Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

Mailsploit: It's 2017, and you can spoof the 'from' in email to fool filters

06/12/17

Action Fraud launches 24/7 helpline to combat cyber attacks against businesses, charities and organisations

06/12/17

International team takes down virus-spewing Andromeda botnet

05/12/17

Mastermind behind sophisticated, massive botnet outs himself

05/12/17

Virtual Keyboard Developer Leaked 31 Million of Client Records

05/12/17

A popular virtual keyboard app leaks 31 million users' personal data

05/12/17

Private data on Gloucestershire hospital patients transferred to America by mistake

05/12/17

Apple sprays down bug-ridden iOS 11 with more fixes

04/12/17

The Trouble with Politicians Sharing Passwords

04/12/17

Privacy regulator warns MPs over shared passwords

04/12/17

Preparing for Launch: Associate QSA Program

04/12/17

Announcing ntopng 3.2 - The First Move Towards Active Network Monitoring

04/12/17

US-CERT Vulnerability Summary for the Week of November 27, 2017

04/12/17

PayPal paid $US233m for company that leaked 1.6 million records

04/12/17

Schumer says 'Grinch bots' are stealing Christmas

03/12/17

cron.weekly issue #108: Gophish, Exim, tldr, HAProxy, ElasticSearch, mdoc & more

03/12/17

Barclays axes free Kaspersky product as a 'precaution'

02/12/17

Kaspersky Labs: Warning over Russian anti-virus software

02/12/17

Dell also sells laptops with Intel Management Engine disabled

02/12/17

A thorough introduction to eBPF

02/12/17

Guilty: NSA bloke who took home exploits at the heart of Kaspersky antivirus slurp row

02/12/17

Managing the risk of cloud-enabled products

01/12/17

Apple iOS 11 security 'downgrade' decried as 'horror show'

01/12/17

NCSC Weekly Threat Report 1st December 2017

01/12/17

MacOS Update Accidentally Undoes Apple's "Root" Bug Patch

01/12/17

Flaw Found In Dirty COW Patch

01/12/17

Bulletproof TLS Newsletter #34

30/11/17

Amazon's Alexa heads to the workplace

30/11/17

Cyber criminal jailed for nine years

30/11/17

Google faces mass legal action in UK over data snooping

30/11/17

Credit Crunch: Detailed Financial Histories Exposed for Thousands

30/11/17

Uber hack: EU data protection bods launch taskforce

30/11/17

US-CERT - Apple Releases Security Update for macOS High Sierra

29/11/17

About the security content of Security Update 2017-001

29/11/17

Drone Maker D.J.I. May Be Sending Data to China, U.S. Officials Say

29/11/17

NSA's Ragtime program targets Americans, leaked files show

29/11/17

Apple rushes to fix major password bug

29/11/17

Update on cyber security and data protection:Written statement - HCWS287

29/11/17

Uber says 2.7 MEEELLION(ish) UK users affected by hack

29/11/17

NCSC: Update: Uber Data Breach

29/11/17

Understanding the Red Hat - IBM - Google - Facebook GPL Enforcement Announcement

28/11/17

New NSA leak exposes Red Disk, the Army's failed intelligence system

28/11/17

Kaspersky Security Bulletin - Story of the year 2017

28/11/17

[cabfpub] Obtaining an EV cert for phishing

28/11/17

NHS looks to up its cyber security game

28/11/17

Potential impact of the Intel ME vulnerability

27/11/17

Technology Industry Leaders Join Forces to Increase Predictability in Open Source Licensing

27/11/17

New cyber security service to boost NHS protection

27/11/17

Oxford and Cambridge club members face hard disk theft

27/11/17

US-CERT Vulnerability Summary for the Week of November 20, 2017

27/11/17

Ethical hackers to boost NHS cyber-defences

27/11/17

cron.weekly issue #107: Intel, man, PHP, sslh, ping, Docker, groups & more

26/11/17

Imgur Notice of Data Breach

24/11/17

NCSC Weekly Threat Report 24th November 2017

24/11/17

EU's data protection bods join the party to investigate Uber breach

24/11/17

AusCERT Week in Review for 24th November 2017

24/11/17

To fix Intel's firmware fiasco, wait for Christmas Eve or 2018

23/11/17

Russian Fancy Bear hackers' UK link revealed

23/11/17

Data breach hits Department of Social Services credit card system

23/11/17

Advisory: Turla group malware

22/11/17

Uber: Hackers stole 57m passengers, drivers' info. We also bribed the thieves $100k to STFU

22/11/17

Easier Certificate Validation Using DNS with AWS Certificate Manager

22/11/17

'Gimme Gimme Gimme' Easter egg in man breaks automated tests at 00:30

22/11/17

Uber 2016 Data Security Incident

21/11/17

Kali Linux 2017.3 Release

21/11/17

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

20/11/17

User experience test tools: A privacy accident waiting to happen

20/11/17

Intel Management Engine Critical Firmware Update (Intel SA-00086)

20/11/17

F5 DROWNing, not waving, in crypto fail

20/11/17

Intel Q3'17 ME 11.x, SPS 4.0, and TXE 3.0 Security Review Cumulative Update

20/11/17

PCI 3DS SDK Standard Now Available

20/11/17

US-CERT Vulnerability Summary for the Week of November 13, 2017

20/11/17

cron.weekly issue #106: Elasticsearch, Kibana, Logstash, RHEL, 4.14, KVM, TCP & more

19/11/17

K21905460: BIG-IP SSL vulnerability CVE-2017-6168

19/11/17

CVE-2017-16882: Icinga core root privilege escalation via insecure permissions

19/11/17

UK seeks future cyber-security stars

18/11/17

NCSC: Weekly Threat Report 17th November 2017

17/11/17

Dark Cloud: Inside The Pentagon's Leaked Internet Surveillance Archive

17/11/17

Lloyds' Avios Reward credit cardholders report fraudulent activity

17/11/17

New White House Announcement on the Vulnerability Equities Process

17/11/17

Net filters help avoid dodgy domains

17/11/17

Ask the Expert: Your organisation, cyber security and GDPR

16/11/17

Drone maker DJI left its private SSL, firmware keys open to world+dog on GitHub FOR YEARS

16/11/17

October 2017 Cyber Attacks Statistics

16/11/17

Investigation Report for the September 2014 Equation malware detection incident in the US

16/11/17

Kaspersky defends its role in NSA breach

16/11/17

Does UK high street banks' crappy crypto actually matter?

16/11/17

Cash Converters International Ltd reports security breach and ransom demand

16/11/17

The four problems with the US government's latest rulebook on security bug disclosures

15/11/17

Cyber security: fixing the present so we can worry about the future

15/11/17

Improving and Making the Vulnerability Equities Process Transparent is the Right Thing to Do

15/11/17

Teardown of a consumer voice/location cellular spying device that fits in the tip of a USB cable

15/11/17

Tech-savvy students urged to join fight protecting UK from cyber attacks

15/11/17

The Motherboard Guide to Not Getting Hacked

14/11/17

Notice of Payment Card Security Incident

14/11/17

Alert (TA17-318B) HIDDEN COBRA - North Korean Trojan: Volgmer

14/11/17

Alert (TA17-318A) HIDDEN COBRA - North Korean Remote Administration Tool: FALLCHILL

14/11/17

Government backed scheme helps train two million people in digital skills

14/11/17

NCSC welcomes report into security of connected toys

14/11/17

New online challenge will test teenagers' cyber security skills

14/11/17

Research confirms the cybersecurity skills shortage is an existential threat

14/11/17

Shut the front door: Jewson 'fesses up to data breach

14/11/17

16-31 October 2017 Cyber Attacks Timeline

14/11/17

US-CERT Vulnerability Summary for the Week of November 6, 2017

13/11/17

Huddle's 'highly secure' work tool exposed KPMG and BBC files

13/11/17

The big break in computer languages

13/11/17

cron.weekly issue #105: golang, webpack, Minix, CouchDB, Prometheus, Bash, XFS & more

12/11/17

NCSC Weekly Threat Report 10th November 2017

10/11/17

Notes and Analysis on the 2017 Verizon DBIR Report

10/11/17

Ride Hailing Service Exposed Info on 1 Million Customers Online

10/11/17

Cisco ASA series part eight: Exploiting the CVE-2016-1287 heap overflow over IKEv1

10/11/17

EUD Security Guidance: iOS 11

10/11/17

AusCERT Week in Review for 10th November 2017

10/11/17

On the dangers of Intel's frequency scaling

10/11/17

Cyber security - A personnel issue

09/11/17

PCI SSC Cryptography Expert on Triple DEA

09/11/17

Cloudflare supports Privacy Pass

09/11/17

Microsoft pals up with partners for threat-hunting

09/11/17

Intel's super-secret Management Engine firmware now glimpsed, fingered via USB

09/11/17

USBGuard: authorization for USB

08/11/17

Privacy Fail as Charity Leaks Info on Vulnerable Adults

07/11/17

Factsheet Post-quantum cryptography

07/11/17

MINIX: Intel's hidden in-chip operating system

07/11/17

Report: Attackers Hacked Nepalese Bank's SWIFT Server

06/11/17

LibreSSL 2.6.3 Released

06/11/17

Flaw crippling millions of crypto keys is worse than first disclosed

06/11/17

US-CERT Vulnerability Summary for the Week of October 30, 2017

06/11/17

1-15 October 2017 Cyber Attacks Timeline

06/11/17

cron.weekly issue #104: systemd, nodejs, HAProxy, rend, Kafka, SQLite & more

05/11/17

Look back to an end-of-life LTS kernel : 3.10

04/11/17

El Reg assesses crypto of UK banks: Who gets to wear the dunce cap?

03/11/17

Estonia blocks certificates on 760,000 ID cards due to identity theft risk

03/11/17

AusCERT Week in Review for 3rd November 2017

03/11/17

Contractor breach exposes 50k Aussie govt, bank staff records

02/10/17

Google's bug-tracking system contained its own vulnerabilities, researcher discovers

02/10/17

Art galleries targeted by cyber-thieves

02/10/17

Bypassing Browser Security Warnings with Pseudo Password Fields

02/10/17

NCSC: CYBERUK 2018

01/10/17

Signal Desktop with non APT Linux distributions

01/10/17

Community contributed Kickstarts for CentOS Linux

01/10/17

Punctual as ever, Equifax starts snail-mailing affected Brits about mega-breach

01/10/17

Comodo CA acquired by Francisco Partners...

01/10/17

New data protection advice service aimed at small organisations preparing for the General Data Protection Regulation

31/10/17

Bulletproof TLS Newsletter #33 - Why TLS 1.3 isn't there yet

31/10/17

Malaysian data breach sees 46 million phone numbers leaked

31/10/17

Another Hollywood studio is hacked by The Dark Overlord

31/10/17

Statement on DigiCert's Proposed Purchase of Symantec's CA

31/10/17

Francisco Partners Announces Acquisition of Comodo's Certificate Authority (SSL) Business

31/10/17

US-CERT Vulnerability Summary for the Week of October 23, 2017

30/10/17

Data security and protection for health and care organisations

30/10/17

Mozilla devs discuss ditching Dutch CA, because cryptowars

30/10/17

RIP HPKP: Google abandons public key pinning

30/10/17

YUM 4 is available for testing

30/10/17

NCSC: Coming soon: *new* guidance on Risk Management for Cyber Security

30/10/17

Drupal backup_migrate information leak (was Fw: Database mishandling at defectivebydesign.org)

29/10/17

cron.weekly issue #103: pack, SSLStrip, gping, Kubernetes, Vagrant, MySQL, SSH & more

29/10/17

OpenSSL Trademark Policy

27/10/17

The big difference with Bad Rabbit

27/10/17

Network Device Discovery. Part 1: Active Discovery

27/10/17

T-Mobile Alerted 'A Few Hundred Customers' Targeted By Hackers

27/10/17

NCSC Weekly Threat Report 27th October 2017

27/10/17

Hard Drive Stats for Q3 2017

26/10/17

Cisco ASA series part seven: Checkheaps

26/10/17

PCI and the Next Generation of Payment Security

26/10/17

Equifax Was Warned

26/10/17

Down the Rabbit Hole: Tracking the BadRabbit Ransomware to a Long Ongoing Campaign of Target Selection

25/10/17

Preliminary results of the internal investigation into alleged incidents reported by US media

25/10/17

Panic of Panama Papers-style revelations follows Bermuda law firm hack

25/10/17

Hackers Steal Photos From Plastic Surgeon to the Stars, Claim Trove Includes Royals

25/10/17

Threat Spotlight: Follow the Bad Rabbit

24/10/17

Dell Lost Control of Key Customer Support Domain for a Month in 2017

24/10/17

Whois Maintainer Accidentally Makes Password Hashes Available For Download

24/10/17

Discover potholes in the information super-highway with this handy new tool (which itself just hit a roadblock)

24/10/17

Statement on FCA investigation into Equifax Ltd

24/10/17

Equifax to be investigated by FCA over data breach

24/10/17

UK financial regulator confirms it is probing Equifax mega-breach

24/10/17

'Bad Rabbit' ransomware strikes Ukraine and Russia

24/10/17

Nitrokey Start Supports Elliptic Curves (ECC)

24/10/17

Watership downtime: BadRabbit encrypts Russian media, Ukraine transport hub PCs

24/10/17

Bad Rabbit: Not-Petya is back with improved ransomware

24/10/17

Dangerous liaisons - Investigating the security of online dating apps

24/10/17

Cisco ASA series part six: Cisco ASA mempools

23/10/17

The best Burp plugin I've ever seen

23/10/17

ROCA 'round the lock: Gemalto says IDPrime .NET access cards bitten by TPM RSA key gremlin

23/10/17

Attack of the week: DUHK

23/10/17

US-CERT Vulnerability Summary for the Week of October 16, 2017

23/10/17

UK provides world leading cyber security insight to EU delegates

23/10/17

cron.weekly issue #102: KRACK, Grafana, nsjail, ApsaraCache, Nix, Docker, fzf & more

22/10/17

Today's BGP leak in Brazil

21/10/17

I can Haz TLS 1.3 ?

20/10/17

Nitrokey is NOT Affected by ROCA Vulnerability

20/10/17

Performing & Preventing SSL Stripping: A Plain-English Primer

20/10/17

NCSC: Weekly Threat Report 20th October 2017

20/10/17

How Russian Firm Might Have Siphoned Tools From the NSA

20/10/17

ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance

20/10/17

US-CERT - Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

20/10/17

ROCA: Which Key-Pair Attacks Are Credible?

20/10/17

Introducing PF_RING 7.0 with Hardware Flow Offload

20/10/17

How Additional Permissions (aka Exceptions) Impact a Project's License

20/10/17

Time to KRACK the security patches out again

20/10/17

September 2017 Cyber Attacks Statistics

20/10/17

European guidance published - profiling and breach reporting

19/10/17

NCSC: Cyber Security: Small Business Guide

19/10/17

16-30 September 2017 Cyber Attacks Timeline

18/10/17

Domino's Australia investigating unauthorised spam emails

18/10/17

Domino's customers targeted by scammers as personal data leaks

18/10/17

'Krack' Wi-Fi guidance

17/10/17

The Flawed System Behind the Krack Wi-Fi Meltdown

17/10/17

Social media data shared by spy agencies

17/10/17

Data breach exposes millions of South Africans' personal records

17/10/17

ICO announces more help for small and micro businesses

17/10/17

What is a Socket?

17/10/17

Microsoft responded quietly after detecting secret database hack in 2013

17/10/17

Are you sharing the same IP address as a criminal? Law enforcement call for the end of Carrier Grade NAT (CGN) to increase accountability online

17/10/17

ACME Support in Apache HTTP Server Project

17/10/17

Wi-fi security flaw 'puts devices at risk of hacks'

16/10/17

Falling through the KRACKs

16/10/17

List of Firmware & Driver Updates for KRACK WPA2 Vulnerability

16/10/17

Cisco ASA series part five: libptmalloc gdb plugin

16/10/17

Linux Kernel Community Enforcement Statement

16/10/17

Never mind the WPA2 drama... Details emerge of TPM key cockup that hits tonnes of devices

16/10/17

UK TV drama about North Korea hit by cyber-attack

16/10/17

An enforcement clarification from the kernel community

16/10/17

US-CERT Vulnerability Summary for the Week of October 9, 2017

16/10/17

cron.weekly issue #101: GitLab, yes, true, Postgres, doitlive, tmux, systemd & more

15/10/17

Users Report Fraudulent Transactions After Pizza Hut Admits Card Breach

15/10/17

Using Elliptic Curve Cryptography with TPM2

14/10/17

Working to understand PCI Express and how it interacts with modern CPUs

13/10/17

nftables 0.8 release

13/10/17

NCSC Weekly Threat Report 13th October 2017

13/10/17

Malicious Redirects on Equifax, TransUnion Sites Caused by Third-Party Script

13/10/17

Notice of 2013 We Heart It Data Breach

13/10/17

AusCERT Week in Review for 13th October 2017

13/10/17

Phishing on the rise

12/10/17

UK Treasury Committee chairman calls on Equifax to answer for breach omnishambles

12/10/17

Australia's second Joint Cyber Security Centre launched in Melbourne

12/10/17

Equifax Credit Assistance Site Served Spyware

12/10/17

Hacker codenamed in honour of 'Alf' from Home and Away stole sensitive data about Australian military projects

12/10/17

Equifax website borked again, this time to redirect to fake Flash update

12/10/17

Four years later with CentOS and Red Hat

11/10/17

Explaining the Chromebook Security Scare in Plain English: Don't Panic!

11/10/17

Over The Air - Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices

11/10/17

Small business urged to follow five simple steps to thrive online

11/10/17

When Irish data's leaking: Supermarket shoppers urged to check bank statements

11/10/17

Symantec will stop giving governments source code reviews

11/10/17

Hackers nick $60m from Taiwanese bank in tailored SWIFT attack

11/10/17

NCSC: Cyber Security: Small Business Guide

11/10/17

Israeli spies 'watched Russian agents breach Kaspersky software'

11/10/17

Concerns raised about privacy, GDPR as Lords peer over Data Protection Bill

11/10/17

Defence contractor's IT systems breached

10/10/17

North Korean Actors Spear Phish U.S. Electric Companies

10/10/17

Research Firm Forrester Discloses Data Breach, Client Reports Stolen

10/10/17

Deloitte hack hit server containing emails from across US government

10/10/17

Equifax Ltd (UK): UPDATE REGARDING THE ONGOING INVESTIGATION INTO US CYBER SECURITY INCIDENT

10/10/17

An update on GnuPG

10/10/17

Apple's iOS password prompts prime punters for phishing: Too easy now for apps to swipe secrets, dev warns

10/10/17

Equifax data hack affected 694,000 UK customers

10/10/17

Hackers release names of professional footballers who allegedly failed drug tests

10/10/17

T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number

10/10/17

System Shock: How A Cloud Leak Exposed Accenture's Business

10/10/17

Dnsmasq: A Reality Check and Remediation Practices

09/10/17

Apple ID password prompts can easily be replicated, phishing attacks easily possible

09/10/17

Cisco ASA series part four: dlmalloc-2.8.x, libdlmalloc, & dlmalloc on Cisco ASA

09/10/17

IP Accounting and Access Lists with systemd

09/10/17

US-CERT Vulnerability Summary for the Week of October 2, 2017

09/10/17

New Cybercrime Court Planned for City of London

09/10/17

Cyber-security threat to UK 'as serious as terrorism' - GCHQ

09/10/17

cron.weekly issue #100: dnsmasq, systemd, MariaDB, logfmt, Rancher, Envoy, Micro, traceroute & more

08/10/17

Testing Security Keys

08/10/17

Equifax Breach Fallout: Your Salary History

08/10/17

Information for Replacement of Symantec SSL/TLS Certificates

07/10/17

Man Arrested For Allegedly Stealing Classified Documents From NSA Left Trail Of Questions

07/10/17

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises

07/10/17

What's in a cable? The dangers of unauthorized cables

06/10/17

[TLS] Update on TLS 1.3 Middlebox Issues

06/10/17

Dynamic Users with systemd

06/10/17

Browsers Will Store Credit Card Details Similar to How They Save Passwords

06/10/17

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

06/10/17

Yet Another Russian Hack of the NSA -- This Time with Kaspersky's Help

06/10/17

NCSC: Weekly Threat Report 6th October 2017

06/10/17

Kaspersky Lab denies involvement in Russian hack of NSA contractor

06/10/17

Using Binary Diffing to Discover Windows Kernel Memory Disclosure Bugs

05/10/17

Russian spies used Kaspersky AV to hack NSA staffer, swipe exploit code - new claim

05/10/17

PoC for several Magento vulnerabilities released, update now!

05/10/17

RAM, bam, awww ... man! Boffins defeat Rowhammer protections

05/10/17

How To Learn Vim: A Four Week Plan

05/10/17

John Kelly's personal cellphone was compromised, White House believes

05/10/17

Russian government hackers used antivirus software to steal U.S. cyber capabilities

05/10/17

UK cybercops reacted to 590 'significant attacks' over past year - report

05/10/17

The Story Behind ICANN's Decision to Delay the KSK Rollover

04/10/17

BlueBorne - An Analysis

04/10/17

An Overview of the 27th DNS Operations, Analysis, and Research Center Meetings

04/10/17

How to defeat Ed25519 and EdDSA using faults

04/10/17

1-15 September 2017 Cyber Attacks Timeline

04/10/17

NCSC annual review

03/10/17

Yahoo 2013 data breach hit 'all three billion accounts'

03/10/17

Scammers Hosted Files on Equifax's Australian Website

03/10/17

I Never Signed Up for This! Privacy Implications of Email Tracking

03/10/17

Equifax triggers debate on cyber rules

03/10/17

[openssl-dev] Can I haz TLS 1.3 ?

03/10/17

Another Flip in the Wall of Rowhammer Defenses

02/10/17

US-CERT Vulnerability Summary for the Week of September 25, 2017

02/10/17

Dnsmasq and the seven flaws: Patch these nasty remote-control holes

02/10/17

3 Zero-Day Plugin Vulnerabilities Being Exploited In The Wild

02/10/17

Behind the Masq: Yet more DNS, and DHCP, vulnerabilities

02/10/17

Cisco ASA series part three: Debugging Cisco ASA firmware

02/10/17

A security review of three NTP implementations

01/10/17

NCSC: Weekly Threat Report 29th September 2017

29/09/17

The Equifax Hack Has the Hallmarks of State-Sponsored Pros

29/09/17

Linux To Get "Extended LTS" Releases, Kernel Support For Six Years

29/09/17

A Closer Look at Postponing of the Root Zone KSK Rollover Decision

29/09/17

Govt reveals data breach notification format

29/09/17

Ransomware keeping cops, NHS and local UK gov bods awake at night

28/09/17

XSS in a certificate signing request

28/09/17

We need to talk about Session Tickets

28/09/17

CAA is now mandatory

28/09/17

Lack of ISP readiness halts DNS secure key change

28/09/17

EU police agency calls for better action against cybercrime

27/09/17

Black Hat Europe 2017:New Briefings Announced

27/09/17

KSK Rollover Postponed

27/09/17

Broadening HSTS to secure more of the Web

27/09/17

Open Source guidance

27/09/17

Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked'

26/09/17

CVE-2017-1000253

26/09/17

A Shift in the ATM Malware Landscape: From Physical to Network-based Attacks

26/09/17

Equifax Breach: Updated Timeline, Phishing, Regulation, and a Roundup

26/09/17

CVE-2017-1000253 - load_elf_binary does not allocate sufficient space

26/09/17

Smart Card Support in Red Hat Enterprise Linux

26/09/17

The UK's National Health Service: A New Cybersecurity Dawn?

