Threats and Risks
Contractor pleads guilty to planting 'logic bomb' in client's software
David Tinley faces a fine of up to $250,000 and ten years in prison
VPN security flaw could enable attackers to crack a network without user name or password
Warning over VPNs from Palo Alto Networks, Fortinet and Pulse Secure after researchers uncover new security flaw
Warning over 'onslaught' of new Windows malware after Bluekeep details were published on GitHub
GitHub Bluekeep explainer significantly lowers the bar for writing malware similar to NotPetya and WannaCry
Warning over critical security flaw in VLC Media Player
Exploits expected to emerge within days to take advantage of 9.8-rated critical security flaw in VLC Media Player
Bluetooth flaw could enable hackers to track iOS, macOS and Windows 10 devices
Neither Apple nor Microsoft have yet issued a fix
GandCrab ransomware team may have rebranded, not retired, to push more advanced 'REvil' ransomware
GandCrab gang not retiring, but rebranding to offer a more exclusive, lower profile 'service'
NCSC issues warning over global DNS hijacking campaign
Warning over upsurge in DNS hijacking campaigns that redirect users to malicious websites
Ship operators warned over malware targeting shipping in spear-phishing attacks
US Coast Guard issues alert over rise in cyber attacks targeting commercial vessels
Patch Tuesday: Microsoft addresses 77 vulnerabilities, including two zero days
Fifteen of this month's 77 vulnerabilities are rated as 'critical'
Microsoft warning over Astaroth fileless malware undetectable by most anti-virus security
Astaroth's 'living off the land techniques' are being used to spread fileless malware
Newspaper production hit by Ryuk ransomware attack
Print editions of a number of Tribune Group titles affected by a targeted campaign
Microsoft issues emergency patch for zero-day flaw in the IE browser
CVE-2018-8653 must be patched manually for now
Kubernetes news: Critical vulnerability discovered; New Relic announces Kubernetes cluster explorer
Critical bug scores 9.8 out of 10 for seriousness. Patches are available.
Do you know about the power of privileged access?
Attackers often target superuser accounts with access to data and systems - how do you protect them?
The new threats: trust attacks and AI malware
The latest methods are designed to manipulate, not destroy, says Darktrace
Fewer than one in five IBM mainframe customers are using multi-factor authentication
Mainframe users cited concerns about disruption and end-user resistance as reasons not to employ MFA
University of Birmingham CISO: "I have severe doubts about the security of Facebook, and LinkedIn is going the same way"
The University of Birmingham faces security challenges from the local to the international level
Nine out of 10 reported cyber incidents never reach court
Whether it is because of legal risks, reputational damage or concerns over business continuity, reporting cyber incidents is rare and pursuing them legally is even more so
The IT director and the board must be aligned on cyber protection (video)
Communication between the board and IT cannot be solely one way
The data blame game: what to do when executives are playing fast and loose with core IP
93 per cent of CEOs store their work on a laptop or other personal device outside of official company storage, finds survey
DDoS attacker who targeted Steam, Sony and Electronic Arts pleads guilty
DerpTrolling 'brains' Austin Thompson faces up to ten years in prison over DDoS campaign
Commissioner warns against danger of 'datafying' children
Parents and children must understand how and why data is being collected by toy-makers
Researchers uncover side-channel attacks that target the GPU
The attacks begin with a malicious app that spies on the infected system and steals passwords through GPU rendering
This is what the cyber security will look like once attackers weaponise AI
Artificial intelligence will enable threats to learn as they go, remaining undetected for longer
Most read
