Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

Researchers Come Up With a Way to Launch Rowhammer Attacks via Network Packets

11/05/18

UK cell giant EE left a critical code system exposed with a default password

11/05/18

Malicious Chrome extensions infect 100,000-plus users, again

10/05/18

Second wave of Spectre-like CPU security flaws won't be fixed for a while

09/05/18

Raising the bar - consent under the GDPR

09/05/18

Android App With 10 Million Downloads Left Users' Photos and Audio Messages Exposed to Public

08/05/18

Data stolen in Sheffield Credit Union cyber attack

08/05/18

Red Hat smitten by secure enclaves 'cos some sysadmins are evil

08/05/18

RAID doesn't work!

08/05/18

Equifax breach exposed millions of driver's licenses, phone numbers, emails

08/05/18

1-15 April 2018 Cyber Attacks Timeline

08/05/18

NCSC Weekly Threat Report 4th May 2018

08/05/18

US-CERT Vulnerability Summary for the Week of April 30, 2018

07/05/18

Latest Internet Crime Report Released

07/05/18

LibreSSL 2.7.3 Released

05/05/18

Report: Chinese government is behind a decade of hacks on software companies

05/05/18

New regulatory powers for the digital age

04/05/18

Vulnerability Note VU#283803 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")

03/05/18

The Helium Factor and Hard Drive Failure Rates

03/05/18

US military base stores pull Huawei, ZTE kit off the shelves

03/05/18

Just Eat 'phishing' scammer faces jail

02/05/18

On Comodo CA's Recent Revocation of an SSL Certificate for Kentucky-based Stripe, Inc.

02/05/18

Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin

02/05/18

ZTE: NCSC advice to select telecommunications operators with national security concerns

02/05/18

Australia's Largest Bank Lost The Personal Financial Histories Of 12 Million Customers

02/05/18

86% of Passwords are Terrible (and Other Statistics)

02/05/18

Hard Drive Stats for Q1 2018

01/05/18

Lojack Becomes a Double-Agent

01/05/18

Consolidation of UK Payment Systems Operators

01/05/18

Bulletproof TLS Newsletter #40 Certificate Transparency logging is now mandatory

30/04/18

The NIS Guidance Collection

30/04/18

US CERT Vulnerability Summary for the Week of April 23, 2018

30/04/18

NCSC Weekly Threat Report 27th April 2018

27/04/18

HPE servers targeted by ransomware criminals

27/04/18

AusCERT Week in Review for 27th April 2018

27/04/18

A Few Thoughts on Cryptographic Engineering

26/04/18

The NCSC supports industry drive towards common standards for secure communication

26/04/18

TSB outage, day 5: What do you mean you can't log in? Our systems are up and running. Up and running, we say!

25/04/18

International operation shuts down notorious cyber crime website

25/04/18

Patch Drupal now: Yet another critical website bug found - a sequel to 'Drupalgeddon2'

25/04/18

Cyber-attack website Webstresser taken down

25/04/18

Drupal Releases Critical Security Updates

25/04/18

Will you be ready for GDPR before 25 May?

25/04/18

Cyber Security Breaches Survey 2018

25/04/18

Scheme to Recognise Academic Centres of Excellence in Cyber Security Research (ACE-CSR)

24/04/18

Hijack of Amazon's internet domain service used to reroute web traffic for two hours unnoticed

24/04/18

Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency

24/04/18

ICANN takes Whois begging bowl to Europe, comes back empty

24/04/18

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

24/04/18

BGP leaks and cryptocurrencies

24/04/18

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

24/04/18

'Check your readiness for a cyber attack', UK SMEs urged

24/04/18

Data Protection/Privacy Issues Update: Summarizing our Recent Meeting with Article 29

23/04/18

US-CERT Vulnerability Summary for the Week of April 16, 2018

23/04/18

A Quarter of UK Manufacturers Suffer Cyber-Attack Losses

23/04/18

Industry urged to boost cyber defence as almost 50 per cent of manufacturers report attack - EEF/AIG survey

23/04/18

Brit bank TSB TITSUP* after long-planned transfer of customer records from Lloyds

23/04/18

'TSB gave me access to someone's £35,000'

23/04/18

Security services 'to get more power to stop attacks'

