Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

Vulnerability Summary for the Week of August 6, 2018

13/08/18

FBI Warns of 'Unlimited' ATM Cashout Blitz

12/08/18

Weekly Threat Report 10th August 2018

10/08/18

Setting up two-factor authentication (2FA)

08/08/18

Cyber-attack! Would your firm handle it better than this?

07/08/18

Facebook cracks open its bottle of Fizz - a carbonated TLS 1.3 lib

06/08/18

Facebookincubator/fizz

06/08/18

Deploying TLS 1.3 at scale with Fizz, a performant open source TLS library

06/08/18

Our commitment to the CCP scheme

06/08/18

Vulnerability Summary for the Week of July 30, 2018

06/08/18

[Outages-discussion] [outages] Problem with credit card machine processing? "Datawire"

04/08/18

CreditCard Issuer TCM Bank Leaked Applicant Data for 16 Months

03/08/18

Web doc iCliniq plugs leaky bucket stuffed full of medical records

03/08/18

BGP/DNS Hijacks Target Paymen Systems

03/08/18

Further BGP hijacks of high value authoritative DNS servers' IP space

03/08/18

Weekly Threat Report 3rd August 2018

03/08/18

MikroTik routers grab their pickaxes, descend into crypto mines

03/08/18

Mass MikroTik Router Infection - First we cryptojack Brazil, then we take the World?

03/08/18

AusCERT Week in Review for 3rd August 2018

03/08/18

Did you know: Lawyers can certify web domain ownership? Well, not no more they ain't

02/08/18

Huge Cryptomining Attack on ISP-Grade Routers Spreads Globally

02/08/18

NCSC advice for Reddit users

02/08/18

New CAB Forum Validation Rules go Into effect Today

01/08/18

Back Packets Report

01/08/18

Clarksons: Update on 2017 Data Breach - Regulatory Notice

01/08/18

Holy Ship! UK shipping biz Clarksons blames megahack on single point of pwnage

01/08/18

On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global Criminal Operation

01/08/18

Three Members of Notorious International Cybercrime Group Fin7 In Custody Role in Attacking Over 100 u.S. companies

01/08/18

GCHQ on Quantum Key Distribution

01/08/18

Backdoors in Cisco Routers

01/08/18

Reddit: We had a security incident. Here's what you need to know

01/08/18

Dixons Carphone: Update on Investigation into Unauthorised Data Access

31/07/18

Dixons Carphone says data breach affected 10 million

31/07/18

1-15 July 2018 Cyber Attacks Timeline

31/07/18

Let's Encrypt: Domain Resolution Interruption

30/07/18

Introducing Web Authentication in Microsoft Edge

30/07/18

A Malvertising Campaign of Secrets and Lies

30/07/18

Vulnerability Summary for the Week of July 23, 2018

30/07/18

UK CNP Fraud Drops as Banks Fight Back

30/07/18

1.4 million online fashion shoppers exposed after data breach at UK ecommerce provider

30/07/18

Telstra customer stumbles across contact details of 66,000 fellow customers

27/07/18

Weekly Threat Report 27th July 2018

27/07/18

'Petty cybercriminals' adopt supply chain attacks

27/07/18

Boffins: Mixed -Signal silicon can SCREAM your secrets to all

27/07/18

AusCERT Week in Review for 27th July 2018

27/07/18

New iOS 12 Feature Risks Exposing Users to Online Banking Fraud

27/07/18

Screaming Channels. When Electromagnetic Side Channels Meet Radio Transceivers

26/07/18

How to (slowly) steal secrets over the network from chip security holes: NetSpectre summoned

26/07/18

New Spectre attack enables secrets to be leaked over a network

26/07/18

Netspectre: Read Arbitrary Memory over Network

26/07/18

NetSpectre

26/07/18

Alert:Widespread phishing campaign affecting transport, engineering and defence organisations

26/07/18

Hacking Swan & FLIR/lorex home security camera video

26/07/18

Hacking IoT Cameras with s/swnb479e7d24/swn1bf9f32f2/g

26/07/18

Swann's home security camera recordings could be hijacked

26/07/18

Advisory: Phishing campaign

25/07/18

LifeLock Bug Exposed Millions of Customer Email Addresses

25/07/18

Schneier on Financial Fraud

25/07/18

Insecure web still too prevalent: Boffins unveil HSTS wall of shame

24/07/18

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

24/07/18

Unsecured server exposes 157 GB of highly sensitive data from Tesla, Toyota and more

23/07/18

Why No HTTPS?

23/07/18

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

23/07/18

ICO July Newsletter

23/07/18

June 2018 Cyber Attacks Statistics

23/07/18

Vulnerability Summary for the Week of July 16, 2018

23/07/18

24 Defendants Sentences in Multimillion Dollar India-Based Call Centre Scam Targeting U.S. Victims

20/07/18

Half a Billion IoT Devices Vulnerable to DNS Rebuilding Attacks

20/07/18

Crypto gripes, election security, and mandatory cybersec school: Uncle Sam's cyber task force emits todo list for govt

20/07/18

Weekly Threat Report 20th July 2018

20/07/18

Singapore personal data hack hits 1.5m, health authority says

20/07/18

Developing the cyber security profession - have your say!

20/07/18

Backdoors Keep Appearing In Cisco's Routers

19/07/18

Red Hat Blog

19/07/18

UK criticises security of Huawei products

19/07/18

Human Resources Firm ComplyRight Breached

19/07/18

Hackers Breach Russian Bank and Steal $1 Million Due to Outdated Router

19/07/18

Cyber security advice issued to law firms in first legal threat report

19/07/18

Brit tech forges alliance to improve cyber security as MPs moan over 'acute scarcity' of experts

19/07/18

Retail data breaches continue to reach new highs

19/07/18

The cyber threat to UK legal sector 2018 report

19/07/18

New NCSC report highlights threats to the UK legal sector

19/07/18

16-30 June 2018 Cyber Attacks timeline

19/07/18

Hundreds of thousands US voters data appeared online again

18/07/18

Who's leaving Amazon S3 buckets open online now? Cybercrooks, US election autodialers

18/07/18

2018 Thales Data Threat Report - Retail Edition

18/07/18

2018 Credential Spill Report

18/07/18

Hackers account for 90% of login attempts at online retailers

18/07/18

Call records breach let users feel like Movistarts (with everyone watching who they're talking to)

18/07/18

[Outages-discussion] [outages] Problem with credit card machine processing? "Datawire"

17/07/18

Yar, thar she blows: Corp-cash-stealing email whaling attacks now a $12.5bn industry

17/07/18

Can we manage our cyber risks?

17/07/18

Digital laundry: how credit card thieves use free-to-play apps to launder their ill-gotten gains

16/07/18

Pattern: Safely Importing Data

16/07/18

Import data, not malware

16/07/18

Social Media (An Apology)

16/07/18

Newsmaker Interview: Bruce Schneier on 'Going Dark' and the Crypto Arms Race

16/07/18

Vulnerability Summary for the Week of July 9, 2018

16/07/18

Passwords for Tens of Thousands of Dahua Devices Cached in IoT Search Engine

15/07/18

[outages] Problem with credit card machine processing? "Datawire"

13/07/18

Weekly Threat Report 13th July 2018

13/07/18

JavaCard: The execution environment you didn't know you were using

13/07/18

Phone in the right hand? You're a hacker!

