Hackers and cybercrime prevention
-
News
21 Nov 2024
Brit charged in US over Scattered Spider cyber attacks
A UK national named as Tyler Robert Buchanan has been charged in the US over his alleged involvement in cyber attacks perpetrated by the Scattered Spider gang Continue Reading
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
News
07 Feb 2012
UK to take part in weekend protests against Acta
Protests against the controversial Anti-Counterfeiting Agreement (Acta) have been organised across Europe, with most set to take place on 11 February. Continue Reading
-
News
06 Feb 2012
FBI investigates Anonymous intercept of call with Scotland Yard
The US Federal Bureau of Investigation (FBI) is looking into how a conference call with Scotland Yard was intercepted by a member of the activist hacking group Anonymous. Continue Reading
-
News
01 Feb 2012
Fewer than a third of UK organisations plan mobile security projects
Despite the media hype around the adoption of mobile technologies and the need to secure them, relatively few UK organisations are planning mobile security projects, a survey has revealed Continue Reading
-
News
16 Jan 2012
Google mortified after staff access competitor's database
Google said it is mortified after people working on a project in Kenya were found to have stolen the details of a competitor’s customers and used them to sell its own products. Continue Reading
-
News
16 Jan 2012
Rupert Murdoch attacks Barack Obama over online piracy legislation
News Corp chief Rupert Murdoch has accused Barack Obama's administration of siding with "Silicon Valley paymasters" as two anti-piracy bills go through US Congress. Continue Reading
-
News
06 Jan 2012
Ramnit worm steals 45,000 Facebook passwords
A computer worm has begun targeting Facebook accounts and has stolen at least 45,000 login credentials from users, say security researchers. Continue Reading
-
News
06 Jan 2012
The cyber-savvy CEO and growing cyber threats
This report from PwC explains why CEOs need to take the lead in protecting their organisations from the surge in cyber attacks. Continue Reading
-
News
03 Jan 2012
Hacktivists plan to use satellites to by-pass internet censorship
Hacker activists plan to launch communication satellites to overcome the threat of internet censorship. Continue Reading
-
News
29 Dec 2011
Is it the end of the line for antivirus signatures?
Traditional antimalware can't keep up with the threat landscape. Are antivirus signatures destined for the rubbish bin? Continue Reading
-
News
29 Dec 2011
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. Continue Reading
-
News
12 Dec 2011
Cloud leaves many firewalls wanting – but could automation prove the silver bullet?
Most companies rely on firewalls, but the IT landscape is changing and so must approaches to security. Is there a silver bullet? Continue Reading
-
News
08 Dec 2011
Adobe to release out-of-cycle patch for latest vulnerability
Adobe has issued a security advisory about a newly discovered and still unpatched vulnerability in Adobe Reader and Adobe Acrobat which is being used in "limited, targeted attacks in the wild". Continue Reading
-
News
05 Dec 2011
One in four IT security staff abuse admin rights, survey shows
At least one in four IT security staff use their privileged login rights to look at confidential information, a survey has revealed. Continue Reading
-
News
30 Nov 2011
United Nations Development Programme investigates hacking claims
The United Nations Development Programme (UNDP) is investigating claims from hacker group Team Poison that it extracted over 100 e-mail addresses and login details belonging to UN staff. Continue Reading
-
News
17 Nov 2011
Forensics key to effective info security, says E&Y
Intelligence-led security strategies are the most effective in eliminating vulnerabilities and preventing IP theft through enabling informed change, says consultancy firm Ernst & Young. Continue Reading
-
News
17 Nov 2011
IT security not always part of cloud decision, says IDC
Cloud adoption is outstripping security concerns, says Eric Domage, programme manager for IDC in Europe. Continue Reading
-
News
11 Nov 2011
EDF fined £1.3m for hacking into Greenpeace computers
A Paris court has fined French energy firm EDF £1.3m for hacking into Greenpeace computers to find out about the environmental group’s plans to block four planned nuclear power plants in the UK. Continue Reading
-
News
11 Nov 2011
The market landscape for print security
This report is gives an overview of the security risks of the print environment , the market landscape, best practices for a print security strategy. Continue Reading
-
Feature
08 Nov 2011
London cybersecurity conference: a missed opportunity?
