Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

US-CERT Vulnerability Summary for the Week of August 7, 2017

14/08/17

Associate QSA Program: Coming Soon

14/08/17

Macie slay: AWS touts S3 patrol bots to kill data-slurping hackers

14/08/17

That Vulnerability is "Theoretical"!

13/08/17

cron.weekly issue #93: Debian, Git, Jerakia, Lighthouse, hey, load, compression, OpenVPN & more

13/08/17

Top repo managers clone, then close, a nasty SSH vector

13/08/17

OpenSSL Blog: new "random" number generator

12/08/17

Infosec eggheads rig USB desk lamp to leak passwords via Bluetooth

11/08/17

NCSC: Weekly Threat Report 11th

11/08/17

PA Firefighters Overcome 10-Day Comms Issue

11/08/17

Password Power Rankings: A look at the practices of 40+ popular websites

10/08/17

Baroness opens Cyber Security Centre at the University of Bradford

09/08/17

TalkTalk fined £100,000 after carelessly exposing customer data. Again.

09/08/17

Penetration testing - what is it and who is it for?

09/08/17

NotBeingPetya: UK critical infrastructure firms face huge fines for lax security

08/08/17

Attack on Ireland's state-owned power provider blamed on state-sponsored hackers

08/08/17

Big question of the day: Is it time to lock down .localhost?

08/08/17

New fines for essential service operators with poor cyber security

08/08/17

1-15 July 2017 Cyber Attacks Timeline

08/08/17

Consultation on the Security of Network and Information Systems Directive

08/08/17

Awesome Hacking: A collection of awesome lists for hackers, pentesters & security researchers.

08/08/17

UK data protection laws to be overhauled

07/08/17

Re-identifying folks from anonymised data will be a crime in the UK

07/08/17

US-CERT: Vulnerability Summary for the Week of July 31, 2017

07/08/17

NIST Releases Cybersecurity Definitions for the Workforce

07/08/17

16-30 June 2017 Cyber Attacks Timeline

07/08/17

DonateBlood.com.au data breach (Precedent Communications Pty Ltd)

07/08/17

FireEye Provides Update on Allegations of Breach

07/08/17

EirGrid targeted by 'state sponsored' hackers leaving networks exposed to 'devious attack'

06/07/17

cron.weekly issue #92: RHEL 7.4, Varnish, Exa, Btrfs, sslh, ZFS, inputrc, opensmtpd & more

06/07/17

NCSC: Weekly Threat Report 4th August 2017

04/08/17

What's Next for PCI DSS?

03/08/17

Built-in protection against USB security attacks with USBGuard

03/08/17

Troy Hunt: Introducing 306 Million Freely Downloadable Pwned Passwords

03/08/17

Coming soon to a Parliament near you - UK's Data Protection Bill

03/08/17

SMBLoris: What You Need To Know

02/08/17

Determine for yourself which Certification Authorities can issue certificates on your domain

02/08/17

This typosquatting attack on npm went undetected for 2 weeks

02/08/17

Chrome web dev plugin with 1m+ users hijacked, crams ads into browsers

02/08/17

Drug maker Merck's worldwide operations hampered by Petya attack

02/08/17

Cardiff billboard offensive images display after hack

02/08/17

Brit voucher biz's signup page blabbed families' details via URL tweak

02/08/17

DOJ Builds Bug Bounty Framework, Hopes to Curve Criminal Violations

02/08/17

RHEL & CentOS 7.4 restores HTTP/2 functionality on Nginx

01/08/17

EUD: Virtual Private Networks

01/08/17

McAfee online scan used plain old HTTP to fetch screen elements

01/08/17

Underhanded Crypto Contest: 2017 Runner-Up: Neville Longbottom

31/07/17

US-CERT Vulnerability Summary for the Week of July 24, 2017

31/07/17

It is easy to expose users' secret web habits, say researchers

31/07/17

Kids Pass Just Reminded Us How Hard Responsible Disclosure Is

31/07/17

Leaked private keys and revocations based on fake private keys

31/07/17

Measuring Vulnerability Rediscovery

31/07/17

Hackers kick off #leaktheanalyst campaign by dumping data of $1bn security firm

31/07/17

Power firms alerted on hack attack scenarios

30/07/17

cron.weekly issue #91: Memcached, MariaDB, Boltron, BinaryAlert, Gitlab, pik, uchat & more

30/07/17

Google Outlines SSL Apocalypse for Symantec Certificates

29/07/17

The differences between how SFTP and scp work in OpenSSH

29/07/17

Illegal and undocumented instructions

28/07/17

State of play - Techniques used in cyber-attacks

28/07/17

NCSC: Weekly Threat Report 28th July 2017

28/07/17

Some Whois Lookup Services Might be Broken

27/07/17

Ransomware 'here to stay', warns Google study

27/07/17

Shoddy data-stripping exposes firms to hack attacks

26/07/17

Passwords Evolved: Authentication Guidance for the Modern Era

26/07/17

UniCredit Says 400,000 Accounts Were Hacked, Exposing Data

26/07/17

Details of a million people across Yorkshire for sale on 'dark web'

25/07/17

Swedish PM admits that huge data leak is 'a disaster'

25/07/17

Rehab camp aims to put young cyber-crooks on right track

25/07/17

18-year-old arrested after reporting dumb bug in public transport e-ticket system

25/07/17

Wells Fargo Asks Judges to Force Return of Leaked Client Data

25/07/17

Adobe to kill off Flash plug-in by 2020

25/07/17

Over 2,200 Data Breaches Disclosed So Far In 2017, Exposing Over Six Billion Records

25/07/17

Security bug allows hackers to bypass encryption, intercept iCloud Keychain

25/07/17

US-CERT Vulnerability Summary for the Week of July 17, 2017

24/07/17

1-15 June 2017 Cyber Attacks Timeline

24/07/17

Crims snatch 5.5 million social security numbers from Kansas govt box

24/07/17

A Virtual Canary-in-the-Coalmine for the DNSSEC Root Key Rollover

24/07/17

Certificate Limitation Policy

23/07/17

cron.weekly issue #90: OCI, Apache, Go, Shells, Duplicity, mktemp, man & more

23/07/17

TLS 1.3 in enterprise networks

22/07/17

NCSC Weekly Threat Report 21st July 2017

21/07/17

Worst known governmental leak ever is slowly coming to light: Agency moved nation's secret data to "The Cloud"

21/07/17

AusCERT Week in Review for 21st July 2017

21/07/17

Fingerprint-based detection of DNS hijacks using RIPE Atlas

20/07/17

Massive blow to criminal Dark Web activities after globally coordinated operation

20/07/17

IoT Thermostat Bug Allows Hackers to Turn Up the Heat

20/07/17

Exclusive: Dutch Cops on AlphaBay 'Refugees'

20/07/17

How I tricked Symantec with a Fake Private Key

20/07/17

Final removal of trust in WoSign and StartCom Certificates

20/07/17

Ricoh Australia Scrambles to Fix Document Leak

20/07/17

UK households hit by 1.8m computer misuse offences in a year

20/07/17

TLS 1.2 Support added to Windows Server 2008

20/07/17

AWS warns users about open S3 buckets

19/07/17

On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let's Encrypt

19/07/17

Unpacking a classic Turnbullian announcement: Home Affairs, cyber security and intelligence

19/07/17

Crime in England and Wales: year ending Mar 2017

19/07/17

"Bad Taste" Vulnerability Affects Linux Systems via Malicious Windows MSI Files

19/07/17

Petya cyber-attack still disrupting firms weeks later

18/07/17

Wireshark-announce: [Wireshark-announce] Wireshark 2.2.8 is now available

18/07/17

Insurers claim cyber calamities could cost more than Hurricane Sandy

18/07/17

Newcastle City Council Leaks Data of Thousands of Adopted Children

18/07/17

Petya damage to TNT Express systems is likely permanent

18/07/17

Review urges 24/7 cyber security centre

18/07/17

AMD Secure Memory Encryption Patches Updated For Linux

17/07/17

11 remote vulnerabilities (inc. 2x RCE) in FreeRADIUS packet parsers

17/07/17

US-CERT: Vulnerability Summary for the Week of July 10, 2017

17/07/17

Cloud Leak: WSJ Parent Company Dow Jones Exposed Customer Data

17/07/17

Dutton to head up super security ministry

17/07/17

Lloyd's of London CEO: Cyber-insurance cost to double

17/07/17

2017: The FBI alerts parents to dangers of Internet of Sh*t toys

17/07/17

GCHQ Says Hackers Have Likely Compromised UK Energy Sector Targets

17/07/17

Memcached - A Story of Failed Patching & Vulnerable Servers

17/07/17

Extreme cyber-attack could cost as much as Superstorm Sandy

17/07/17

Cyber attacks a wake-up call: Keenan

17/07/17

cron.weekly issue #89: Fedora 26, ZFS, Go 2, Time, seashells, Boltron, Redis, Duplicity & more

16/07/17

Solving a post exploitation issue with CVE-2017-7308

16/07/17

NHS medic posts confidential patient data of new mums on Facebook

15/07/17

NCSC Weekly Threat Report 14th July 2017

14/07/17

Australia short on cyber talent

14/07/17

AusCERT Week in Review for 14th July 2017

14/07/17

ICO's Annual Report for 2016/17 highlights a year of achievements and future challenges

13/07/17

May 2017 Cyber Attacks Statistics

13/07/17

Bupa data breach affects 500,000 insurance customers

13/07/17

No big deal. You can defeat Kaspersky's ATM antivirus with a really fat executable

13/07/17

Demystifying the NESA

13/07/17

Bupa: Rogue staffer stole health insurance holders' personal deets

13/07/17

Uber patches security flaw leading to subdomain takeover

13/07/17

Bupa IPMI notifies customers of insider breach; former employee claimed to have 1million records for sale on dark web

13/07/17

Potential network disruption

12/07/17

Private Keys on Web Servers

12/07/17

Millions of Verizon customer records exposed in security lapse

12/07/17

Symantec explores selling web certificates business: sources

12/07/17

NCSC: Cyber Accelerator

12/07/17

Understanding the .io TLD's DNS configuration vulnerability

12/07/17

What is new in OpenSSH 7.4 (in RHEL 7.4)?

12/07/17

New Australian cyber unit to target overseas criminals

11/07/17

Announcing Bulletproof SSL and TLS, the 2017 revision

11/07/17

Fedora 26 Now Generally Available

11/07/17

Insurers may have to adjust policies to reflect 'silent' cyber risks

11/07/17

Closing the CVE gap: Is MITRE up to it?

11/07/17

Numerous Swiss domain names temporarily hijacked

10/07/17

National Audit Office confirms that police, banks, Home Office pass the buck on fraud

10/07/17

High-reliability OCSP stapling and why it matters

10/07/17

US-CERT Vulnerability Summary for the Week of July 3, 2017

10/07/17

End-to-end encryption back door 'a bad idea'

10/07/17

16-31 May 2017 Cyber Attacks Timeline

10/07/17

Mobile Payment Acceptance: A Look at PCI's New Software-Based PIN-Entry Initiative

10/07/17

The Alarming Prevalence of Data Breach Cover-Ups

10/07/17

Three million wrestling fans at risk after WWE leaves database unprotected

10/07/17

security things in Linux v4.12

10/07/17

cron.weekly issue #88: a forum, kernel 4.12, OpenBSD, systemd, elvish, puppet, vtop & more!