13/07/18

Business email compromise the 12 billion dollar scam

12/07/18

1-15 June 2018 Cyber Attacks Timeline

12/07/18

Postmortem for Malicious Packages Published on July 12th, 2018

12/07/18

Compromised version of eslint-scope published

12/07/18

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

12/07/18

Access to airport's security system sold on dark web

11/07/18

Brit privacy watchdog reports on political data harvets: We've read the lot so you don't have to

11/07/18

Emma's Diary faces fine for selling new mums' data to Labour

11/07/18

Timehop Security Incident, July 4th, 2018

11/07/18

Macy's, Bloomingdales Alert Online Customers of Data Breach

10/07/18

Findings, recommendations and actions from ICO investigation into data analytics in political campaigns

10/07/18

Malware Found in Arch Linux AUR Package Repository

10/07/18

Ticketmaster breach was part of a larger credit card skimming effort, analysis shows

10/07/18

The 111 Million Record Pemiblanc Credential Stuffing List

10/07/18

Web biz DomainFactory confirms: We were hacked in January 2018

09/07/18

Inside and Beyond Ticketmaster: The Many Breaches of Magecart

09/07/18

Case #18: I know what you did last summer - and also what you will be doing this one

09/07/18

Poor security at Thomas Cook airlines leads to simple extraction of fliers' personal data

09/07/18

City of London Police: £28 million lost by cyber crime victims

09/07/18

Web biz DomainFactory confirms: We were hacked in January 2018

09/07/18

Timehop Breach Hits 21 Million Customers

09/07/18

Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach

09/07/18

recent wave of Smart Contract vulns - out of scope?

09/07/18

Vulnerability Summary for the Week of July 2, 2018

09/07/18

Chinese hackers breach ANU, putting national security at risk

06/07/18

CIS Releases 2017 Year in Review

06/07/18

AusCERT Week in Review for 6th June 2018

06/07/18

Weekly Treat Report 6th July 2018

06/07/18

Gentoo GitHub repo hack made possible by these 3 rookie mistakes

05/07/18

Introduction to logging for security purposes

05/07/18

Learn to love logging

05/07/18

The SC Media UK Global Top 50 Companies in the Cyber-Security Market

05/07/18

Hands up if you didn't lose data in the Typeform breach

04/07/18

World-class fraud and cybercrime court approved for London's Fleetbank House site

04/07/18

Cyber resilience - nothing to sneeze at

04/07/18

Whitbread Sounds Breach Alarm After PageUP Incident

03/07/18

Budget hotel chain, UK political party, Monzo Bank, Patreon caught in Typeform database hack

03/07/18

Dear Samsung mobe owners:It mat leak your private pics to randoms

03/07/18

Report of the Attorney General's Cyber Digital Task Force

02/07/18

150,000 GP records wrongly shared as patient data preferences 'not upheld'

02/07/18

Minister says opt-out data requests for 150,000 patients missed

02/07/18

NHS Digital and TPP statement about type 2 objections error

02/07/18

NHS data breach affects 150,000 patients in England

02/07/18

Vulnerability Summary for the Week of June 25, 2018

02/07/18

Surveys-as-a-service outfit Typeform spilled a backup in May

02/07/18

Regional College staff's personal data at risk after massive security breach

30/06/18

Breach of Typeform back up file - which included some elector data

30/06/18

UK Researcher Says One Line Of Code Caused Ticket Master Breach

30/06/18

California Privacy Act Unanimously Approved

29/06/18

Google weeps as its home state of California passes its own GDPR

29/06/18

We suspect some data has been compromised in the Typeform breach. All money is safe.

29/06/18

Typeform: Our June 2018 data breach & what it means for you

29/06/18

Typeform Announces Breach After Hacker Grabs Backup File

29/06/18

Weekly Threat Report 29th June 2018

29/06/18

AusCERT Week in Review for 29th June 2018

29/06/18

How to get away with financial fraud

28/06/18

Project:Infrastructure/Incident Reports/2018-06-28

28/06/18

Responsible vulnerability disclosure in Europe

28/06/18

Every Android Device Since 2012 Impacted by RAMpage Vulnerability

28/06/18

May 2018 Cyber Attacks Statistics

28/06/18

Contactless Payments: PCI SSC on Plans to Develop Security Standard for Payment Acceptance on Merchant COTS Devices

28/06/18

Will new UK rules reduce the harm of push-payment fraud?

28/06/18

adidas alerts certain consumers of potential data security incident

28/06/18

Protecting customers from the Ticketmaster breach: Monzo's story

28/06/18

Systemic Risk Survey Results - 2018 H1

27/06/18

Swann home security camera sends video to wrong user

27/06/18

Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records

27/06/18

NCSC: Statement: Ticketmaster cyber incident

27/06/18

NCA statement on Ticketmaster cyber incident

27/06/18

Inbenta and the Ticketmaster Data Breach

27/06/18

Ticketmaster admits personal data stolen in hack attack

27/06/18

MISP 2.4.93 released (aka ATT&CK integration)

27/06/18

Don't glamorise cyberthreats - just ask basic questions

27/06/18

Defending Against Illicit Cryptocurrency Mining Activity

26/06/18

16-31 May 2018 Cyber Attacks Timeline

26/06/18

In non-startling news, EFF says STARTTLS email crypto is mostly done wrong

26/06/18

Hundreds of Hotels Affected by Data Breach at Hotel Booking Software Provider

26/06/18

UK Minister of Fun Matt Hancock opens London infosec upstart creche

26/06/18

Bypassing Passcodes in iOS

26/06/18

NCSC to work with boards to better prepare businesses for cyber incidents

26/06/18

We're Baking Have I Been Pwned into Firefox and 1Password

26/06/18

Vulnerability Summary for the Week of June 18, 2018

25/06/18

India tells its banks to get Windows XP off ATMs - in 2019!

25/06/18

Watchtower: we shall fight on the breaches

25/06/18

Minimum Cyber Security Standard

25/06/18

Testing Firefox Monitor, a New Security Tool

25/06/18

Announcing STARTTLS Everywhere: Securing Hop-to-Hop Email Delivery

25/06/18

OpenBSD chief de Raadt says no easy fix for new Intel CPU bug

25/06/18

Changes in WebAssembly Could Render Meltdown and Spectre Browser Patches Useless

24/06/18

PDQ: Important Information for our Guests On Data Breach

22/06/18

Weekly Threat Report 22nd June 2018

22/06/18

Fake WannaCry emails demanding payment

22/06/18

Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about

22/06/18

REF URL require ToU/Conduct policy

22/06/18

Researchers develop SafeSpec to overcome vulnerabilities like Spectre and Meltdown

22/06/18

Schneier warns of 'perfect storm': Tech is becoming autonomous, and security is garbage

22/06/18

Global Threats to Information Systems

21/06/18

Oregon.Gov Email Domain Remains Blacklisted

21/06/18

Infographic: Patching

20/06/18

Bithumb: Hackers 'rob crypto-exchange of $32m'

20/06/18

Private sector needs a little sumthin' sumthin' to get it sharing threat intel - US security chap

20/06/18

Council demanded payment card details via email

20/06/18

Google, Roku, Sonos to Fix DNS Rebinding Attack Vector

20/06/18

Setting arbitrary request headers in Chromium via CRLF injection

20/06/18

I discovered a browser bug

20/06/18

Microsoft Edge bug odyssey shows why we can't have nice things

20/06/18

OpenBSD disables Intel's hyper-threading

20/06/18

Flightradar24 suffers security breach

20/06/18

PayPal reminds users: TLS 1.2 and HTTP/1.1 are no longer optional

20/06/18

Cisco Releases Security Updates for Multiple Products

20/06/18

Oregon state employees unable to email the public after computer 'hijacked' by phishing email

19/06/18

So you want to be a security engineer?