26/09/17

Bill Gates switches to Android phone

26/09/17

Introducing the Cloudflare Geo Key Manager

26/09/17

Google and Mozilla are Deprecating Existing Symantec Certificates

26/09/17

[CentOS-announce] Announcing the release of Gluster 3.12 on CentOS Linux 7 x86_64

26/09/17

Unmetered Mitigation: DDoS Protection Without Limits

25/09/17

For eight years, hackers have been able to exploit this password-stealing flaw in Joomla

25/09/17

Deloitte hit by cyber-attack revealing clients' secret emails

25/09/17

Ex-NSA hacker drops macOS High Sierra zero-day hours before launch

25/09/17

Cisco ASA series part two: Static analysis & datamining of Cisco ASA firmware

25/09/17

Deloitte: 'Very Few Clients' Impacted by Cyber Attack

25/09/17

US-CERT Vulnerability Summary for the Week of September 18, 2017

25/09/17

NCSC Statement: Deloitte cyber incident

25/09/17

Deloitte confirms hack exposed email system

25/09/17

Deloitte hit by data breach

25/09/17

Sensitive client emails, usernames, passwords exposed in Deloitte hack

25/09/17

NCSC: UK Should Brace for Major Cyber Incident

25/09/17

Additional information regarding the recent CCleaner APT security incident

25/09/17

Over a Quarter of UK Councils Hit by Ransomware

25/09/17

Guess - go on, guess - where a vehicle tracking company left half a million records

25/09/17

Russian hackers exploited a Google flaw the company has refused to fix

24/09/17

cron.weekly issue #99: Struts, SELinux, Xen, JDK, Postgres, Caddy & more

24/09/17

Finance sector is littered with vulns, and guess what - most can be resolved by patching

24/09/17

NCSC: Weekly Threat Report 22nd September 2017

22/09/17

Major cyber-attack will happen soon, warns UK's security boss

22/09/17

NBD: Adobe just dumped its PRIVATE PGP key on the internet

22/09/17

Verizon Wireless Employee Exposed Confidential Data Online

22/09/17

Australian government to invest AU$50 million into new industry-led Cyber Security Cooperative Research Centre

22/09/17

Red Hat pledges patent protection for 99 per cent of FOSS-ware

22/09/17

AusCERT Week in Review for 22nd September 2017

22/09/17

Avast: The 2.3M CCleaner Hack Was A Sophisticated Assault On The Tech Industry

21/09/17

Avast Threat Labs analysis of CCleaner incident

21/09/17

30,000 Irish Teachers Hit By Union Breach

21/09/17

Fake website fools Equifax staff

21/09/17

Distrustful U.S. allies force spy agency to back down in encryption fight

21/09/17

SEC admits data breach, suggests illicit trading was key

21/09/17

Red Hat Announces Broad Expansion to Open Source Patent Promise

21/09/17

CLKSCREW Attack Can Hack Modern Chipsets via Their Power Management Features

21/09/17

Progress on CCleaner Investigation

21/09/17

Cyber Security meet Engineering, Engineering meet Cyber Security?

20/09/17

Support for 3DES cipher suites will be removed

20/09/17

How Optionsbleed wasn't found in 2014

20/09/17

New grading on securityheaders.io

20/09/17

A longitudinal, end-to-end view of the DNSSEC ecosystem

20/09/17

Kali Linux 2017.2 Release

20/09/17

Cisco ASA series part one: Intro to the Cisco ASA

20/09/17

More data lost or stolen in first half of 2017 than the whole of last year

20/09/17

First Half 2017 Breach Level Index Report: Identity Theft and Poor Internal Security Practices Take a Toll

20/09/17

Equifax Breach: Setting the Record Straight

20/09/17

CCleaner Command and Control Causes Concern

20/09/17

NotPetya cyber-attack cost TNT at least $300m

20/09/17

Addressing the UK NCSC's Cloud Security Principles

20/09/17

Equifax's disastrous Struts patching blunder: THOUSANDS of other orgs did it too

20/09/17

Update to the CCleaner 5.33.6162 Security Incident

19/09/17

Addressing the Global Cyber Challenge

19/09/17

European Commission proposes more powers for EU's infosec agency

19/09/17

Equifax Disputes Report of Undisclosed Breach From March

19/09/17

Fixing HPKP with Certificate Constraints

19/09/17

Hardening Apache Struts with SELinux

19/09/17

Cut Cord: How Viacom's Master Controls Were Left Exposed

19/09/17

US-CERT: Vulnerability Summary for the Week of September 11, 201

18/09/17

CCleanup: A Vast Number of Machines at Risk

18/09/17

Optionsbleed - HTTP OPTIONS method can leak Apache's server memory

18/09/17

Security Notification for CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 for 32-bit Windows users

18/09/17

Ccleaner Malware Incident - What You Need to Know and How to Remove

18/09/17

CCleaner, distributed by anti-virus firm Avast, contained malicious backdoor

18/09/17

Equifax's IT leaders 'retire' as company says it knew about the bug that brought it down

17/09/17

cron.weekly issue #98: Caddy, Equifax, Struts, Curl, Arch, compsize, CentOS & more

17/09/17

rockNSM as a Incident Response Package

17/09/17

Here's The 'Star Trek Command Center' That NSA Chief Keith Alexander Used To Woo Politicians

17/09/17

Email security and anti-spoofing

15/09/17

NCSC: Weekly Threat Report 15th September 2017

15/09/17

Improving email security

15/09/17

Security.txt Standard Proposed, Similar to Robots.txt

15/09/17

NCC hires three Bank of England cyber experts to beef up assurance business

15/09/17

Shoddily-set-up Elastisearch hosting point-of-sale malware

14/09/17

Defrosted starter for 10: Iceland home delivery site spills customer details

14/09/17

Missed patch caused Equifax data breach

14/09/17

Equifax and the UK - what's going on?

14/09/17

UK Data Protection Bill lands: Oh dear, security researchers - where's your exemption?

14/09/17

ICO: Statement on the Data Protection Bill

14/09/17

Data laws to be made fit for digital age

14/09/17

New national innovation centre to put UK at forefront of big data

14/09/17

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

14/09/17

UK proposes exemptions to Data Protection Bill

14/09/17

Failure to patch two-month-old bug led to massive Equifax breach

14/09/17

Ransom attacks against unprotected Internet exposed databases

13/09/17

I called Equifax with a simple question. This is what happened.

13/09/17

Equifax had 'admin' as login and password in Argentina

13/09/17

Equifax Cybersecurity Incident & Important Consumer Information

13/09/17

Credit reference agencies faulted for poor patching

13/09/17

Ciaran Martin's speech to CBI

13/09/17

ICO: Elizabeth Denham's speech

13/09/17

UK's new Data Protection Bill will be 'liberal' not 'libertarian', says digi minister

13/09/17

Kromtech Discovers Massive ElasticSearch Infected Malware Botnet

12/09/17

Apache Struts and the three leading US credit agencies

12/09/17

Ayuda! (Help!) Equifax Has My Data!

12/09/17

August 2017 Cyber Attacks Statistics

12/09/17

US-CERT - Multiple Bluetooth implementation vulnerabilities affect many devices

12/09/17

Understanding the prevalence of web traffic interception

12/09/17

Canoe.ca says data for one million users hacked

12/09/17

Billions of devices imperiled by new clickless Bluetooth attack

12/09/17

Kernel Stack Protector and BlueBorne

12/09/17

Google to kill Symantec certs in Chrome 66, due in early 2018

12/09/17

Equifax's credit report monitoring site is also vulnerable to hacking

12/09/17

Equifax cyber incident: how to protect yourself

12/09/17

Chrome's Plan to Distrust Symantec Certificates

11/09/17

US-CERT Vulnerability Summary for the Week of September 4, 2017

11/09/17

FireEye pulls Equifax boasts as it tries to handle hack fallout

11/09/17

Apache Struts Statement on Equifax Security Breach

09/09/17

Statement on the Equifax cyber incident

09/09/17

NCSC Weekly Threat Report 8th September 2017

08/09/17

Equifax blames giant breach on vendor software flaw

08/09/17

Equifax Breach Response Turns Dumpster Fire

08/09/17

'Serious' security flaws found on official UK tax site

08/09/17

Statement in response to Equifax cyber attack

08/09/17

Security firm Mandiant said to be helping Equifax in hack aftermath

08/09/17

Highly Sensitive Details of 143 Million Users Stolen in Equifax Hack

08/09/17

Why the Equifax breach is very possibly the worst leak of personal info ever

08/09/17

The 16 biggest data breaches of the 21st century

07/09/17

Equifax compromise and their insecure response

07/09/17

Want to Know If Your SSN Was Included in the Equifax Breach? Good Luck!

07/09/17

Mexican tax refund firm MoneyBack leaks thousands of passports and credit cards

07/09/17

CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App

07/09/17

Optimizing web servers for high throughput and low latency

06/09/17

16-31 August 2017 Cyber Attacks Timeline

06/09/17

Playing with kernel TLS in Linux 4.13 and Go

06/09/17

Dragonfly: Western energy sector targeted by sophisticated attack group

06/09/17

The hidden history of cyber-crime forums

06/09/17

Boffins hijack bootloaders for fun and games on Android

06/09/17

security things in Linux v4.13

05/09/17

Four Million Time Warner Cable Records Left on Misconfigured AWS S3

05/09/17

Fixing HPKP with Pin Revocation

05/09/17

Linux based inter-process code injection without ptrace(2)

05/09/17

Abandoned Domain Takeover as a Web Security Risk

05/09/17

Linux Kernel 4.13: Don't Use SMB1

05/09/17

GDPR - setting the record straight on data breach reporting

05/09/17

US-CERT Vulnerability Summary for the Week of August 28, 2017

04/09/17

Data breach hits four million Time Warner app users

04/09/17

Massive data breach confirms what you already knew: you are getting spam

04/09/17

Crypto-busters reverse nearly 320 MEELLION hashed passwords

04/09/17

Asterisk RTP bug worse than first thought: Think intercepted streams

03/09/17

cron.weekly issue #96: LogDevice, qmail, redis, Linus, HAProxy, libraries, concert, restic & more

03/09/17

Data Breach Exposes Thousands of Job Seekers Citing Top Secret Government Work [Updated]

02/09/17

Hackers claim to be selling millions of Instagram users' contact details

02/09/17

NCSC Weekly Threat Report 1st September 2017

01/09/17

SIDH in Go for quantum-resistant TLS 1.3

01/09/17

Static analysis on the Linux kernel

01/09/17

Russian Hacking Tools Codenamed WhiteBear Exposed

01/09/17

Observations about the attack on WikiLeaks

01/09/17

Polyinstantiating /tmp and /var/tmp directories

31/08/17

ARM's embedded TLS library fixes man-in-the-middle fiddle

31/08/17

Patchy PCI compliance putting consumer credit card data at risk

31/08/17

Bulletproof TLS Newsletter #31

31/08/17

Council fined for leaving vulnerable people's personal information exposed online for five years

31/08/17

Verizon's PCI DSS Report: Bad Comparisons?

31/08/17

CyberRehab's mission? To clean up the internet, one ASN block at a time

31/08/17

Essential apologizes for 'humiliating' customer data leak

31/08/17

Malware attack forces German state parliament offline

31/08/17

ModSecurity version 3.0.0 first release candidate

30/08/17

Blocking double-free in Linux kernel

30/08/17

Instagram hack: Celebrity contact details revealed

30/08/17

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

30/08/17

Introducing WhiteBear

30/08/17

Removing Disabled WoSign and StartCom Certificates from Firefox 58

30/08/17

Inside the Massive 711 Million Record Onliner Spambot Dump

30/08/17

1-15 August 2017 Cyber Attacks Timeline

30/08/17

Intel ME controller chip has secret kill switch

29/08/17

Hard Drive Stats for Q2 2017

29/08/17

Two million customer records pillaged in IT souk CeX hack attack

29/08/17

711 million email addresses ensnared in "largest" spambot

29/08/17

UK infrastructure failing to meet the most basic cybersecurity standards

29/08/17

ENISA: Supply chain attacks

29/08/17

mbed TLS Security Advisory 2017-02

28/08/17

ROPEMAKER email exploit is of limited practical use

28/08/17

Ransomware behind NHS Lanarkshire cyber-attack

28/08/17

Google error disrupts corporate Japan's web traffic

28/08/17

US-CERT - Vulnerability Summary for the Week of August 21, 2017

28/08/17

cron.weekly issue #95: fail2ban, React, $HOME, apt-key, Go, Kanban, Zabbix, Zsh & more

27/08/17

Is the City force corrupt, or just clueless?

26/08/17

BGP leak causing Internet outages in Japan and beyond

26/08/17

GDPR is an evolution in data protection, not a burdensome revolution

25/08/17

Watch Someone Buy a Laptop for $1 Thanks to a Severe POS Vulnerability

25/08/17

Keeping up to Date with PCI DSS Dates

25/08/17

AusCERT Week in Review for 25th August 2017

25/08/17

NCSC: Industry 100: An introduction

25/08/17

NCSC Weekly Threat Report 25th August 2017

25/08/17

How to spot a North Korean bot

24/08/17

The TLS 1.3 Controversy, and Why We Need to Choose Stronger Security

24/08/17

July 2017 Cyber Attacks Statistics

24/08/17

DMARC anti-phishing standard adoption is lagging even in big firms

24/08/17

DMARC: an imperfect solution that can make a big difference

24/08/17

Cybersecurity world faces 'chronic shortage' of qualified staff

24/08/17

Giving up on HPKP

24/08/17

Cross Site Scripting, Weak Authentication and TLS still head up critical threats

23/08/17

Identity fraud figures soar

23/08/17

Identity theft at epidemic levels, warns Cifas

23/08/17

Feds call for stronger cyber security co-operation with ISPs

22/08/17

ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery

22/08/17

16-31 July Cyber Attacks Timeline

22/08/17

Sony social media accounts hijacked as hackers claims to have stolen PSN database

22/08/17

Introducing the ROPEMAKER Email Exploit

22/08/17

If there's a hole in your S3 bucket, data thieves will be sprayed by Macie

22/08/17

Anonymous hacker says they stole 1.2 million NHS patients' data

22/08/17

Find how this man fell victim to ID fraud an incredible 29 times

22/08/17

10% of UK's top firms would be screwed in a cyber attack - survey

21/08/17

Online Hotel Booking Service Allegedly Exposed Sensitive Data

21/08/17

Did a Hacker Steal Over 1 Million UK Health Records?