22/04/18

Protecting the UK from the increasing cyber threat - the next steps

22/04/18

A serious cyber attack on Britain is a matter of 'if', not 'when'

21/04/18

GCHQ warns public 'absolute protection not possible' as it briefs power and transport firms on cyber attacks

21/04/18

NCSC Weekly Threat Report 20th April 2018

20/04/18

New FAQs on Software-based PIN Entry on COTS

20/04/18

German supreme court rejects ad-block challenge

20/04/18

Unmasked: The Mystery Hacker Who Stole Data on 168 Million People

19/04/18

Nominet drains mug of tea, leans back, calmly explains how to make Whois GDPR-compliant

19/04/18

Response to proposed changes to .UK policy arising from GDPR

19/04/18

PCI Council releases vastly expanded cards-in-clouds guidance

19/04/18

Flash! Ah-ahhh! WebEx pwned for all of us!

19/04/18

March 2018 Cyber Attacks Statistics

19/04/18

OK, this time it's for real: The last available IPv4 address block has gone

18/04/18

48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download

18/04/18

Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others

18/04/18

Crypto Elite Down on Blockchain's Security Applications, Call for Hardware Bug-Disclosure Improvements

18/04/18

First non-bank payment service provider (PSP) directly accesses UK payment system

18/04/18

Oblivious DNS

18/04/18

How a bad microcode fix could brick billions of chips

18/04/18

UK commits to a safer Commonwealth in cyber space

17/04/18

mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies

17/04/18

16-31 March 2018 Cyber Attacks Timeline

17/04/18

Ikea app TaskRabbit reveals security breach

17/04/18

Malicious Russian cyber activity: what does it mean for small organisations?

17/04/18

Signing pledge to fight cyberattacks, 34 leading companies promise equal protection for customers worldwide

17/04/18

NIST Releases Version 1.1 of its Popular Cybersecurity Framework

16/04/18

NCSC advice to telecommunications sector about ZTE

16/04/18

US-CERT Vulnerability Summary for the Week of April 9, 2018

16/04/18

Russia accused of global net hack attacks

16/04/18

China's ZTE 'poses risk to UK security'

16/04/18

TLS 1.3 support is coming this spring

16/04/18

CYBERUK 2018: Growing in confidence

16/04/18

NCSC Advisory: Russian state-sponsored cyber actors targeting network infrastructure devices

16/04/18

Joint US - UK statement on malicious cyber activity carried out by Russian government

16/04/18

US-CERT: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

16/04/18

Whois is dead as Europe hands DNS overlord ICANN its arse

14/04/18

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections

13/04/18

Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code

13/04/18

NCSC Weekly Threat Report 13th April 2018

13/04/18

Cloudflare promises to tend not two, but 65,535 ports in a storm

13/04/18

Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox

12/04/18

Abusing Linux's firewall: the hack that allowed us to build Spectrum

12/04/18

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

12/04/18

UK launched cyber-attack on Islamic State

12/04/18

Juniper Networks Releases Security Updates

12/04/18

Director's speech at CYBERUK 2018

12/04/18

Extended Validation (EV) Certificates Abused to Create Insanely Believable Phishing Sites

12/04/18

New Cyber Attack categorisation system to improve UK response to incidents

12/04/18

Intelligence agency GCHQ to open new base in Manchester

11/04/18

Imagine you're having a CT scan and malware alters the radiation levels - it's doable

11/04/18

Amber Rudd earmarks £9m to fight 'dark web' criminals

11/04/18

Great Western Railway accounts breached

11/04/18

OAIC report reveals 63 data breach notifications in first six weeks of NDB scheme

11/04/18

Fixing reachability to 1.1.1.1, GLOBALLY!