09/07/17

Hard Rock hotels burgered up by Sabre breach

09/07/17

Jio Customer Database of over 120 million users leaked, could be biggest data breach in India

09/07/17

Self-Service Food Kiosk Vendor Avanti Hacked

08/07/17

NCSC Weekly threat report 7th July 2017

07/07/17

AusCERT Week in Review for 7th July 2017

07/07/17

Germany says cyber threat greater than expected, more firms affected

07/07/17

Google Chrome's HTTPS ban-hammer drops on WoSign, StartCom in two months

07/07/17

B&B Theatres Hit in 2-Year Credit Card Breach

07/07/17

AA apologises, and confirms customers' partial credit card data *was* exposed

07/07/17

Recovering data from a disk encrypted by #NotPetya with Salsa20

07/07/17

Global Cybersecurity Index

07/07/17

Largest advertising company in the world still wincing after NotPetya punch

07/07/17

Phone scams targeting a variety of organisations in the Health industry

07/07/17

Local Packet Filtering with IPv6

06/07/17

CIA Malware Can Steal SSH Credentials, Session Traffic

06/07/17

Massive WWE Leak Exposes 3 Million Wrestling Fans' Addresses, Ethnicities And More

06/07/17

Breached Bitcoin Bithumb bosses blame bod's BYOD

06/07/17

Massive cyber-attack could cost Nurofen and Durex maker £100m

06/07/17

M.E.Doc Software Was Backdoored 3 Times, Servers Left Without Updates Since 2013

06/07/17

Major cryptocurrency exchange hacked - customers' Bitcoin and Ethereum accounts plundered

06/07/17

Australia drops four places in UN cyber security top ten

05/07/17

U.N. survey finds cybersecurity gaps everywhere except Singapore

05/07/17

Sabre Update on Cybersecurity Incident

05/07/17

Payment Systems Regulator Annual Report and Accounts 2016/17

05/07/17

ICO publishes International Strategy to help protect UK public's personal information in a global environment

04/07/17

AA Shop investigating 13 gigabyte data breach

03/07/17

Revocation is broken

03/07/17

The Medicare machine: patient details of 'any Australian' for sale on darknet

03/07/17

US-CERT Vulnerability Summary for the Week of June 26, 2017

03/07/17

65% of major US banks have failed web security testing

03/07/17

Bradford cyber security master's degree gets GCHQ stamp of approval

03/07/17

CERT Australia takes over ACMA cyber security program

03/07/17

German e-gov protocol carries ancient vulns

03/07/17

A Man-in-the-Middle Attack against a Password Reset System

03/07/17

The AA Exposed Emails, Credit Card Data, and Didn't Inform Customers

03/07/17

Alert (TA17-181A) Petya Ransomware

03/07/17

cron.weekly issue #87: OutlawCountry, MOTD, NSA, systemd, Kubernetes, spoilerwall, Dexter, GPG & more

02/07/17

Beyond public key encryption

02/07/17

Trump Hotels notifies some guests of payment card breach that began in 2016

01/07/17

Did the AA have a minor breakdown?

01/07/17

EternalPetya - yet another stolen piece in the package?

01/07/17

Online fraud overlooked by government, says watchdog

30/06/17

NCSC Weekly Threat Report 30th June 2017

30/06/17

Petya More Effective at Destruction Than as Ransomware

30/06/17

Management bug can crash Cisco IOS, IOS XE

30/06/17

SEC Consult SA-20170630-0 :: Multiple critical vulnerabilities in OSCI-Transport library 1.2 for German e-Government

30/06/17

SSL Labs Grading Redesign (Preview 1)

30/06/17

NCSC rolls out free and easy steps to improve public sector cyber security

30/06/17

AusCERT Week in Review for 30th June 2017

30/06/17

Australia creates military cyber unit to expand hacking attacks

30/06/17

Government data site user details leak

29/06/17

Eternal Champion Exploit Analysis

29/06/17

Windows 10 platform resilience against the Petya ransomware attack

29/06/17

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

29/06/17

EternalPetya and the lost Salsa20 key

29/06/17

Petya: "I Want To Believe"

29/06/17

Cyber-attack was about data and not money, say experts

29/06/17

Back to the future for Maersk in the wake of Petya attack

29/06/17

NCSC statement on the global cyber incident

29/06/17

Password guidance summary: how to protect against password-guessing attacks

28/06/17

LinkedIn 2012 hack: what you need to know

28/06/17

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

28/06/17

Petya Ransomware Without The Fluff

28/06/17

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

28/06/17

Password security alert

27/06/17

Warning to SMEs as firm hit by cyber attack fined £60,000

27/06/17

Defence Secretary's speech at Cyber 2017 Chatham House Conference

27/06/17

New ransomware, old techniques: Petya adds worm capabilities

27/06/17

Multiple Petya Ransomware Infections Reported

27/06/17

Petya Ransomware Spreading Via EternalBlue Exploit

27/06/17

Petya ransomware outbreak: Here's what you need to know

27/06/17

Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday

27/06/17

Ukraine Businesses Hit by Petya Ransomware

27/06/17

NCSC: Weekly Threat Report 23rd June 2017

26/06/17

US-CERT Vulnerability Summary for the Week of June 19, 2017

26/06/17

UK parliamentary email compromised after 'sustained and determined cyber attack'

26/06/17

People can be strongest link in cyber security, says NCSC

26/06/17

cron.weekly issue #86: Debian 9, Kernel vulnerability, Ubuntu, GitLab, casync, SSH tunnels & more

25/06/17

Parliament cyber-attack 'hit up to 90 users'

25/06/17

Russian hackers trading stolen email addresses and passwords of 1,000 British MPs and top officials online

23/06/17

Heaps of Windows 10 internal builds, private source code leak online

23/06/17

FBI: Extortion, CEO Fraud Among Top Online Fraud Complaints in 2016

23/06/17

Guidance on the historic LinkedIn incident (2012)

23/06/17

AusCERT Week in Review for 23rd June 2017

23/06/17

IC3 Releases Annual Report Highlighting Trends in Internet Crime

22/06/17

NIST Launches New Special Publication (SP) 800-63 Suite!

22/06/17

Who are the cyberists?

21/06/17

ModSecurity version 3: Fuzzing as part of the QA

21/06/17

IC3 Issues Internet Crime Report for 2016

21/06/17

Criminal gang says that they shut down Skype, says Steam is next

21/06/17

The OpenVPN post-audit bug bonanza

21/06/17

News: Breach at UK.gov's Cyber Essentials scheme exposes users to phishing attacks

21/06/17

Historical courses and resorts in Elliptic Curves Cryptography - Is Curve25519 dead?

21/06/17

casync - A tool for distributing file system images

20/06/17

Web-hosting firm agrees to pay over $1 million to ransomware extortionists

20/06/17

AdGholas Malvertising Campaign Using Astrum EK to Deliver Mole Ransomware

20/06/17

TLS 1.2 support at Microsoft

20/06/17

US-CERT Vulnerability Summary for the Week of June 12, 2017

19/06/17

Stack Guard Page Circumvention Affecting Multiple Packages

19/06/17

GCSE computing exam entrants falls, infosec job recruitment in trouble

19/06/17

198 million Americans hit by "largest ever" voter records leak

19/06/17

The Stack Clash

19/06/17

Bradford Council 'to test boundaries' of cyber resilience

19/06/17

Apache HTTP Server 2.4.26 Released

19/06/17

Private key corresponding to public key in trusted Cisco certificate embedded in executable

18/06/17

Personal info of hundreds of thousands of students targeted in schools hack attack

18/06/17

cron.weekly issue #85: yes, SQLite, bingrep, reredirect, Spack, sudo, mdadm, MySQL & more

18/06/17

Removing Some Code

17/06/17

Enhancing the security of the OS with cryptography changes in Red Hat Enterprise Linux 7.4

16/06/17

CVE-2017-7507 Detail

16/06/17

University of East Anglia in students' personal data breach

16/06/17

Your yearly reminder to post to Full-Disclosure, not Bugtraq

16/06/17

Norwich airport and hospital cyber-hacker 'His Royal Gingerness' jailed

16/06/17

NCSC Weekly Threat Report 16th June 2017

16/06/17

Facebook staff had their identities exposed to suspected terrorists due to security lapse

16/01/17

Brit hacker admits he siphoned info from US military satellite network

16/01/17

It's 2017 and someone's probably still using WINS naming. If so, stop

15/06/17

New cyber security information service launched today by ENISA

15/06/17

How I Found A 20-Year-Old Linux Kernel Bug

15/06/17

CIA has been hacking into Wi-Fi routers for years, leaked documents show

15/06/17

A WarCon 2017 presentation: Cisco ASA - Exploiting the IKEv1 heap overflow - CVE-2016-1287

15/06/17

ISC Releases Security Updates for BIND

15/06/17

National Exposure Index 2017

14/06/17

Internet hygiene still stinks despite botnet and ransomware flood

14/06/17

Don't touch that mail! London uni fears '0-day' used to cram network with ransomware

14/06/17

Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

14/06/17

Nmap 7.50 released: New NSE scripts, 300+ fingerprints, new Npcap

14/06/17

HACKING UK TRIDENT: A Growing Threat

14/06/17

Buggy devices and lazy operators make VoLTE a security nightmare

14/06/17

Samsung Left Millions Vulnerable to Hackers Because It Forgot to Renew a Domain

14/06/17

"Do what I mean!" - time to focus on developer intent

14/06/17

1-15 May 2017 Cyber Attacks Timeline

14/06/17

BIND9 CVE-2017-3140 & CVE-2017-3141

14/06/17

Microsoft: Latest security fixes thwart NSA hacking tools

13/06/17

Guidance related to June 2017 security update release

13/06/17

How a Single Email Stole $1.9 Million from Southern Oregon University

13/06/17

Defending the borders of your business in a digital era

13/06/17

Alert (TA17-164A) HIDDEN COBRA - North Korea's DDoS Botnet Infrastructure

13/06/17

AusCERT Week in Review for 16th June 2017

12/06/17

US-CERT Alert: CrashOverride Malware

12/06/17

Virgin Media resolves flaw in config backup for Super Hub routers

12/06/17

Gloucester City Council fined £100,000 after leak due to failure to patch Heartbleed

12/06/17

Understanding the prevalence of web traffic interception

12/06/17

US-CERT Vulnerability Summary for the Week of June 5, 2017

12/06/17

Malware downloader infects your PC without a mouse click

11/06/17

NCSC Weekly Threat Report 9th June 2017

09/06/17

AusCERT Week in Review for 9th June 2017

09/06/17

April 2017 Cyber Attacks Statistics

09/06/17

Infosec guru Schneier: Govts WILL intervene to regulate Internet of Sh!t

08/06/17

Most vulnerabilities first blabbed about online or on the dark web

08/06/17

Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls

08/06/17

Britney Spears: Malware planted in singer's Instagram page

08/06/17

The Principles of a Subdomain Takeover

06/06/17

Browser Watch: SSL and Security Changes in Chrome 59

06/06/17

Google Releases Security Updates for Chrome

06/06/17

FIREBALL - The Chinese Malware of 250 Million Computers Infected

06/06/17

How The Intercept Outed Reality Winner

05/06/17

Reducing the Risk of SNMP Abuse

05/06/17

March 2017 Cyber Attacks Statistics

05/06/17

16-30 April 2017 Cyber Attacks Timeline

05/06/17

Massive Leak of 10 Million VIN Numbers Could Help Crooks Make Stolen Cars Look Legit

05/06/17

cron.weekly issue #83: Humble Bundle, Sudo, kapo, slap, Node, MySQL, iostat & more

04/06/17

NCSC Weekly Threat Report 2nd June 2017

02/06/17

AusCERT Week in Review for 2nd June 2017

02/06/17

Identity manager OneLogin hacked, user data accessed

02/06/17

Why did 'power surge' hit BA computers?

01/06/17

Ethiopia blocks internet 'to stop exam cheats'

01/06/17

Cyber Security Roundup for May 2017

01/06/17

ESB-2017.1384 - [Linux][Ubuntu] sudo: Root compromise - Existing account

01/06/17

UK surveillance law raises concerns security researchers could be 'deputised' by the state

31/05/17

CVE-2017-9073 Detail

31/05/17

Linux security alert: Bug in sudo's get_process_ttyname() [ CVE-2017-1000367 ]

30/05/17

Trump's Dumps: 'Making Dumps Great Again'

26/05/17

Split Tunnel SMTP Exploit Bypasses Email Security Gateways

25/05/17

NHS Digital stopped short of advising against paying off WannaCrypt

25/05/17

Free course: The GDPR Attack Plan

25/05/17

Fat-thumbed dev slashes Samba security

25/05/17

ActiveCyber Interviews Professor Jintai Ding - Author of Post-Quantum Safe Crypto Algorithm and PAKE Protocol

24/05/17

Samba Releases Security Updates

24/05/17

The largest Git repo on the planet

24/05/17

What's got a vast attack surface and runs on Linux? Windows Defender, of course

24/05/17

Victims Lost US$1B to Ransomware

24/05/17

Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now

24/05/17

Stack Overflow: Helping One Million Developers Exit Vim

23/05/17

29% Increase In Vulnerabilities Already Disclosed In 2017

23/05/17

Network Segmentation and PCI Compliance

23/05/17

WannaCry Ransomware

19/05/17

How did the WannaCry Ransomworm spread?