21/08/17

US-CERT: DNSSEC Key Signing Key Rollover

21/08/17

8 top cyber-attack maps and how to use them

21/08/17

Cyber Security in Charities

21/08/17

Two in three bosses at Britain's biggest businesses not trained to deal with a cyber attack

21/08/17

Company bosses 'lack cyber-attack training'

21/08/17

US-CERT Vulnerability Summary for the Week of August 14, 2017

21/08/17

cron.weekly issue #94: Security, SSH, df, Wekan, funding, Kubernetes, Make, systemd & more

20/08/17

US DoD, Brit ISP BT reverse proxies can be abused to frisk internal systems - researcher

19/08/17

New NIST draft embeds privacy into US govt security for the first time

18/08/17

Cyber Security: Small Business Guide

18/08/17

Broken packets: IP fragmentation is flawed

18/08/17

Why Voice Over IP Matters

18/08/17

NCSC: Weekly Threat Report 18th August 2017

18/08/17

How hackers are targeting the shipping industry

18/08/17

AusCERT Week in Review - Week Ending 18th August 2017

18/08/17

Don't panic, Chicago, but an AWS S3 config blunder exposed 1.8 million voter records

17/08/17

North London council fined after parking ticket system flaw leaves personal information at risk

17/08/17

Nine months and a lot more b*llocks to go before new EU data protection rules kick in

17/08/17

Why We Terminated Daily Stormer

16/08/17

Months after breach at the 'UnBank' Ffrees, customers complain: No one told us

16/08/17

Routers targeted

16/08/17

UK Retail Data Breach Incidents Double in a Year

16/08/17

Consent is not the 'silver bullet' for GDPR compliance

16/08/17

NIST releases DRAFT SP800-53R5

16/08/17

The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard

16/08/17

Creepy backdoor found in NetSarang server management software

15/08/17

Monitoring of Symantec certificates

15/08/17

Scottish Parliament targeted in 'brute force' cyber attack

15/08/17

UK Cyber Security Sectoral Analysis Survey

15/08/17

IPv6, Large UDP Packets and the DNS

15/08/17

US-CERT Vulnerability Summary for the Week of August 7, 2017

14/08/17

Associate QSA Program: Coming Soon

14/08/17

Macie slay: AWS touts S3 patrol bots to kill data-slurping hackers

14/08/17

That Vulnerability is "Theoretical"!

13/08/17

cron.weekly issue #93: Debian, Git, Jerakia, Lighthouse, hey, load, compression, OpenVPN & more

13/08/17

Top repo managers clone, then close, a nasty SSH vector

13/08/17

OpenSSL Blog: new "random" number generator

12/08/17

Infosec eggheads rig USB desk lamp to leak passwords via Bluetooth

11/08/17

NCSC: Weekly Threat Report 11th

11/08/17

PA Firefighters Overcome 10-Day Comms Issue

11/08/17

Password Power Rankings: A look at the practices of 40+ popular websites

10/08/17

Baroness opens Cyber Security Centre at the University of Bradford

09/08/17

TalkTalk fined �100,000 after carelessly exposing customer data. Again.

09/08/17

Penetration testing - what is it and who is it for?

09/08/17

GDPR - sorting the fact from the fiction

09/08/17

NotBeingPetya: UK critical infrastructure firms face huge fines for lax security

08/08/17

Attack on Ireland's state-owned power provider blamed on state-sponsored hackers

08/08/17

Big question of the day: Is it time to lock down .localhost?

08/08/17

New fines for essential service operators with poor cyber security

08/08/17

1-15 July 2017 Cyber Attacks Timeline

08/08/17

Consultation on the Security of Network and Information Systems Directive

08/08/17

Awesome Hacking: A collection of awesome lists for hackers, pentesters & security researchers.

08/08/17

UK data protection laws to be overhauled

07/08/17

Re-identifying folks from anonymised data will be a crime in the UK

07/08/17

US-CERT: Vulnerability Summary for the Week of July 31, 2017

07/08/17

NIST Releases Cybersecurity Definitions for the Workforce

07/08/17

16-30 June 2017 Cyber Attacks Timeline

07/08/17

DonateBlood.com.au data breach (Precedent Communications Pty Ltd)

07/08/17

FireEye Provides Update on Allegations of Breach

07/08/17

EirGrid targeted by 'state sponsored' hackers leaving networks exposed to 'devious attack'

06/07/17

cron.weekly issue #92: RHEL 7.4, Varnish, Exa, Btrfs, sslh, ZFS, inputrc, opensmtpd & more

06/07/17

NCSC: Weekly Threat Report 4th August 2017

04/08/17

What's Next for PCI DSS?

03/08/17

Built-in protection against USB security attacks with USBGuard

03/08/17

Troy Hunt: Introducing 306 Million Freely Downloadable Pwned Passwords

03/08/17

Coming soon to a Parliament near you - UK's Data Protection Bill

03/08/17

SMBLoris: What You Need To Know

02/08/17

Determine for yourself which Certification Authorities can issue certificates on your domain

02/08/17

This typosquatting attack on npm went undetected for 2 weeks

02/08/17

Chrome web dev plugin with 1m+ users hijacked, crams ads into browsers

02/08/17

Drug maker Merck's worldwide operations hampered by Petya attack

02/08/17

Cardiff billboard offensive images display after hack

02/08/17

Brit voucher biz's signup page blabbed families' details via URL tweak

02/08/17

DOJ Builds Bug Bounty Framework, Hopes to Curve Criminal Violations

02/08/17

RHEL & CentOS 7.4 restores HTTP/2 functionality on Nginx

01/08/17

EUD: Virtual Private Networks

01/08/17

McAfee online scan used plain old HTTP to fetch screen elements

01/08/17

Underhanded Crypto Contest: 2017 Runner-Up: Neville Longbottom

31/07/17

US-CERT Vulnerability Summary for the Week of July 24, 2017

31/07/17

It is easy to expose users' secret web habits, say researchers

31/07/17

Kids Pass Just Reminded Us How Hard Responsible Disclosure Is

31/07/17

Leaked private keys and revocations based on fake private keys

31/07/17

Measuring Vulnerability Rediscovery

31/07/17

Hackers kick off #leaktheanalyst campaign by dumping data of security firm

31/07/17

Power firms alerted on hack attack scenarios

30/07/17

cron.weekly issue #91: Memcached, MariaDB, Boltron, BinaryAlert, Gitlab, pik, uchat & more

30/07/17

Google Outlines SSL Apocalypse for Symantec Certificates

29/07/17

The differences between how SFTP and scp work in OpenSSH

29/07/17

Illegal and undocumented instructions

28/07/17

State of play - Techniques used in cyber-attacks

28/07/17

NCSC: Weekly Threat Report 28th July 2017

28/07/17

Some Whois Lookup Services Might be Broken

27/07/17

Ransomware 'here to stay', warns Google study

27/07/17

Shoddy data-stripping exposes firms to hack attacks

26/07/17

Passwords Evolved: Authentication Guidance for the Modern Era

26/07/17

UniCredit Says 400,000 Accounts Were Hacked, Exposing Data

26/07/17

Details of a million people across Yorkshire for sale on 'dark web'

25/07/17

Swedish PM admits that huge data leak is 'a disaster'

25/07/17

Rehab camp aims to put young cyber-crooks on right track

25/07/17

18-year-old arrested after reporting dumb bug in public transport e-ticket system

25/07/17

Wells Fargo Asks Judges to Force Return of Leaked Client Data

25/07/17

Adobe to kill off Flash plug-in by 2020

25/07/17

Over 2,200 Data Breaches Disclosed So Far In 2017, Exposing Over Six Billion Records

25/07/17

Security bug allows hackers to bypass encryption, intercept iCloud Keychain

25/07/17

US-CERT Vulnerability Summary for the Week of July 17, 2017

24/07/17

1-15 June 2017 Cyber Attacks Timeline

24/07/17

Crims snatch 5.5 million social security numbers from Kansas govt box

24/07/17

A Virtual Canary-in-the-Coalmine for the DNSSEC Root Key Rollover

24/07/17

Certificate Limitation Policy

23/07/17

cron.weekly issue #90: OCI, Apache, Go, Shells, Duplicity, mktemp, man & more

23/07/17

TLS 1.3 in enterprise networks

22/07/17

How a fish tank helped hack a casino

21/07/17

NCSC Weekly Threat Report 21st July 2017

21/07/17

Worst known governmental leak ever is slowly coming to light: Agency moved nation's secret data to "The Cloud"

21/07/17

AusCERT Week in Review for 21st July 2017

21/07/17

Fingerprint-based detection of DNS hijacks using RIPE Atlas

20/07/17

Massive blow to criminal Dark Web activities after globally coordinated operation

20/07/17

IoT Thermostat Bug Allows Hackers to Turn Up the Heat

20/07/17

Exclusive: Dutch Cops on AlphaBay 'Refugees'

20/07/17

How I tricked Symantec with a Fake Private Key

20/07/17

Final removal of trust in WoSign and StartCom Certificates

20/07/17

Ricoh Australia Scrambles to Fix Document Leak

20/07/17

UK households hit by 1.8m computer misuse offences in a year

20/07/17

TLS 1.2 Support added to Windows Server 2008

20/07/17

Break your own product, and break it hard

19/07/17

AWS warns users about open S3 buckets

19/07/17

On The (Perceived) Value of EV Certs, Commercial CAs, Phishing and Let's Encrypt

19/07/17

Unpacking a classic Turnbullian announcement: Home Affairs, cyber security and intelligence

19/07/17

Crime in England and Wales: year ending Mar 2017

19/07/17

"Bad Taste" Vulnerability Affects Linux Systems via Malicious Windows MSI Files

19/07/17

Petya cyber-attack still disrupting firms weeks later

18/07/17

Wireshark-announce: [Wireshark-announce] Wireshark 2.2.8 is now available

18/07/17

Insurers claim cyber calamities could cost more than Hurricane Sandy

18/07/17

Newcastle City Council Leaks Data of Thousands of Adopted Children

18/07/17

Petya damage to TNT Express systems is likely permanent

18/07/17

Review urges 24/7 cyber security centre

18/07/17

AMD Secure Memory Encryption Patches Updated For Linux

17/07/17

11 remote vulnerabilities (inc. 2x RCE) in FreeRADIUS packet parsers

17/07/17

US-CERT: Vulnerability Summary for the Week of July 10, 2017

17/07/17

Cloud Leak: WSJ Parent Company Dow Jones Exposed Customer Data

17/07/17

Dutton to head up super security ministry

17/07/17

Lloyd's of London CEO: Cyber-insurance cost to double

17/07/17

2017: The FBI alerts parents to dangers of Internet of Sh*t toys

17/07/17

GCHQ Says Hackers Have Likely Compromised UK Energy Sector Targets

17/07/17

Memcached - A Story of Failed Patching & Vulnerable Servers

17/07/17

Extreme cyber-attack could cost as much as Superstorm Sandy

17/07/17

Cyber attacks a wake-up call: Keenan

17/07/17

cron.weekly issue #89: Fedora 26, ZFS, Go 2, Time, seashells, Boltron, Redis, Duplicity & more

16/07/17

Solving a post exploitation issue with CVE-2017-7308

16/07/17

NHS medic posts confidential patient data of new mums on Facebook

15/07/17

NCSC Weekly Threat Report 14th July 2017

14/07/17

Australia short on cyber talent

14/07/17

AusCERT Week in Review for 14th July 2017

14/07/17

ICO's Annual Report for 2016/17 highlights a year of achievements and future challenges

13/07/17

May 2017 Cyber Attacks Statistics

13/07/17

Bupa data breach affects 500,000 insurance customers

13/07/17

No big deal. You can defeat Kaspersky's ATM antivirus with a really fat executable

13/07/17

Demystifying the NESA

13/07/17

Bupa: Rogue staffer stole health insurance holders' personal deets

13/07/17

Uber patches security flaw leading to subdomain takeover

13/07/17

Bupa IPMI notifies customers of insider breach

13/07/17

Potential network disruption

12/07/17

Private Keys on Web Servers

12/07/17

Millions of Verizon customer records exposed in security lapse

12/07/17

Symantec explores selling web certificates business: sources

12/07/17

NCSC: Cyber Accelerator

12/07/17

Understanding the .io TLD's DNS configuration vulnerability

12/07/17

What is new in OpenSSH 7.4 (in RHEL 7.4)?