19/06/18

Attacking Private Networks from the Internet with DNS Rebinding

19/06/18

Millions of Streaming Devices Are Vulnerable to a Retro Web Attack

19/06/18

Pass gets a fail: Simple Password Store suffers GnuPG spoofing bug

19/06/18

Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies

19/06/18

China-based campaign breached satellite, defense companies: Symantec

19/06/18

Compromised GitHub Account Spreads Malicious Syscoin Installers

18/06/18

US CERT Vulnerability Summary for the Week of June 11, 2018

18/06/18

From here on, Red Hat's new GPLv2 software projects will have GPLv3 cure for license violators

18/06/18

Finding phishing sites with CT

18/06/18

The GPL cooperation commitment and Red Hat projects

18/06/18

Joint statement on the PageUp Limited data incident

18/06/18

Boffins offer to make speculative execution great again with Spectre-Meltdown CPU fix

16/06/18

Liberty systems breached in hack

16/06/18

NCSC: Weekly Threat Report 15th June 2018

15/06/18

Multi-factor authentication for online services

15/06/18

UK law enforcement: an uphill struggle to fight hackers

15/06/18

Canadian clarinet player sues ex for deleting his scholarship offer

15/06/18

AusCERT Week in Review for 15th June 2018

15/06/18

Stepping up to multi-factor authentication

14/06/18

Statement: Dixons Carphone data breach

13/06/18

Update on Dixons Carphone plc cyber incident

13/06/18

The Great (belated) Mozilla Firefox CVE Dump

13/06/18

Technical Advisory: "ROHNP"- Key Extraction Side Channel in Multiple Crypto Libraries

13/06/18

Dixons Carphone admits huge data breach

13/06/18

Investigation Into Unauthorised Data Access

13/06/18

Cryptojacking invades cloud. How modern containerization trend is exploited by attackers

12/06/18

Yahoo! Fined £250,000 after systemic failures put customer data at risk

12/06/18

Yahoo fined £250,000 over cyber-attack

12/06/18

UK! watchdog! slaps! Yahoo! with! £250k! fine! for! 2014! data! Breach!

12/06/18

Wakefield cyber security consultancy acquired

12/06/18

Yahoo fined

12/06/18

SaaS security - surely it's simple?

11/06/18

Weight Watchers IT Infrastructure Exposed via No-Password Kubernetes Server

11/06/18

US-CERT Vulnerability Summary for the Week of June 4, 2018

11/06/18

Data Provided by the Estonian Central Criminal Police is Now Searchable on Have I Been Pwned

11/06/18

Router Vulnerability and the VPNFilter Botnet

11/06/18

VPNFilter, a Nation State Operation

11/06/18

Understanding Software as a Service (SaaS) security

11/06/18

US arrests 74 in global email scam crackdown

11/06/18

SaaS security principles

11/06/18

SaaS security collection

11/06/18

74 Arrested in Coordinated International Enforcement Operation Targeting Hundreds of Individuals in Business Email Compromise Schemes

11/06/18

Handbook on European data protection law - 2018 edition

08/06/18

Cisco Talos VPN Filter malware findings

08/06/18

NCSC Weekly Threat Report 8th June 2018

08/06/18

Hackers Crashed a Bank's Computers While Attempting a SWIFT Hack

08/06/18

Russia appears to be 'live testing' cyber attacks - Former UK spy boss Robert Hannigan

08/06/18

Bible Society fined £100,000 after security failings put supporters' personal data at risk

08/06/18

AusCERT Week in Review for 8th June 2018

08/06/18

#Infosec18: Interview, Robert Hannigan, Former Director General, GCHQ

07/06/18

Notice of Solarbotics Credit Card Processing Breach & Update of Terms & Service

07/06/18

An Encryption Upgrade Could Upend Online Payments

06/06/18

How IPv6 deployment is growing in U.S. and other countries

06/06/18

Job application tool PageUp suspects data breach

06/06/18

Serve websites over HTTPS (always)

06/06/18

Amazon will stop selling connected toy filled with security issues

05/06/18

Here's a transaction Transamerica regrets: Transgressors swipe retirees' personal info

05/06/18

Exclusive: Aussie Firm Loses $6.6M to Backdoored Cryptocurrency

05/06/18

1-15 May 2018 Cyber Attacks Timeline

05/06/18

Loose .zips sink chips: How poisoned archives can hack your computer

05/06/18

Ticketfly Data Breach Means Music Fans Need to Go Elsewhere for Tickets

04/06/18

US CERT Vulnerability Summary for the Week of May 28, 2018

04/06/18

MyHeritage Statement About a Cybersecurity Incident

04/06/18

Ticketfly breach may have exposed data of 26 million customers

03/06/18

Ticketfly Cyber Incident Update

03/06/18

Bitcoin Redux: crypto crime, and how to tackle it

01/06/18

Visa Card Payment Systems Go Down Across Europe

01/06/18

Internet engineers tear into United Nations' plan to move us all to IPv6

30/05/18

Frag Grenade! A Remote Code Execution Vulnerability in the Steam Client

30/05/18

April 2018 Cyber Attacks Timeline

29/05/18

DNS is Changing. Are you Ready?

29/05/18

Hackers threaten to reveal personal data of 90,000 Canadians caught in bank hack

29/05/18

US CERT Vulnerability Summary for the Week of May 21, 2018

28/05/18

Adobe to Acquire Magento Commerce

25/05/18

Security vs Performance Discussion with the Return of "Spectre" Vulnerability

25/05/18

Unauthorised Activity on IT System

25/05/18

NCSC Weekly Threat Report 25th May 2018

25/05/18

Data Protection Act 2018 Overview

25/05/18

Beyond 2018 - data protection laws built to last

23/05/18

VPNFilter Destructive Malware

23/05/18

Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats

22/05/18

16-30 April 2018 Cyber Attacks Timeline

22/05/18

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

21/05/18

US CERT Vulnerability Summary for the Week of May 14, 2018

21/05/18

GDPR Security Outcomes

18/05/18

NCSC Weekly Threat Report 18th May 2018

18/05/18

AusCERT Week in Review for 18th May 2018

18/05/18

Was the Efail disclosure horribly screwed up?