19/05/17

BBC fools HSBC voice recognition security system

19/05/17

ICS-CERT Releases WannaCry Fact Sheet

19/05/17

AusCERT Week in Review for 19th May 2017

19/05/17

Font sharing site DaFont has been hacked, exposing thousands of accounts

18/05/17

Zomato Hacked! Database of 17 Million Users Stolen

18/05/17

WannaCry: McAfee outlines recovery technique for when the worst happens

18/05/17

File carving can reverse WannaCry ransomware encryption, says McAfee

18/05/17

Further hardening glibc malloc() against single byte overflows

17/05/17

How WannaCrypt attacks

17/05/17

Gotcha, Tatcha! Thieves hide in servers to hoover up victims' bank card numbers mid-order

17/05/17

Chrome on Windows has credential theft bug

17/05/17

1-15 April 2017 Cyber Attacks Timeline

17/05/17

Mother of All Leaks

17/05/17

Edmodo confirms hackers breached its education platform, stole user data and hashed passwords

17/05/17

WordPress Releases Security Update

17/05/17

ClamAV will be publishing a new Main.cvd on Wednesday, June 7th, 2017

16/05/17

WikiLeaks Reveals Two CIA Malware Frameworks

16/05/17

Group linked to NSA spy leaks threatens sale of new tech secrets

16/05/17

TripAdvisor resets passwords after some accounts were improperly accessed

16/05/17

WannaCry ransomware cyber-attack 'may have N Korea link'

16/05/17

WannaCrypt ransomware worm targets out-of-date systems

16/05/17

US-CERT Vulnerability Summary for the Week of May 8, 2017

16/05/17

1.9 million Bell customer email addresses stolen by 'anonymous hacker'

15/05/17

Breach at DocuSign Led to Targeted Email Malware Campaign

15/05/17

United Airlines cockpit codes accidentally leaked

15/05/17

WannaCrypt ransomware summary - SANS

15/05/17

City on hack alert as cyber shares rocket

15/05/17

The need for urgent collective action to keep people safe online: Lessons from last week's cyberattack

14/05/17

WannaCrypt "Killswitch"

13/05/17

74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+

13/05/17

How to Accidentally Stop a Global Cyber Attacks

13/05/17

AusCERT Week in Review for 12th May 2017

12/05/17

NCSC Weekly Threat Report 12th May 2017

12/05/17

Customer Guidance for WannaCrypt attacks

12/05/17

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

12/05/17

Telefonica Tells Employees to Shut Down Computers Amid Massive Ransomware Outbreak

12/05/17

DDoS Attacks against DNS Infrastructure in the News

11/05/17

The 2017-18 Budget: Here's what Aussie's cyber security vendors think

11/05/17

DDOS attacks in Q1 2017

11/05/17

On the topic of MITRE/Board transparency

11/05/17

How the UK is Closing the Cybersecurity Skills Gap

10/05/17

Australia's top companies look to NSW students to fight against cyber crime

10/05/17

How my car insurance exposed my position

10/05/17

UK Water Supplier Loses £500,000 in Sophisticated Scam

10/05/17

Chinese stock traders hacked lawyers, profited from Intel's Altera gobble, now fined $9m

10/05/17

Cisco Releases Security Updates

10/05/17

Proving missing ASLR on dropbox.com and box.com over the web for a $343 bounty :D

10/05/17

observations re packet socket exploit

10/05/17

Exploiting the Linux kernel via packet sockets

10/05/17

Read This If You Are Using a Script to Pull Data From This Site

10/05/17

CVSS - Is Version 3 All Bad?

10/05/17

CVE Will Reject a Group of Unused CVE IDs

09/05/17

Vulnerable OpenSSL Handshake Renegotiation Can Trigger Denial of Service

09/05/17

Hard Drive Stats for Q1 2017

09/05/17

CPU Utilization is Wrong

09/05/17

Defeating Magento security mechanisms: Attacks used in the real world

09/05/17

Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11

09/05/17

Vendors approve of NIST password draft

09/05/17

New FTC website helps small businesses

09/05/17

Thunderbird's Future Home

09/05/17

'Crazy bad' bug in Microsoft's Windows malware scanner can be used to install malware

09/05/17

Guardian Soulmates users hit with spam after data exposure

08/05/17

US-CERT Vulnerability Summary for the Week of May 1, 2017

08/05/17

Intel's AMT Flaw: Worse Than Feared

08/05/17

Productivity Commission sets aggressive timeline for Aussie data reform

08/05/17

Google Docs phishing email 'cost Minnesota $90,000'

08/05/17

Intel's Management Engine is a security hazard, and users need a way to disable it

08/05/17

CRON.WEEKLY issue #79: OpenSnitch, VXLAN, GCC, 4.11 kernel, README's, curl, monitoring tools & more

07/05/17

Password Magic Numbers

06/05/17

Security Is A Constantly Moving Target, Isn't It Time To Secure The Hardware?

05/05/17

NCSC Weekly Threat Report 5th May 2017

05/05/17

Debenhams Flowers data breach hits 26,000

05/05/17

Password reuse, credential stuffing and another billion records in Have I been pwned

05/05/17

AusCERT Week in Review for 5th May 2017

05/05/17

US-CERT: IC3 Warns of Increase in BEC/EAC Schemes

04/05/17

"Google Docs" Worm Ransacks Gmail Users' Contact Lists - What You Need to Know

04/05/17

You only need 60 bytes to hose Linux's rpcbind

04/05/17

Using TLS1.3 With OpenSSL

04/05/17

Cisco Releases Security Updates

03/05/17

Introducing nScrub: Powerful yet Affordable DDoS Mitigation

03/05/17

VXLAN & Linux

03/05/17

Dell Information for VU#491375 - Intel Active Management Technology (AMT) does not properly enforce access control

03/05/17

Travel tech company Sabre confirms breach affected reservations system

03/05/17

ATM security devs rush out patch after boffins deliver knockout blow

03/05/17

16-31 March 2017 Cyber Attacks Timeline

03/05/17

135 MEELLION Indian government payment card details leaked

03/05/17

Mozilla takes a turn slapping Symantec's certification SNAFU

03/05/17

Facebook top 10 concert lists may be security risk

03/05/17

324 typo-squat domains found impersonating Natwest, HSBC and co

03/05/17

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

03/05/17

Security Review of TLS1.3 0-RTT #1001

02/05/17

Online retailer left customers' financial details vulnerable to cyber attack

02/05/17

Australia: ASX Cyber Health Check Report - the view from the top

02/05/17

Introducing TLS with Client Authentication

01/05/17

US-CERT Vulnerability Summary for the Week of April 24, 2017

01/05/17

How the insurance industry could change the game for security

01/05/17

Australia faces cyber security skills crisis as challenges mount

01/05/17

OpenSSH Removes SSHv1 Support

01/05/17

Red alert! Intel patches remote execution hole that's been hidden in biz, server chips since 2008

01/05/17

CRON.WEEKLY issue #78: octodns, SSH, grsecurity, postal, nginx, cgroups, vim & more

30/04/17

Law Firm Ransomware Attack Locks Data for Three Months

29/04/17

Certificate Transparency requirement delayed

28/04/17

[elrepo] Announcement: EL7 Updated kmod-tpe release

28/04/17

Several Cable Modem Models Affected by SNMP God Mode Flaw

28/04/17

NCSC Weekly Threat Report 28th April 2017

28/04/17

Troy Hunt: Reckon you've seen some stupid security things? Here, hold my beer...

28/04/17

Last year's ICO fines would be 79 times higher under GDPR

28/04/17

A database of thousands of credit cards was left exposed on the open internet

28/04/17

AusCERT Week in Review for 28th April, 2017

28/04/17

Introducing Cloudflare Orbit: A Private Network for IoT Devices

27/04/17

FYI: You can blow Intel-powered broadband modems off the 'net with a 'trivial' packet stream

27/04/17

TrickBot Is Hand-Picking Private Banks for Targets - With Redirection Attacks in Tow!

27/04/17

Serious security breach at Gloucestershire County Council leads to medical information leak

27/04/17

Banks confident of their approach to security - but still get hit by hackers

27/04/17

BGPstream and The Curious Case of AS12389

27/04/17

Intrusions Affecting Multiple Victims Across Multiple Sectors

27/04/17

Ransomware up. Breaches up. What do hackers want? Research, prototypes... all your secrets

27/04/17

South Australia gets its first CISO

27/04/17

Linux kernel security gurus Grsecurity oust freeloaders from castle

26/04/17

Auto Lender Exposes Loan Data For Up To 1 Million Applicants

26/04/17

Customer Data From Encrypted Phone Company Ciphr Has Been Dumped Online

26/04/17

Interpol unplugs nearly 9,000 Asian command and control networks

26/04/17

Verizon's 2017 Data Breach Investigations Report

26/04/17

How Australia's 457 Visa Changes Will Impact Cybersecurity

26/04/17

2017 Internet Security Threat Report

26/04/17

Symantec CA Response to Google Proposal and Community Feedback

26/04/17

Boffins supercharge the 'hosts' file to save users plagued by DNS outages

26/04/17

After blitzing FlexiSpy, hackers declare war on all stalkerware makers: 'We're coming for you'

25/04/17

UK Man Gets Two Years in Jail for Running 'Titanium Stresser' Attack-for-Hire Service

25/04/17

Car hacking's dynamic duo offers to save others $1m in research

25/04/17

Hyundai app security blunder allowed crooks to 'steal victims' cars'

25/04/17

Linux Shishiga malware using LUA scripts

25/04/17

R2Games compromised again, over one million accounts exposed

25/04/17

NSA's DoublePulsar Kernel Exploit In Use Internet-Wide

24/04/17

BrickerBot: Mirai-like malware clams two million insecure IoT devices

24/04/17

Australian Cyber Security Centre approved

24/04/17

Northrop Grumman can make a stealth bomber - but can't protect its workers' W-2 tax forms

24/04/17

HipChat security notice

24/04/17

US-CERT Vulnerability Summary for the Week of April 17, 2017

24/04/17

Apache Foundation hails Metron as new top level project for cybersecurity

24/04/17

CRON.WEEKLY issue #77: OpenStack, Moby, Caddy, Devuan, Linuxkit, Tmux, Jenkins & more

23/04/17

Data of 1.3 million Schoolzilla students exposed

21/04/17

NCSC Weekly Threat Report 21st April 2017

21/04/17

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

21/04/17

AusCERT Week in Review for 21st April 2017

21/04/17

Credit card with a fingerprint sensor revealed by Mastercard

20/04/17

Australia's bold plan for cybersecurity growth

20/04/17

Plastc swiped $9 million from backers and just completely vanished

20/04/17

Fixing your oven can cook your computer

19/04/17

UK Gov't Cyber Security Breaches Survey 2017

19/04/17

ACSC 2016 Cyber Security Survey released

19/04/17

Lessons to learn as McAfee's LinkedIn page is hijacked

18/04/17

Australia scraps temporary visas for skilled workers

18/04/17

Cyber attacks 'hit one in five UK firms'

18/04/17

Microsoft Addresses Shadow Brokers Exploits

17/04/17

US-CERT Vulnerability Summary for the Week of April 10, 2017

17/04/17

CRON.WEEKLY issue #76: UDP, DungeonFS, historian, TokuDB, MySQL clusters, linkerd, BIND and more

16/04/17

Big Linux bug, low security concerns

14/04/17

Understanding Our Cache and the Web Cache Deception Attack

14/04/17

NSA-leaking Shadow Brokers just dumped its most damaging release yet

14/04/17

A Few Users Fooled By Previously Unknown MS Word Bug

13/04/17

Australian ISP Fights DDoS Attack

13/04/17

SWIFT on security: Fresh anti-bank-fraud defenses now live

13/04/17

AusCERT Week in Review for 13th April 2017

13/04/17

'High Risk' Zero Day Leaves 200,000 Magento Merchants Vulnerable

13/04/17

Cyberattacks wipe more than $50bn off big biz value, say beancounters

12/04/17

Avon left more than 620,000 Brazil customer details exposed to hackers 'for months'

12/04/17

Proper isolation of a Linux bridge

12/04/17

Red Hat: Determining your risk

12/04/17

1-15 March 2017 Cyber Attacks Timeline

11/04/17

Cyber's uncertain career paths

11/04/17

US-CERT Vulnerability Summary for the Week of April 3, 2017

10/04/17

Rise in hospital cyber attack reports

10/04/17

NCSC response to Wonga investigation

10/04/17

NCSC publishes new report on criminal online activity

10/04/17

Wonga Incident FAQ

09/04/17

Wonga data breach 'affects 245,000 UK customers'

09/04/17

A huge trove of patient data leaks, thanks to telemarketers' bad security

07/04/17

The Ten Best Paying Tech Jobs In Australia Right Now

07/04/17

NCSC Weekly Threat Report 7th April 2017

07/04/17

AusCERT Week in Review for 7th April 2017

07/04/17

Troy Hunt: Here's where the Apple accounts hackers are threatening to wipe came from

