News

Application security and coding requirements

• May 07, 2020 07 May'20

  Next round of Zoom updates targets consumer security

  Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend

• May 06, 2020 06 May'20

  Re-purposing data and questionable effectiveness could undermine trust in NHS contact-tracing app

  Experts call for greater clarity over how contact-tracing data will be used, while discussing the limitations of the coronavirus app

• May 04, 2020 04 May'20

  Xen Orchestra latest victim of Salt cryptojackers

  More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• April 30, 2020 30 Apr'20

  Mobile banking customers at risk from new EventBot trojan

  Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan

• April 28, 2020 28 Apr'20

  Under the spotlight, video apps rush to strengthen security

  Most popular videoconferencing applications now meet Mozilla’s minimum security standards, with fierce competition and public pressure driving rapid improvement

• April 24, 2020 24 Apr'20

  The Security Interviews: Can AV go from dodgy scareware to cyber hero?

  Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

• April 23, 2020 23 Apr'20

  iOS zero-day leaves iPhone users dangerously exposed

  Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices

• April 23, 2020 23 Apr'20

  Zoom to roll out fresh cyber security updates

  New features include support for advanced AES 256-bit encryption

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 15, 2020 15 Apr'20

  Coronavirus: Standard Chartered bans employees from Zoom

  Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom

• April 15, 2020 15 Apr'20

  Coronavirus: Researcher finds security vulnerability in Slack

  Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher

• April 15, 2020 15 Apr'20

  Microsoft patches 19 critical bugs in another heavy Patch Tuesday

  The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday

• April 10, 2020 10 Apr'20

  Coronavirus: Warning over surge in Zoom security incidents

  Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools

• April 07, 2020 07 Apr'20

  Happy developers write secure code, report claims

  DevOps specialist Sonatype claims to have found a direct correlation between satisfied developers and application security hygiene

• April 03, 2020 03 Apr'20

  Covid-19 apps pose threat to digital privacy on a global scale

  Digital security firm Surfshark has reviewed a number of apps aimed at tackling the spread of coronavirus, and found that many pose a threat to people’s digital privacy

• April 02, 2020 02 Apr'20

  Coronavirus: Magecart attacks on online retailers jump 20%

  RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic

• April 02, 2020 02 Apr'20

  Coronavirus: Is Zoom safe and should security teams ban it?

  Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright?

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 31, 2020 31 Mar'20

  Houseparty denies hack as credential stuffing attacks spread

  Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise

• March 31, 2020 31 Mar'20

  Hackathon launched to help fight coronavirus pandemic

  Virtual hackathon seeks to develop a suite of applications to help people during the Covid-19 coronavirus outbreak through ethically built technology

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Coronavirus: Be alert to rogue mobile apps exploiting outbreak

  Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them

• March 24, 2020 24 Mar'20

  Tekya auto-clicker malware exploits kids’ Android apps

  Google has removed multiple apps for children that were found to contain Tekya auto-clicker malware

• March 23, 2020 23 Mar'20

  Coronavirus: Kaspersky, Bitdefender make products free to NHS

  Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies

• March 20, 2020 20 Mar'20

  Unpatched Zyxel storage devices co-opted into IoT botnet

  Owners of Zyxel network-attached storage devices are in danger of being hijacked by Mukashi, a descendant of the infamous Mirai botnet, if they don’t patch a critical vulnerability

• March 13, 2020 13 Mar'20

  Coronavirus-linked hacks likely as Czech hospital comes under attack

  The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe

• March 12, 2020 12 Mar'20

  Failings in open source disclosure put users at risk

  As more projects rely on open source components, IT departments need to keep on top of critical vulnerabilities to ensure they are secure

• March 12, 2020 12 Mar'20

  Cookie-stealing trojans found lurking on Android phones

  Kaspersky discovers two new Android malware modifications that could give hackers control of their victims’ social media accounts

• March 11, 2020 11 Mar'20

  Microsoft locks down new vulnerability with EternalBlue echoes

  Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update

• March 11, 2020 11 Mar'20

  Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday

  March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical

• March 10, 2020 10 Mar'20

  Schoolgirl security experts prepare to do battle

  The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent

• March 10, 2020 10 Mar'20

  VAT software supplier exposed data of millions

  Eight million sales records belonging to UK and EU consumers left exposed due to misconfigured server

• March 10, 2020 10 Mar'20

  Inside Oracle’s cloud strategy

  Oracle may be late to the cloud infrastructure and platform game, but it believes it has what it takes to carve out a bigger slice of the Asia-Pacific’s cloud market

• March 06, 2020 06 Mar'20

  Virgin Media confirms 'misconfigured database' left personal data of 900,000 people exposed

  Telco provider Virgin Media confirms 'data incident' that left personal details of 900,000 people exposed, but denies its systems were hacked or that it suffered a data breach

• March 03, 2020 03 Mar'20

  Singapore among world’s top sources of online threats

  Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state

• March 02, 2020 02 Mar'20

  The Security Interviews: Inside the world of bug bounties

  You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow

• February 26, 2020 26 Feb'20

  Fake CDNs obscuring credit card fraudsters

  Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities

• February 25, 2020 25 Feb'20

  The Security Interviews: Gil Shwed’s 10-year vision for security

  Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years

• February 24, 2020 24 Feb'20

  WikiLeaks founder Assange ‘put lives at risk’ by disclosing names in leaked documents, court hears

  WikiLeaks founder Julian Assange ‘put lives of US informants at risk’ by publishing unredacted documents, lawyers for the US argued at the first day of a week-long extradition hearing

• February 24, 2020 24 Feb'20

  Open security group unveils common OpenDXL language

  Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework

• February 24, 2020 24 Feb'20

  Cisco goes all-in on security integration with SecureX platform

  CISOs are struggling to stitch together disparate cyber security products and services – Cisco believes its cloud-native SecureX platform will change their working lives for the better

• February 21, 2020 21 Feb'20

  Malicious apps still getting past Google controls

  Check Point researchers have found multiple malware-infected apps in the Google Play store, including a clicker called Haken, which has been downloaded more than 50,000 times

• February 19, 2020 19 Feb'20

  Cost of cloud misconfigurations set at $5tn

  Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months

• February 18, 2020 18 Feb'20

  Girlguiding hosts interactive cyber security workshop

  100 Guides from South West England took part in an NCSC event to learn more about security fundamentals

• February 17, 2020 17 Feb'20

  Ex-soldiers to become ethical hackers

  A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking

• February 12, 2020 12 Feb'20

  Internet Explorer zero day among 99 Patch Tuesday problems

  After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities

• February 11, 2020 11 Feb'20

  Mac-based security threats outpacing Windows

  Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes