

ISC Releases Security Advisories for DHCP, BIND

16/01/18

Latvia's e-health system hit by cyberattack from abroad

16/01/18

CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

16/01/18

Hospital injects $60,000 into crims' coffers to cure malware infection

16/01/18

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

16/01/18

Retpoline Support Backport Lands In GCC 7

16/01/18

ENISA report: the 2017 cyber threat landscape

15/01/18

Customers reporting credit card fraud after using OnePlus webstore

15/01/18

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

15/01/18

US-CERT Vulnerability Summary for the Week of January 8, 2018

15/01/18

Secure Contexts Everywhere

15/01/18

I'm taking a break from cron.weekly

13/01/18

Intel puts security on the todo list, Tavis topples torrent tool, and more

13/01/18

NCSC Weekly Threat Report 12th January 2018

12/01/18

Protecting our Google Cloud customers from new vulnerabilities without impacting performance

11/01/18

AMD Processors: Google Project Zero, Spectre and Meltdown

11/01/18

Intel Security Issue Update: Addressing Reboot Issues

11/01/18

Meltdown and Spectre fallout: patching problems persist

11/01/18

Carphone Warehouse fined £400,000 after serious failures placed customer and employee data at risk

10/01/18

Adrift on a sea of data: Architecting for GDPR

10/01/18

Miami Bitcoin Conference Stops Accepting Bitcoin Due to Fees and Congestion

10/01/18

How will Certificate Transparency Logs be Audited in Practice?

10/01/18

WebKitGTK+ Security Advisory WSA-2018-0001

10/01/18

A look at the handling of Meltdown and Spectre

09/01/18

[patch RFC 5/5] x86/speculation: Add basic speculation control code

09/01/18

Meltdown, Spectre bug patch slowdown gets real - and what you can do about it

09/01/18

Meltdown and Spectre: Critical processor vulnerabilities

08/01/18

US-CERT Vulnerability Summary for the Week of January 1, 2018

08/01/18

UK Companies Set to Splurge on Cyber-Risk Mitigation

08/01/18

Pessimism over the economy lessens, by Brexit, cyber security and diversity remain key issues for UK Boards

08/01/18

Spamhaus Botnet Threat Report 2017

08/01/18

Benchmarking Linux With The Retpoline Patches For Spectre

08/01/18

Net boffins brew poison for BGP hijacks

08/01/18

FCA 'gold-plates' EU rule, bans BYOD across entire UK finance sector

08/01/18

Re: [PATCH RFC 3/4] x86/pti: don't mark the user PGD with _PAGE_NX.

08/01/18

Australian government "Small Business Cyber Security Best Practice Guide"

08/01/18

Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok

07/01/18

Feedback on 4.9 performance after PTI fixes

07/01/18

Triple Meltdown: How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time

07/01/18

[dns-operations] responsible disclosure on an IDN-related attack

06/01/18

I'm harvesting credit card numbers and passwords from your site. Here's how.

06/01/18

Meltdown and Spectre Linux Kernel Status

06/01/18

NCSC Weekly Threat Report 5th January 2018

05/01/18

Spectre and Meltdown Attacks Against Microprocessors

05/01/18

Meltdown and Spectre - what should organisations be doing to protect people's personal data?

05/01/18

AusCERT Week in Review for 5th January 2018

05/01/18

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

05/01/18

NCSC: Home user guidance to manage processor vulnerabilities "Meltdown" and "Spectre"

05/01/18

NCSC: 'Meltdown' and 'Spectre' guidance

05/01/18

December 2017 Cyber Attacks Statistics

04/01/18

More details about mitigations for the CPU Speculative Execution issue

04/01/18

US-CERT: Meltdown and Spectre Side-Channel Vulnerability Guidance

04/01/18

Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

04/01/18

DHS Admits Major Leak Affecting 247,000 Employees

04/01/18

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

03/01/18

Update to NIST Special Publication 800-160, Systems Security Engineering

03/01/18

16-31 December 2017 Cyber Attacks Timeline

03/01/18

NCSC response to reports about flaws in processors

03/01/18

Meltdown and Spectre Side-Channel Vulnerabilities

03/01/18

Bulletproof TLS Newsletter #36

03/01/18

Anonymous Hacks Italian Speed Camera Database

02/01/18

GPS tracking vulnerabilities leave millions of products at risk

02/01/18

'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

02/01/18

US-CERT Vulnerability Summary for the Week of December 25, 2017

01/01/18

27,000 UnEncrypted Credit Cards left in shared Database by Thefly.com

01/01/18

Sign Up

Sign Up For the Latest News, Briefings & Announcements






ECSC Group plc

ECSC has almost two decades' experience in the design, implementation and management of IT security solutions.

Reg No. 3964848

VAT No. 746361914

Contact

28 Campus Road
Listerhills Science Park
Bradford
BD7 1HR
United Kingdom

+44 (0) 1274 736 223

info@ecsc.co.uk