For the second time this month The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has introduced new standards including mandatory security requirements for its customers.
Two recent reports warn of the dangers of over-reliance on perimeter security as an enterprise defense method.
Even in an age dominated by smartphones and tablets, the device that helped start the mobile communications revolution, the beeper or pager, is still a doctor's constant companion, but a study found this little device is ill suited for keeping medical information secure.
An internet hosting company has been the subject of a distributed denial of service attacks the likes of which the world has never seen
Uber will now require drivers to take selfies to prevent fraud and protect their accounts from compromise.
Clinton pinned hacks at the Democratic National Conference (DNC) on Russia while Trump said attribution is not clear.
Yahoo is facing both legal and congressional action in the form of multiple class-action lawsuits and one senators call for a congressional probe.
A man who allegedly hacked into the iCloud account of Pippa Middleton, sister of the Duchess of Cambridge, has been arrested.
Fourteen flaws in the OpenSSL project have been patched, including a high-severity vulnerability that can be exploited to cause a denial-of-service (DoS) attack.
While the information stored in internet of thing (IoT) devices is still valuable, researchers spotted an increase in attacks targeting IoT devices.
Even though biometric readers have not been rolled out on ATM's, cybercriminals have already developed tools to steal a person's fingerprint and other biological data.
Eleven cities are organizing local legislation intended to make the procurement and use of surveillance technologies by local police departments more transparent.
The number of malicious apps leveraging top UK brands has grown by 130 percent year on year.
Security raises concerns with half of SMEs saying data security is the major barrier between their organisation and the digital workplace. Another 30 percent believe cost is the key issue.
The White House has announced a cyber-security breach, as a purported photocopy of Michelle Obama's passport appears online.
A host of security professionals joined SC yesterday for a frank discussion on the looming threat landscape
The version of Allo that Google released on Wednesday will indefinitely store messages until they are manually deleted by the user.
On the cusp of a $4.8 billion acquisition by Verizon, Yahoo today disclosed a data breach in which a state-sponsored actor is believed to have stolen a copy of data linked to at least 500 million accounts.
Data breaches were up 15 percent during the first half of 2016 compared to previous six months as Gemalto researchers reported a total of 974 worldwide breaches.
The threat actors behind Locky ransomware have kept busy this year by steadily altering the types of attachments included in the spam campaigns used to spread the malware, all in order to stay one step ahead of their victim's defenses.
As yet another well-known consumer brand falls victim to 'old version syndrome' and serves up malware to its customers; we ask, why lessons aren't being learned?
Many security professionals believe that they have a moral responsibility to share threat intelligence
CyberArk's 10th annual Global Advanced Threat Landscape Survey conducts research on global enterprises and whether they are learning from cyber-attacks and what priorities are being influenced.
A user at an enterprise organization accesses a malicious website every five seconds, according to research published by CheckPoint.
Researchers found the education sector has been experiencing the highest rates of attack while having the least protected systems.
Executives at Combe Incorporated may have sprung a few new gray hairs after learning that the website for its Just for Men brand of hair coloring products was compromised to serve up malware.
A new and sophisticated tool dubbed RAUM has been uncovered that targets naïve torrent users who download popular software or media content and then replaces the desired content with malware.
Citrix is advising customers not to fret over recent research stating that 64-bit block ciphers in cryptographic protocols are susceptible to a so-called birthday attack - noting that multiple difficult conditions must be met for such a technique to be effective.
Amongst various security features, cloud-provider Cloudflare looks to TLS 1.3 to secure internet.
Two people have been charged with bribery offences, following an investigation into the suspected leak of confidential data by a former employee of insurance firm LV=.
New research from the Ponemon Institute in partnership with Micro Focus claims business innovation and IT security often do not go hand in hand.
High-Tech Bridge CEO Ilia Kolochenko advised a crowd at today's FT Cyber-Summit that we should all "keep is simple", as most breaches happen due to "obvious" mistakes.
SWIFT has introduced a daily reporting system intended to help members of the financial messaging system identify fraudulent payments made over the network.
The Industrial Internet Consortium (IIC) published a framework technical report to help organizations balance the safety and reliability needs of industrial operations.
Security researcher Arun Sureshkumar earned $16,000 after disclosing a vulnerability in Facebook Business Manager that, if exploited, could have allowed attackers to take over a targeted victim's Facebook page.