07/04/17

US-CERT - Cisco Releases Security Updates

06/04/17

Highly confidential psychotherapy records from Maine center listed on the dark web

05/04/17

Scottrade Bank data breach exposes 20,000 customer records

05/04/17

Half a million 'de-identified' patients records to be shared in Bradford

05/04/17

GCHQ boss: 'We get crazy theories thrown at us every day'

05/04/17

Changes coming to TLS: Part Two

05/04/17

Cybercriminals Seized Control of Brazilian Bank for 5 Hours

04/04/17

Troy Hunt: Password managers don't have to be perfect, they just have to be better than not having one

04/04/17

March 2017: Top Hacks and Breaches [INFOGRAPHIC]

04/04/17

Capture, Filter, Extract Traffic using Wireshark and PF_RING

04/04/17

Israeli cyber security trainer CyberGym locates in Melbourne

04/04/17

Universities of Edinburgh and Warwick become academic centres of cyber excellence

03/04/17

Three Ways To Improve Australia's Intelligence Capability

03/04/17

US_CERT - Vulnerability Summary for the Week of March 27, 2017

03/04/17

'Serious' hack attacks from China targeting UK firms

03/04/17

Coe apologizes after IAAF suffers cyber attack

03/04/17

Thomas Duryea Logicalis partners with Ivanti for security solutions

03/04/17

CRON.WEEKLY - issue #74: RHEL 5, linkerd, hping3, Nginx, Bash, Ceph, Postfix & more

02/04/17

Complex Addressing in IPv6

01/04/17

Microsoft IIS 6.0 Buffer Overflow Zero Day

31/03/17

NCSC: Weekly Threat Report 31st March 2017

31/03/17

Cyber-Attack on McDonald's Canada Career Website

31/03/17

Data breach as details about MPs' staff published in error

31/03/17

Researchers steal data from CPU cache shared by two Vms

31/03/17

Facebook, Google, etc: Yeah, yeah, we'll work on the nasty stuff about bombs - but we ain't doing no backdoors

31/03/17

Keeping Up With the Crypto

31/03/17

Google plans to distrust all current Symantec certificates

30/03/17

Crackdown on contactless card security flaw welcomed by MPs

30/03/17

Financial fraud losses in the UK last year topped £20m a day - report

30/03/17

Black box discovery of memory corruption RCE on box.com

29/03/17

Garages, new homes and old offices: the records management mistakes that put health records at risk

29/03/17

Vulnerability Spotlight: Exploiting Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability

29/03/17

Security Orchestration and Incident Response

29/03/17

PKC 2017: Kenny Paterson accepting bets on breaking TLS 1.3

29/03/17

Minding the Cybersecurity Gap: New Associate QSA Program

29/03/17

Industry support is helping Australian cybersecurity startups shake off risk aversion: Austrade

29/03/17

MIT: US cyber insecurity a 'disgrace' that Trump needs to take seriously

28/03/17

Security Innovation Makes NTRUEncrypt Patent-Free

28/03/17

Telstra announces two cybersecurity centres, new managed security service

28/03/17

World+dog had 1.4 BEEEELLION of its data records exposed last year

28/03/17

US-CERT: Vulnerability Summary for the Week of March 20, 2017

27/03/17

UK digital minister Matt Hancock praises 'crucial role' of encryption

27/03/17

Matt Hancock's cyber security speech at the Institute of Directors conference

27/03/17

NCSC: Happy 1st Birthday StSG!

27/03/17

API flaws said to have left Symantec SSL certificates vulnerable to compromise

27/03/17

FBI Warns on FTP Attacks to Access Medical, Dental Info

27/03/17

Nearly Half of UK Firms Have No Cyber Strategy - Report

27/03/17

CRON.WEEKLY issue #73: OpenSSL, Fossjobs, bcachefs, tmuxp, Gitlab, netbox, udocker, iptables & more

26/03/17

Gemalto releases findings of 2016 Breach Level Index

26/03/17

Microsoft pulls then revives Docs.com search after complaints of exposed sensitive files

26/03/17

CyberUK by the numbers

24/03/17

GDPR: A simple explainer

24/03/17

Make sure you're prepared for GDPR

24/03/17

Commission's top scientific advisers publish opinion on Cybersecurity in the Digital Single Market

24/03/17

NCSC Weekly Threat Report 24th March 2017

24/03/17

Google and Symantec clash on website security checks

24/03/17

Data breach disclosure 101: How to succeed after you've failed

23/03/17

New ATM fraud makes robbing a bank easier

23/03/17

GDPR: Official CSIRTs?

23/03/17

OpenSSL Re-licensing to Apache License v. 2.0 To Encourage Broader Use with Other FOSS Projects and Products

23/03/17

Carnegie-Mellon Uni emits 'don't be stupid' list for C++ developers

23/03/17

Libreswan 3.20 released

23/03/17

Using IPv6 atomic fragments for a denial-of-service attack

22/03/17

Protect your management interfaces

22/03/17

Two major US technology firms 'tricked out of $100m'

22/03/17

Australia finally has mandatory data breach notification

22/03/17

Microsoft's 'Application Verifier' bug-finder is easily pwnable

22/03/17

Council blunder leaks personal data on web

22/03/17

Customer security awareness: alerting you to vulnerabilities that are of real risk

22/03/17

Private mobile phone numbers of nearly every federal MP accidentally published online

21/03/17

What should password managers not do? Leak your passwords? What a great idea, LastPass

21/03/17

ICO statement in relation to the potential risk to patient medical records held by GPs on TPP SystmOne

21/03/17

Firefox gets complaint for labeling unencrypted login page insecure

21/03/17

ICO survey shows many councils have work to do to prepare for new data protection law

20/03/17

US-CERT Vulnerability Summary for the Week of March 13, 2017

20/03/17

Three UK's mobile customers experience new data breach

20/03/17

February 2017 Cyber Attacks Statistics

20/03/17

SHA-1 collision detection on GitHub.com

20/03/17

Saks Fifth Avenue Exposed Personal Info On Tens Of Thousands Of Customers

19/03/17

McDonald's urges users in India to update app as 2.2 million allegedly affected by data leak

19/03/17

CRON.WEEKLY issue #72: FreeBSD, lkml, llvm, dnscontrol, buck, ReOpenLDAP, Postfix, Bash, Xargs & mor

19/03/17

Fuzzing the OpenSSH daemon using AFL

17/03/17

Are you undermining your web security by checking on it with the wrong tools?

17/03/17

Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

17/03/17

NCSC Weekly Threat Report 17th March 2017

17/03/17

An under-appreciated threat to your privacy: Security software

17/03/17

Fine for lawyer who stored client files on home computer

16/03/17

Buying a Samsung TV online could jeopardize your data

16/03/17

UK's Association of British Travel Agents cops to data breach

16/03/17

The End of the Line for EPEL-5

16/03/17

CyberUK 2017: Establishing the parameters of cyber-security and trust

15/03/17

Warning About Law Firm Email Scams Issued by Solicitors Regulation Authority

15/03/17

More Brits' IDs stolen than ever before

15/03/17

Popular Teen Quiz App Wishbone Has Been Hacked, Exposing Tons of User Information

15/03/17

Zero Days and Cargo Cult Science

15/03/17

Introducing Zero Round Trip Time Resumption (0-RTT)

15/03/17

Hacked Twitter Accounts Post Swastikas, Pro-Erdogan Content

15/03/17

Troy Hunt: We've lost control of our personal data (including 33M NetProspex records)

15/03/17

TEE Subsystem Proposed For Linux 4.12 Kernel

15/03/17

Three Mobile hack affected 76,000 more customers than thought

14/03/17

Apache Struts 2 bug bites Canada, Cisco, VMware and others

14/03/17

How the SHA-1 Collision Impacts Security of Payments

14/03/17

Bradford firm wins cyber security certificate

14/03/17

NCSC and NCA threat report provides in-depth analysis of evolving threat

14/03/17

#CYBERUK17: Cybersecurity Key to Protecting Economy & Way of Life, says NCSC CEO

14/03/17

CAA Mandated by CA/Browser Forum

13/03/17

NCSC: Vulnerability Co-ordination Pilot

13/03/17

Credit Card Scrapers Continue to Target Magento

13/03/17

Most of 2016's holes had fixes the day we knew about 'em. Did we patch? Did we @£$%

13/03/17

The CIA's "Development Tradecraft DOs and DON'Ts"

13/03/17

Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516

13/03/17

Powerfuzzer - Automated Customizable Web Fuzzer

13/03/17

16-28 February 2017 Cyber Attacks Timeline

13/03/17

US-CERT Vulnerability Summary for the Week of March 6, 2017

13/03/17

[openssl-dev] Code Health Tuesday - testing!

12/03/17

CRON.WEEKLY issue #71: CVE's, Memcache-top, Ctop, Choria, s2n, Dnsmasq, Bash, Strace, Systemd & more

12/03/17

GCHQ warns politicians about Russian hacking threat

12/03/17

Statement: NCSC offer of assistance to political parties

12/03/17

MacKeeper Security Researchers Discover Sensitive United States Air Force Data

12/03/17

Thousands of Welsh NHS staff's data stolen in hack

12/03/17

Chrome Deprecates Subject CN Matching

10/03/17

New vulnerabilities found in mbed TLS

10/03/17

NCSC Weekly Threat Report 10th March 2017

10/03/17

Smart machines v hackers: How cyber warfare is escalating

10/03/17

After CIA leak, Intel Security releases detection tool for EFI rootkits

10/03/17

Public IPv4 drought: Verizon Wireless to stop handing out static addys

10/03/17

PCI DSS Fines? Cyber Insurance? How to Estimate the Cost of a Payment Card Breach

09/03/17

Banking, news and pharmacy websites regarded "not secure" by Chrome and Firefox

09/03/17

NCSC: CyberUK Strategy day

09/03/17

Brit ISP TalkTalk blocks control tool TeamViewer

09/03/17

Zero-days? Sexy, sure, but crap passwords and phishing are probably more pressing

09/03/17

Security flaws 'undiscovered for years'

09/03/17

Time's up for SHA-1 hash algo, but one in five websites still use it

08/03/17

British Retail Consortium launches cybersecurity toolkit

08/03/17

The Retail Industry steps up the fight against rising cyber threats

07/03/17

1-15 February 2017 Cyber Attacks Timeline

07/03/17

Payments Giant Verifone Investigating Breach

07/03/17

Consumer Reports to consider cyber security in product reviews

06/03/17

Identity Management Improvements in Red Hat Enterprise Linux 7.3: Part 2

06/03/17

Spammers expose their entire operation through bad backups

06/03/17

Cyber Europe 2016: the pan-European exercise to protect EU Infrastructures against coordinated cyber-attack

06/03/17

ICO GDPR Breach notification

06/03/17

US-CERT Vulnerability Summary for the Week of February 27, 2017

06/03/17

NCSC Weekly Threat Report 3rd March 2017

03/03/17

Amazon typo knocked websites offline

03/03/17

London Cops' Emails Sent With No Encryption, Open to Interception

03/03/17

NSW privacy watchdog wants to make govt suppliers culpable for breaches

02/03/17

Unpatched WordPress Vulnerability Behind Latest Law Firm Cyberattacks

02/03/17

Cisco NetFlow kit can be borked with a bad packet

02/03/17

Introducing the Metasploit Vulnerable Service Emulator

02/03/17

AMD Ryzen 7 1800X Linux Benchmarks

02/03/17

January 2017 Cyber Attacks Statistics

02/03/17

Government sets out post-Brexit digital strategy

01/03/17

Digital Strategy to make Britain the best place in the world to start and grow a digital business

01/03/17

The Year of Data Breaches: Why Encryption and Reformatting SSDs is Not Enough

01/03/17

Article 19 Incident reporting

01/03/17

Quantifying the Impact of "Cloudbleed"

01/03/17

CVE checker

01/03/17

Yahoo says about 32 million accounts accessed using 'forged cookies'

01/03/17

Online shops plundered by bank card-stealing malware after bungling backend Aptos hacked

01/03/17

My Catch Of 4 Months In The Amazon IP Address Space

28/02/17

Bulletproof TLS Newsletter #25 - SHA-1 is broken

28/02/17

The case of the prematurely freed SKB

28/02/17

Private health firm fined £200,000 after IVF patients' confidential conversations revealed online

28/02/17

ABI change analysis of Fedora packages

28/02/17

Two million recordings of families imperiled by cloud-connected toys' crappy MongoDB

28/02/17

Over 800,000 user account details stolen from vulnerable forums running vBulletin

27/02/17

US-CERT Vulnerability Summary for the Week of February 20, 2017

27/02/17

Bug 168774 - Add a test verifying cache deduplication is not sensitive to SHA1 collision attack

27/02/17

List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak

26/02/17

Extensive Breach at Intl Airport

24/02/17

Nuts and Bolts of Encryption: A Primer for Policymakers

24/02/17

Certificate Transparency, an introduction

24/02/17

Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug

24/02/17

sha1collisiondetection

24/02/17

s2n Is Now Handling 100 Percent of SSL Traffic for Amazon S3

23/02/17

Linux kernel gets patch for 11-year-old local-root-hole security bug

23/02/17

Magento Security Tips - what can you do to protect your website?