12/07/17

Update to Current Use and Deprecation of TDEA

11/07/17

New Australian cyber unit to target overseas criminals

11/07/17

Announcing Bulletproof SSL and TLS, the 2017 revision

11/07/17

Fedora 26 Now Generally Available

11/07/17

Insurers may have to adjust policies to reflect 'silent' cyber risks

11/07/17

Closing the CVE gap: Is MITRE up to it?

11/07/17

Numerous Swiss domain names temporarily hijacked

10/07/17

National Audit Office confirms that police, banks, Home Office pass the buck on fraud

10/07/17

High-reliability OCSP stapling and why it matters

10/07/17

US-CERT Vulnerability Summary for the Week of July 3, 2017

10/07/17

End-to-end encryption back door 'a bad idea'

10/07/17

16-31 May 2017 Cyber Attacks Timeline

10/07/17

Mobile Payment Acceptance: A Look at PCI's New Software-Based PIN-Entry Initiative

10/07/17

The Alarming Prevalence of Data Breach Cover-Ups

10/07/17

Three million wrestling fans at risk after WWE leaves database unprotected

10/07/17

security things in Linux v4.12

10/07/17

cron.weekly issue #88: a forum, kernel 4.12, OpenBSD, systemd, elvish, puppet, vtop & more!

09/07/17

Hard Rock hotels burgered up by Sabre breach

09/07/17

Jio Customer Database of over 120 million users leaked, could be biggest data breach in India

09/07/17

UK Company Exposed Thousands of Personal Files Online

08/07/17

Self-Service Food Kiosk Vendor Avanti Hacked

08/07/17

NCSC Weekly threat report 7th July 2017

07/07/17

AusCERT Week in Review for 7th July 2017

07/07/17

Germany says cyber threat greater than expected, more firms affected

07/07/17

Google Chrome's HTTPS ban-hammer drops on WoSign, StartCom in two months

07/07/17

B&B Theatres Hit in 2-Year Credit Card Breach

07/07/17

AA apologises, and confirms customers' partial credit card data *was* exposed

07/07/17

Recovering data from a disk encrypted by #NotPetya with Salsa20

07/07/17

Global Cybersecurity Index

07/07/17

Largest advertising company in the world still wincing after NotPetya punch

07/07/17

Phone scams targeting a variety of organisations in the Health industry

07/07/17

Local Packet Filtering with IPv6

06/07/17

CIA Malware Can Steal SSH Credentials, Session Traffic

06/07/17

Massive WWE Leak Exposes 3 Million Wrestling Fans' Addresses, Ethnicities And More

06/07/17

Breached Bitcoin Bithumb bosses blame bod's BYOD

06/07/17

Massive cyber-attack could cost Nurofen and Durex maker �100m

06/07/17

M.E.Doc Software Was Backdoored 3 Times, Servers Left Without Updates Since 2013

06/07/17

Major cryptocurrency exchange hacked - customers' Bitcoin and Ethereum accounts plundered

06/07/17

How 2,000 Unsecured Databases Landed on the Internet

05/07/17

Australia drops four places in UN cyber security top ten

05/07/17

U.N. survey finds cybersecurity gaps everywhere except Singapore

05/07/17

Sabre Update on Cybersecurity Incident

05/07/17

Payment Systems Regulator Annual Report and Accounts 2016/17

05/07/17

ICO publishes International Strategy to help protect UK public's personal information in a global environment

04/07/17

CERT Australia takes over ACMA cyber security program

03/07/17

AA Shop investigating 13 gigabyte data breach

03/07/17

Revocation is broken

03/07/17

The Medicare machine: patient details of 'any Australian' for sale on darknet

03/07/17

US-CERT Vulnerability Summary for the Week of June 26, 2017

03/07/17

65% of major US banks have failed web security testing

03/07/17

Bradford cyber security master's degree gets GCHQ stamp of approval

03/07/17

CERT Australia takes over ACMA cyber security program

03/07/17

German e-gov protocol carries ancient vulns

03/07/17

A Man-in-the-Middle Attack against a Password Reset System

03/07/17

The AA Exposed Emails, Credit Card Data, and Didn't Inform Customers

03/07/17

Alert (TA17-181A) Petya Ransomware

03/07/17

cron.weekly issue #87: OutlawCountry, MOTD, NSA, systemd, Kubernetes, spoilerwall, Dexter, GPG & more

02/07/17

Beyond public key encryption

02/07/17

Trump Hotels notifies some guests of payment card breach that began in 2016

01/07/17

Did the AA have a minor breakdown?

01/07/17

EternalPetya - yet another stolen piece in the package?

01/07/17

Online fraud overlooked by government, says watchdog

30/06/17

NCSC Weekly Threat Report 30th June 2017

30/06/17

Petya More Effective at Destruction Than as Ransomware

30/06/17

Management bug can crash Cisco IOS, IOS XE

30/06/17

SEC Consult SA-20170630-0 :: Multiple critical vulnerabilities in OSCI-Transport library 1.2 for German e-Government

30/06/17

SSL Labs Grading Redesign (Preview 1)

30/06/17

NCSC rolls out free and easy steps to improve public sector cyber security

30/06/17

AusCERT Week in Review for 30th June 2017

30/06/17

Australia creates military cyber unit to expand hacking attacks

30/06/17

Introducing Hardenize dashboards

29/06/17

Cisco and Spotify ship private keys in applications

29/06/17

OutlawCountry

29/06/17

Government data site user details leak

29/06/17

Eternal Champion Exploit Analysis

29/06/17

Windows 10 platform resilience against the Petya ransomware attack

29/06/17

48 hours after initial reports, many mysteries remain around the latest ransomware/wiper threat

29/06/17

EternalPetya and the lost Salsa20 key

29/06/17

Petya: "I Want To Believe"

29/06/17

Cyber-attack was about data and not money, say experts

29/06/17

Back to the future for Maersk in the wake of Petya attack

29/06/17

NCSC statement on the global cyber incident

29/06/17

Password guidance summary: how to protect against password-guessing attacks

28/06/17

LinkedIn 2012 hack: what you need to know

28/06/17

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

28/06/17

Petya Ransomware Without The Fluff

28/06/17

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

28/06/17

Password security alert

27/06/17

Warning to SMEs as firm hit by cyber attack fined �60,000

27/06/17

Defence Secretary's speech at Cyber 2017 Chatham House Conference

27/06/17

New ransomware, old techniques: Petya adds worm capabilities

27/06/17

Multiple Petya Ransomware Infections Reported

27/06/17

Petya Ransomware Spreading Via EternalBlue Exploit

27/06/17

Petya ransomware outbreak: Here's what you need to know

27/06/17

Info on the PetrWrap/Petya ransomware: Email account in question already blocked since midday

27/06/17

Ukraine Businesses Hit by Petya Ransomware

27/06/17

NCSC: Weekly Threat Report 23rd June 2017

26/06/17

US-CERT Vulnerability Summary for the Week of June 19, 2017

26/06/17

UK parliamentary email compromised after 'sustained and determined cyber attack'

26/06/17

People can be strongest link in cyber security, says NCSC

26/06/17

cron.weekly issue #86: Debian 9, Kernel vulnerability, Ubuntu, GitLab, casync, SSH tunnels & more

25/06/17

Parliament cyber-attack 'hit up to 90 users'

25/06/17

Kervball: The Kerv ring data breach...

23/06/17

Google's Elite Hacker SWAT Team vs. Everyone

23/06/17

Russian hackers trading stolen email addresses and passwords of 1,000 British MPs and top officials online

23/06/17

Heaps of Windows 10 internal builds, private source code leak online

23/06/17

FBI: Extortion, CEO Fraud Among Top Online Fraud Complaints in 2016

23/06/17

Guidance on the historic LinkedIn incident (2012)

23/06/17

AusCERT Week in Review for 23rd June 2017

23/06/17

IC3 Releases Annual Report Highlighting Trends in Internet Crime

22/06/17

NIST Launches New Special Publication (SP) 800-63 Suite!

22/06/17

Who are the cyberists?

21/06/17

ModSecurity version 3: Fuzzing as part of the QA

21/06/17

IC3 Issues Internet Crime Report for 2016

21/06/17

Criminal gang says that they shut down Skype, says Steam is next

21/06/17

The OpenVPN post-audit bug bonanza

21/06/17

News: Breach at UK.gov's Cyber Essentials scheme exposes users to phishing attacks

21/06/17

Historical courses and resorts in Elliptic Curves Cryptography - Is Curve25519 dead?

21/06/17

casync - A tool for distributing file system images

20/06/17

Web-hosting firm agrees to pay over million to ransomware extortionists

20/06/17

AdGholas Malvertising Campaign Using Astrum EK to Deliver Mole Ransomware

20/06/17

TLS 1.2 support at Microsoft

20/06/17

US-CERT Vulnerability Summary for the Week of June 12, 2017

19/06/17

Stack Guard Page Circumvention Affecting Multiple Packages

19/06/17

GCSE computing exam entrants falls, infosec job recruitment in trouble

19/06/17

198 million Americans hit by "largest ever" voter records leak

19/06/17

The Stack Clash

19/06/17

Bradford Council 'to test boundaries' of cyber resilience

19/06/17

Apache HTTP Server 2.4.26 Released

19/06/17

Private key corresponding to public key in trusted Cisco certificate embedded in executable

18/06/17

Personal info of hundreds of thousands of students targeted in schools hack attack

18/06/17

cron.weekly issue #85: yes, SQLite, bingrep, reredirect, Spack, sudo, mdadm, MySQL & more

18/06/17

Removing Some Code

17/06/17

Enhancing the security of the OS with cryptography changes in Red Hat Enterprise Linux 7.4

16/06/17

CVE-2017-7507 Detail

16/06/17

University of East Anglia in students' personal data breach

16/06/17

Your yearly reminder to post to Full-Disclosure, not Bugtraq

16/06/17

Norwich airport and hospital cyber-hacker 'His Royal Gingerness' jailed

16/06/17

NCSC Weekly Threat Report 16th June 2017

16/06/17

Facebook staff had their identities exposed to suspected terrorists due to security lapse

16/06/17

Brit hacker admits he siphoned info from US military satellite network

16/06/17

It's 2017 and someone's probably still using WINS naming. If so, stop

15/06/17

New cyber security information service launched today by ENISA

15/06/17

How I Found A 20-Year-Old Linux Kernel Bug

15/06/17

CIA has been hacking into Wi-Fi routers for years, leaked documents show

15/06/17

A WarCon 2017 presentation: Cisco ASA - Exploiting the IKEv1 heap overflow - CVE-2016-1287

15/06/17

ISC Releases Security Updates for BIND

15/06/17

Security Update for Microsoft Windows SMB Server (4013389)

14/06/17

National Exposure Index 2017

14/06/17

Internet hygiene still stinks despite botnet and ransomware flood

14/06/17

Don't touch that mail! London uni fears '0-day' used to cram network with ransomware

14/06/17

Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

14/06/17

Nmap 7.50 released: New NSE scripts, 300+ fingerprints, new Npcap

14/06/17

HACKING UK TRIDENT: A Growing Threat

14/06/17

Buggy devices and lazy operators make VoLTE a security nightmare

14/06/17

Samsung Left Millions Vulnerable to Hackers Because It Forgot to Renew a Domain

14/06/17

"Do what I mean!" - time to focus on developer intent

14/06/17

1-15 May 2017 Cyber Attacks Timeline

14/06/17

BIND9 CVE-2017-3140 & CVE-2017-3141

14/06/17

Microsoft: Latest security fixes thwart NSA hacking tools

13/06/17

Guidance related to June 2017 security update release

13/06/17

How a Single Email Stole .9 Million from Southern Oregon University

13/06/17

Defending the borders of your business in a digital era

13/06/17

Alert (TA17-164A) HIDDEN COBRA - North Korea's DDoS Botnet Infrastructure

13/06/17

AusCERT Week in Review for 16th June 2017

12/06/17

US-CERT Alert: CrashOverride Malware

12/06/17

Virgin Media resolves flaw in config backup for Super Hub routers

12/06/17

Gloucester City Council fined �100,000 after leak due to failure to patch Heartbleed

12/06/17

Understanding the prevalence of web traffic interception

12/06/17

US-CERT Vulnerability Summary for the Week of June 5, 2017

12/06/17

[elrepo] Anyone using Trusted Path Execution (kmod-tpe) on RHEL7?

