Threats and Risks
Six tips for better data risk negotiations from Chief Risk Officer Michelle Griffey
Choosing a collaborative approach rather than box-ticking and backside covering will be a win-win, says Communisis CRO
New Facebook vulnerability could tie millions of accounts and email addresses together
The company allegedly initially said that the flaw was not important enough to be addressed
MI5: Spies are using LinkedIn to steal secrets from UK nationals
As many as 10,000 Brits have been targeted, including security and military officials, civil servants, defence contractors and pharmaceutical industry experts
Rising ransom-related DDoS threats: how to best prepare
RDDoS attacks often come out of the blue, but there are a few key ways you can best prepare for them
Understanding what drives teen hackers is key to securing your business, says cyber expert Shelton Newsham
Natural curiosity can lead some to open some wrong doors
Securing your investment in Microsoft 365
There’s a lot of sensitive data contained in Office documents - so it makes sense to take care of it
Apple releases urgent security patch for zero‑day bug under active attack
The bug exists in Webkit, the browser engine which powers the Safari browser across all Apple devices
BlackKingdom ransomware attacking Microsoft Exchange servers via ProxyLogon vulnerabilities
Patching the bugs will not remove a hacker who has already compromised a server, according to Microsoft
4,200 vulnerable D/TLS servers that can be abused to amplify DDoS attacks by 37 times spotted by researchers
Citrix has updated its Netscaler ADCs and advises customers to upgrade
Boris Johnson: Britain must build cyber capability to stay ahead of enemies
The PM is due to present a long-term Integrated Review of national security, defence, development and foreign policy to Parliament tomorrow
At least 10 hacking groups are currently exploiting Microsoft Exchange flaws, report
Attackers pile in after vulnerabilities revealed
Fake Google reCAPTCHA used in ongoing Microsoft 365 credential-phishing campaign
Beginning December 2020, the campaign primarily targets senior employees in the banking and IT sectors
Microsoft patches four zero-day bugs impacting Exchange Server
Microsoft blames Chinese actor Hafnium for having already exploited the faults
Google SEO algorithm tricked by malware to legitimise fake sites
It is actively delivering malicious payloads through highly-focused campaigns in the US, South Korea and Germany
CVSS assigns severity score of 10.0 to Rockwell controller vulnerability
"Tracking PLC components to fix the problem will be hard," said one commentator
GCHQ will use AI to combat child abuse and human trafficking
GCHQ has committed to using AI in a 'fair and transparent' way
China-linked Jian spyware was copied from NSA code, researchers
The APT31 group cloned a cyber-offensive tool developed by the NSA to create Jian, which was then used against a US target
'Silent stealing': cyber fraudsters expand mass, low-return operations in the pandemic
Criminals are targeting hundreds of thousands of individuals for as little as £10, reasoning that such thefts are less likely to be reported
'Silver Sparrow' malware infects about 30,000 Macs worldwide
But so far the new attack does...nothing
Credential spills have doubled in the last four years
'Credential spills are like an oil spill: once leaked, they are very hard to clean up'
US Gmail users are most popular targets for email phishing and malware attacks
Third-party data breaches also make users more attractive targets for cyber attacks
Hildegard malware targeting Kubernetes to mine cryptocurrency
Researchers expect a large-scale attack leveraging Kubernetes resources soon
Serious bug discovered in widely used cryptographic software
GnuPG users urged to install latest upgrade immediately
Notorious Emotet botnet taken down following international police operation
Servers taken down and multiple arrests made