23/02/17

Ticketbleed Detection Added to SSL Labs

23/02/17

Incident report on memory leak caused by Cloudflare parser bug

23/02/17

SHA-1 broken - successful collision attack demonstrated

23/02/17

Memory Error Detection Using GCC

22/02/17

Infosec firm NCC Group launches review over crap financials

22/02/17

Scammers taking control of computers, experts warn

22/02/17

DomainMonster mash: Hundreds of websites vandalized after Brit web host server hacked

22/02/17

New Statistics Released on Corporate Email Security Threats

22/02/17

Kaspersky: Financial cyberthreats in 2016

22/02/17

GlobalSign Able to Issue Thousands of Certificates Per Second

21/02/17

Fingerprinting Firefox users with cached intermediate CA certificates (#fiprinca)

21/02/17

CVSSv3: New System, Old Problems Remain

21/02/17

SIDN sounds the alarm on DNSSEC security status of Dutch domain names

21/02/17

Big Blue's big blunder: IBM accidentally hands over root access to its data science servers

21/02/17

Trend Micro: Why Most Cybersecurity Startups Won't Survive

21/02/17

Brian Krebs: How to Bury a Major Breach Notification

21/02/17

Hacking group RTM able to divert bulk financial transfers with malware

21/02/17

PHP Becomes First Programming Language to Add Modern Cryptography Library in Its Core

20/02/17

Jobs at Google: Tech giant targeting hackers in Australian hiring raid

20/02/17

US-CERT Vulnerability Summary for the Week of February 13, 2017

20/02/17

CRON.WEEKLY issue #68: Virtual Memory, Jenkins, Etckeeper, Tensorflow, PGP, Let's Encrypt & more

19/02/17

Kernel Newbies: 4.10 changes

19/02/17

Cloudflare Reverse Proxies are Dumping Uninitialized Memory

19/02/17

SMTP over XXE ? how to send emails using Java's XML parser

18/02/17

A new security header: Referrer Policy

17/02/17

Solicitor Email Scam Targets Homebuyers and Sellers

17/02/17

NCSC Weekly Threat Report 17th February 2017

17/02/17

Marketing Is Ravaging Cybersecurity

17/02/17

Targeted Attacks Against Corporate Inboxes - a Gmail Perspective RSA 2017

16/02/17

Cyberattacks on Law Firms on the Rise

16/02/17

State of Cyber Security 2017

16/02/17

Magento stores targeted by self-healing malware that steals credit card details

16/02/17

Cyber Drives UK Fraud Losses to £125 Billion

16/02/17

16-31 January 2017 Cyber Attacks Timeline

15/02/17

Researchers Discover Self-Healing Malware That Targets Magento Stores

15/02/17

OCSP Expect-Staple

15/02/17

Remote unauthenticated OS re-install is a feature, not a bug, says Cisco

15/02/17

IT decisions makers and executives don't agree on cyber security responsibility

14/02/17

AppRiver's 2016 Global Security Report Findings

14/02/17

Cyber chief says don't fret over passwords

14/02/17

Chancellor's speech at the National Cyber Security Centre opening

14/02/17

Cisco Smart Install Protocol Misuse

14/02/17

NCC Group's Cryptography Services Complete an Audit of Cloudflare's TLS1.3

14/02/17

Vulnerability Summary for CVE-2017-5972

14/02/17

Roses are red, you're over the moon, 'cos you work in infosec, and you're retiring soon

14/02/17

Cybersecurity: Queen opens centre to protect against attacks

14/02/17

SaaS-y security outfit CrowdStrike falls out of love with test lab

14/02/17

UK website data insecurity worries: Users in bits over car break-up emails

14/02/17

Intel's 'Threat Landscape Dashboard' tells you today's worst digital threats

13/02/17

Bulletin (SB17-044) Vulnerability Summary for the Week of February 6, 2017

13/02/17

OCSP Must-Staple

13/02/17

Australia finally has mandatory data breach notification

13/02/17

NCSC Weekly Threat Report 13th February 2017

13/02/17

ICO IT security top tips

13/02/17

WireGuard Is Still Looking Good As A Linux VPN Tunnel

13/02/17

Cure53 assessment of the TweetNaCl-js Crypto Library

13/02/17

UK targeted by 'dozens' of serious cyber attacks each month

12/02/17

SSL Fingerprinting and Hijacking

12/02/17

Chap scripts remote Linux takeover for sysadmins

12/02/17

Cyber security lessons offered to schools in England

11/02/17

Wipe and reinstall a running Linux system via SSH, without rebooting

11/02/17

CERT updates insider threat guidebook

10/02/17

Enhanced Analysis of GRIZZLY STEPPE

10/02/17

Introducing Cisco Umbrella, the industry's first Secure Internet Gateway in the cloud

09/02/17

Fuzzing PCI express: security in plaintext

09/02/17

One million subscribers later, here's the state of Have I been pwned

09/02/17

PCI SECURITY STANDARDS COUNCIL ISSUES MULTI-FACTOR AUTHENTICATION GUIDANCE

09/02/17

Mag publisher Future stored your FileSilo passwords in plaintext. Then hackers hit

09/02/17

Firms split on who handles aftermath of cyber-attacks

09/02/17

The Root of the DNS

09/02/17

Her Majesty's Revenue and Customs Secure Electronic Transfer Certificate Service

09/02/17

NCSC Incident management

08/02/17

Yahoo hit with data-breach class-action lawsuit claiming credit-card details stolen

08/02/17

Email Address Usage on the Dark Web

08/02/17

Google Project Zero: Lifting the (Hyper) Visor: Bypassing Samsung's Real-Time Kernel Protection

08/02/17

How firms should best react to a crisis

08/02/17

Good guy Logic Supply resolves breach in days, unlike some companies

08/02/17

ANSSI Security Recommendations for TLS

08/02/17

UK Firms Fail the Cyber Readiness Test

08/02/17

Honeypots: Free psy-ops weapons that can protect your network before defences fail

08/02/17

GDPR: Do not resist! Unless you want a visit from the data police

08/02/17

ENISA Threat Landscape 2016 report: cyber-threats becoming top priority

08/02/17

Sports Direct hacked last year, and still hasn't told its staff of data breach

08/02/17

Does the online card payment landscape unwittingly facilitate fraud?

08/02/17

Ransomware Attacks on British Schools Prompt Action Fraud to Issue Warning

08/02/17

Laptop-light GoCardless says customers' personal data may have been lifted

07/02/17

Akamai blog: A WAF for the Other Half

07/02/17

RAP Demonstrates World-First Fully CFI-Hardened OS Kernel

06/02/17

Intel's Atom C2000 chips are bricking products - and it's not just Cisco hit

06/02/17

UK Retailers Hit by £100m Cyber Fraud Bill

06/02/17

Javapocalypse soon! Oracle warns devs to bin plugins, fast

06/02/17

US-CERT Vulnerability Summary for the Week of January 30, 2017

06/02/17

Overhaul of ASD's Top 4 cyber threat strategies

06/02/17

CRON.WEEKLY issue #66: Git Filesystem, Security, JVM, Fission, Habitat, TLS 1.3 & more!

05/02/17

Detecting Undisclosed Vulnerabilities with Security Tools & Features

04/02/17

Can a 'superpower force field' protect us from hackers?

03/02/17

Hackers have leaked the user database of a Tor web host popular with child pornographers

03/02/17

NCSC Weekly Threat Report 3rd February 2017

03/02/17

NCSC response to Public Accounts Committee report

03/02/17

Fresh drive to develop next generation of cyber security experts

03/02/17

Several Polish banks hacked, information stolen by unknown attackers

03/02/17

UK defence secretary: Russian hacks are destabilising Western democracy

03/02/17

Former GCHQ deputy: Cyber attack 'normal 21st century threat'

03/02/17

GCHQ cyber-chief slams security outfits peddling 'medieval witchcraft'

03/02/17

Security firms 'overstate hackers' abilities to boost sales'

03/02/17

MPs question UK's cyber attack defences

03/02/17

Government must step up work to protect Britain from cyber attacks

03/02/17

Red Hat: Adding buffer overflow detection to string functions

02/02/17

Dodgy email wipes every Tiverton council document created since 2015

02/02/17

Telstra sending SMS to wrong numbers after exchange fire

02/02/17

WordPress fixed god-mode zero day without disclosing the problem

02/02/17

Multiple Vulnerabilities in tcpdump

02/02/17

Dark web hubs paying workers to leak corporate secrets

01/02/17

Security flaws in Pentagon systems "easily" exploited by hackers

01/02/17

Google's Chrome is about to get rather in-your-face about HTTPS

31/01/17

Europol and Global Cyber Alliance Team Up to Boost Security

31/01/17

WTF is your problem, Netgear? Another hijack hole found in its routers

31/01/17

Suffered a breach? Expect to lose cash, opportunities, and customers - report

31/01/17

Cyber Security Roundup for January 2017

31/01/17

PCI SECURITY STANDARDS COUNCIL ISSUES BEST PRACTICES FOR SECURING E-COMMERCE -E-commerce Security More Important Than Ever For Merchants

31/01/17

Backblaze Hard Drive Stats for 2016

31/01/17

Stop Disabling SELinux: A Real-World guide

31/01/17

Firefox and Chrome start warning about insecure login forms

31/01/17

What do new PCI DSS SAQ changes mean?

31/01/17

We don't want to alarm you, but PostScript makes your printer an attack vector

31/01/17

With LeakedSource shuttered, rivals selling compromised passwords could see a boost

30/01/17

US-CERT Vulnerability Summary for the Week of January 23, 2017

30/01/17

Marketing company leaks 17,000 recorded phone calls, many with credit card numbers

30/01/17

1-15 January 2017 Cyber Attacks Timeline

30/01/17

Troy Hunt: HTTPS adoption has reached the tipping point

30/01/17

List of DNS violations by implementations, software and/or systems

30/01/17

CRON.WEEKLY issue #65: SRE, ngrep, pipenv, whalebrew, KVM, Ansible, FPM & more!

29/01/17

Guido Vranken - OpenSSL - Can you spot the vulnerability?

28/01/17

Hotel ransomed by hackers as guests locked out of rooms

28/01/17

Oss-security mailing list policy change communication

27/01/17

Happy Friday: Busted Barracuda update borks corporate firewalls

27/01/17

NCSC: Weekly Threat Report 27th January 2017

27/01/17

LeakedSource website goes dark amid claims of police raid

27/01/17

Thoughts on the LeakedSource take down

27/01/17

Google Security Blog - The foundation of a more secure web

26/01/17

Improving Credential Abuse Threat Mitigation

26/01/17

'Perfect Cyber Storm' Threatens Europe, Report Says

26/01/17

Firefox flags Web of Trust add-on as suspicious, blocks by default

26/01/17

Geoff Huston - BGP in 2016

26/01/17

Your Facebook account is now more secure than your bank's (probably)

26/01/17

Rich Salz / Akamai: TLS 1.3

25/01/17

Making a Global Impact: Worldpay

25/01/17

PCI Security Standards Council - Google Warns Users of Insecure Sites: What You Need to Know

25/01/17

218,000 private unencrypted AlphaBay dark web messages exposed

25/01/17

2016 Reported Data Breaches Expose Over 4 Billion Records

25/01/17

Safari and WebKit ending support for SHA-1 certificates

24/01/17

'Upskirt' porn website hit with massive data leak exposing 180,000 voyeurs

24/01/17

What does the NCSC think of password managers?