17/05/18

Hardcoded Password Found in Cisco Enterprise Software, Again

17/05/18

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

17/05/18

Increased Cyber Threats: Security steps to take

16/05/18

[Cryptography] Vulnerability found in badly broken email apps that use PGP and S/MIME

16/05/18

Hacker Breaches Securus, the Company That Helps Cops Track Phones Across the US

16/05/18

EFail and Thunderbird, What You Need To Know

16/05/18

UPnP joins the 'just turn it off on consumer devices, already' club

16/05/18

Spray you, spray me: defending against password spraying attacks

15/05/18

No, PGP is not broken, not even with the Efail vulnerabilities

15/05/18

Cybersecurity Roundup: May 15, 2018

15/05/18

New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation

14/05/18

OpenPGP, S/MIME Mail Client Vulnerabilities

14/05/18

Cyber attack on Family Planning NSW client database

14/05/18

Rail Europe had a three-month long credit card breach

14/05/18

Huge new Facebook data leak exposed intimate details of 3m users

14/05/18

Detecting Cloned Cards at the ATM, Register

14/05/18

US-CERT Vulnerability Summary for the Week of May 7, 2018

14/05/18

National Crime Agency publishes 2018 analysis of serious and organised crime threats

14/05/18

Mexico Says Possible Bank Hack Led to Large Cash Withdrawals

13/05/18

NCSC: Weekly Threat Report 11th May 2018

11/05/18

Researchers Come Up With a Way to Launch Rowhammer Attacks via Network Packets

11/05/18

UK cell giant EE left a critical code system exposed with a default password

11/05/18

Malicious Chrome extensions infect 100,000-plus users, again

10/05/18

Second wave of Spectre-like CPU security flaws won't be fixed for a while

09/05/18

Raising the bar - consent under the GDPR

09/05/18

Android App With 10 Million Downloads Left Users' Photos and Audio Messages Exposed to Public

08/05/18

Data stolen in Sheffield Credit Union cyber attack

08/05/18

Red Hat smitten by secure enclaves 'cos some sysadmins are evil

08/05/18

RAID doesn't work!

08/05/18

Equifax breach exposed millions of driver's licenses, phone numbers, emails

08/05/18

1-15 April 2018 Cyber Attacks Timeline

08/05/18

NCSC Weekly Threat Report 4th May 2018

08/05/18

US-CERT Vulnerability Summary for the Week of April 30, 2018

07/05/18

Latest Internet Crime Report Released

07/05/18

LibreSSL 2.7.3 Released

05/05/18

Report: Chinese government is behind a decade of hacks on software companies

05/05/18

New regulatory powers for the digital age

04/05/18

Vulnerability Note VU#283803 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")

03/05/18

The Helium Factor and Hard Drive Failure Rates

03/05/18

US military base stores pull Huawei, ZTE kit off the shelves

03/05/18

Just Eat 'phishing' scammer faces jail

02/05/18

On Comodo CA's Recent Revocation of an SSL Certificate for Kentucky-based Stripe, Inc.

02/05/18

Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin

02/05/18

ZTE: NCSC advice to select telecommunications operators with national security concerns

02/05/18

Australia's Largest Bank Lost The Personal Financial Histories Of 12 Million Customers

02/05/18

86% of Passwords are Terrible (and Other Statistics)

02/05/18

Hard Drive Stats for Q1 2018

01/05/18

Lojack Becomes a Double-Agent

01/05/18

Consolidation of UK Payment Systems Operators

01/05/18

Bulletproof TLS Newsletter #40 Certificate Transparency logging is now mandatory

30/04/18

The NIS Guidance Collection

30/04/18

US CERT Vulnerability Summary for the Week of April 23, 2018

30/04/18

NCSC Weekly Threat Report 27th April 2018

27/04/18

HPE servers targeted by ransomware criminals

27/04/18

AusCERT Week in Review for 27th April 2018

27/04/18

A Few Thoughts on Cryptographic Engineering

26/04/18

The NCSC supports industry drive towards common standards for secure communication

26/04/18

TSB outage, day 5: What do you mean you can't log in? Our systems are up and running. Up and running, we say!

25/04/18

International operation shuts down notorious cyber crime website

25/04/18

Patch Drupal now: Yet another critical website bug found - a sequel to 'Drupalgeddon2'

25/04/18

Cyber-attack website Webstresser taken down

25/04/18

Drupal Releases Critical Security Updates

25/04/18

Will you be ready for GDPR before 25 May?

25/04/18

Cyber Security Breaches Survey 2018

25/04/18

Scheme to Recognise Academic Centres of Excellence in Cyber Security Research (ACE-CSR)

24/04/18

Hijack of Amazon's internet domain service used to reroute web traffic for two hours unnoticed

24/04/18

Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency

24/04/18

ICANN takes Whois begging bowl to Europe, comes back empty

24/04/18

AWS DNS network hijack turns MyEtherWallet into ThievesEtherWallet

24/04/18

BGP leaks and cryptocurrencies

24/04/18

ISO rejects the NSA's IoT crypto standard, believing it to be backdoored

24/04/18

'Check your readiness for a cyber attack', UK SMEs urged

24/04/18

Data Protection/Privacy Issues Update: Summarizing our Recent Meeting with Article 29

23/04/18

US-CERT Vulnerability Summary for the Week of April 16, 2018

23/04/18

A Quarter of UK Manufacturers Suffer Cyber-Attack Losses

23/04/18

Industry urged to boost cyber defence as almost 50 per cent of manufacturers report attack - EEF/AIG survey

23/04/18

Brit bank TSB TITSUP* after long-planned transfer of customer records from Lloyds

23/04/18

'TSB gave me access to someone's £35,000'

23/04/18

Security services 'to get more power to stop attacks'

22/04/18

Protecting the UK from the increasing cyber threat - the next steps

22/04/18

A serious cyber attack on Britain is a matter of 'if', not 'when'

21/04/18

GCHQ warns public 'absolute protection not possible' as it briefs power and transport firms on cyber attacks

21/04/18

NCSC Weekly Threat Report 20th April 2018

20/04/18

New FAQs on Software-based PIN Entry on COTS

20/04/18

German supreme court rejects ad-block challenge

20/04/18

Unmasked: The Mystery Hacker Who Stole Data on 168 Million People

19/04/18

Nominet drains mug of tea, leans back, calmly explains how to make Whois GDPR-compliant

19/04/18

Response to proposed changes to .UK policy arising from GDPR

19/04/18

PCI Council releases vastly expanded cards-in-clouds guidance

19/04/18

Flash! Ah-ahhh! WebEx pwned for all of us!

19/04/18

March 2018 Cyber Attacks Statistics

19/04/18

OK, this time it's for real: The last available IPv4 address block has gone

18/04/18

48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download

18/04/18

Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others

18/04/18

Crypto Elite Down on Blockchain's Security Applications, Call for Hardware Bug-Disclosure Improvements

18/04/18

First non-bank payment service provider (PSP) directly accesses UK payment system

18/04/18

Oblivious DNS

18/04/18

How a bad microcode fix could brick billions of chips

18/04/18

UK commits to a safer Commonwealth in cyber space

17/04/18

mmproxy - Creative Linux routing to preserve client IP addresses in L7 proxies

17/04/18

16-31 March 2018 Cyber Attacks Timeline

17/04/18

Ikea app TaskRabbit reveals security breach

17/04/18

Malicious Russian cyber activity: what does it mean for small organisations?