World leaders gathered in London. Our prime minister and foreign secretary hosted all the luminaries and dignitaries. Was it worth it? Continue Reading
-
News
07 Nov 2011
Analysis: Intelligence key to security business case
Information security is becoming an increasingly important part of any business as the value of information assets continually grow, as do the threats from cyber crime and espionage. Continue Reading
-
News
03 Nov 2011
US and EU hold first joint cybersecurity exercise
The US and EU are holding their first joint cybersecurity exercise in Brussels on 3 November 2011, involving more than 20 EU member states and supported by the EU's cybersecurity agency Enisa and the US Department of Homeland Security. Continue Reading
-
Feature
02 Nov 2011
The top five SME security challenges
Best practice in IT security and compliance for small and medium-sized enterprises (SMEs) is often seen as a "grudge purchase", but SMEs face the same threat as larger organisations - just without their budgets. Continue Reading
-
News
01 Nov 2011
MoD calls on academics, industry and inventors to pitch cyber security ideas
The Ministry of Defence is calling for innovative solutions from academia and industry to protect and secure UK interests in cyberspace. Continue Reading
-
News
01 Nov 2011
Hague calls for collaboration to realise full potential of cyberspace
It is increasingly clear that countries with weak cyber defences and capabilities will find themselves at a serious strategic disadvantage given the rise of state-sponsored cyber attacks, according to foreign secretary William Hague. Continue Reading
-
News
31 Oct 2011
Japan may be facing sustained cyber attack
Japan's mapping agency is the latest in a series of government agencies to be targeted by hackers, raising fears that the breaches are part of a series of sustained attacks. Continue Reading
-
News
31 Oct 2011
Facebook admits to 600,000 cyber attacks a day
Facebook has revealed that every 24 hours it receives around 600,000 logins to the social networking website from impostors attempting to access users' messages, photos and other personal information. Continue Reading
-
News
28 Oct 2011
UK security strategy draws on growing expertise across Whitehall
The UK's soon-to-be-released cyber security strategy includes input from policy makers across government, says Nigel Harrison of the Office of Cyber Security and Information Assurance (OCSIA). Continue Reading
-
Tip
17 Oct 2011
BackTrack 5 Guide II: Exploitation tools and frameworks
Our BackTrack 5 guide looks at exploitation and privilege escalation techniques. This part of our guide will improve penetration testing skills. Continue Reading
-
News
12 Oct 2011
New batch of IDS, IPS evasion techniques are hitting their targets
Stonesoft has discovered 163 new advanced evasion techniques (AET), claiming these AETs can pass below the radar of some IDS, IPS products. Continue Reading
-
News
07 Oct 2011
Computer Weekly wins prestigious journalism award
Computer Weekly has won a prestigious award for its journalism. Freelance contributor and Computer Weekly blogger Mark Ballard won the Best Cybercrime Feature of the Year prize at this year's BT Information Security Journalism Awards. ... Continue Reading
-
News
06 Oct 2011
UBS systems detected $2bn rogue trader fraud, admits CEO Sergio Ermotti
UBS interim CEO Sergio Ermotti has admitted systems in the banks IT infrastructure detected the unauthorised trading of the rogue trader who cost UBS over $2bn, but nothing was done about the warning signals. Continue Reading
-
News
04 Oct 2011
GPU cracks six-character password in four seconds
A £30 nVidia GeForce GT220 graphics card is capable of cracking strong passwords in a matter of hours. Continue Reading
-
News
22 Sep 2011
Researchers claim to have broken SSL/TLS encryption
Two security researchers claim to have found a way of breaking the SSL/TLS encryption that is widely used to guarantee the reliability and privacy of data exchanged between web browsers and servers. Continue Reading
-
News
07 Sep 2011
DigiNotar certificate authority breach: Why it matters
There has been much speculation around the identity and motive of the hacker who was able to breach DigiNotar and issue fraudulent digital certificates for hundreds of websites, but putting such speculation aside, what is the broader significance of the incident? Continue Reading
-
Tip
23 Aug 2011
OpenVAS how-to: Creating a vulnerability assessment report
In this OpenVAS how-to, learn how to use the free scanner to create a vulnerability assessment report and assess threat levels. Continue Reading
-
Tip
23 Aug 2011
Metasploit tutorial 3 – Database configuration & post exploit affairs
Part three of our Metasploit tutorial covers database configuration in Metasploit and what needs to be done subsequent to exploitation using Metasploit. Continue Reading
-