Information Security Forum Managing Director Steve Durbin sat down with SCMagazine.com Executive Editor Teri Robinson to discuss how organizations can better protect their mission critical information assets.
Researchers claim they were able to crack into Tesla's CAN Bus to achieve remote control of the electric car and the DoT just issued a new policy concerning automated vehicles.
Cisco issued an advisory for a flaw that the company has linked to exploits released by the Shadow Brokers group.
A federal Appeals Court has reinstated a class-action lawsuit against insurance company Nationwide after concluding that individuals whose personal data was exposed in a 2012 breach have sufficient standing to sue.
Malwarebytes is warning users of a a variant of DetoxCrypto ransomware that is imitating the security vendor's software.
A Tripwire survey found IT staffers in the energy sector frequently don't have the data needed to see if their assumptions on how their security apparatus function are correct.
Australian and New Zealand businesses are being hit with a ransomware campaign.
The House Permanent Select Committee on Intelligence urged President Obama not to issue a presidential pardon to Edward Snowden.
HutZero, a first of its kind boot camp designed to help budding cyber-security entrepreneurs turn their ideas into viable business opportunities, opened last Friday. The entrepreneurs will now begin the three-month long mentorship programme to help realise their ideas.
The film Snowden opens this week recounting recent events that have sent reverberations around the world.
Updated! The FBI is continuing its effort to obtain support from businesses and private entities in its fight against ransomware by issuing a plea for victims to promptly and completely report any such incidents.
Boss of GCHQ and the new NCSC has revealed plans that the spy agencies are planning to partner with UK ISPs to use DNS filtering to curb cyber-attacks.
Hinkley Point C nuclear power station to go ahead with Chinese involvement despite previous concerns
Despite concerns over security from both the Prime Minister and one of her chiefs of staff, Hinkley Point C nuclear power station has been given a green light today for construction with backing from China.
Research from Blue Coat Systems shows how despite the increased use of social media, workers are still failing to fully protect themselves from complex social engineering techniques
Scientific news service EurekAlert suffered a breach which saw the login details of thousands of journalists stolen. The company has now reformed the technology behind its website and is promising a brand new login system.
As automakers race to develop automated vehicles, the challenge of securing these automotive systems has taken on an elevated role for automakers.
Ransomware criminals are growing more sophisticated in their use of encryption, as criminals increasingly use asymmetric encryption methods.
The attacks targeted major companies that provide internet infrastructure and appear to have probed the companies' defenses to determine capabilities.
Half of all students in the UK have no security software installed on any of their devices, even though a quarter of teenagers are 'almost constantly' connected.
Finnish police are advising owners of cars with "smart" locking systems to put the keys in the fridge when they are at home.
Recent actions by FBI director James Comey suggest we should all be using tape over our webcams.
Data theft knows no boundaries. Personal information has been siphoned out from databases connected to both presidential campaigns.
In its September 2016 Threat Report, Intel Security describes how ransomware attacks are up 3000 percent since records began in 2012, and why attackers are now turning to the healthcare industry.
A survey recently conducted by Imperva showed that 36 percent of surveyed companies have experienced security incidents involving malicious employees in the past 12 months.
To better protect consumer data, banks and insurance companies in New York will soon be required to adhere to new cybersecurity guidelines.
As financial institutions scramble to prevent more attacks like the cyber heists that targeted SWIFT members, a recent report offers additional cause for the sector to improve information sharing practices.
A new report from the Institute of Critical Infrastructure Technology undresses what happens to private medical data after its stolen from the hospital and the heaving marketplaces it ends up in
President Obama may be urged to split the joint leadership of the NSA and U.S. Cyber Command in favor of two distinct forces for cyberespionage and cyberwarfare.
As online gaming grows in popularity ESET researchers found that cybersecurity measures haven't kept pace with growth.
Vectra Networks is claiming that attackers are turning their attention to data centres. Are our data centres as secure as we think they are?
On the eve of the release of "Snowden," the ACLU's Ben Wizner said the civil rights organization had joined forces with Amnesty International and Human Rights Watch to persuade President Obama to pardon the whistleblower.
Millions of Russians are still losing personal data online thanks to using vulnerable websites and being hacked.