17/04/18

Signing pledge to fight cyberattacks, 34 leading companies promise equal protection for customers worldwide

17/04/18

Beware the Dot.

16/04/18

NIST Releases Version 1.1 of its Popular Cybersecurity Framework

16/04/18

NCSC advice to telecommunications sector about ZTE

16/04/18

US-CERT Vulnerability Summary for the Week of April 9, 2018

16/04/18

Russia accused of global net hack attacks

16/04/18

China's ZTE 'poses risk to UK security'

16/04/18

TLS 1.3 support is coming this spring

16/04/18

CYBERUK 2018: Growing in confidence

16/04/18

NCSC Advisory: Russian state-sponsored cyber actors targeting network infrastructure devices

16/04/18

Joint US - UK statement on malicious cyber activity carried out by Russian government

16/04/18

US-CERT: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

16/04/18

Whois is dead as Europe hands DNS overlord ICANN its arse

14/04/18

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections

13/04/18

Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code

13/04/18

NCSC Weekly Threat Report 13th April 2018

13/04/18

Cloudflare promises to tend not two, but 65,535 ports in a storm

13/04/18

Mozilla Has Started Gradually Enabling TLS 1.3 in Firefox

12/04/18

Abusing Linux's firewall: the hack that allowed us to build Spectrum

12/04/18

Introducing Spectrum: Extending Cloudflare To 65,533 More Ports

12/04/18

UK launched cyber-attack on Islamic State

12/04/18

Juniper Networks Releases Security Updates

12/04/18

Director's speech at CYBERUK 2018

12/04/18

Extended Validation (EV) Certificates Abused to Create Insanely Believable Phishing Sites

12/04/18

New Cyber Attack categorisation system to improve UK response to incidents

12/04/18

Intelligence agency GCHQ to open new base in Manchester

11/04/18

Imagine you're having a CT scan and malware alters the radiation levels - it's doable

11/04/18

Amber Rudd earmarks £9m to fight 'dark web' criminals

11/04/18

Great Western Railway accounts breached

11/04/18

OAIC report reveals 63 data breach notifications in first six weeks of NDB scheme

11/04/18

Fixing reachability to 1.1.1.1, GLOBALLY!

10/04/18

Cyber summit launches with report showing growing threat to UK businesses

10/04/18

Despacito YouTube music video hacked plus other Vevo clips

10/04/18

NCSC: The cyber threat to UK business 2017-2018 report

10/04/18

World-leading cyber centre to be developed in London's Olympic Park

10/04/18

US-CERT - Ongoing Threat of Ransomware

09/04/18

The dots do matter: how to scam a Gmail user

09/04/18

Four cents to deanonymize: Companies reverse hashed email addresses

09/04/18

US-CERT Vulnerability Summary for the Week of April 2, 2018

09/04/18

Cinema voucher-pusher tells customers: Cancel your credit cards, we've been 'attacked'

09/04/18

1-15 March 2018 Cyber Attacks Timeline

09/04/18

Small Business Guide: Actions

08/04/18

NCSC Weekly Threat Report 6th April 2018

06/04/18

Is it a bird? Is it a plane? No, it's a terrible leak of drone buyers' data

06/04/18

Foster family received death threats after data leak

06/04/18

AusCERT Week in Review for 6th April 2018

06/04/18

February 2018 Cyber Attacks Statistics

06/04/18

Best Buy hit by [24]7.ai data breach, too

05/04/18

Advisory: Hostile state actors compromising UK organisations with focus on engineering and industrial control companies

05/04/18

How the NCSC thinks about security architecture

05/04/18

GDPR Compliance and Magento Marketplace

05/04/18

Gosh, these 'hacker' nerds are only getting more sophisticated

05/04/18

1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak

05/04/18

Sears Holding, Delta Air hit by customer data breach at tech firm

05/04/18

Secret Service Warns of Chip Card Scheme

05/04/18

[Python-Dev] ssl module and LibreSSL CVE-2018-8970

04/04/18

2018 Trustwave Global Security Report

04/04/18

Panera Bread's half-baked security

04/04/18

They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender

04/04/18

Sunderland Council care files found on car boot laptop

04/04/18

Statement on [24]7.ai cyber incident

04/04/18

Intel admits a load of its CPUs have Spectre v2 flaw that can't be fixed

04/04/18

Stealing Credit Cards from FUZE via Bluetooth

04/04/18

Bitcoins seized and IT worker sentenced for computer fraud offences

03/04/18

Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters

03/04/18

Decrypters for Some Versions of Magniber Ransomware Released

03/04/18

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

02/04/18

How to Sign with Google's Private Key

02/04/18

US-CERT Vulnerability Summary for the Week of March 26, 2018

02/04/18

Compromised Magento Sites Delivering Malware

02/04/18

No, Panera Bread Doesn't Take Security Seriously

02/04/18

Panerabread.com Leaks Millions of Customer Records

02/04/18

NCCIC FY 2017 Year in Review Now Available

02/04/18

Fin7 Syndicate Hacks Saks Fifth Avenue and Lord & Taylor Stores

01/04/18

With paper and phones, Atlanta struggles to recover from cyber attack

31/03/18

Cisco Smart Install Remote Code Execution

29/03/18

Europe dumps 300,000 UK-owned .EU domains into the Brexit bin

29/03/18

Microsoft patches patch for Meltdown bug patch: Windows 7, Server 2008 rushed an emergency fix

29/03/18

eBPF, Sockets, Hop Distance and manually writing eBPF assembly

29/03/18

AusCERT Week in Review for 29th March 2018

29/03/18

Fixing Hacks Has Deadly Impact on Hospitals

28/03/18

Facebook privacy settings revamped after scandal

28/03/18

It's Time to Make Our Privacy Tools Easier to Find

28/03/18

New Payment System Operator (NPSO) replies to PSR's open letter

28/03/18

Protecting a Web Server from DDoS Attacks Using nScrub

28/03/18

Microsoft's Windows 7 Meltdown fixes from January, February made PCs MORE INSECURE

28/03/18

Creating and Managing Strong Passwords

27/03/18

Brute Force Attacks Conducted by Cyber Actors

27/03/18

Hurrah! TLS 1.3 is here. Now to implement it and put it into software

27/03/18

Political ad campaign biz AggregateIQ exposes tools, DB logins online

26/03/18

Thousands of etcd installs are leaking secret server keys online

26/03/18

US-CERT Vulnerability Summary for the Week of March 19, 2018

26/03/18

As predicted, more branch prediction processor attacks are discovered

26/03/18

NMap New Version 7.70 Released With Hundred of New OS And Service Fingerprints, 9 New NSE Scripts

26/03/18

The Aggregate IQ Files, Part One: How a Political Engineering Firm Exposed Their Code Base

26/03/18

UK.gov unveils cyber security export strategy - only thing missing is the strategy

26/03/18

AggregateIQ Created Cambridge Analytica's Election Software, and Here's the Proof

26/03/18

Weekly Threat Report 23rd March 2018

23/03/18

Reflection of a QR code on PoS scanner used to own mobile payments

23/03/18

An accessible overview of Meltdown and Spectre, Part 2

22/03/18

Symantec cert holdout sites told: Those Google Chrome warnings are not a good look