News
17 Aug 2011
UK business should educate internally to get the right IT security skills at lower cost
UK businesses should look to internal training to meet future IT security needs rather than paying high prices by competing to recruit scarce skills externally, warn experts. Continue Reading
-
News
09 Aug 2011
Ten-year-old hacker exposes exploitable flaws in Apple and Android games
A 10-year-old Californian hacker has exposed a new type of security vulnerability in many mobile games at a hacker conference in Las Vegas. Continue Reading
-
News
09 Aug 2011
Blackberry to co-operate with police after youths used BBM to organise riots
Research in Motion has said that it will co-operate with the police after it was revealed that London rioters used Blackberry Messenger rather than Twitter to organise looting sprees across the capital, with violence later spreading to Birmingham, Liverpool, Nottingham and Bristol. Continue Reading
-
News
25 Jul 2011
Automated web application attacks are the top security threat, study reveals
Websites are attacked about 27 times an hour or once every two minutes on average, peaking at 25,000 attacks a minute or seven a second, according to research... Continue Reading
-
News
21 Jul 2011
Hacking group Anonymous claims to have hacked into NATO servers and stolen data
Hacking group Anonymous has claimed to have hacked into NATO servers, according to the Blottr.com news service. Continue Reading
-
Tip
20 Jul 2011
Nmap tutorial: Nmap scan examples for vulnerability discovery
Learn how to use Nmap, the free network scanner tool, to identify various network devices and interpret network data to uncover possible vulnerabilities. Continue Reading
-
News
19 Jul 2011
Microsoft offers bounty in hunt for Rustock spambot operators
A $250,000 reward is being offered to anyone who provides new information that results in the identification, arrest and criminal conviction of the cybercriminals behind the Rustock botnet. Continue Reading
-
News
11 Jul 2011
Microsoft packs a lot into July’s four Patch Tuesday security updates
Microsoft is to release only four security updates in this month's Patch Tuesday security update, but these will cover 22 vulnerabilities in Windows and Office. Continue Reading
-
News
01 Jul 2011
Cyber criminals deploy TDL-4 virus to create indestructible botnet of 4.5m computers
Over 4.5 million computers around the world have been infected by the TDL-4 virus, creating an indestructible botnet. Continue Reading
-
News
17 Jun 2011
Chinese software flaw makes infrastructure vulnerable, warns report
China's public infrastructure is vulnerable to cyber attack because of vulnerabilities in software used to run weapons systems, utilities and chemical plants, according to Reuters. Continue Reading
-
News
07 Jun 2011
Adobe patches Flash to fix zero-day XSS vulnerability
‘Important’ cross-site scripting vulnerability in Flash Player on all platforms mitigated to combat zero-day attacks in the wild. Continue Reading
-
News
03 Jun 2011
Hacker group Anonymous steals 10,000 Iranian government e-mails
Hacking group Anonymous has hacked into Iranian government servers and stolen more than 10,000 e-mail messages from the Ministry of Foreign Affairs, say US reports. Continue Reading
-
News
02 Jun 2011
E-mail accounts of senior US officials targeted in Chinese hack attack
Chinese hackers have accessed the accounts of hundreds of Gmail users, including senior US officials, Chinese political activists, military personnel, journalists and officials in several Asian countries, Google has said. Continue Reading
-
Tip
01 Jun 2011
Four handy botnet detection techniques and tools: A tutorial
This tutorial will help you determine the right techniques and tools for effective botnet detection. Continue Reading
-
Tip
24 May 2011
Three automated penetration testing tools for your arsenal
Automated penetration testing tools provide effective exploit libraries and processes to detect network, as well as application vulnerabilities. Our picks. Continue Reading
-
News
17 May 2011
Government vigilance steps up after George Osborne reveals extent of cyber attacks
Security experts have called for UK government departments to be vigilant after chancellor George Osborne revealed that 20,000 e-mails are sent by hostile intelligence agencies to the UK government each month. Continue Reading
-
News
29 Apr 2011
Store dealing with dishonest employees uses internal theft prevention software
A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software. Continue Reading
-
News
20 Apr 2011
Infosec 2011: APT attacks a real threat to business, says security panel
Advanced Persistent Threats are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London. Continue Reading
-
News
07 Apr 2011
Sophisticated cyber thieves behind Epsilon data breach, says parent company