10/04/18

Cyber summit launches with report showing growing threat to UK businesses

10/04/18

Despacito YouTube music video hacked plus other Vevo clips

10/04/18

NCSC: The cyber threat to UK business 2017-2018 report

10/04/18

World-leading cyber centre to be developed in London's Olympic Park

10/04/18

US-CERT - Ongoing Threat of Ransomware

09/04/18

The dots do matter: how to scam a Gmail user

09/04/18

Four cents to deanonymize: Companies reverse hashed email addresses

09/04/18

US-CERT Vulnerability Summary for the Week of April 2, 2018

09/04/18

Cinema voucher-pusher tells customers: Cancel your credit cards, we've been 'attacked'

09/04/18

1-15 March 2018 Cyber Attacks Timeline

09/04/18

Small Business Guide: Actions

08/04/18

NCSC Weekly Threat Report 6th April 2018

06/04/18

Is it a bird? Is it a plane? No, it's a terrible leak of drone buyers' data

06/04/18

Foster family received death threats after data leak

06/04/18

AusCERT Week in Review for 6th April 2018

06/04/18

February 2018 Cyber Attacks Statistics

06/04/18

Best Buy hit by [24]7.ai data breach, too

05/04/18

Advisory: Hostile state actors compromising UK organisations with focus on engineering and industrial control companies

05/04/18

How the NCSC thinks about security architecture

05/04/18

GDPR Compliance and Magento Marketplace

05/04/18

Gosh, these 'hacker' nerds are only getting more sophisticated

05/04/18

1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak

05/04/18

Sears Holding, Delta Air hit by customer data breach at tech firm

05/04/18

Secret Service Warns of Chip Card Scheme

05/04/18

[Python-Dev] ssl module and LibreSSL CVE-2018-8970

04/04/18

2018 Trustwave Global Security Report

04/04/18

Panera Bread's half-baked security

04/04/18

They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender

04/04/18

Sunderland Council care files found on car boot laptop

04/04/18

Statement on [24]7.ai cyber incident

04/04/18

Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed

04/04/18

Stealing Credit Cards from FUZE via Bluetooth

04/04/18

Bitcoins seized and IT worker sentenced for computer fraud offences

03/04/18

Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters

03/04/18

Decrypters for Some Versions of Magniber Ransomware Released

03/04/18

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

02/04/18

How to Sign with Google's Private Key

02/04/18

US-CERT Vulnerability Summary for the Week of March 26, 2018

02/04/18

Compromised Magento Sites Delivering Malware

02/04/18

No, Panera Bread Doesn't Take Security Seriously

02/04/18

Panerabread.com Leaks Millions of Customer Records

02/04/18

NCCIC FY 2017 Year in Review Now Available

02/04/18

Fin7 Syndicate Hacks Saks Fifth Avenue and Lord & Taylor Stores

01/04/18

With paper and phones, Atlanta struggles to recover from cyber attack

31/03/18

Cisco Smart Install Remote Code Execution

29/03/18

Europe dumps 300,000 UK-owned .EU domains into the Brexit bin

29/03/18

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix

29/03/18

eBPF, Sockets, Hop Distance and manually writing eBPF assembly

29/03/18

AusCERT Week in Review for 29th March 2018

29/03/18

Fixing Hacks Has Deadly Impact on Hospitals

28/03/18

Facebook privacy settings revamped after scandal

28/03/18

It's Time to Make Our Privacy Tools Easier to Find

28/03/18

New Payment System Operator (NPSO) replies to PSR's open letter

28/03/18

Protecting a Web Server from DDoS Attacks Using nScrub

28/03/18

Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE

28/03/18

Creating and Managing Strong Passwords

27/03/18

Brute Force Attacks Conducted by Cyber Actors

27/03/18

Hurrah! TLS 1.3 is here. Now to implement it and put it into software

27/03/18

Political ad campaign biz AggregateIQ exposes tools, DB logins online

26/03/18

Thousands of etcd installs are leaking secret server keys online

26/03/18

US-CERT Vulnerability Summary for the Week of March 19, 2018

26/03/18

As predicted, more branch prediction processor attacks are discovered

26/03/18

NMap New Version 7.70 Released With Hundred of New OS And Service Fingerprints, 9 New NSE Scripts

26/03/18

The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

26/03/18

UK.gov unveils cyber security export strategy - only thing missing is the strategy

26/03/18

AggregateIQ Created Cambridge Analytica's Election Software, and Here's the Proof

26/03/18

Weekly Threat Report 23rd March 2018

23/03/18

Reflection of a QR code on PoS scanner used to own mobile payments

23/03/18

An accessible overview of Meltdown and Spectre, Part 2

22/03/18

Symantec cert holdout sites told: Those Google Chrome warnings are not a good look

