Threats and Risks
Russia's new cyber laws will fuel online crime, claims report
Russia's Sovereign Internet law looks to re-model the country's self-contained internet system on China's
Steam client zero-day vulnerability enables arbitrary code to be run with LocalSystem privileges
The vulnerability was reported to Valve Software but was rejected for being 'out of scope'
'Critical' security flaws identified in Cisco 220 Series Smart Switches
Cisco urges users of its Small Business 220 series of switches to update ASAP or risk corporate network compromise
Russian hackers targeting IoT devices to penetrate corporate networks, warns Microsoft
IoT devices the 'soft underbelly' of corporate networks by Russia's Fancy Bear hackers, targeting VoIP phones and printers
Warning over GermanWiper ransomware that erases victim's data but still asks for ransom
Victims have been advised not to pay ransom that that won't help them recover their files
New SystemBC proxy malware now being distributed through RIG, Fallout exploit kits, warn researchers
The malware uses SOCKS5 to evade detection, warns Proofpoint
Warning over boom in web skimming cyber crime targeting online stores
Malwarebytes claims to have blocked 65,000 web-skimming Magecart data theft attempts in July alone
Cyber criminals launched 3.5 billion malicious login attempts in just 18 months - Akamai
Half of all phishing attacks are targeting the financial sector, warns Akamai
Eleven zero-day vulnerabilities in VxWorks expose more than two million devices worldwide
Security researchers warn that six of the 'URGENT/11' vulnerabilities are critical and could facilitate remote access attacks on embedded devices
Contractor pleads guilty to planting 'logic bomb' in client's software
David Tinley faces a fine of up to $250,000 and ten years in prison
VPN security flaw could enable attackers to crack a network without user name or password
Warning over VPNs from Palo Alto Networks, Fortinet and Pulse Secure after researchers uncover new security flaw
Warning over 'onslaught' of new Windows malware after Bluekeep details were published on GitHub
GitHub Bluekeep explainer significantly lowers the bar for writing malware similar to NotPetya and WannaCry
Warning over critical security flaw in VLC Media Player
Exploits expected to emerge within days to take advantage of 9.8-rated critical security flaw in VLC Media Player
Bluetooth flaw could enable hackers to track iOS, macOS and Windows 10 devices
Neither Apple nor Microsoft have yet issued a fix
GandCrab ransomware team may have rebranded, not retired, to push more advanced 'REvil' ransomware
GandCrab gang not retiring, but rebranding to offer a more exclusive, lower profile 'service'
NCSC issues warning over global DNS hijacking campaign
Warning over upsurge in DNS hijacking campaigns that redirect users to malicious websites
Ship operators warned over malware targeting shipping in spear-phishing attacks
US Coast Guard issues alert over rise in cyber attacks targeting commercial vessels
Patch Tuesday: Microsoft addresses 77 vulnerabilities, including two zero days
Fifteen of this month's 77 vulnerabilities are rated as 'critical'
Microsoft warning over Astaroth fileless malware undetectable by most anti-virus security
Astaroth's 'living off the land techniques' are being used to spread fileless malware
Newspaper production hit by Ryuk ransomware attack
Print editions of a number of Tribune Group titles affected by a targeted campaign
Microsoft issues emergency patch for zero-day flaw in the IE browser
CVE-2018-8653 must be patched manually for now
Kubernetes news: Critical vulnerability discovered; New Relic announces Kubernetes cluster explorer
Critical bug scores 9.8 out of 10 for seriousness. Patches are available.
Do you know about the power of privileged access?
Attackers often target superuser accounts with access to data and systems - how do you protect them?
The new threats: trust attacks and AI malware
The latest methods are designed to manipulate, not destroy, says Darktrace