11/06/17

cron.weekly issue #84: Hadoop, UUID, Evil.sh, GDB, rl, Monica, SFTP, Containers & more

11/06/17

Malware downloader infects your PC without a mouse click

11/06/17

NCSC Weekly Threat Report 9th June 2017

09/06/17

AusCERT Week in Review for 9th June 2017

09/06/17

April 2017 Cyber Attacks Statistics

09/06/17

Infosec guru Schneier: Govts WILL intervene to regulate Internet of Sh!t

08/06/17

Most vulnerabilities first blabbed about online or on the dark web

08/06/17

Malware Uses Obscure Intel CPU Feature to Steal Data and Avoid Firewalls

08/06/17

Britney Spears: Malware planted in singer's Instagram page

08/06/17

The Principles of a Subdomain Takeover

06/06/17

Browser Watch: SSL and Security Changes in Chrome 59

06/06/17

Google Releases Security Updates for Chrome

06/06/17

FIREBALL - The Chinese Malware of 250 Million Computers Infected

06/06/17

How The Intercept Outed Reality Winner

05/06/17

Reducing the Risk of SNMP Abuse

05/06/17

March 2017 Cyber Attacks Statistics

05/06/17

16-30 April 2017 Cyber Attacks Timeline

05/06/17

Massive Leak of 10 Million VIN Numbers Could Help Crooks Make Stolen Cars Look Legit

05/06/17

cron.weekly issue #83: Humble Bundle, Sudo, kapo, slap, Node, MySQL, iostat & more

04/06/17

NCSC Weekly Threat Report 2nd June 2017

02/06/17

AusCERT Week in Review for 2nd June 2017

02/06/17

Identity manager OneLogin hacked, user data accessed

02/06/17

When safety and security become one

01/06/17

Crapness of WannaCrypt coding offers hope for ransomware victims

01/06/17

Introducing ntopng 3.0

01/06/17

SEI Issues Advice on Ransomware

01/06/17

Healthcare tops UK data breach chart - but it's not what you're thinking

01/06/17

Why did 'power surge' hit BA computers?

01/06/17

Ethiopia blocks internet 'to stop exam cheats'

01/06/17

Cyber Security Roundup for May 2017

01/06/17

ESB-2017.1384 - [Linux][Ubuntu] sudo: Root compromise - Existing account

01/06/17

Bulletproof TLS Newsletter #28: Let's Encrypt downtime

31/05/17

FBI Releases Article on Protecting Business Email Systems

31/05/17

Certifying the professionals

31/05/17

UK surveillance law raises concerns security researchers could be 'deputised' by the state

31/05/17

CVE-2017-9073 Detail

31/05/17

CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux

30/05/17

Linux security alert: Bug in sudo's get_process_ttyname() [ CVE-2017-1000367 ]

30/05/17

Network Time Protocol updated to spook-harden user comms

29/05/17

Popular RADIUS server exploitable with TLS session caching

29/05/17

Vulnerability Summary for the Week of May 22, 2017

29/05/17

Vulnerability Summary for the Week of May 29, 2017

29/05/17

cron.weekly issue #82: Puppet 5, Debian 9, Chef, Vim, CNI, TFS, Haraka, PostgreSQL & more

28/05/17

NCSC Weekly Threat Report 26th May 2017

26/05/17

AusCERT Week in Review for 26th May 2017

26/05/17

Contactless payment fraud soars to �7m

26/05/17

Trump's Dumps: 'Making Dumps Great Again'

26/05/17

Author of EternalRocks SMB Worm Calls It Quits After Intense Media Coverage

25/05/17

The Judy Malware: Possibly the largest malware campaign found on Google Play

25/05/17

Split Tunnel SMTP Exploit Bypasses Email Security Gateways

25/05/17

NHS Digital stopped short of advising against paying off WannaCrypt

25/05/17

Free course: The GDPR Attack Plan

25/05/17

Fat-thumbed dev slashes Samba security

25/05/17

ActiveCyber Interviews Professor Jintai Ding - Author of Post-Quantum Safe Crypto Algorithm and PAKE Protocol

24/05/17

Samba Releases Security Updates

24/05/17

The largest Git repo on the planet

24/05/17

What's got a vast attack surface and runs on Linux? Windows Defender, of course

24/05/17

Victims Lost US to Ransomware

24/05/17

Preparing for the General Data Protection Regulation (GDPR): 12 steps to take now

24/05/17

Stack Overflow: Helping One Million Developers Exit Vim

23/05/17

29% Increase In Vulnerabilities Already Disclosed In 2017

23/05/17

Network Segmentation and PCI Compliance

23/05/17

WannaCry Malware Profile

23/05/17

Spotify Hacked? Thousands Of Accounts' Login Credentials Released By The Leak Boat

23/05/17

Strong passwords

23/05/17

Exclusive: North Korea's Unit 180, the cyber warfare cell that worries the West

22/05/17

Yahoo retires ImageMagick library after 18-byte exploit leaks user email content

22/05/17

US-CERT Vulnerability Summary for the Week of May 15, 2017

22/05/17

Putting the NCSC's badge on it...

22/05/17

cron.weekly issue #81: Nginx, Badger, fsql, zetcd, MySQL, Docker, binsnitch & more

21/05/17

CRON.WEEKLY issue #81: Nginx, Badger, fsql, zetcd, MySQL, Docker, binsnitch & more

21/05/17

SSD Drives Vulnerable to Attacks That Corrupt User Data

21/05/17

Wannacry: Everything you still need to know because there were so many unanswered Qs

20/05/17

Archive.org user account breach

19/05/17

Dell kills botched BIOS update that murdered punters' PCs

19/05/17

The Problem with OCSP Stapling and Must Staple and why Certificate Revocation is still broken

19/05/17

Biz overlords need to give a stuff about what they're told by IT crowd

19/05/17

Symantec CA's Initial Response to Google's Revised Proposal

19/05/17

Brazilian Fraudsters Create Device to Punch Out EMV Chips

19/05/17

Vine Archive Breach Exposes Email Addresses

19/05/17

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

19/05/17

NCSC Weekly Threat Report 19th May 2017

19/05/17

NCSC: Obsolete platforms security guidance

19/05/17

WannaCry FAQ: What you need to know today

19/05/17

How did the WannaCry Ransomworm spread?

19/05/17

BBC fools HSBC voice recognition security system

19/05/17

ICS-CERT Releases WannaCry Fact Sheet

19/05/17

AusCERT Week in Review for 19th May 2017

19/05/17

Security Alert: BlueDoom Worm Caught Spreading through EternalBlue, Integrates Batch of Leaked NSA Exploits

19/05/17

The Equation Group's post-exploitation tools (DanderSpritz and more) Part 1

18/05/17

Font sharing site DaFont has been hacked, exposing thousands of accounts

18/05/17

Zomato Hacked! Database of 17 Million Users Stolen

18/05/17

WannaCry: McAfee outlines recovery technique for when the worst happens

18/05/17

File carving can reverse WannaCry ransomware encryption, says McAfee

18/05/17

So how *do* you validate (NIST) ECDH public keys?

17/05/17

Further hardening glibc malloc() against single byte overflows

17/05/17

How WannaCrypt attacks

17/05/17

Gotcha, Tatcha! Thieves hide in servers to hoover up victims' bank card numbers mid-order

17/05/17

Chrome on Windows has credential theft bug

17/05/17

1-15 April 2017 Cyber Attacks Timeline

17/05/17

Mother of All Leaks

17/05/17

Edmodo confirms hackers breached its education platform, stole user data and hashed passwords

17/05/17

WordPress Releases Security Update

17/05/17

ClamAV will be publishing a new Main.cvd on Wednesday, June 7th, 2017

16/05/17

WikiLeaks Reveals Two CIA Malware Frameworks

16/05/17

Group linked to NSA spy leaks threatens sale of new tech secrets

16/05/17

TripAdvisor resets passwords after some accounts were improperly accessed

16/05/17

WannaCry ransomware cyber-attack 'may have N Korea link'

16/05/17

WannaCrypt ransomware worm targets out-of-date systems

16/05/17

US-CERT Vulnerability Summary for the Week of May 8, 2017

16/05/17

What you need to know about the WannaCry Ransomware

15/05/17

WannaCry, Party Like It's 2003

15/05/17

WannaCry FAQ: What you need to know today

15/05/17

1.9 million Bell customer email addresses stolen by 'anonymous hacker'

15/05/17

Breach at DocuSign Led to Targeted Email Malware Campaign

15/05/17

United Airlines cockpit codes accidentally leaked

15/05/17

WannaCrypt ransomware summary - SANS

15/05/17

City on hack alert as cyber shares rocket

15/05/17

AES-GCM-SIV

14/05/17

CRON.WEEKLY issue #80: nftables, BBR, WireGuard, Kubernetes, %CPU, GlusterFS, BTRFS & more

14/05/17

The need for urgent collective action to keep people safe online: Lessons from last week's cyberattack

14/05/17

Bad malware, worse reporting

13/05/17

WannaCrypt "Killswitch"

13/05/17

74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+

13/05/17

How to Accidentally Stop a Global Cyber Attacks

13/05/17

RIPE74 / Why IPv6 Security Is So Hard

12/05/17

Intel AMT story, continued

12/05/17

AusCERT Week in Review for 12th May 2017

12/05/17

NCSC Weekly Threat Report 12th May 2017

12/05/17

Customer Guidance for WannaCrypt attacks

12/05/17

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

12/05/17

Telefonica Tells Employees to Shut Down Computers Amid Massive Ransomware Outbreak

12/05/17

Do you have DNSSEC validation enabled?

11/05/17

DDoS Attacks against DNS Infrastructure in the News

11/05/17

The 2017-18 Budget: Here's what Aussie's cyber security vendors think

11/05/17

DDOS attacks in Q1 2017

11/05/17

On the topic of MITRE/Board transparency

11/05/17

A Security Analysis of Over 500 Million Usernames and Passwords

11/05/17

Keylogger Found in Audio Driver of HP Laptops

11/05/17

Veritas plugs a bunch of NetBackup vulns

10/05/17

How the UK is Closing the Cybersecurity Skills Gap

10/05/17

Australia's top companies look to NSW students to fight against cyber crime

10/05/17

How my car insurance exposed my position

10/05/17

UK Water Supplier Loses �500,000 in Sophisticated Scam

10/05/17

Chinese stock traders hacked lawyers, profited from Intel's Altera gobble, now fined

10/05/17

Cisco Releases Security Updates

10/05/17

Proving missing ASLR on dropbox.com and box.com over the web for a bounty :D

10/05/17

observations re packet socket exploit

10/05/17

Exploiting the Linux kernel via packet sockets

10/05/17

Read This If You Are Using a Script to Pull Data From This Site

10/05/17

CVSS - Is Version 3 All Bad?

10/05/17

CVE Will Reject a Group of Unused CVE IDs

09/05/17

Vulnerable OpenSSL Handshake Renegotiation Can Trigger Denial of Service

09/05/17

Hard Drive Stats for Q1 2017

09/05/17

CPU Utilization is Wrong

09/05/17

Defeating Magento security mechanisms: Attacks used in the real world

09/05/17

Deprecation of SHA-1 for SSL/TLS Certificates in Microsoft Edge and Internet Explorer 11

09/05/17

Vendors approve of NIST password draft

09/05/17

New FTC website helps small businesses

09/05/17

Thunderbird's Future Home

09/05/17

'Crazy bad' bug in Microsoft's Windows malware scanner can be used to install malware

09/05/17

Guardian Soulmates users hit with spam after data exposure

08/05/17

US-CERT Vulnerability Summary for the Week of May 1, 2017

08/05/17

Intel's AMT Flaw: Worse Than Feared

08/05/17

Productivity Commission sets aggressive timeline for Aussie data reform

08/05/17

Google Docs phishing email 'cost Minnesota ,000'

08/05/17

Intel's Management Engine is a security hazard, and users need a way to disable it

08/05/17

CRON.WEEKLY issue #79: OpenSnitch, VXLAN, GCC, 4.11 kernel, README's, curl, monitoring tools & more

07/05/17

Password Magic Numbers

06/05/17

Security Is A Constantly Moving Target, Isn't It Time To Secure The Hardware?

05/05/17

NCSC Weekly Threat Report 5th May 2017

05/05/17

Debenhams Flowers data breach hits 26,000

05/05/17

Password reuse, credential stuffing and another billion records in Have I been pwned

05/05/17

AusCERT Week in Review for 5th May 2017

05/05/17

US-CERT: IC3 Warns of Increase in BEC/EAC Schemes

04/05/17

"Google Docs" Worm Ransacks Gmail Users' Contact Lists - What You Need to Know

04/05/17

You only need 60 bytes to hose Linux's rpcbind

04/05/17

Using TLS1.3 With OpenSSL

04/05/17

Cisco Releases Security Updates

03/05/17

Introducing nScrub: Powerful yet Affordable DDoS Mitigation

03/05/17

VXLAN & Linux

03/05/17

Dell Information for VU#491375 - Intel Active Management Technology (AMT) does not properly enforce access control

03/05/17

Travel tech company Sabre confirms breach affected reservations system

03/05/17

ATM security devs rush out patch after boffins deliver knockout blow

03/05/17

16-31 March 2017 Cyber Attacks Timeline

03/05/17

135 MEELLION Indian government payment card details leaked

03/05/17

Mozilla takes a turn slapping Symantec's certification SNAFU

03/05/17

Facebook top 10 concert lists may be security risk

03/05/17

324 typo-squat domains found impersonating Natwest, HSBC and co

03/05/17

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts

03/05/17

Security Review of TLS1.3 0-RTT #1001

02/05/17

Online retailer left customers' financial details vulnerable to cyber attack

02/05/17

Australia: ASX Cyber Health Check Report - the view from the top

02/05/17

Introducing TLS with Client Authentication

01/05/17

US-CERT Vulnerability Summary for the Week of April 24, 2017

01/05/17

How the insurance industry could change the game for security

01/05/17

Australia faces cyber security skills crisis as challenges mount

01/05/17

OpenSSH Removes SSHv1 Support

01/05/17

Red alert! Intel patches remote execution hole that's been hidden in biz, server chips since 2008

01/05/17

CRON.WEEKLY issue #78: octodns, SSH, grsecurity, postal, nginx, cgroups, vim & more

30/04/17

Law Firm Ransomware Attack Locks Data for Three Months

29/04/17

Certificate Transparency requirement delayed

28/04/17

[elrepo] Announcement: EL7 Updated kmod-tpe release

28/04/17

Several Cable Modem Models Affected by SNMP God Mode Flaw

28/04/17

NCSC Weekly Threat Report 28th April 2017

28/04/17

Troy Hunt: Reckon you've seen some stupid security things? Here, hold my beer...

28/04/17

Last year's ICO fines would be 79 times higher under GDPR

28/04/17

A database of thousands of credit cards was left exposed on the open internet

28/04/17

AusCERT Week in Review for 28th April, 2017

28/04/17

Money Lost from Trinity's Philanthropic Branch After Cyber Attack

27/04/17

Introducing Cloudflare Orbit: A Private Network for IoT Devices

27/04/17

FYI: You can blow Intel-powered broadband modems off the 'net with a 'trivial' packet stream

27/04/17

TrickBot Is Hand-Picking Private Banks for Targets - With Redirection Attacks in Tow!

27/04/17

Serious security breach at Gloucestershire County Council leads to medical information leak

27/04/17

Banks confident of their approach to security - but still get hit by hackers

27/04/17

BGPstream and The Curious Case of AS12389

27/04/17

Intrusions Affecting Multiple Victims Across Multiple Sectors

27/04/17

Ransomware up. Breaches up. What do hackers want? Research, prototypes... all your secrets

27/04/17

South Australia gets its first CISO

27/04/17

Linux kernel security gurus Grsecurity oust freeloaders from castle

26/04/17

Auto Lender Exposes Loan Data For Up To 1 Million Applicants

26/04/17

Customer Data From Encrypted Phone Company Ciphr Has Been Dumped Online

26/04/17

Interpol unplugs nearly 9,000 Asian command and control networks

26/04/17

Verizon's 2017 Data Breach Investigations Report

26/04/17

How Australia's 457 Visa Changes Will Impact Cybersecurity

26/04/17

2017 Internet Security Threat Report

26/04/17

Symantec CA Response to Google Proposal and Community Feedback

26/04/17

Boffins supercharge the 'hosts' file to save users plagued by DNS outages

26/04/17

Bash Bunny: Big hacks come in tiny packages

25/04/17

After blitzing FlexiSpy, hackers declare war on all stalkerware makers: 'We're coming for you'

25/04/17

UK Man Gets Two Years in Jail for Running 'Titanium Stresser' Attack-for-Hire Service

25/04/17

Car hacking's dynamic duo offers to save others in research

25/04/17

Hyundai app security blunder allowed crooks to 'steal victims' cars'

25/04/17

Linux Shishiga malware using LUA scripts

25/04/17

R2Games compromised again, over one million accounts exposed

25/04/17

Auditing code for crypto flaws: the first 30 minutes

24/04/17

NSA's DoublePulsar Kernel Exploit In Use Internet-Wide

24/04/17

BrickerBot: Mirai-like malware clams two million insecure IoT devices

24/04/17

Australian Cyber Security Centre approved

24/04/17

Northrop Grumman can make a stealth bomber - but can't protect its workers' W-2 tax forms

24/04/17

HipChat security notice

24/04/17

US-CERT Vulnerability Summary for the Week of April 17, 2017

24/04/17

Apache Foundation hails Metron as new top level project for cybersecurity

24/04/17

CRON.WEEKLY issue #77: OpenStack, Moby, Caddy, Devuan, Linuxkit, Tmux, Jenkins & more

23/04/17

Top 10 Developer Crypto Mistakes

22/04/17

Data of 1.3 million Schoolzilla students exposed

21/04/17

NCSC Weekly Threat Report 21st April 2017

21/04/17

Script kiddies pwn 1000s of Windows boxes using leaked NSA hack tools

21/04/17

AusCERT Week in Review for 21st April 2017

21/04/17

Credit card with a fingerprint sensor revealed by Mastercard

20/04/17

Australia's bold plan for cybersecurity growth

20/04/17

Plastc swiped million from backers and just completely vanished

20/04/17

Fixing your oven can cook your computer

19/04/17

UK Gov't Cyber Security Breaches Survey 2017

19/04/17

ACSC 2016 Cyber Security Survey released

19/04/17

Lessons to learn as McAfee's LinkedIn page is hijacked

18/04/17

Australia scraps temporary visas for skilled workers

18/04/17

Cyber attacks 'hit one in five UK firms'

18/04/17

Update to RingGo app leaves thousands of UK drivers' data exposed

17/04/17

Introduction to Certificate Transparency for Server Operators

17/04/17

Microsoft Addresses Shadow Brokers Exploits

17/04/17

US-CERT Vulnerability Summary for the Week of April 10, 2017

17/04/17

CRON.WEEKLY issue #76: UDP, DungeonFS, historian, TokuDB, MySQL clusters, linkerd, BIND & more

16/04/17

Big Linux bug, low security concerns

14/04/17

Understanding Our Cache and the Web Cache Deception Attack

14/04/17

NSA-leaking Shadow Brokers just dumped its most damaging release yet

14/04/17

A Few Users Fooled By Previously Unknown MS Word Bug

13/04/17

Australian ISP Fights DDoS Attack

13/04/17

SWIFT on security: Fresh anti-bank-fraud defenses now live

13/04/17

AusCERT Week in Review for 13th April 2017

13/04/17

'High Risk' Zero Day Leaves 200,000 Magento Merchants Vulnerable

13/04/17

Recent Cryptanalysis of FF3

12/04/17

Cyberattacks wipe more than off big biz value, say beancounters

12/04/17

Avon left more than 620,000 Brazil customer details exposed to hackers 'for months'

12/04/17

Proper isolation of a Linux bridge

12/04/17

Red Hat: Determining your risk

12/04/17

Benchmarking nftables

11/04/17

1-15 March 2017 Cyber Attacks Timeline

11/04/17

Cyber's uncertain career paths

11/04/17

US-CERT Vulnerability Summary for the Week of April 3, 2017

10/04/17

Rise in hospital cyber attack reports

10/04/17

NCSC response to Wonga investigation

10/04/17

NCSC publishes new report on criminal online activity

10/04/17

Wonga Incident FAQ

09/04/17

Wonga data breach 'affects 245,000 UK customers'

09/04/17

Safety last: How to manage the computer-security threat

08/04/17

Gamestop.com Investigating Possible Breach

07/04/17

A huge trove of patient data leaks, thanks to telemarketers' bad security

07/04/17

The Ten Best Paying Tech Jobs In Australia Right Now

07/04/17

NCSC Weekly Threat Report 7th April 2017

07/04/17

AusCERT Week in Review for 7th April 2017

07/04/17

Troy Hunt: Here's where the Apple accounts hackers are threatening to wipe came from

07/04/17

US-CERT - Cisco Releases Security Updates

06/04/17

Highly confidential psychotherapy records from Maine center listed on the dark web

05/04/17

Scottrade Bank data breach exposes 20,000 customer records

05/04/17

Half a million 'de-identified' patients records to be shared in Bradford

05/04/17

GCHQ boss: 'We get crazy theories thrown at us every day'

05/04/17

Changes coming to TLS: Part Two

05/04/17

Cybercriminals Seized Control of Brazilian Bank for 5 Hours

04/04/17

Troy Hunt: Password managers don't have to be perfect, they just have to be better than not having one

04/04/17

March 2017: Top Hacks and Breaches [INFOGRAPHIC]

04/04/17

Capture, Filter, Extract Traffic using Wireshark and PF_RING

04/04/17

Israeli cyber security trainer CyberGym locates in Melbourne

04/04/17

Universities of Edinburgh and Warwick become academic centres of cyber excellence

03/04/17

Three Ways To Improve Australia's Intelligence Capability

03/04/17

US_CERT - Vulnerability Summary for the Week of March 27, 2017

03/04/17

'Serious' hack attacks from China targeting UK firms

03/04/17

Coe apologizes after IAAF suffers cyber attack

03/04/17

Thomas Duryea Logicalis partners with Ivanti for security solutions

03/04/17

CRON.WEEKLY - issue #74: RHEL 5, linkerd, hping3, Nginx, Bash, Ceph, Postfix & more

02/04/17

Complex Addressing in IPv6

01/04/17

Microsoft IIS 6.0 Buffer Overflow Zero Day

31/03/17

NCSC: Weekly Threat Report 31st March 2017

31/03/17

Cyber-Attack on McDonald's Canada Career Website

31/03/17

Data breach as details about MPs' staff published in error

31/03/17

Researchers steal data from CPU cache shared by two Vms

31/03/17

Facebook, Google, etc: Yeah, yeah, we'll work on the nasty stuff about bombs - but we ain't doing no backdoors

31/03/17

Keeping Up With the Crypto

31/03/17

Google plans to distrust all current Symantec certificates

30/03/17

Crackdown on contactless card security flaw welcomed by MPs

30/03/17

Financial fraud losses in the UK last year topped �20m a day - report

30/03/17

Black box discovery of memory corruption RCE on box.com

29/03/17

Garages, new homes and old offices: the records management mistakes that put health records at risk

29/03/17

Vulnerability Spotlight: Exploiting Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability

29/03/17

Security Orchestration and Incident Response

29/03/17

PKC 2017: Kenny Paterson accepting bets on breaking TLS 1.3

29/03/17

Minding the Cybersecurity Gap: New Associate QSA Program

29/03/17

Industry support is helping Australian cybersecurity startups shake off risk aversion: Austrade

29/03/17

MIT: US cyber insecurity a 'disgrace' that Trump needs to take seriously

28/03/17

Security Innovation Makes NTRUEncrypt Patent-Free

28/03/17

Telstra announces two cybersecurity centres, new managed security service

28/03/17

World+dog had 1.4 BEEEELLION of its data records exposed last year

28/03/17

Maria Milosavljevic new NSW government CISO

27/03/17

Announcing the PostgreSQL STIG

27/03/17

US-CERT: Vulnerability Summary for the Week of March 20, 2017

27/03/17

UK digital minister Matt Hancock praises 'crucial role' of encryption

27/03/17

Matt Hancock's cyber security speech at the Institute of Directors conference

27/03/17

NCSC: Happy 1st Birthday StSG!

27/03/17

API flaws said to have left Symantec SSL certificates vulnerable to compromise

27/03/17

FBI Warns on FTP Attacks to Access Medical, Dental Info

27/03/17

Nearly Half of UK Firms Have No Cyber Strategy - Report

27/03/17

CRON.WEEKLY issue #73: OpenSSL, Fossjobs, bcachefs, tmuxp, Gitlab, netbox, udocker, iptables & more

26/03/17

Gemalto releases findings of 2016 Breach Level Index

26/03/17

Microsoft pulls then revives Docs.com search after complaints of exposed sensitive files

26/03/17

CyberUK by the numbers

24/03/17

GDPR: A simple explainer

24/03/17

Make sure you're prepared for GDPR

24/03/17

Commission's top scientific advisers publish opinion on Cybersecurity in the Digital Single Market

24/03/17

NCSC Weekly Threat Report 24th March 2017

24/03/17

Google and Symantec clash on website security checks

24/03/17

Data breach disclosure 101: How to succeed after you've failed

23/03/17

New ATM fraud makes robbing a bank easier

23/03/17

GDPR: Official CSIRTs?

23/03/17

OpenSSL Re-licensing to Apache License v. 2.0 To Encourage Broader Use with Other FOSS Projects and Products

23/03/17

Carnegie-Mellon Uni emits 'don't be stupid' list for C++ developers

23/03/17

Libreswan 3.20 released

23/03/17

Using IPv6 atomic fragments for a denial-of-service attack

22/03/17

Protect your management interfaces

22/03/17

Two major US technology firms 'tricked out of '

22/03/17

Australia finally has mandatory data breach notification

22/03/17

Microsoft's 'Application Verifier' bug-finder is easily pwnable

22/03/17

Council blunder leaks personal data on web

22/03/17

Customer security awareness: alerting you to vulnerabilities that are of real risk

22/03/17

Private mobile phone numbers of nearly every federal MP accidentally published online

21/03/17

What should password managers not do? Leak your passwords? What a great idea, LastPass

21/03/17

ICO statement in relation to the potential risk to patient medical records held by GPs on TPP SystmOne

21/03/17

Firefox gets complaint for labeling unencrypted login page insecure

21/03/17

ICO survey shows many councils have work to do to prepare for new data protection law

20/03/17

US-CERT Vulnerability Summary for the Week of March 13, 2017

20/03/17

Three UK's mobile customers experience new data breach

20/03/17

February 2017 Cyber Attacks Statistics

20/03/17

SHA-1 collision detection on GitHub.com

20/03/17

Saks Fifth Avenue Exposed Personal Info On Tens Of Thousands Of Customers

19/03/17

McDonald's urges users in India to update app as 2.2 million allegedly affected by data leak

19/03/17

CRON.WEEKLY issue #72: FreeBSD, lkml, llvm, dnscontrol, buck, ReOpenLDAP, Postfix, Bash, Xargs & mor

19/03/17

Fuzzing the OpenSSH daemon using AFL

17/03/17

Are you undermining your web security by checking on it with the wrong tools?

17/03/17

Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

17/03/17

NCSC Weekly Threat Report 17th March 2017

17/03/17

An under-appreciated threat to your privacy: Security software

17/03/17

Reverse DNS issue for some delegations in the RIPE NCC service region

16/03/17

Fine for lawyer who stored client files on home computer

16/03/17

Buying a Samsung TV online could jeopardize your data

16/03/17

UK's Association of British Travel Agents cops to data breach

16/03/17

The End of the Line for EPEL-5

16/03/17

CyberUK 2017: Establishing the parameters of cyber-security and trust

15/03/17

Warning About Law Firm Email Scams Issued by Solicitors Regulation Authority

15/03/17

More Brits' IDs stolen than ever before

15/03/17

Popular Teen Quiz App Wishbone Has Been Hacked, Exposing Tons of User Information

15/03/17

Zero Days and Cargo Cult Science

15/03/17

Introducing Zero Round Trip Time Resumption (0-RTT)

15/03/17

Hacked Twitter Accounts Post Swastikas, Pro-Erdogan Content

15/03/17

Troy Hunt: We've lost control of our personal data (including 33M NetProspex records)

15/03/17

TEE Subsystem Proposed For Linux 4.12 Kernel

15/03/17

Three Mobile hack affected 76,000 more customers than thought

14/03/17

Apache Struts 2 bug bites Canada, Cisco, VMware and others

14/03/17

How the SHA-1 Collision Impacts Security of Payments

14/03/17

Bradford firm wins cyber security certificate

14/03/17

NCSC and NCA threat report provides in-depth analysis of evolving threat

14/03/17

#CYBERUK17: Cybersecurity Key to Protecting Economy & Way of Life, says NCSC CEO

14/03/17

CAA Mandated by CA/Browser Forum

13/03/17

NCSC: Vulnerability Co-ordination Pilot

13/03/17

Credit Card Scrapers Continue to Target Magento

13/03/17

Most of 2016's holes had fixes the day we knew about 'em. Did we patch? Did we @�$%

13/03/17

The CIA's "Development Tradecraft DOs and DON'Ts"

13/03/17

Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516

13/03/17

Powerfuzzer - Automated Customizable Web Fuzzer

13/03/17

16-28 February 2017 Cyber Attacks Timeline

13/03/17

US-CERT Vulnerability Summary for the Week of March 6, 2017

13/03/17

[openssl-dev] Code Health Tuesday - testing!

12/03/17

CRON.WEEKLY issue #71: CVE's, Memcache-top, Ctop, Choria, s2n, Dnsmasq, Bash, Strace, Systemd & more

12/03/17

GCHQ warns politicians about Russian hacking threat

12/03/17

Statement: NCSC offer of assistance to political parties

12/03/17

MacKeeper Security Researchers Discover Sensitive United States Air Force Data

12/03/17

Thousands of Welsh NHS staff's data stolen in hack

12/03/17

Chrome Deprecates Subject CN�Matching

10/03/17

New vulnerabilities found in mbed TLS

10/03/17

NCSC Weekly Threat Report 10th March 2017

10/03/17

Smart machines v hackers: How cyber warfare is escalating

10/03/17

After CIA leak, Intel Security releases detection tool for EFI rootkits

10/03/17

Public IPv4 drought: Verizon Wireless to stop handing out static addys

10/03/17

PCI DSS Fines? Cyber Insurance? How to Estimate the Cost of a Payment Card Breach

09/03/17

Banking, news and pharmacy websites regarded "not secure" by Chrome and Firefox

09/03/17

NCSC: CyberUK Strategy day

09/03/17

Brit ISP TalkTalk blocks control tool TeamViewer

09/03/17

Zero-days? Sexy, sure, but crap passwords and phishing are probably more pressing

09/03/17

Security flaws 'undiscovered for years'

09/03/17

Time's up for SHA-1 hash algo, but one in five websites still use it

08/03/17

British Retail Consortium launches cybersecurity toolkit

08/03/17

Spy hard, challenges of 100G deep packet inspection on x86 platform

07/03/17

Red Hat: 0.0 Draft of EPEL Charter

07/03/17

Boffins show Intel's SGX can leak crypto keys

07/03/17

The Retail Industry steps up the fight against rising cyber threats

07/03/17

1-15 February 2017 Cyber Attacks Timeline

07/03/17

Payments Giant Verifone Investigating Breach

07/03/17

UEFI Ransomware: Full Disclosure at Black Hat Asia

06/03/17

Consumer Reports to consider cyber security in product reviews

06/03/17

Identity Management Improvements in Red Hat Enterprise Linux 7.3: Part 2

06/03/17

Spammers expose their entire operation through bad backups

06/03/17

Cyber Europe 2016: the pan-European exercise to protect EU Infrastructures against coordinated cyber-attack

06/03/17

ICO GDPR Breach notification

06/03/17

US-CERT Vulnerability Summary for the Week of February 27, 2017

06/03/17

Collecting Proprietary Flows with nProbe

05/03/17

CRON.WEEKLY issue #70: GitHub, Kompose, Usql, tmux-cssh, HAProxy, icdiff, GlusterFS & more

05/03/17

NCSC Weekly Threat Report 3rd March 2017

03/03/17

Amazon typo knocked websites offline

03/03/17

London Cops' Emails Sent With No Encryption, Open to Interception

03/03/17

NSW privacy watchdog wants to make govt suppliers culpable for breaches

02/03/17

Unpatched WordPress Vulnerability Behind Latest Law Firm Cyberattacks

02/03/17

Cisco NetFlow kit can be borked with a bad packet

02/03/17

Introducing the Metasploit Vulnerable Service Emulator

02/03/17

AMD Ryzen 7 1800X Linux Benchmarks

02/03/17

January 2017 Cyber Attacks Statistics

02/03/17

Government sets out post-Brexit digital strategy

01/03/17

Digital Strategy to make Britain the best place in the world to start and grow a digital business

01/03/17

The Year of Data Breaches: Why Encryption and Reformatting SSDs is Not Enough

01/03/17

Article 19 Incident reporting

01/03/17

Quantifying the Impact of "Cloudbleed"

01/03/17

CVE checker

01/03/17

Yahoo says about 32 million accounts accessed using 'forged cookies'

01/03/17

Online shops plundered by bank card-stealing malware after bungling backend Aptos hacked

01/03/17

My Catch Of 4 Months In The Amazon IP Address Space

28/02/17

Bulletproof TLS Newsletter #25 - SHA-1 is broken

28/02/17

The case of the prematurely freed SKB

28/02/17

Private health firm fined �200,000 after IVF patients' confidential conversations revealed online

28/02/17

ABI change analysis of Fedora packages

28/02/17

Two million recordings of families imperiled by cloud-connected toys' crappy MongoDB

28/02/17

Over 800,000 user account details stolen from vulnerable forums running vBulletin

27/02/17

US-CERT Vulnerability Summary for the Week of February 20, 2017

27/02/17

Bug 168774 - Add a test verifying cache deduplication is not sensitive to SHA1 collision attack

27/02/17

OpenSSL code cleanup: Participate in Code Health Tuesday

27/02/17

Subversion SHA1 Collision Problem Statement - Prevention and Remediation Options

27/02/17

security things in Linux v4.10

27/02/17

The conflict between wildcard TLS certificates and Certificate Transparency

27/02/17

CRON.WEEKLY issue #69: SHA-1, Kernel exploit, pssh, securitybot, nscan, Kernel 4.10, live kernel patching & more

26/02/17

RFC 8094: DNS over Datagram Transport Layer Security (DTLS)

26/02/17

List of Sites possibly affected by Cloudflare's #Cloudbleed HTTPS Traffic Leak

26/02/17

Pragmatic thoughts on #CloudBleed

25/02/17

Apple deleted server supplier after finding infected firmware in servers

24/02/17

NCSC Weekly Threat Report 24th February 2017

24/02/17

Extensive Breach at Intl Airport

24/02/17

Nuts and Bolts of Encryption: A Primer for Policymakers

24/02/17

Certificate Transparency, an introduction

24/02/17

Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug

24/02/17

sha1collisiondetection

24/02/17

s2n Is Now Handling 100 Percent of SSL Traffic for Amazon S3

23/02/17

Linux kernel gets patch for 11-year-old local-root-hole security bug

23/02/17

Magento Security Tips - what can you do to protect your website?

23/02/17

Ticketbleed Detection Added to SSL Labs

23/02/17

Incident report on memory leak caused by Cloudflare parser bug

23/02/17

SHA-1 broken - successful collision attack demonstrated

23/02/17

Memory Error Detection Using GCC

22/02/17

Infosec firm NCC Group launches review over crap financials

22/02/17

Scammers taking control of computers, experts warn

22/02/17

DomainMonster mash: Hundreds of websites vandalized after Brit web host server hacked

22/02/17

New Statistics Released on Corporate Email Security Threats

22/02/17

Kaspersky: Financial cyberthreats in 2016

22/02/17

GlobalSign Able to Issue Thousands of Certificates Per Second

21/02/17

Fingerprinting Firefox users with cached intermediate CA certificates (#fiprinca)

21/02/17

CVSSv3: New System, Old Problems Remain

21/02/17

SIDN sounds the alarm on DNSSEC security status of Dutch domain names

21/02/17

Big Blue's big blunder: IBM accidentally hands over root access to its data science servers

21/02/17

Trend Micro: Why Most Cybersecurity Startups Won't Survive

21/02/17

Brian Krebs: How to Bury a Major Breach Notification

21/02/17

Hacking group RTM able to divert bulk financial transfers with malware

21/02/17