24/01/17

UK courts experiencing surge in cyber-crime case load

24/01/17

PCI Series: Requirement 10 - Track and Monitor All Access to Network Resources and Cardholder Data

24/01/17

GCHQ director Robert Hannigan resigns

23/01/17

Lloyds Bank outage: DDoS is prime suspect

23/01/17

It's 2017 and 200,000 services still have unpatched Heartbleeds

23/01/17

Barclays Launches BEC Awareness Campaign

23/01/17

As attacks grow, EU mulls banking stress tests for cyber risks

23/01/17

How to protect yourself from the WebEx extension

23/01/17

US-CERT Vulnerability Summary for the Week of January 16, 2017

23/01/17

Symantec carpeted over dodgy certificates, again

23/01/17

Cisco's WebEx Chrome plugin will execute evil code, install malware via secret 'magic URL'

23/01/17

CRON.WEEKLY issue #64: Kernel 4.9, hellogopher, ngrok, exabgp, yara, vmtouch, socks, bash & more!

23/01/17

Forthcoming OpenSSL releases

23/01/17

Communicating the Dangers of Non-Secure HTTP

20/01/17

Clash of Clans Forums Accounts Have Been Hacked

20/01/17

NCSC Weekly Threat Report 20th January 2017

20/01/17

Amazon Web Services in Plain English

19/01/17

Windows 10 networking bug derails Microsoft's own IPv6 rollout

19/01/17

100th Anniversary of the Zimmermann Telegram this week

19/01/17

Cybercrime and fraud scale revealed in annual figures

19/01/17

NIST - Computer Security Division - Computer Security Resource Center (CSRC)

18/01/17

Kill it with fire: US-CERT urges admins to firewall off Windows SMB

18/01/17

SHA-1 End Times Have Arrived

17/01/17

Credential-stuffers enjoy up to 2% attack success rate - report

17/01/17

Spamhaus Botnet Summary 2016

17/01/17

Dodgy Dutch developer built backdoors into thousands of sites

17/01/17

Password warning for all internet users after £1m Next scam gang jailed

16/01/17

Trojan malware blamed for cyberattack at Barts Health NHS hospitals

16/01/17

McDonald's forget hash, browns off security experts

16/01/17

Google reveals its servers all contain custom security silicon

16/01/17

The Big List of Naughty Strings

16/01/17

Vulnerability Summary for CVE-2016-10142

14/01/17

WhatsApp vulnerability could allow Facebook and others to read messages

14/01/17

DMARC - Defeating E-Mail Abuse

13/01/17

NCSC: Weekly Threat Report 13th January 2017

13/01/17

Financial Times Cyber attack survival guide

13/01/17

Head of EC3 will give Keynote Address at EAST FCS 2017

13/01/17

SSL/TLS and PKI History

13/01/17

Phone-cracking firm Cellebrite hacked

13/01/17

NIST Cybersecurity Framework v1.1 is coming

13/01/17

There's No Security Backdoor in WhatsApp, Despite Reports

13/01/17

SELinux Mitigates docker exec Vulnerability

13/01/17

Google floats prototype Key Transparency to tackle secure swap woes

13/01/17

Generation of IPv6 Atomic Fragments Considered Harmful

13/01/17

New Zend Framework 1 Security Vulnerability

13/01/17

Let them paste passwords

12/01/17

systemd Sucks, Long Live systemd

12/01/17

4.9.0 regression in pipe-backed iov_iter with systemd-nspawn

12/01/17

Draghi, Renzi and Monti victims of cyberattacks

11/01/17

First cyber security start-ups selected for GCHQ Cyber Accelerator

11/01/17

Iran Leaks Censorship via BGP Hijacks

10/01/17

htpasswDoS: Local Denial of Service via Apache httpd password hashes

10/01/17

CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8

10/01/17

MongoDB Ransomers Overwriting Each Others' Notes, Leaving Admins with No Options

10/01/17

Faster Payments maps way to ISO 20022 standard

10/01/17

What do you call a firm that leaves customer financials unencrypted on a hard drive? RSA

10/01/17

UK Parliament suddenly remembers it wants to bone up cyber security *cough* Russia *cough*

10/01/17

Rethink on bank cybersecurity rules might only follow major bank breach, says expert

10/01/17

Two years on, thousands of unpatched Magento shops still being carded

10/01/17

New Report on "State of DNSSEC Deployment 2016" Shows Continued Growth

09/01/17

Hello Kitty Database of 3.3 Million Breached Credentials Surfaces

09/01/17

After U.S. intel report on Putin, British government launches cyber security review

09/01/17

US-CERT Vulnerability Summary for the Week of January 2, 2017

09/01/17

Two GnuTLS security advisories

09/01/17

CRON.WEEKLY issue #62: FOSDEM, Sockets, OpenPGP, Irssi, Ntfy, DCCP, 33C3, LLVM & more!

08/01/17

Google - OSS-Fuzz - Continuous Fuzzing for Open Source Software

07/01/17

PCI Council Updates Payment Card Production and Provisioning Security Standard

06/01/17

2017 tech trends: 'A major bank will fail'

06/01/17

Researchers work to save trusted computing apps from keyloggers

05/01/17

NHS Data Security Incidents Top List Again

05/01/17

UK schools targeted by web fraudsters

05/01/17

Hacker breaches FBI for the second time, calls their security 'lazy'

05/01/17

2016: The year HTTPS became dominant

04/01/17

ICO 'Breached Public Data' Several Times Since 2013

04/01/17

NSA Director to Head Up CIS Controls Group

04/01/17

Kaspersky fixing serious certificate slip

04/01/17

Web-exposed MongoDB installs wiped by bitcoin ransoming script scum

04/01/17

Box.com Plugs Account Data Leakage Flaw

03/01/17

Deprecation of Insecure Algorithms and Protocols in RHEL 6.9

03/01/17

1-15 December 2016 Cyber Attacks Timeline

03/01/17

Leap second briefly catches out computer firm

02/01/17

SSL Pulse: Survey of the SSL Implementation of the Most Popular Web Sites

02/01/17

Vulnerability Summary for the Week of December 26, 2016

02/01/17

OpenSSL 1.0.1 no longer supported upstream

02/01/17

End User Device Security: Latest releases

29/12/16

Bangladesh police detail suspicions of inside help in central bank heist

29/12/16

Critical Thunderbird Security vulnerabilities fixed in 45.6

28/12/16

OSCE victim of cyber attack

28/12/16

Holiday Inn Parent IHG Probes Breach Claims

28/12/16

PHPMailer - lack of sanitisation on the From: address, broken for years

28/12/16

Cyanogen Inc. shuts down CyanogenMod in Christmas bloodbath

27/12/16

Vulnerability Summary for the Week of December 19, 2016

26/12/16

CRON.WEEKLY issue #60: Debian, Vim, Gitlab, Jenkins, Piwik, Nginx, MySQL & more!

25/12/16

Technical Developments in Cryptography: 2016 in Review

25/12/16

NIST requests ideas for crypto that can survive quantum computers

22/12/16

NIST Guide Provides Way to Tackle Cybersecurity Incidents with Recovery Plan, Playbook

22/12/16

A Graduate Course in Applied Cryptography

22/12/16

IPv6 Security Today

21/12/16

Marvel, Netflix fall victim to hacking group, OurMine

21/12/16

Your password expiry policy may have reached its expiry date

21/12/16

IPv6 Configuration Approaches for Servers

21/12/16

November 2016 Cyber Attacks Statistics

21/12/16

Cyber Security Regulation and Incentives Review

21/12/16

Cyber Essentials scheme research

21/12/16

NCSC boss asked to detail efforts to protect financial services sector against cyberattacks

20/12/16

Nmap 7.40 Holiday Release: a dozen new NSE scripts, hundreds of new fingerprints, new Npcap, faster brute forcing, and more...

20/12/16

Testing times: Can your crypto-code survive the Google gauntlet?

20/12/16

VMWare VDP critical SSH key remote root access vulnerability

20/12/16

IT Security Expert Blog: UK Identity Fraud on the Rise

20/12/16

PCI Guru: An Update On Multi-Factor Authentication

20/12/16

Alleged car thieves used breached data to help steal Hyundais and Kias

20/12/16

Bleacher Report and Ethereum breaches

20/12/16

PayAsUGym hack exposes members' card details

20/12/16

Leap Second Smearing with NTP

20/12/16

Freenode breach

20/12/16

Google Security Blog: Project Wycheproof

19/12/16

Snapchat iOS release stresses NTP pool servers

19/12/16

Facebook: Retiring SHA-1 certificates

19/12/16

Yahoo breach database sold three times

19/12/16

Insurers handling 'hundreds' of breach claims

19/12/16

Vulnerability Summary for the Week of December 12, 2016

19/12/16

(Updated) Cryptographic Right Answers

19/12/16

Samba 4.5.3, 4.4.8 and 4.3.13 Security Releases Available for Download

19/12/16

cron.weekly issue #59: Kernel 4.9, Java, containerd, sfb, Redis, CentOS 7.3, Nginx, Ansible & more!

18/12/16

Hack of LA County emails exposes data of 750,000 people

18/12/16

LinkedIn's training arm resets 55,000 members' passwords, warns 9.5m

18/12/16

CVE Request - squid HTTP proxy multiple Information Disclosure issues

18/12/16

Merry Haxmas! Shadow Brokers strike again!

17/12/16

PayAsUGym user details compromised in hack attack

17/12/16

A message from Domino's

17/12/16

Exim Possible information disclosure to remote attacker

16/12/16

NCSC Weekly Threat Report 16th December 2016

16/12/16

Banks told to combat payment scams

16/12/16

Magento CE 2.0.11 Release Notes

15/12/16

Magento CE 2.1.3 Release Notes

15/12/16

'One billion' affected by Yahoo hack

15/12/16

Millions of websites at risk, as Joomla high level security flaw discovered

14/12/16

Important Security Information for Yahoo Users

14/12/16

Resolve Leap Second Issues in Red Hat Enterprise Linux

14/12/16

Kaspersky Security Bulletin 2016. Review of the year. Overall statistics for 2016

14/12/16

Malvertising Campaign Infects Your Router Instead of Your Browser

14/12/16

Quest Diagnostics Reports Data Breach

13/12/16

Investigatory Powers Act - new orders to prepare for

13/12/16

Nymaim using MAC addresses to uncover virtual environments and bypass antivirus

13/12/16

SWIFT confirms new cyber thefts, hacking tactics

13/12/16

Updates To Who Is Using DMARC?

13/12/16

Data enrichment records for 200 million people up for sale on the Darknet

13/12/16

ENISA: The importance of cryptography for the digital society

12/12/16

First Data: Another SHA-1 certificate extension plea

12/12/16

DANE - the killer app for DNSSEC

12/12/16

Security things in Linux v4.9

12/12/16

New minimum code signing requirements for use by all CAs

12/12/16

SSL: Deceptively Simple, Yet Hard to Implement

12/12/16

OCSP server sending expired responses + stapling breaks Chrome

12/12/16

Vulnerability Summary for the Week of December 5, 2016

12/12/16

Dyn DDoS Attack: Lessons Learned for the Financial Services Industry (Part 2 of 2)

12/12/16

McAfee Virus Scan Enterprise contains multiple vulnerabilities

12/12/16

Some Bangladesh Bank officials involved in heist - investigator

12/12/16

Kentucky pried chicken: Fried grease chain's loyalty club hacked

12/12/16

Multiple Netgear routers are vulnerable to arbitrary command injection

09/12/16

Sophisticated fraud involving convincing bank letters

09/12/16

PCI Security Standards Council Publishes Supplemental PCI DSS Scoping Guidance

09/12/16

Guidance for PCI DSS Scoping and Network Segmentation

09/12/16

NCSC: Weekly Threat Report 9th December 2016

09/12/16

'Avalanche' Crime Ring Leader Eludes Justice

08/12/16

OpenVPN to get security audit

08/12/16

Curve25519 and Curve448 for the Internet Key Exchange Protocol Version 2 (IKEv2) Key Agreement

08/12/16

Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

08/12/16

Yahoo fixes flaw allowing an attacker to read any user's emails

08/12/16

ThyssenKrupp secrets stolen in 'massive' cyber attack

08/12/16

gov.uk: National Security Strategy and Strategic Defence and Security Review 2015: annual report 2016

07/12/16

One reason why user namespaces keep enabling Linux kernel security issues

07/12/16

Encryption 102: 5 Methods of Encryption (Part 2)

07/12/16

Avoiding CVE-2016-8655 with systemd

07/12/16

Scott Helme: The Best TLS Training in the World - Coming up North

07/12/16

Alert: Fake emails claim you were caught speeding

07/12/16

Filippo Valsorda: I'm giving up on PGP

06/12/16

Software can be more secure, says NIST, and we think we know how

06/12/16

Brian Krebs: Researchers Find Fresh Fodder for IoT Attack Cannons

06/12/16

Own goal for Scottish Football Association as fans sent phishy emails

06/12/16

Red Hat: PCI Series: Requirement 8 - Identify and Authenticate Access to System Components

06/12/16

Potential issue with DNS over IPv6 for 20 days from 11th January

06/12/16

Troy Hunt: Here's 1.4 billion records from Have I been pwned for you to analyse

05/12/16

Email Security - DMARC

05/12/16

TLD glue sticks around too long

05/12/16

Vulnerability Summary for the Week of November 28, 2016

05/12/16

16-30 November 2016 Cyber Attacks Timeline

05/12/16

TalkTalk wi-fi router passwords 'stolen'

05/12/16

Dailymotion hack exposes millions of accounts

05/12/16

cron. Weekly issue #57: PHP 7.1, Crypto, NTP, runv, Multibinder, Grafana, FPM & more!

04/12/16

The invisible credit card of the future

04/12/16

Completing our work to secure digital services

02/12/16

Making email mean something again

02/12/16

The Medical Reports Of 43,000 People, Including HIV Patients, Were Accidentally Released Online

02/12/16

NCSC Weekly Threat Report 2nd December 2016

02/12/16

Hackers Say Knocking Thousands of Brits Offline Was an Accident

02/12/16

'Frighteningly easy' for criminals to get Visa card details, study claims

02/12/16

TalkTalk and Post Office routers hit by cyber-attack

01/12/16

'Avalanche' Global Fraud Ring Dismantled

01/12/16

Destructive Hacks Strike Saudi Arabia, Posing Challenge to Trump

01/12/16

UK Lenders Shared Threat Info After Tesco Bank Attack

01/12/16

NCSC: TalkTalk Alert

01/12/16

Clients say they'll take their money and run if service hacked

01/12/16

More Than 1 Million Google Accounts Breached by Gooligan

30/11/16

Camelot UK Lotteries Incident

30/11/16

An Overview of the Payment Card Industry (PCI)

30/11/16

Secret Europol terror data found online

30/11/16

DDoS Attacks on Critical Infrastructure

29/11/16

The 5 Most Significant DDoS Attacks of 2016

29/11/16

Early detection of configuration errors to reduce failure damage

29/11/16

San Francisco Rail System Hacker Hacked

29/11/16

Bank of England Financial Stability report

29/11/16

UK Payments Strategy Forum sets out roadmap

29/11/16

BT ordered to legally split from Openreach by Ofcom

29/11/16

HPACK: the silent killer (feature) of HTTP/2

28/11/16

Prepare for 19-Digit Credit Cards

28/11/16

This is one reasone why you should use "less" unless you want to make changes to a file

28/11/16

Mirai bots' cyber-blitz 1m German broadband routers

28/11/16

Behind the scenes of GOV.UK Verify: improving users' security

28/11/16

Red Hat: PCI Series: Requirement 7 - Restrict Access to Cardholder Data by Business Need to Know

28/11/16

Ransomware scams cost Brits £4.5 m per year

28/11/16

The Internet Society is unhappy about security - pretty much all of it

28/11/16

Yet another Vim cheat sheet

28/11/16

1-15 November 2016 Cyber Attacks Timeline

28/11/16

US-CERT: Vulnerability Summary for the Week of November 21, 2016

28/11/16

CRON.WEEKLY issue #56: Debian, Fedora 25, PHP, systemd, Humble Bundle, dply, Pipfile & more!

27/11/16

ATM Insert Skimmers: A Closer Look

27/11/16

Barclays payliquid.com certificate issue

27/11/16

Azure bug bounty Pwning Red Hat Enterprise Linux

26/11/16

NIST Special Publication 800-160: Systems Security Engineering

25/11/16

Locky ransomware uses decoy image files to ambush Facebook, LinkedIn accounts

25/11/16

Assuring Smart Meters

25/11/16

NCSC: Weekly Threat Report 25 November 2016

25/11/16

European Commission gets DdoSed

25/11/16

Mozilla hackers audit cURL file transfer toolkit, give it a tick for security

25/11/16

Chromium: XSS Auditor: Block by default.

25/11/16

So, just how were those MailChimp accounts hacked?

24/11/16

Two-thirds of London Councils Suffered Breach in Past Four Years

23/11/16

DoD Opens .Mil to Legal Hacking, Within Limits

23/11/16

Personal data for more than 130,000 sailors hacked: U.S. Navy

23/11/16

Visa cries foul over Euro regulator's stronger authentication demands

23/11/16

Akamai on the Record KrebsOnSecurity Attack

22/11/16

What You Need to Know about Recent Xen Project Security Advisories

22/11/16

178 arrests in successful hit against money muling

22/11/16

Cobalt hackers executed massive, synchronized ATM heists across Europe, Russia

22/11/16

Malware is making ATMs 'spit cash'

22/11/16

Twitter Celebs and Corporate Accounts Hacked Through Third Party

21/11/16

Hacker dumps stolen Casino Rama information online

21/11/16

Michigan State University database with 400,000 student and staff records breached

21/11/16

Oracle acquires DNS provider Dyn, subject of a massive DDoS attack in October

21/11/16

US-CERT: Vulnerability Summary for the Week of November 14, 2016

21/11/16

AdultFriendFinder network finally comes clean to members about hack

21/11/16

SHA-1 deprecation countdown

21/11/16

Getting a grip on firmware

21/11/16

Almost 600,000 at risk of identity theft after US Department of Housing and Urban Development data breach

18/11/16

Are you affected by the Three UK data loss? Here's what to do

18/11/16

NCSC: Three UK Incident

18/11/16

Three Upgrade Fraud: Message from Dave Dyson

18/11/16

NCSC: The Phishing threat following data breaches

18/11/16

NCSC: Weekly Threat Report 18 November 2016

18/11/16

Google Removing SHA-1 Support in Chrome 56

17/11/16

Mark Zuckerberg has his Pinterest account hacked (again)

17/11/16

Troy Hunt (haveibeenpwned.com): Data breach claims are often poorly researched, unsubstantiated and ultimately fake

17/11/16

Antivirus tools are a useless box-ticking exercise says Google security chap

17/11/16

Hackers Claim Theft of Data from Gorilla Glue

17/11/16

8 million GitHub profiles were leaked from GeekedIn's MongoDB

17/11/16

PoisonTap fools your PC into thinking the whole internet lives in an rPi

17/11/16

Kernel Lockdown Patches Published

17/11/16

Google Cloud joins .NET Foundation

16/11/16

Microsoft just got its Linux Foundation platinum card, becomes top level member

16/11/16

Mega DDoS attacks on the increase, warns Akamai

16/11/16

LFI vulnerability allegedly found in website of Barclays/RBS

16/11/16

SWIFT has not seen its last 'bank robbery'

16/11/16

Backdoor in some Android phones caught secretly sending data to China

16/11/16

Google: SHA-1 Certificates in Chrome

16/11/16

Announcing SSL Labs Grading Changes for 2017

16/11/16

Isle Of Wight NHS Trust Spends More Than Average On Cyber Security

16/11/16

Our hospitals 'are safe from the risk of cyber attacks'

16/11/16

NHS patients being put 'at risk' because of cybersecurity flaws

16/11/16

Evolution of the SSL and TLS protocols

16/11/16

Wickedly Clever USB Stick Installs a Backdoor on Locked PCs

16/11/16

October 2016 Cyber Attacks Statistics

16/11/16

Critical Firefox vulnerabilities

16/11/16

Analysts apply Occam's razor to Tesco Bank breach

16/11/16

Adobe fined $1 million for 2013 data breach

15/11/16

The "cryptsetup initrd root shell" vulnerability

15/11/16

Add control channel encryption (--tls-crypt)

15/11/16

Dark web hackers boast of Tesco Bank thefts

14/11/16

Vulnerability Summary for the Week of November 7, 2016

14/11/16

AdultFriendFinder network hack exposes 412 million accounts

13/11/16

Big W shutters online shopping after data leak

13/11/16

CRON.WEEKLY issue #54: PHP 7, LessPass, addrwatch, tmux, bash, PackPack & more!

13/11/16

NCSC Weekly Threat Report 11 November 2016

11/11/16

"Blacknurse": ICMP Type 3 (Destination Unreachable) Code 3 (Port Unreachable) DDoS

11/11/16

RFC 8017: PKCS #1: RSA Cryptography Specifications Version 2.2

11/11/16

Facebook is buying up stolen passwords on the black market

11/11/16

Accidental data leakage would be thing of the past with BS 10010

11/11/16

A checklist for people who understand cyber security

10/11/16

When CSI meets public wifi: Inferring your mobile phone password via wifi signals

10/11/16

New cmdline tool using Red Hat's new Security Data API: rhsecapi

10/11/16

FCO Cyber Security Capacity Building Programme 2017 to 2018

10/11/16

Michael Page leave database of millions of jobseekers' personal info exposed on the Internet

10/11/16

16-31 October 2016 Cyber Attacks Timeline

10/11/16

What went wrong at Tesco Bank?

10/11/16

Some Yahoo staff knew in 2014 that it had been hacked

10/11/16

UK government says Tesco Bank thefts shake confidence in finance

10/11/16

Tesco Bank: 20,000 customers lose money

07/11/16

Weekly Threat Report 4 November 2016

07/11/16

Two in three web pages served over the world's favourite web browser Chrome are now secured with HTTPS, Google says.

07/11/16

Nvidia's telemetry monitor is not spying on you

07/11/16

Cisco's job applications site leaked personal data

06/11/16

Websites of Indian Embassy in 7 Countries Hacked, database leaked online

06/11/16

MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit

04/11/16

Did the Mirai Botnet Really Take Liberia Offline?

04/11/16

World-leading heart hospital 'very, very lucky' to dodge ransomware hit

04/11/16

Excellent graph showing the different meanings of "penetration test"

04/11/16

Stroom helps large organisations understand their systems

03/11/16

4 New Trends in the DDoS Threat Landscape

03/11/16

Barracuda: Outage caused by 'large number of inbound connections'

03/11/16

New Zealand Nurses Caught Out in Major Email Breach

03/11/16

Draft NICE Cybersecurity Workforce Framework (NCWF): National Initiative for Cybersecurity Education

02/11/16

NIST DNS email security draft guide

02/11/16

Planning for the end of 2016: a leap second and the end-of-support for SHA-1 TLS certificates

02/11/16

Business Insider was hacked on Wednesday morning.

02/11/16

William Hill website under siege from DDoS attacks

02/11/16

Resolve Leap Second Issues in Red Hat Enterprise Linux

02/11/16

NCC Group welcomes National Cyber Security Strategy

01/11/16

Interview with Ian Levy, technical director of the National Cyber Security Centre

01/11/16

Britain to spend 1.9 billion pounds on boosting cyber defenses

01/11/16

UK must retaliate versus cyber-attacks says chancellor

01/11/16

Google Security Blog: Distrusting WoSign and StartCom Certificates

31/10/16

Appointments on hold as (computer) virus wreaks havoc with NHS trust systems

31/10/16

"The Shadow Brokers" "Trick or Treat" Leak Exposes International Stage Server Infrastructure

31/10/16

Shadow Brokers dump reveals NSA targets

31/10/16

Dyn DDoS Attack: Wide-Spread Impact Across the Financial Services Industry (Part 1)

31/10/16

123-reg name servers were under DDoS attack on Sunday evening and Monday morning

31/10/16

Kaspersky DDOS intelligence report for Q3 2016

31/10/16

Hackmageddon 1-15 October 2016 Cyber Attacks Timeline

31/10/16

NCSC Weekly Threat Report 28 October 2016

31/10/16

U.S. regulator says former employee downloaded data from office

28/10/16

SpamTitan: Malicious Spam Email Volume Reaches Record High

28/10/16

Search engine results increasingly poisoned with malicious links

28/10/16

What comes after "iptables"? Its successor, of course: "nftables"

28/10/16

'X-rated' council error sends voters to hardcore porn site

28/10/16

Contractor behind Australia's biggest-ever data breach revealed

28/10/16

Australia's biggest data breach sees 1.3m records leaked

28/10/16

How the Dyn outage affected Cloudflare

27/10/16

More on the DynDNS DDoS

27/10/16

Hardware Bit-Flipping Attacks in Practice

27/10/16

ICANN: KSK Rollover Operations Begin

27/10/16

Danish payments firm says fears 100,000 credit cards hacked

26/10/16

Cyber-crooks menacing hospitals are put under the microscope

26/10/16

Cisco Releases Security Updates for Multiple Products

26/10/16

How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks

26/10/16

Details on the Privilege Escalation Vulnerability in Joomla

26/10/16

Adobe Releases Security Update

26/10/16

Internet Draft: HTTP Immutable Responses

26/10/16

Graduate recruitment site exposed 50,000 CVs sent to Virgin Media UK

25/10/16

An After-Action Analysis of the Mirai Botnet Attacks on Dyn

25/10/16

ARM proposes running cloud based update service for Things on the Internet

25/10/16

Joomla! 3.6.4 Released

25/10/16

Google Chrome: Announcement: Requiring Certificate Transparency in 2017

25/10/16

Advisory: 'Dirty COW' Linux privilege escalation vulnerability being actively exploited

25/10/16

Weekly Threat Report for 24 October 2016

25/10/16

Shadowserver - ASN & Netblock Alerting & Reporting Service

25/10/16

[US] Multi-State Voter Data Leak - Again!