21/03/18

TLS 1.3 Handshake: Taking a Closer Look

20/03/18

Now that's a bad trip: 880k credit cards 'likely' stolen by Orbitz hackers

20/03/18

Apple moves on HSTS abuse in Safari

20/03/18

Leading by example: UK.gov's secure server setup is patchy at best

20/03/18

CIS Controls? Version 7 Launched Today

19/03/18

16-28 February 2018 Cyber Attacks Timeline

19/03/18

US-CERT Vulnerability Summary for the Week of March 12, 2018

19/03/18

Weekly Threat Report 16th March 2018

16/03/18

Whois? More like WHOWAS: Domain database on verge of collapse over EU privacy

16/03/18

Evolved Prilex malware lets cybercriminals clone chip and PIN cards

16/03/18

AusCERT Week in Review for 16th March 2018

16/03/18

A minimal Denial Of Service response plan

15/03/18

Kaspersky Lab finds Prilex POS malware evolving to target chip and PIN-protected cards

15/03/18

Mitigating speculative execution side channel hardware vulnerabilities

15/03/18

The Chicago Way: An Electronic Voting Firm Exposes 1.8M Chicagoans

14/03/18

Speculative Execution Bounty Launch

14/03/18

Let's Encrypt updates certificate automation, adds splats

14/03/18

RHEL7 core crypto components

13/03/18

Security vulnerabilities fixed in Firefox ESR 52.7

13/03/18

IT Pros and CIOs: sign up to try Firefox Quantum for Enterprise

13/03/18

AMD has a Spectre/Meltdown-like security flaw of its own

13/03/18

US-CERT Vulnerability Summary for the Week of March 5, 2018

12/03/18

Distrust of Symantec TLS Certificates

12/03/18

Is Software More Vulnerable Today?

12/03/18

China ALTERED its public vuln database to conceal spy agency tinkering - research

12/03/18

Keeping Subscribers Safe: Partner Best Practices

09/03/18

Unidentified hax0rs told not to blab shipping biz Clarksons' stolen data

09/03/18

TLS 1.3: better for individuals - harder for enterprises

09/03/18

AusCERT Week in Review for 9th March 2018

09/03/18

NSCS Weekly Threat Report 9th March 2018

09/03/18

NCSC IT: Installing software updates without breaking things

08/03/18

Hackers, Not Users, Lose Money in Attempted Cryptocurrency Exchange Heist

08/03/18

New measures to boost cyber security in millions of internet-connected devices

07/03/18

Making or selling Internet of Things (IoT) devices? Six reasons you need to be thinking about data protection

07/03/18

Smart device security guidelines 'need more teeth'

07/03/18

Secure by Design

07/03/18

Meltdown and Spectre - The Gifts That Keep On Giving

06/03/18

Porn check critics fear data breach

06/03/18

1-15 February 2018 Cyber Attacks Timeline

06/03/18

Exim Off-by-one RCE: Exploiting CVE-2018-6789 with Fully Mitigations Bypassing

06/03/18

The real cause of large DDoS - IP Spoofing

06/03/18

UK regulator moots data protection sandbox for organisations to play in

05/03/18

4G LTE pried open to reveal a slew of new protocol-level attacks

05/03/18

Cyber Aware's NEW Perception Gap Report

05/03/18

US-CERT Vulnerability Summary for the Week of February 26, 2018

05/03/18

NCSC: Weekly Threat Report 2nd March 2018

02/03/18

New LTE attacks can snoop on messages, track locations and spoof emergency alerts

02/03/18

AusCERT Week in Review for 2nd March 2018

02/03/18

Spectre haunts Intel's SGX defense: CPU flaws can be exploited to snoop on enclaves

01/03/18

Cloud Burst: How A Software Provider Exposed A Financial Giant

01/03/18

Gits club GitHub code tub with record-breaking 1.35Tbps DDoS drub

01/03/18

ISC Releases Security Advisories for DHCP, BIND

01/03/18

Equifax peeks under couch, finds 2.4 million more folk hit by breach

01/03/18

Nuance says NotPetya attack led to $92 million in lost revenue

28/02/18

Fancy Bear: Germany investigates cyber-attack 'by Russians'

28/02/18

RIP CERT.org - You Will Be Missed

28/02/18

Let's talk about PCI-DSS

28/02/18

DigiCert Statement on Trustico Certificate Revocation

28/02/18

Traffic directions, port mirrors and taps

28/02/18

Popular cache utility exploited for massive reflected DoS attacks

28/02/18

Bulletproof TLS Newsletter #38

28/02/18

Duo Finds SAML Vulnerabilities Affecting Multiple Implementations

27/02/18

[openssl-announce] OpenSSL version 1.1.1 pre release 2 published

27/02/18

PCI Software-based PIN Entry on COTS: Understanding New Test Requirements

26/02/18

US-CERT Vulnerability Summary for the Week of February 19, 2018

26/02/18

Time for security policy review

26/02/18

Preparing for AWS Certificate Manager (ACM) Support of Certificate Transparency

26/02/18

Peak DNSSEC?

26/02/18

Big Changes Ahead for Core Internet Protocols

26/02/18

I've Just Added 2,844 New Data Breaches With 80M Records To Have I Been Pwned

26/02/18

Alexa Top 1 Million Analysis - February 2018

26/02/18

The Trouble with Phishing

26/02/18

Contactless card fraud overtakes cheque scams for first time

24/02/18

Weekly Threat Report 23rd February 2018

23/02/18

Why we need to do more to reduce certificate lifetimes

23/02/18

AusCERT Week in Review for 23rd February 2018

23/02/18

Testing of resilience to Cyber Attacks is no longer the domain of large corporates.

22/02/18

Chase 'Glitch' Exposed Customer Accounts

22/02/18

2018 Global Economic Crime and Fraud Survey: Pulling fraud out of the shadows

22/02/18

January 2018 Cyber Attacks Statistics

22/02/18

Global Economic Crime Survey 2018: UK findings

22/02/18

After Intel & Equifax Incidents, SEC Warns Execs Not to Trade Stock While Investigating Security Incidents

22/02/18

I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download

22/02/18

Young Brits 'lack cyber-security awareness'

21/02/18

A crime against statistics that is probably worse than the cyber attacks faced in County Durham

21/02/18

World's cyber attacks hit us much harder in past year - major infosec chief survey

21/02/18

16-31 January 2018 Cyber Attacks Timeline

21/02/18

Councils 'unprepared' for cyber-attacks, report says

20/02/18

How to tune your WAF installation to reduce false positives

20/02/18

Mandatory data breach reporting starts for small business

20/02/18

Coping with Spectre and Meltdown: What sysadmins are doing

19/02/18

Crims pull another SWIFT-ie, Indian bank stung for nearly US$2m

19/02/18

US-CERT Vulnerability Summary for the Week of February 12, 2018

19/02/18

John McCain receives 2018 Kleist Award

18/02/18

Global security crackdown, a host of code nasties, Brit cops mocked, and more

17/02/18

NCSC: Weekly Threat Report 16th February 2018

16/02/18

CEA Report: The Cost of Malicious Cyber Activity to the U.S. Economy

16/02/18

Siemens and partners sign joint charter on cybersecurity

16/02/18

AusCERT Week in Review for 16th February 2018

16/02/18

Hackers stole $6 million from Russian bank via SWIFT system: central bank

16/02/18

Newly Discovered Variants Of Meltdown/Spectre Exploit Cache Coherency Across Cores