US marketing firm Epsilon was hit by one of the biggest data thefts to date, the work of highly sophisticated cyber thieves, says parent company Alliance... Continue Reading
-
Tip
06 Apr 2011
Botnet detection through DNS behavior and clustering analysis
Botnets are fast emerging as one of the most serious threats to Internet security today. This expert tip looks at how botnets can be detected analyzing their unique fast flux characteristics. Continue Reading
-
Tip
30 Mar 2011
Advanced Wireshark tutorial: Packet and network security analysis
This Wireshark tutorial will familiarize you with Wireshark’s advanced features, such as analyzing packets and undertaking packet level security analysis. Continue Reading
-
News
28 Mar 2011
Spotify hit by malicious ads
Spotify, the popular streaming music service, has been displaying malicious advertisements to users of its Free version. Continue Reading
-
News
25 Mar 2011
Hackers steal member email details from TripAdvisor site
A number of TripAdvisor members may receive spam after hackers stole email details from the travel website. Continue Reading
-
Tip
23 Mar 2011
How to stop a DDoS attack after initiation
In this expert response, Nick Lewis explains how to stop a DDoS attack after it has been initiated. Continue Reading
-
Tip
22 Mar 2011
Shodan search engine for penetration tests: How-to
A very handy yet simple to use VA/PT tool, Shodan can be of great use to ethical hackers. Here’s a quick Shodan tutorial. Continue Reading
-
News
18 Mar 2011
RSA hit by advanced persistent threat attacks
RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems Continue Reading
-
News
15 Mar 2011
Adobe warns of zero-day vulnerability in Adobe Flash
Adobe has published a security advisory for a critical vulnerability in Adobe Flash that can be used to take control of an attacked machine. Continue Reading
-
Tip
15 Mar 2011
Top 7 anti rootkit software for Windows
It can be quite a tough task to kick out rootkits from infected Windows systems. Our list of top anti rootkit software will prove handy. Continue Reading
-
News
10 Mar 2011
Advanced persistent threats - are businesses prepared?
Businesses usually attain adequate levels of IT defences at the point that it becomes more cost effective for cyber criminals to target someone else. Continue Reading
-
News
07 Mar 2011
France's G20 files target of cyber attack
France's files on the G20 meetings were the target of a cyber attack, the country's finance minister has confirmed. Continue Reading
-
News
07 Mar 2011
HSBC uses token to secure smartphone banking
HSBC is sending four million online banking customers a security token which will enable them to log in to their online bank account wherever they are, without using a card reader. Continue Reading
-
News
07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection
A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
-
News
25 Feb 2011
nullcon 2011 Day Zero: Photo feature
Botnet detection, fuzzing intricacies, Zeus MitMo, VoIP attacks, and more. nullcon Day Zero saw considerable action worth the capture. Continue Reading
-
News
24 Feb 2011
ISC releases security fix for Bind DoS vulnerability
The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3. Continue Reading
-
News
24 Feb 2011
Exxon, Shell, BP hacked in Night Dragon attacks
Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports. Continue Reading
-
News
24 Feb 2011
Microsoft fixes security flaw in malware protection engine
Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer. Continue Reading
-
Tutorial
22 Feb 2011
Quick and dirty Wireshark tutorial
Wireshark has become a very useful tool for many infosec pros. This hands-on Wireshark tutorial will acquaint you with the network sniffer’s capabilities. Continue Reading
-
News
17 Feb 2011
New SMB vulnerability identified in Windows XP and Server 2003
A new SMB vulnerability discovered in Windows could open systems to DoS attacks and remote access. The vulnerability, tagged as CVE-2011-0654, has been rated "critical" and confirmed on Windows Server 2003 SP2 and Microsoft Windows XP SP3. Continue Reading
-
News
17 Feb 2011
RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats
Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC. Continue Reading
-
News
15 Feb 2011
RSA 2011: Cybersecurity leads conference with cloud security keynote
Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco. Continue Reading
-
News
10 Feb 2011
IT departments are unable to support employee devices
Security concerns are holding companies back from allowing staff to use their own technology at work. Continue Reading
-
News
09 Feb 2011
Microsoft's February Patch Tuesday outlines five critical vulnerabilities
Microsoft has released 12 security bulletins addressing 22 vulnerabilities in its monthly security update for February Continue Reading
-
News
08 Feb 2011
Post Office faces legal action over alleged accounting system failures