21/03/18

TLS 1.3 Handshake: Taking a Closer Look

20/03/18

Now that's a bad trip: 880k credit cards 'likely' stolen by Orbitz hackers

20/03/18

Apple moves on HSTS abuse in Safari

20/03/18

Leading by example: UK.gov's secure server setup is patchy at best

20/03/18

CIS Controls? Version 7 Launched Today

19/03/18

16-28 February 2018 Cyber Attacks Timeline

19/03/18

US-CERT Vulnerability Summary for the Week of March 12, 2018

19/03/18

Weekly Threat Report 16th March 2018

16/03/18

Whois? More like WHOWAS: Domain database on verge of collapse over EU privacy

16/03/18

Evolved Prilex malware lets cybercriminals clone chip and PIN cards

16/03/18

AusCERT Week in Review for 16th March 2018

16/03/18

A minimal Denial Of Service response plan

15/03/18

Kaspersky Lab finds Prilex POS malware evolving to target chip and PIN-protected cards

15/03/18

Mitigating speculative execution side channel hardware vulnerabilities

15/03/18

Speculative Execution Bounty Launch

14/03/18

Let's Encrypt updates certificate automation, adds splats

14/03/18

RHEL7 core crypto components

13/03/18

Security vulnerabilities fixed in Firefox ESR 52.7

13/03/18

IT Pros and CIOs: sign up to try Firefox Quantum for Enterprise

13/03/18

AMD has a Spectre/Meltdown-like security flaw of its own

13/03/18

US-CERT Vulnerability Summary for the Week of March 5, 2018

12/03/18

Distrust of Symantec TLS Certificates

12/03/18

Is Software More Vulnerable Today?

12/03/18

China ALTERED its public vuln database to conceal spy agency tinkering - research

12/03/18

Keeping Subscribers Safe: Partner Best Practices

09/03/18

Unidentified hax0rs told not to blab shipping biz Clarksons' stolen data

09/03/18

TLS 1.3: better for individuals - harder for enterprises

09/03/18

AusCERT Week in Review for 9th March 2018

09/03/18

NSCS Weekly Threat Report 9th March 2018

09/03/18

NCSC IT: Installing software updates without breaking things

08/03/18

Hackers, Not Users, Lose Money in Attempted Cryptocurrency Exchange Heist

08/03/18

New measures to boost cyber security in millions of internet-connected devices

07/03/18

Making or selling Internet of Things (IoT) devices? Six reasons you need to be thinking about data protection

07/03/18

Smart device security guidelines 'need more teeth'

07/03/18

Secure by Design

07/03/18

Meltdown and Spectre - The Gifts That Keep On Giving

06/03/18

Porn check critics fear data breach

06/03/18

1-15 February 2018 Cyber Attacks Timeline

06/03/18

Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing

06/03/18

The real cause of large DDoS - IP Spoofing

06/03/18

UK regulator moots data protection sandbox for organisations to play in

05/03/18

4G LTE pried open to reveal a slew of new protocol-level attacks

05/03/18

Cyber Aware's NEW Perception Gap Report

05/03/18

US-CERT Vulnerability Summary for the Week of February 26, 2018

05/03/18

NCSC: Weekly Threat Report 2nd March 2018

02/03/18

New LTE attacks can snoop on messages, track locations and spoof emergency alerts

02/03/18

AusCERT Week in Review for 2nd March 2018

02/03/18

Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves

01/03/18

Cloud Burst: How A Software Provider Exposed A Financial Giant

01/03/18

Gits club GitHub code tub with record-breaking 1.35Tbps DDoS drub

01/03/18

ISC Releases Security Advisories for DHCP, BIND

01/03/18

Equifax peeks under couch, finds 2.4 million more folk hit by breach

01/03/18

Nuance says NotPetya attack led to $92 million in lost revenue

28/02/18

Fancy Bear: Germany investigates cyber-attack 'by Russians'

28/02/18

RIP CERT.org - You Will Be Missed

28/02/18

Let's talk about PCI-DSS

28/02/18

DigiCert Statement on Trustico Certificate Revocation

28/02/18

Traffic directions, port mirrors and taps

28/02/18

Popular cache utility exploited for massive reflected DoS attacks

28/02/18

Bulletproof TLS Newsletter #38

28/02/18

Duo Finds SAML Vulnerabilities Affecting Multiple Implementations

27/02/18

[openssl-announce] OpenSSL version 1.1.1 pre release 2 published

27/02/18

PCI Software-based PIN Entry on COTS: Understanding New Test Requirements

26/02/18

US-CERT Vulnerability Summary for the Week of February 19, 2018

26/02/18

Time for security policy review

26/02/18

Preparing for AWS Certificate Manager (ACM) Support of Certificate Transparency

26/02/18

Peak DNSSEC?