15/02/18

Unsecured server exposed thousands of FedEx customer records

15/02/18

FedEx Customer Records Exposed

15/02/18

Not perfect, but better: improving security one step at a time

15/02/18

Extracting data from an EMV (Chip-And-Pin) Card with NFC technology

15/02/18

PCI Council and X9 Committee to combine PIN security standards

15/02/18

Russian military 'almost certainly' responsible for destructive 2017 cyber attack

15/02/18

KPMG acquire Silicon Valley online security firm Cyberinc

14/02/18

Search tool accesses firms' documents in the cloud

14/02/18

While Western Union wired customers' money, hackers transferred their personal deets

13/02/18

Browsealoud Security Response Plan

13/02/18

Zero-day vulnerability in Telegram

13/02/18

Uh-oh. How just inserting a USB drive can pwn a Linux box

12/02/18

Equifax under pressure after data breach update

12/02/18

US-CERT Vulnerability Summary for the Week of February 5, 2018

12/02/18

NCSC advice: Malicious software used to illegally mine cryptocurrency

12/02/18

ACSC statement on cryptocurrency miner inserted into BrowseAloud

12/02/18

Cryptocurrency Mining Hack That Compromised Thousands of Sites 'Could Have Been a Catastrophe'

12/02/18

UK Government Websites Infected with Cryptocurrency Mining Code

12/02/18

Domain Theft Strands Thousands of Web Sites

12/02/18

Meltdown's Linux patches alone add big load to CPUs, and that's just one of four fixes

12/02/18

Hackers hijack thousands of government websites to mine Bitcoin

12/02/18

Government websites hijacked by cryptomining plugin

12/02/18

Equifax hackers may have stolen more data than originally revealed

11/02/18

Hackers hijack government websites to mine crypto-cash

11/02/18

NCSC statement: Malware being used to illegally mine cryptocurrency

11/02/18

Protect your site from Cryptojacking with CSP + SRI

11/02/18

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

11/02/18

Amazon EC2 Cloud Compute Performance: December vs. February

10/02/18

Cisco Confirms Critical Firewall Software Bug Is Under Attack

09/02/18

KPTI/KAISER Meltdown Initial Performance Regressions

09/02/18

Weekly Threat Report 9th February 2018

09/02/18

Free Decryption Tool Released for Cryakl Ransomware

09/02/18

PoS Malware Steals Credit Card Data via DNS Requests

09/02/18

NCSC: Mitigating Malware

09/02/18

Wish you could log into someone's Netgear box without a password? Summon a &genie=1

09/02/18

NCSC: Preventing Lateral Movement

09/02/18

AusCERT Week in Review for 9th February 2018

09/02/18

Multiple Vulnerabilities in NETGEAR Routers

07/02/18

Swisscom data breach: Personal details of one in ten Swiss citizens stolen

07/02/18

ReelPhish: A Real-Time Two-Factor Phishing Tool

07/02/18

Security Issue Update: Progress Continues on Firmware Updates

07/02/18

NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

07/02/18

Business Wire Suffers Week-Long DDoS Attack

07/02/18

Beware the looming Google Chrome HTTPS certificate apocalypse!

07/02/18

CSS Code Can Be Abused to Collect Sensitive User Data

06/02/18

It's Hard To Change The Keys To The Internet And It Involves Destroying HSMs

06/02/18

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told

06/02/18

K31404801: F5 BIG-IP TMM vulnerability CVE-2017-6169

06/02/18

Announcing the NCSC's new Phishing Guidance

06/02/18

1-15 January 2018 Cyber Attacks Timeline

06/02/18

Bad Influence: How A Marketing Startup Exposed Thousands of Social Media Stars

05/02/18

security things in Linux v4.15

05/02/18

12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach

05/02/18

US-CERT Vulnerability Summary for the Week of January 29, 2018

05/02/18

Linux Kernel Release Model

05/02/18

Jon Masters On Understanding Spectre & Meltdown CPU Vulnerabilities

05/02/18

Active Cyber Defence - one year on

05/02/18

Pioneering programme defends UK from millions of cyber attacks

05/02/18

Millions of cyber threats blocked every month, report reveals

05/02/18

Weekly Threat Report 2nd February 2018

02/02/18

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

02/02/18

There is no evidence in-the-wild malware is using Meltdown or Spectre

02/02/18

Meltdown-Spectre: Malware is already being tested by attackers

01/02/18

Announcing Draft Plan For Continuing With The KSK Roll

01/02/18

Backblaze Hard Drive Stats for 2017

01/02/18

We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities

01/02/18

Bulletproof TLS Newsletter #37: Cloud provider vulnerability causes Let's Encrypt to disable SNI domain validation

31/01/18

AMD vs Spectre: Our new Zen 2 chips will be protected, says CEO

31/01/18

New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices

31/01/18

Preventing data leaks by stripping path information in HTTP Referrers

31/01/18

End user devices: factory reset and reprovisioning

31/01/18

The Document Foundation announces LibreOffice 6.0: power, simplicity, security and interoperability from desktop to cloud

31/01/18

[elrepo] Announcement: EL7 New kernel-ml Release [4.15.0-1]

31/01/18

Denial of Service (DoS) guidance collection

31/01/18

Oracle point-of-sale system vulnerabilities get Big Red cross

31/01/18

Meltdown/Spectre Update

30/01/18

Reckoning The Spectre And Meltdown Performance Hit For HPC

30/01/18

Car-share biz GoGet became data share biz after 2017 hack attack

30/01/18

Ugly, perfect ten-rated bug hits Cisco VPNs

30/01/18

Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability

29/01/18

US-CERT Vulnerability Summary for the Week of January 22, 2018

29/01/18

The hidden well-known phishing sites

29/01/18

UK infrastructure firms to face £17m fine if their cybersecurity sucks

29/01/18

Estimating the Cost of Internet Insecurity

29/01/18

You can't ignore Spectre. Look, it's pressing its nose against your screen

29/01/18

Thar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombs

29/01/18

Fitness tracking app Strava gives away location of secret US army bases

28/01/18

Government acts to protect essential services from cyber attack

28/01/18

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

28/01/18

First 'Jackpotting' Attacks Hit U.S. ATMs

27/01/18

The Effects of the Spectre and Meltdown Vulnerabilities

26/01/18

Linux and Intel slowly hack their way to a Spectre patch

26/01/18

Introducing nProbe Cento 1.4 with Hardware Flow Offload

26/01/18

Alphabet launches new cybersecurity company, Chronicle, out of its X moonshot factory

25/01/18

ClamAV 0.99.3 has been released!