On average, a single cyber-security incident now costs large businesses US $861,000 (£652,000). Meanwhile, small and medium businesses (SMBs) pay $86,500 (£65,500).
The National Security Agency has handed over responsibility for operating and promoting its CIRA accreditation programme to CREST, best known in the UK for its accreditation schemes with GCHQ, CESG and the Bank of England.
A court in Texas handed down a ruling that is likely to set a precedent for government access to hard drives.
Using mass surveillance software without a warrant is almost as easy as installing Skype.
The Russian espionage group Tsar Team, aka Fancy Bear, got into the ADAMS system through an account created by the International Olympic Committee for the 2016 Rio Games.
Microsoft's September Patch Tuesday offering that rolled out today is the last to be delivered under this update system with the company moving to a "monthly rollup" delivery mechanism starting in October, something not all industry insiders see as a positive move.
Gartner is now encouraging people-centric IT practices so IT is no longer seen as a hindrance and rather an enabler.
The malicious actors behind the GovRAT malware have upgraded it to version 2.0 and using the new version to hit even more targets and increase the price of the software, now starting at $1,000.
Two Israeli teenagers were arrested for their alleged part in the running of vDOS, a so-called booter service selling kits for distributed denial-of-service (DDoS) attacks.
A hardware manufacturer may soon be sued by employees who claim the employer did not do nearly enough to protect their data.
U.S. legislators urged the Department of Justice and the Commerce Department to reconsider the transfer of internet governance.
The ransomware RAA, which incorporates the information-stealing trojan Pony, has evolved to more effectively target companies, encrypting victims' files and stealing their data, most likely to infect their business contacts via spear phishing.
As Intel proceeds with plans to divest its majority stake in Intel Security, the chipmaker's security business unit, a lawsuit filed against Intel threatens to create challenges for the entity.
A top EU lawyer has concluded that the EU-Canada PNR agreement which oversees the transfer of information on flight records between the two countries goes against the EU Charter Fundamental Human Rights.
A leaked catalogue has exposed one India-based tech company's attempts to sell cyber-warfare services and disinformation campaigns
Despite its reduction in volume, Dridex malware is still actively being developed.
A cybercriminal going by the moniker The Rainmaker has updated the Stampado ransomware to a new version dubbed Philadelphia and is now selling if for $400, but the good news is the malware is flawed.
The new rules are designed to enhance and clarify existing requirements relating to cybersecurity testing and system safeguards risk analysis.
A few as 200,000 mobile bots would be enough to launch a successful DDoS attack against the U.S.' 911 infrastructure, significantly disrupting service nationwide, a new research paper from Ben-Gurion University reports.
The problem of certificates baked into firmware continues to jeopardise the security of consumer internet devices despite warnings to vendors, according to a researcher.
Google will start shaming websites for not encrypting connections between the user and the site itself by telling users exactly when they are visiting HTTP sites
An individual who self-identified as Guccifer 2.0 continues to deny reports by security firms that link the purported hacker or hacking group to Russian advanced persistent threat (APT) groups.
One day after Dell finalized its acquisition of EMC Corporation and its RSA cybersecurity division, RSA President Amit Yoran maintained his business-as-usual stance, but also acknowledged certain synergistic implications.
Wells Fargo Bank was fined $185 million for a five-year long scam that saw bank employees illegally creating fake accounts and email addresses and apply for credit and debit cards to meet sales goals and earn commissions.
The popularity of Pokémon Go is continuing to attract scammers looking to exploit users in search of a leg up in the game.
Republicans and Democrats on the House Oversight Committee swapped accusations over the on-going saga surrounding presidential candidate Hillary Clinton's private email server.
Security procedures need to be amended and personnel with advanced skills need to be hired, security pros say following the release of a congressional report faulting the OPM for a massive breach.
100 million user passwords from a 2012 breach at Russian internet giant Rambler were leaked online.
New research from security company Trend Micro shows ransomware victims are paying up, despite remaining defiant to fight it as much as possible.
An extra €70 million is to be spent in the five years from 2017 on a major refresh of cyber-capabilities.
A medical centre in the UAE has been modestly breached by a hacker who claims to want to teach them a lesson in security.
As the November election nears, Democratic presidential nominee Hillary Clinton Monday accused the Kremlin of wanting to interfere with the U.S. election.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks