Threats and Risks
What is the 'WCry' or 'WanaCrypt0r' ransomware?
NHS and systems worldwide taken down by WanaCrypt0r 2.0. But what is it, who's behind it and where does it come from?
Mass ransomware attack may be exploiting unpatched Microsoft SMB MS17-010 vulnerability using NSA tools
WannaCry/WanaCrypt0r 2.0 attachers probably using the NSA EternalBlue exploit to hit Windows SMB vulnerability
MS Amlin CISO Ali Zeb: split your security teams into 'strategic security' and 'technical security'
Finance industry security pro Ali Zeb explains how he approaches the basics for tackling corporate security
Microsoft May Patch Tuesday faces down three zero-day exploits, but is it too little, too late?
Russian hackers swarm all over bugs as company plugs gaps long after the event
Microsoft releases emergency patch to fix severe remote-code execution flaw that exploits Windows' own anti-virus engine
Microsoft acts quickly following disclosure by Google's Project Zero bug-hunters
New proposals for encryption 'back doors' planned by UK government in extension to internet surveillance
Plans for encryption back door keys to be held by telcos and ISPs and real-time web surveillance
Fuze collaboration platform exposed online meetings to attackers as a result of 'improper access control'
Glaring access control flaw meant Fuze meetings were indexed by search engines
Intel fixes nine-year-old remote-code execution flaw in its Management Engine technologies
Reports suggest Intel never took reports of the flaw seriously - until recently
Seven truths about network security
There are many misconceptions surrounding network security requirements
'Beautiful' NSA hacking tool DoublePulsar infects almost 200,000 Windows PCs
Security researchers' scans reveal hundreds of thousands of PCs already compromised - and infections rising by tens of thousands every day
BrickerBot author claims two million bricked IoT devices
'The Janitor' claims to have removed two million insecure IoT devices from circulation
Why encryption has become a boardroom issue
Thales e-Security survey shows how corporate decision-making on encryption has shifted from the IT department to the boardroom, writes John Grimm
Chrome, Firefox and Opera all vulnerable to phishing flaw
Spoof URLs look exactly like the real thing thanks to the way top browsers interpret Punycode
Oracle drops 299-patch security update - 25 of them rated 10 out of 10 by CVSS
Shadow Brokers, the NSA and others have kept Oracle busy this year
SAP releases 27 Security Notes with most severe security flaw rated at 9.4
Five SAP Security Notes rated "high priority" by ERPScan
Shadow Brokers' malware release includes Oracle Solaris administrator-access security flaw
US National Security Agency had 'skeleton keys' to any Oracle/Sun Solaris system for decades
Arrest of Russian national in Spain NOT linked to US election hacking
The only elections Levashov may have tried to 'hack' are Russian ones
Shadow Brokers return with new release of NSA hacking tools - and an open letter to President Trump
Russia-linked hacking group denies links to Russia
BrickerBot targets insecure IoT devices - and then bricks them
'Grey hat' hacker suspected to be behind malware that seeks out and takes down insecure connected devices
Danger Detected, Danger Averted
Automated patch minute is criticallly important, says baramundi
Brazilian bank customers targeted after hackers compromise all of the bank's domains
Let's Encrypt accused of issuing the digital certificates that helped the hackers
New critical vulnerability XSA-212 reported in Xen hypervisor
AWS unaffected but users of Qubes OS are advised to update their systems
How code from 20-year-old 'Moonlight Maze' cyber attacks was linked with Turla malware
Code analysis identifies 20-year history of malware linked to Russian government
Microsoft refuses to fix security flaw in 600,000 Windows Server 2003-based web servers
Security flaw affects Windows Server 2003 machines with WebDAV enabled
Most read