25/01/18

Intel alerted computer makers to chip flaws on Nov 29 - new claim

25/01/18

Dutch agencies provide crucial intel about Russia's interference in US-elections

25/01/18

Mastercard to Implement Biometrics for In-Store Card Payments

25/01/18

Digital Charter will set new online standards for years to come

25/01/18

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

25/01/18

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation bliz

25/01/18

NHS deploys Microsoft threat detection service on just 30,000 devices

24/01/18

Give Good the Advantage

24/01/18

[openssl-project] 1.1.1 Release timetable (again)

24/01/18

SentinelOne Releases Free Linux Tool to Detect Meltdown Vulnerability Exploitations

24/01/18

New PCI Software-Based PIN Entry on COTS Standard

24/01/18

Death notice: Moore's Law. 19 April 1965 - 2 January 2018

24/01/18

Police probing Bell Canada data breach; up to 100,000 customers affected

23/01/18

Major cyber-attack on UK a matter of 'when, not if' - security chief

23/01/18

Meltdown and Spectre Patching Has Been a Total Train Wreck

23/01/18

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature

22/01/18

CYBERUK 2018 - registration now open

22/01/18

US-CERT Vulnerability Summary for the Week of January 15, 2018

22/01/18

Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web

22/01/18

ICO investigates Age UK after two data breaches

22/01/18

Meltdown/Spectre week three: World still knee-deep in something nasty

22/01/18

Network Monitoring 101: A Beginner's Guide to Understanding ntop Tools

22/01/18

Xen Project Spectre / Meltdown FAQ (Jan 22 Update)

22/01/18

Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

21/01/18

Teen accessed top US security officials' emails

19/01/18

OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks

19/01/18

NCSC Weekly Threat Report 19th January 2018

19/01/18

We need more phishing sites on HTTPS!

19/01/18

AusCERT Week in Review for 19th January 2018

19/01/18

Meltdown and Spectre Linux Kernel Status - Update

19/01/18

Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

18/01/18

Deprecating SPDY

18/01/18

Intel fix causes reboots and slowdowns

18/01/18

Red Hat slams into reverse on CPU fix for Spectre design blunder

18/01/18

Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised

18/01/18

However improbable: The story of a processor bug

18/01/18

Into the Implementation of Spectre

17/01/18

Red Hat reverts microcode update to mitigate Spectre, refers to hardware vendors for fix

17/01/18

How a 22 Year-Old Discovered the Worst Chip Flaws in History

17/01/18

GCC 7.3 Preparing For Release To Ship Spectre Patches

17/01/18

Some thoughts on security after ten years of qmail 1.0

17/01/18

Some thoughts on Spectre and Meltdown

17/01/18

2017 Cyber Attacks Statistics

17/01/18

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

16/01/18

ISC Releases Security Advisories for DHCP, BIND

16/01/18

Latvia's e-health system hit by cyberattack from abroad

16/01/18

CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

16/01/18

Hospital injects $60,000 into crims' coffers to cure malware infection

16/01/18

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

16/01/18

Retpoline Support Backport Lands In GCC 7

16/01/18

ENISA report: the 2017 cyber threat landscape

15/01/18

Customers reporting credit card fraud after using OnePlus webstore

15/01/18

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

15/01/18

US-CERT Vulnerability Summary for the Week of January 8, 2018

15/01/18

Secure Contexts Everywhere

15/01/18

I'm taking a break from cron.weekly

13/01/18

Intel puts security on the todo list, Tavis topples torrent tool, and more

13/01/18

NCSC Weekly Threat Report 12th January 2018

12/01/18

Protecting our Google Cloud customers from new vulnerabilities without impacting performance

11/01/18

AMD Processors: Google Project Zero, Spectre and Meltdown

11/01/18

Intel Security Issue Update: Addressing Reboot Issues

11/01/18

Meltdown and Spectre fallout: patching problems persist

11/01/18

Carphone Warehouse fined £400,000 after serious failures placed customer and employee data at risk

10/01/18

Adrift on a sea of data: Architecting for GDPR

10/01/18

Miami Bitcoin Conference Stops Accepting Bitcoin Due to Fees and Congestion

10/01/18

How will Certificate Transparency Logs be Audited in Practice?

10/01/18

WebKitGTK+ Security Advisory WSA-2018-0001

10/01/18

A look at the handling of Meltdown and Spectre

09/01/18

[patch RFC 5/5] x86/speculation: Add basic speculation control code

09/01/18

Meltdown, Spectre bug patch slowdown gets real - and what you can do about it

09/01/18

Meltdown and Spectre: Critical processor vulnerabilities

08/01/18

US-CERT Vulnerability Summary for the Week of January 1, 2018

08/01/18

UK Companies Set to Splurge on Cyber-Risk Mitigation

08/01/18

Pessimism over the economy lessens, by Brexit, cyber security and diversity remain key issues for UK Boards

08/01/18

Spamhaus Botnet Threat Report 2017

08/01/18

Benchmarking Linux With The Retpoline Patches For Spectre

08/01/18

Net boffins brew poison for BGP hijacks

08/01/18

FCA 'gold-plates' EU rule, bans BYOD across entire UK finance sector

08/01/18

Re: [PATCH RFC 3/4] x86/pti: don't mark the user PGD with _PAGE_NX.

08/01/18

Australian government "Small Business Cyber Security Best Practice Guide"

08/01/18

Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok

07/01/18

Feedback on 4.9 performance after PTI fixes

07/01/18

Triple Meltdown: How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time

07/01/18

[dns-operations] responsible disclosure on an IDN-related attack

06/01/18

I'm harvesting credit card numbers and passwords from your site. Here's how.

06/01/18

Meltdown and Spectre Linux Kernel Status

06/01/18

NCSC Weekly Threat Report 5th January 2018

05/01/18

Spectre and Meltdown Attacks Against Microprocessors

05/01/18

Meltdown and Spectre - what should organisations be doing to protect people's personal data?

05/01/18

AusCERT Week in Review for 5th January 2018

05/01/18

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

05/01/18

NCSC: Home user guidance to manage processor vulnerabilities "Meltdown" and "Spectre"

05/01/18

NCSC: 'Meltdown' and 'Spectre' guidance

05/01/18

December 2017 Cyber Attacks Statistics

04/01/18

More details about mitigations for the CPU Speculative Execution issue

04/01/18

US-CERT: Meltdown and Spectre Side-Channel Vulnerability Guidance

04/01/18

Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

04/01/18

DHS Admits Major Leak Affecting 247,000 Employees

04/01/18

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

03/01/18

Update to NIST Special Publication 800-160, Systems Security Engineering

03/01/18

16-31 December 2017 Cyber Attacks Timeline

03/01/18

NCSC response to reports about flaws in processors

03/01/18

Meltdown and Spectre Side-Channel Vulnerabilities

03/01/18

Bulletproof TLS Newsletter #36

03/01/18

Anonymous Hacks Italian Speed Camera Database

02/01/18

GPS tracking vulnerabilities leave millions of products at risk

02/01/18

'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

02/01/18

US-CERT Vulnerability Summary for the Week of December 25, 2017

01/01/18

27,000 UnEncrypted Credit Cards left in shared Database by Thefly.com

01/01/18

Sign Up

Sign Up For the Latest News, Briefings & Announcements






ECSC Group plc

ECSC has almost two decades' experience in the design, implementation and management of IT security solutions.

Reg No. 3964848

VAT No. 746361914

Contact

28 Campus Road
Listerhills Science Park
Bradford
BD7 1HR
United Kingdom

+44 (0) 1274 736 223

info@ecsc.co.uk