26/02/18

Big Changes Ahead for Core Internet Protocols

26/02/18

I've Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned

26/02/18

Alexa Top 1 Million Analysis - February 2018

26/02/18

The Trouble with Phishing

26/02/18

Contactless card fraud overtakes cheque scams for first time

24/02/18

Weekly Threat Report 23rd February 2018

23/02/18

Why we need to do more to reduce certificate lifetimes

23/02/18

AusCERT Week in Review for 23rd February 2018

23/02/18

Testing of resilience to Cyber Attacks is no longer the domain of large corporates.

22/02/18

Chase 'Glitch' Exposed Customer Accounts

22/02/18

2018 Global Economic Crime and Fraud Survey: Pulling fraud out of the shadows

22/02/18

January 2018 Cyber Attacks Statistics

22/02/18

Global Economic Crime Survey 2018: UK findings

22/02/18

After Intel & Equifax Incidents, SEC Warns Execs Not to Trade Stock While Investigating Security Incidents

22/02/18

I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download

22/02/18

Young Brits 'lack cyber-security awareness'

21/02/18

A crime against statistics that is probably worse than the cyber attacks faced in County Durham

21/02/18

World's cyber attacks hit us much harder in past year - major infosec chief survey

21/02/18

16-31 January 2018 Cyber Attacks Timeline

21/02/18

Councils 'unprepared' for cyber-attacks, report says

20/02/18

How to tune your WAF installation to reduce false positives

20/02/18

Mandatory data breach reporting starts for small business

20/02/18

Coping with Spectre and Meltdown: What sysadmins are doing

19/02/18

Crims pull another SWIFT-ie, Indian bank stung for nearly US$2m

19/02/18

US-CERT Vulnerability Summary for the Week of February 12, 2018

19/02/18

John McCain receives 2018 Kleist Award

18/02/18

Global security crackdown, a host of code nasties, Brit cops mocked, and more

17/02/18

NCSC: Weekly Threat Report 16th February 2018

16/02/18

CEA Report: The Cost of Malicious Cyber Activity to the U.S. Economy

16/02/18

Siemens and partners sign joint charter on cybersecurity

16/02/18

AusCERT Week in Review for 16th February 2018

16/02/18

Hackers stole $6 million from Russian bank via SWIFT system: central bank

16/02/18

Newly Discovered Variants Of Meltdown/Spectre Exploit Cache Coherency Across Cores

15/02/18

Unsecured server exposed thousands of FedEx customer records

15/02/18

FedEx Customer Records Exposed

15/02/18

Not perfect, but better: improving security one step at a time

15/02/18

Extracting data from an EMV (Chip-And-Pin) Card with NFC technology

15/02/18

PCI Council and X9 Committee to combine PIN security standards

15/02/18

Russian military 'almost certainly' responsible for destructive 2017 cyber attack

15/02/18

KPMG acquire Silicon Valley online security firm Cyberinc

14/02/18

Search tool accesses firms' documents in the cloud

14/02/18

While Western Union wired customers' money, hackers transferred their personal deets

13/02/18

Browsealoud Security Response Plan

13/02/18

Zero-day vulnerability in Telegram

13/02/18

Uh-oh. How just inserting a USB drive can pwn a Linux box

12/02/18

Equifax under pressure after data breach update

12/02/18

US-CERT Vulnerability Summary for the Week of February 5, 2018

12/02/18

NCSC advice: Malicious software used to illegally mine cryptocurrency

12/02/18

ACSC statement on cryptocurrency miner inserted into BrowseAloud

12/02/18

Cryptocurrency Mining Hack That Compromised Thousands of Sites 'Could Have Been a Catastrophe'

12/02/18

UK Government Websites Infected with Cryptocurrency Mining Code

12/02/18

Domain Theft Strands Thousands of Web Sites

12/02/18

Meltdown's Linux patches alone add big load to CPUs, and that's just one of four fixes

12/02/18

Hackers hijack thousands of government websites to mine Bitcoin

12/02/18

Government websites hijacked by cryptomining plugin

12/02/18

Equifax hackers may have stolen more data than originally revealed

11/02/18

Hackers hijack government websites to mine crypto-cash

11/02/18

NCSC statement: Malware being used to illegally mine cryptocurrency

11/02/18

Protect your site from Cryptojacking with CSP + SRI

11/02/18

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

11/02/18

Amazon EC2 Cloud Compute Performance: December vs. February

10/02/18

Cisco Confirms Critical Firewall Software Bug Is Under Attack

09/02/18

KPTI/KAISER Meltdown Initial Performance Regressions

09/02/18

Weekly Threat Report 9th February 2018

09/02/18

Free Decryption Tool Released for Cryakl Ransomware

09/02/18

PoS Malware Steals Credit Card Data via DNS Requests

09/02/18

NCSC: Mitigating Malware

09/02/18

Wish you could log into someone's Netgear box without a password? Summon a &genie=1

09/02/18

NCSC: Preventing Lateral Movement

09/02/18

AusCERT Week in Review for 9th February 2018

09/02/18

Multiple Vulnerabilities in NETGEAR Routers

07/02/18

Swisscom data breach: Personal details of one in ten Swiss citizens stolen

07/02/18

ReelPhish: A Real-Time Two-Factor Phishing Tool

07/02/18

Security Issue Update: Progress Continues on Firmware Updates

07/02/18

NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

07/02/18

Business Wire Suffers Week-Long DDoS Attack

07/02/18

Beware the looming Google Chrome HTTPS certificate apocalypse!

07/02/18

CSS Code Can Be Abused to Collect Sensitive User Data

06/02/18

It's Hard To Change The Keys To The Internet And It Involves Destroying HSMs

06/02/18

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told

06/02/18

K31404801: F5 BIG-IP TMM vulnerability CVE-2017-6169

06/02/18

Announcing the NCSC's new Phishing Guidance

06/02/18

1-15 January 2018 Cyber Attacks Timeline

06/02/18

Bad Influence: How A Marketing Startup Exposed Thousands of Social Media Stars

05/02/18

security things in Linux v4.15

05/02/18

12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach

05/02/18

US-CERT Vulnerability Summary for the Week of January 29, 2018

05/02/18

Linux Kernel Release Model

05/02/18

Jon Masters On Understanding Spectre & Meltdown CPU Vulnerabilities

05/02/18

Active Cyber Defence - one year on

05/02/18

Pioneering programme defends UK from millions of cyber attacks

05/02/18

Millions of cyber threats blocked every month, report reveals

05/02/18

Weekly Threat Report 2nd February 2018

02/02/18

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

02/02/18

There is no evidence in-the-wild malware is using Meltdown or Spectre

02/02/18

Meltdown-Spectre: Malware is already being tested by attackers

01/02/18

Announcing Draft Plan For Continuing With The KSK Roll

01/02/18

Backblaze Hard Drive Stats for 2017

01/02/18

We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities

01/02/18

Bulletproof TLS Newsletter #37: Cloud provider vulnerability causes Let's Encrypt to disable SNI domain validation

31/01/18

AMD vs Spectre: Our new Zen 2 chips will be protected, says CEO

31/01/18

New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices

31/01/18

Preventing data leaks by stripping path information in HTTP Referrers

31/01/18

End user devices: factory reset and reprovisioning

31/01/18

The Document Foundation announces LibreOffice 6.0: power, simplicity, security and interoperability from desktop to cloud

31/01/18

[elrepo] Announcement: EL7 New kernel-ml Release [4.15.0-1]

31/01/18

Denial of Service (DoS) guidance collection

31/01/18

Oracle point-of-sale system vulnerabilities get Big Red cross

31/01/18

Meltdown/Spectre Update

30/01/18

Reckoning The Spectre And Meltdown Performance Hit For HPC

30/01/18

Car-share biz GoGet became data share biz after 2017 hack attack

30/01/18

Ugly, perfect ten-rated bug hits Cisco VPNs

30/01/18

Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability

29/01/18

US-CERT Vulnerability Summary for the Week of January 22, 2018

29/01/18

The hidden well-known phishing sites

29/01/18

UK infrastructure firms to face £17m fine if their cybersecurity sucks

29/01/18

Estimating the Cost of Internet Insecurity

29/01/18

You can't ignore Spectre. Look, it's pressing its nose against your screen

29/01/18

Thar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombs

29/01/18

Fitness tracking app Strava gives away location of secret US army bases

28/01/18

Government acts to protect essential services from cyber attack

28/01/18

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

28/01/18

First ‘Jackpotting’ Attacks Hit U.S. ATMs

27/01/18

The Effects of the Spectre and Meltdown Vulnerabilities

26/01/18

Linux and Intel slowly hack their way to a Spectre patch

26/01/18

Introducing nProbe Cento 1.4 with Hardware Flow Offload

26/01/18

Alphabet launches new cybersecurity company, Chronicle, out of its X moonshot factory

25/01/18

ClamAV 0.99.3 has been released!

25/01/18

Intel alerted computer makers to chip flaws on Nov 29 - new claim

25/01/18

Dutch agencies provide crucial intel about Russia's interference in US-elections

25/01/18

Mastercard to Implement Biometrics for In-Store Card Payments

25/01/18

Digital Charter will set new online standards for years to come

25/01/18

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

25/01/18

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation bliz

25/01/18

NHS deploys Microsoft threat detection service on just 30,000 devices

24/01/18

Give Good the Advantage

24/01/18

[openssl-project] 1.1.1 Release timetable (again)

24/01/18

SentinelOne Releases Free Linux Tool to Detect Meltdown Vulnerability Exploitations

24/01/18

New PCI Software-Based PIN Entry on COTS Standard

24/01/18

Death notice: Moore's Law. 19 April 1965 - 2 January 2018

24/01/18

Police probing Bell Canada data breach; up to 100,000 customers affected

23/01/18

Major cyber-attack on UK a matter of 'when, not if' - security chief

23/01/18

Meltdown and Spectre Patching Has Been a Total Train Wreck

23/01/18

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature

22/01/18

CYBERUK 2018 - registration now open

22/01/18

US-CERT Vulnerability Summary for the Week of January 15, 2018

22/01/18

Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web

22/01/18

ICO investigates Age UK after two data breaches

22/01/18

Meltdown/Spectre week three: World still knee-deep in something nasty

22/01/18

Network Monitoring 101: A Beginner's Guide to Understanding ntop Tools

22/01/18

Xen Project Spectre / Meltdown FAQ (Jan 22 Update)

22/01/18

Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

21/01/18

Teen accessed top US security officials' emails

19/01/18

OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks

19/01/18

NCSC Weekly Threat Report 19th January 2018

19/01/18

We need more phishing sites on HTTPS!

19/01/18

AusCERT Week in Review for 19th January 2018

19/01/18

Meltdown and Spectre Linux Kernel Status - Update

19/01/18

Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

18/01/18

Deprecating SPDY

18/01/18

Intel fix causes reboots and slowdowns

18/01/18

Red Hat slams into reverse on CPU fix for Spectre design blunder

18/01/18

Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised

18/01/18

However improbable: The story of a processor bug

18/01/18

Into the Implementation of Spectre

17/01/18

Red Hat reverts microcode update to mitigate Spectre, refers to hardware vendors for fix

17/01/18

How a 22 Year-Old Discovered the Worst Chip Flaws in History

17/01/18

GCC 7.3 Preparing For Release To Ship Spectre Patches

17/01/18

Some thoughts on security after ten years of qmail 1.0

17/01/18

Some thoughts on Spectre and Meltdown

17/01/18

2017 Cyber Attacks Statistics

17/01/18

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

16/01/18

ISC Releases Security Advisories for DHCP, BIND

16/01/18

Latvia's e-health system hit by cyberattack from abroad

16/01/18

CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

16/01/18

Hospital injects $60,000 into crims' coffers to cure malware infection

16/01/18

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

16/01/18

Retpoline Support Backport Lands In GCC 7

16/01/18

ENISA report: the 2017 cyber threat landscape

15/01/18

Customers reporting credit card fraud after using OnePlus webstore

15/01/18

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

15/01/18

US-CERT Vulnerability Summary for the Week of January 8, 2018

15/01/18

Secure Contexts Everywhere

15/01/18

I'm taking a break from cron.weekly

13/01/18

Intel puts security on the todo list, Tavis topples torrent tool, and more

13/01/18

NCSC Weekly Threat Report 12th January 2018

12/01/18

Protecting our Google Cloud customers from new vulnerabilities without impacting performance

11/01/18

AMD Processors: Google Project Zero, Spectre and Meltdown

11/01/18

Intel Security Issue Update: Addressing Reboot Issues

11/01/18

Meltdown and Spectre fallout: patching problems persist

11/01/18

Carphone Warehouse fined £400,000 after serious failures placed customer and employee data at risk

10/01/18

Adrift on a sea of data: Architecting for GDPR

10/01/18

Miami Bitcoin Conference Stops Accepting Bitcoin Due to Fees and Congestion

10/01/18

How will Certificate Transparency Logs be Audited in Practice?

10/01/18

WebKitGTK+ Security Advisory WSA-2018-0001

10/01/18

A look at the handling of Meltdown and Spectre

09/01/18

[patch RFC 5/5] x86/speculation: Add basic speculation control code

09/01/18

Meltdown, Spectre bug patch slowdown gets real - and what you can do about it

09/01/18

Meltdown and Spectre: Critical processor vulnerabilities

08/01/18

US-CERT Vulnerability Summary for the Week of January 1, 2018

08/01/18

UK Companies Set to Splurge on Cyber-Risk Mitigation

08/01/18

Pessimism over the economy lessens, by Brexit, cyber security and diversity remain key issues for UK Boards

08/01/18

Spamhaus Botnet Threat Report 2017

08/01/18

Benchmarking Linux With The Retpoline Patches For Spectre

08/01/18

Net boffins brew poison for BGP hijacks

08/01/18

FCA 'gold-plates' EU rule, bans BYOD across entire UK finance sector

08/01/18

Re: [PATCH RFC 3/4] x86/pti: don't mark the user PGD with _PAGE_NX.

08/01/18

Australian government "Small Business Cyber Security Best Practice Guide"

08/01/18

Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok

07/01/18

Feedback on 4.9 performance after PTI fixes

07/01/18

Triple Meltdown: How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time

07/01/18

[dns-operations] responsible disclosure on an IDN-related attack

06/01/18

I'm harvesting credit card numbers and passwords from your site. Here's how.

06/01/18

Meltdown and Spectre Linux Kernel Status

06/01/18

NCSC Weekly Threat Report 5th January 2018

05/01/18

Spectre and Meltdown Attacks Against Microprocessors

05/01/18

Meltdown and Spectre - what should organisations be doing to protect people's personal data?

05/01/18

AusCERT Week in Review for 5th January 2018

05/01/18

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

05/01/18

NCSC: Home user guidance to manage processor vulnerabilities "Meltdown" and "Spectre"

05/01/18

NCSC: 'Meltdown' and 'Spectre' guidance

05/01/18

December 2017 Cyber Attacks Statistics

04/01/18

More details about mitigations for the CPU Speculative Execution issue

04/01/18

US-CERT: Meltdown and Spectre Side-Channel Vulnerability Guidance

04/01/18

Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

04/01/18

DHS Admits Major Leak Affecting 247,000 Employees

04/01/18

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

03/01/18

Update to NIST Special Publication 800-160, Systems Security Engineering

03/01/18

16-31 December 2017 Cyber Attacks Timeline

03/01/18

NCSC response to reports about flaws in processors

03/01/18

Meltdown and Spectre Side-Channel Vulnerabilities

03/01/18

Bulletproof TLS Newsletter #36

03/01/18

Anonymous Hacks Italian Speed Camera Database

02/01/18

GPS tracking vulnerabilities leave millions of products at risk

02/01/18

'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

02/01/18

US-CERT Vulnerability Summary for the Week of December 25, 2017

01/01/18

27,000 UnEncrypted Credit Cards left in shared Database by Thefly.com

01/01/18

Sign Up

Sign Up For the Latest News, Briefings & Announcements






ECSC Group plc

ECSC has over 15 years' experience in the design, implementation and management of IT security solutions.

Reg No. 3964848

VAT No. 746361914

Contact

28 Campus Road
Listerhills Science Park
Bradford
BD7 1HR
United Kingdom

+44 (0) 1274 736 223

info@ecsc.co.uk