More than 50 postmasters are planning legal action against the Post Office to reclaim money they paid to the Post Office after being accused of theft and false accounting. Continue Reading
-
News
08 Feb 2011
Businesses must learn how to defend against cyberattack, says McAfee
Cybercrime has thrived over the past decade according to recent reports from security firm McAfee, but business can expect even more dramatic change in the next ten years, researchers say. Continue Reading
-
News
25 Jan 2011
Spam level dips
The recent decline in global spam was the result of a halt in the spam-sending activities of three botnets and unrest among pharmaceutical spam-sending gangs, Symantec's latest MessageLabs Intelligence Report has revealed. Continue Reading
-
News
19 Jan 2011
2010 IT security threats point to priorities for 2011, says Sophos
Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos. Continue Reading
-
News
12 Jan 2011
Microsoft January Patch Tuesday misses open security issues
Microsoft's January 2011 Patch Tuesday security update contains only two bulletins, but misses several open security issues. Continue Reading
-
News
07 Jan 2011
Microsoft to patch critical IE vulnerability to block ongoing attacks
Microsoft will issue two security bulletins, addressing a critical vulnerability affecting all versions of WIndows. Continue Reading
-
Tip
17 Nov 2010
How to use the Microsoft FCIV command-line checksum tool
Downloading files from the Internet always poses a risk, but there are strategies that can make the process more secure. In this tip, Michael Cobb explains how to use the Microsoft FCIV tool to check the hash values of downloaded files and create hashes and checksums of you own. Continue Reading
-
Tip
02 Dec 2009
Best practices for (small) botnets
Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice. Continue Reading
-
Tip
09 Sep 2009
How to use a netstat command in Windows to watch open ports
Mike Cobb shows how a simple command line tool can provide invaluable information about what's happening on your system Continue Reading
-
Tip
03 Jun 2009
How to manage firewall testing using Nmap
Nmap includes many features that can be used to circumvent poorly implemented firewalls. Learn how the freely available tool can test your network devices. Continue Reading
-
News
04 Dec 2008
How the Mytob virus caused havoc in the NHS
The Mytob virus has been removed from 5,000 PCs at Continue Reading
-
Feature
16 Jul 2008
Facing up to security perils of outbound traffic
What about the threat from within and, more specifically, the security issues that arise from outbound traffic risks? Continue Reading
-
Tip
05 Jun 2008
Windows registry forensics guide: Investigating hacker activities
Ed Skoudis explains how investigators and administrators can interact with the Windows registry to analyse a compromised system. Continue Reading
-
Tip
10 Mar 2008
Five command line tools to detect Windows hacks
Learn about five of the most useful Windows command-line tools for machine analysis and how they can tell if a machine has been hacked in this tip. Continue Reading
-
News
05 Oct 2007
Podcast: the true cost of IT security
In this interview, Cliff Saran speaks to Martin Sadler, director of HP's Trusted Systems Lab, about how much should we be expected to spend and how much security is enough. Hackers are getting smarter and Martin believes newly trained IT professionals are ill-equipped to deal with the sophisticated nature of modern attacks due to limitations in the current way IT security is taught. Continue Reading
-
News
24 Sep 2007
PCI council adds Pin security to remit
The PCI Security Standards Council has added Pin Entry Device (PED) security technology to its payments industry testing portfolio to streamline standardisation. Continue Reading
-
News
28 Aug 2007
SANS: Attackers may be attempting Trend Micro exploits
The SANS Internet Storm Center (ISC) warns that attackers may be attempting to exploit flaws in Trend Micro products to hijack computer systems. Continue Reading
-
News
15 Aug 2007
Latest Microsoft flaws affect Windows, IE, Excel
Microsoft released nine security updates Tuesday -- six of them critical -- for flaws in Internet Explorer, Excel and other programs within the Windows OS. Continue Reading
-
News
03 Aug 2007
Discovery of malware cesspool triggers attack fears
Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack. Continue Reading
-
News
02 Aug 2007
Apple releases fixes for Mac OS X, iPhone vulnerabilities
Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone. Continue Reading
-
News
24 Jul 2007
New hacking technique exploits common programming error
Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error. Continue Reading
-
News
17 Jul 2007
Zero-day auction site complicates security efforts, IT pros say
WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say. Continue Reading