24/10/16

Lessons Learned from the DynDNS DDoS

24/10/16

Distrusting New WoSign and StartCom Certificates

24/10/16

September 2016 Cyber Attacks Statistics

24/10/16

Embedding ModSecurity in Apache - tutorial

24/10/16

Mozilla plots TLS 1.3 future for Firefox

23/10/16

Data breach at Weebly affects 43 million users

23/10/16

Measuring small subgroup attacks against Diffie-Hellman

23/10/16

Millions of AdultFriendFinder user accounts hacked - again

21/10/16

Dyn Confirms DDoS Attack Affecting Twitter, Github, Many Others

21/10/16

Boffins exploit Intel CPU weakness to run rings around code defenses

20/10/16

NCSC: Attempts to train users not to open phishing e-mails are pointless

20/10/16

Weebly Account Security Update

20/10/16

India experiences catastrophic cyberattack, 3.2 million debit card account details stolen

20/10/16

PCI Security Standards Council: DATA PROTECTION TOP PRIORITY FOR EUROPE HEADING INTO 2017

20/10/16

Cisco patches NetBIOS vuln

20/10/16

PCI Security Standards Council Director: Cyber Crime is an urgent priority

20/10/16

Penthouse, Adult FriendFinder databases leak, at least 100 million accounts impacted

20/10/16

Spreading the DDoS Disease and Selling the Cure

19/10/16

CA Comodo used broken OCR and issued certificates to the wrong people

19/10/16

Australia's first cyber threat sharing centre to open before end of year

19/10/16

Oracle's quarterly security release offers 253 patches

19/10/16

Dell Unveils New Endpoint Data Security and Management Portfolio for Greater IT Interoperability

19/10/16

CVE-2016-5195 - Linux: "Dirty COW" local privilege escalation bug

19/10/16

Phasing Out SHA-1 on the Public Web

18/10/16

More on WoSign / StartSSL

18/10/16

SHA3-256 is quantum-proof, should last BEELLIONS of years, say boffins

18/10/16

Redbus is the newest victim of data breach, 13.72 GB of user data is on Darknet

18/10/16

Fraud & cybercrime cost UK nearly £11bn in past year

18/10/16

Magento Malware Hides Stolen Card Data in Image Files

18/10/16

It's good to talk, UK banks told after massaging cyberattack figures

18/10/16

Linux Kernel Security bug lifetime

18/10/16

[RHSA-2016:2073-01] Important: openssl security update

18/10/16

Magento Credit Card Swiper Exports to Image

17/10/16

Happy 15th Birthday Red Hat Product Security

17/10/16

UK spy agencies broke privacy rules says tribunal

17/10/16

Hacks could cost British businesses £122 billion by 2018

17/10/16

Faulty protection aids theft of 33 million accounts from Evony

17/10/16

Vulnerability Summary for the Week of October 10, 2016

17/10/16

Magento: Protecting Your Site from Malware

17/10/16

How hackers handle stolen login data

17/10/16

NCSC: Weekly Threat Report 17 October 2016

17/10/16

CVE-2016-6187: Exploiting Linux kernel heap off-by-one

16/10/16

CRON.WEEKLY issue #50: PHP, Ubuntu 16.10, Galaxy, Yarn, libreboot, AWS, Postgres & more!

16/10/16

A Single Byte Write Opened A Root Execution Exploit

14/10/16

MACsec: a different solution to encrypt network traffic

14/10/16

Quickly audit and adjust SSH server configurations with SSH-audit

14/10/16

Increasing the Strength of the Zone Signing Key for the Root Zone

14/10/16

Cyber Europe 2016 - joint EU security exercise

14/10/16

GlobalSign cert error sees browsers block top websites

14/10/16

British banks keep cyber attacks under wraps to protect image

14/10/16

Almost 6,000 online shops hit by hackers

14/10/16

OpenSSL 1.1.0: remote client memory corruption in ssl_add_clienthello_tlsext()

13/10/16

G-7 Issues Cybersecurity Guidelines

13/10/16

Google's OSS-fuzz

13/10/16

Sub-Saturating DDoS Attacks Steal Bandwidth

12/10/16

SSHowDowN - IoT proxy attack using SSH port forwarding

12/10/16

A Look at the BIND Vulnerability: CVE-2016-2776

12/10/16

Internet Society wants to fill in the Great Routing Black Hole

12/10/16

TLS nonce-nse

12/10/16

Australia weather bureau hacked by foreign spies, says report

12/10/16

NSA could put undetectable "trapdoors" in millions of crypto keys

11/10/16

New OpenSSL double-free and invalid free vulnerabilities in X509 parsing

11/10/16

Second hacking group targets SWIFT-connected banks

11/10/16

Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras

11/10/16

Filtering Terabytes of pcaps using nBPF and Wireshark

11/10/16

Magento SUPEE-8788

11/10/16

Like it or not, here are ALL your October Microsoft patches

11/10/16

What can the NCSC do for you?

11/10/16

dnscap - Network capture utility designed specifically for DNS traffic

11/10/16

Crypto needs more transparency, researchers warn

09/10/16

Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation

10/10/16

CAA Record Generator

10/10/16

NCC Group expert leads development of new secure coding guidelines for C

10/10/16

Modern Business Solutions Stumbles Over A Modern Business Problem - 58M Records Dumped From An Unsecured Database

10/10/16

NCSC Weekly Threat Report for 10th October 2016

10/10/16

Security Economics of the Internet of Things

10/10/16

Browser Treatment of Bad SSL

10/10/16

SCAP: Red Hat Security Videos Live!

10/10/16

How France's TV5 was almost destroyed by 'Russian hackers'

10/10/16

Google maps + WiFi APs and Cell networks

10/10/16

Stickers emerge as EU's weapon against dud IoT security

10/10/16

Heads roll as Qihoo 360 moves to end WoSign, StartCom certificate row

10/10/16

US-CERT Vulnerability Summary for the Week of October 3, 2016

10/10/16

Mozilla Certificate revocation plan

07/10/16

Check My DNS

07/10/16

Why You Should Seriously Care About SSH User Keys

07/10/16

The Economist: The internet of stings

07/10/16

Smash and grab PoS pwners ready with pre-Xmas malware update

07/10/16

OpenSSL after Heartbleed

06/10/16

Compromised eCommerce Sites Lead to "Magecart"

06/10/16

Feds Charge Two In Lizard Squad Investigation

06/10/16

High Cybersecurity Staff Turnover is an 'Existential Threat'

06/10/16

DMARC email security is now mandatory for the UK government, what can the enterprise learn?

06/10/16

N.S.A. Contractor Arrested in Possible New Theft of Secrets

06/10/16

TalkTalk cyber attack - how the ICO's investigation unfolded

06/10/16

Cyber Security Breaches Survey 2017

06/10/16

Akamai: 620+ Gbps Attack - Post Mortem

06/10/16

ENISA Annual Incidents report

06/10/16

FBI sought terrorist email in Yahoo sweep

06/10/16

What the Yahoo NSA might've looked for

06/10/16

Hack warnings prompt cyber 'security fatigue'

06/10/16

The State of Cyber Security Professional Careers: An Annual Research Report

05/10/16

Government Contractor Charged with Removal of Classified Materials and Theft of Government Property

05/10/16

Mastercard rolls out pay-by-selfie across Europe

05/10/16

PaymentsUK: Cyber Security and Fraud Seminar taking place 1 November

05/10/16

TalkTalk gets record £400,000 fine for failing to prevent October 2015 attack

05/10/16

7 digit CVE numbers are now being issued

05/10/16

Wireshark 2.2.1 is now available

05/10/16

Google's DDoS global attack map

04/10/16

Yet another dating site exposes users' data

04/10/16

Yahoo 'secretly scanned emails for US authorities'

04/10/16

National Cyber Security Centre HQ operational

03/10/16

Almost half of NHS Trusts do not monitor cloud app use, Netskope FOI request finds

30/09/16

BBC report on "CEO fraud"

30/09/16

Security analyst says Yahoo!, Dropbox, LinkedIn, Tumblr all popped by same gang

30/09/16

The Hacking of Yahoo

30/09/16

NHS security deal

29/09/16

NHS Hospitals Are Running Thousands of Computers on Unsupported Windows XP

29/09/16

The Cost of Cyberattacks Is Less than You Might Think

29/09/16

Yahoo! Mobile Mail Wide Open Even After Password Reset

29/09/16

Yahoo could have reset all user passwords two years ago, but chose not to

29/09/16

EMVCo and PCI SSC Combine Expertise on 3-D Secure 2.0

29/09/16

Cyber firm challenges Yahoo claim hack was state-sponsored

28/09/16

The Yahoo hackers weren't state-sponsored, a security firm says

28/09/16

InfoArmor: Yahoo Data Breach Investigation

28/09/16

Cisco Releases Security Updates

28/09/16

Defending Against Hackers Took a Back Seat at Yahoo, Insiders Say

28/09/16

FBI investigating possible hack of Democratic Party staffer cell phones

27/09/16

Announcement for Suspension of TURKTRUST SSL

27/09/16

Latest IoT DDoS Attack Dwarfs Krebs Takedown At Nearly 1Tbps Driven By 150K Devices

27/09/16

No wonder we're being hit by Internet of Things botnets. Ever tried patching a Thing?

27/09/16

152k cameras in 990Gbps record-breaking dual DDoS

27/09/16

SWIFT introduces mandatory customer security requirements and an associated assurance framework

27/09/16

Google: Reshaping web defenses with strict Content Security Policy

26/09/16

Questions Mount Around Yahoo Breach

26/09/16

i-Dressup operators fail to fix bug that exposes up to 5.5 million credentials

26/09/16

OpenSSL Patch for Low Severity Issue Creates Critical Flaw

26/09/16

Mozilla to suspend new certificates issued by WoSign/StartCom

26/09/16

Google shields Krebs after world's-worst DdoS

26/09/16

Broadening the Scope of Mobile Security

26/09/16

Florida Bar Association hacked, members' data leaked (UPDATE2)

25/09/16

A week to go for the European Cyber Security Month launch!

23/09/16

Yahoo Executives Detected a Hack Tied to Russia in 2014

23/09/16

Someone Left The Data of 2.9 Million Louisiana Voters Online For No Reason

23/09/16

How not to verify a data breach

23/09/16

NSA hushed up zero-day spyware tool losses for three years

23/09/16

Safe browsing checks fail as 16,000 WordPress sites hacked this year

23/09/16

Valid logins to your workplace are on the net, right now

23/09/16

Information Commissioner's response to Yahoo data breach

22/09/16

Exclusive: Probe of leaked U.S. NSA hacking tools examines operative's 'mistake'

22/09/16

Teenager to appear in court over alleged hack and data theft

22/09/16

Industry Concerns about TLS 1.3

22/09/16

Security issues affect us all

22/09/16

SANS: The era of big DDOS?

22/09/16

Yahoo breach unrelated to the data sale earlier this summer

22/09/16

Attack on Yahoo hit 500 million users

22/09/16

Over 6,000 vulnerabilities went unassigned by MITRE's CVE project in 2015

22/09/16

OpenSSL CVEs

22/09/16

Bank cyber heists are here to stay, says SWIFT security chief

22/09/16

US-CERT - Cisco Releases (yet more) Security Updates

22/09/16

Michelle Obama's passport leaked by hacker

22/09/16

Requirement 6 - Develop and Maintain Secure Systems and Applications

22/09/16

Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack

22/09/16

DDoS attacks: For the hell of it or targeted - how do you see them off?

22/09/16

Fixing the mixed content problem with Automatic HTTPS Rewrites

21/09/16