Cyber Security News

As one of the most important concerns for every business, cyber security is often, unsurprisingly, in the headlines. Whether it's another big data breach for a well known company, or a vulnerability in a commonly used piece of software, you can no longer afford to be unaware of the latest threats to your information security.

I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download

22/02/18

Young Brits 'lack cyber-security awareness'

21/02/18

A crime against statistics that is probably worse than the cyber attacks faced in County Durham

21/02/18

World's cyber attacks hit us much harder in past year - major infosec chief survey

21/02/18

16-31 January 2018 Cyber Attacks Timeline

21/02/18

Councils 'unprepared' for cyber-attacks, report says

20/02/18

How to tune your WAF installation to reduce false positives

20/02/18

Mandatory data breach reporting starts for small business

20/02/18

Coping with Spectre and Meltdown: What sysadmins are doing

19/02/18

Crims pull another SWIFT-ie, Indian bank stung for nearly US$2m

19/02/18

US-CERT Vulnerability Summary for the Week of February 12, 2018

19/02/18

John McCain receives 2018 Kleist Award

18/02/18

Global security crackdown, a host of code nasties, Brit cops mocked, and more

17/02/18

NCSC: Weekly Threat Report 16th February 2018

16/02/18

CEA Report: The Cost of Malicious Cyber Activity to the U.S. Economy

16/02/18

Siemens and partners sign joint charter on cybersecurity

16/02/18

AusCERT Week in Review for 16th February 2018

16/02/18

Hackers stole $6 million from Russian bank via SWIFT system: central bank

16/02/18

Newly Discovered Variants Of Meltdown/Spectre Exploit Cache Coherency Across Cores

15/02/18

Unsecured server exposed thousands of FedEx customer records

15/02/18

FedEx Customer Records Exposed

15/02/18

Not perfect, but better: improving security one step at a time

15/02/18

Extracting data from an EMV (Chip-And-Pin) Card with NFC technology

15/02/18

PCI Council and X9 Committee to combine PIN security standards

15/02/18

Russian military 'almost certainly' responsible for destructive 2017 cyber attack

15/02/18

KPMG acquire Silicon Valley online security firm Cyberinc

14/02/18

Search tool accesses firms' documents in the cloud

14/02/18

While Western Union wired customers' money, hackers transferred their personal deets

13/02/18

Browsealoud Security Response Plan

13/02/18

Zero-day vulnerability in Telegram

13/02/18

Uh-oh. How just inserting a USB drive can pwn a Linux box

12/02/18

Equifax under pressure after data breach update

12/02/18

US-CERT Vulnerability Summary for the Week of February 5, 2018

12/02/18

NCSC advice: Malicious software used to illegally mine cryptocurrency

12/02/18

ACSC statement on cryptocurrency miner inserted into BrowseAloud

12/02/18

Cryptocurrency Mining Hack That Compromised Thousands of Sites 'Could Have Been a Catastrophe'

12/02/18

UK Government Websites Infected with Cryptocurrency Mining Code

12/02/18

Domain Theft Strands Thousands of Web Sites

12/02/18

Meltdown's Linux patches alone add big load to CPUs, and that's just one of four fixes

12/02/18

Hackers hijack thousands of government websites to mine Bitcoin

12/02/18

Government websites hijacked by cryptomining plugin

12/02/18

Equifax hackers may have stolen more data than originally revealed

11/02/18

Hackers hijack government websites to mine crypto-cash

11/02/18

NCSC statement: Malware being used to illegally mine cryptocurrency

11/02/18

Protect your site from Cryptojacking with CSP + SRI

11/02/18

UK ICO, USCourts.gov... Thousands of websites hijacked by hidden crypto-mining code after popular plugin pwned

11/02/18

Amazon EC2 Cloud Compute Performance: December vs. February

10/02/18

Cisco Confirms Critical Firewall Software Bug Is Under Attack

09/02/18

KPTI/KAISER Meltdown Initial Performance Regressions

09/02/18

Weekly Threat Report 9th February 2018

09/02/18

Free Decryption Tool Released for Cryakl Ransomware

09/02/18

PoS Malware Steals Credit Card Data via DNS Requests

09/02/18

NCSC: Mitigating Malware

09/02/18

Wish you could log into someone's Netgear box without a password? Summon a &genie=1

09/02/18

NCSC: Preventing Lateral Movement

09/02/18

AusCERT Week in Review for 9th February 2018

09/02/18

Multiple Vulnerabilities in NETGEAR Routers

07/02/18

Swisscom data breach: Personal details of one in ten Swiss citizens stolen

07/02/18

ReelPhish: A Real-Time Two-Factor Phishing Tool

07/02/18

Security Issue Update: Progress Continues on Firmware Updates

07/02/18

NameCheap to Notify Customers of Misconfiguration Issue that Allowed Subdomain Creation on Any Hosted Account

07/02/18

Business Wire Suffers Week-Long DDoS Attack

07/02/18

Beware the looming Google Chrome HTTPS certificate apocalypse!

07/02/18

CSS Code Can Be Abused to Collect Sensitive User Data

06/02/18

It's Hard To Change The Keys To The Internet And It Involves Destroying HSMs

06/02/18

Vast majority of NHS trusts have failed cyber security assessment, Brit MPs told

06/02/18

K31404801: F5 BIG-IP TMM vulnerability CVE-2017-6169

06/02/18

Announcing the NCSC's new Phishing Guidance

06/02/18

1-15 January 2018 Cyber Attacks Timeline

06/02/18

Bad Influence: How A Marketing Startup Exposed Thousands of Social Media Stars

05/02/18

security things in Linux v4.15

05/02/18

12,000 Social Media Influencers, Mostly Women, Exposed by Marketing Firm Data Breach

05/02/18

US-CERT Vulnerability Summary for the Week of January 29, 2018

05/02/18

Linux Kernel Release Model

05/02/18

Jon Masters On Understanding Spectre & Meltdown CPU Vulnerabilities

05/02/18

Active Cyber Defence - one year on

05/02/18

Pioneering programme defends UK from millions of cyber attacks

05/02/18

Millions of cyber threats blocked every month, report reveals

05/02/18

Weekly Threat Report 2nd February 2018

02/02/18

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

02/02/18

There is no evidence in-the-wild malware is using Meltdown or Spectre

02/02/18

Meltdown-Spectre: Malware is already being tested by attackers

01/02/18

Announcing Draft Plan For Continuing With The KSK Roll

01/02/18

Backblaze Hard Drive Stats for 2017

01/02/18

We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities

01/02/18

Bulletproof TLS Newsletter #37: Cloud provider vulnerability causes Let's Encrypt to disable SNI domain validation

31/01/18

AMD vs Spectre: Our new Zen 2 chips will be protected, says CEO

31/01/18

New Tool Automatically Finds and Hacks Vulnerable Internet-Connected Devices

31/01/18

Preventing data leaks by stripping path information in HTTP Referrers

31/01/18

End user devices: factory reset and reprovisioning

31/01/18

The Document Foundation announces LibreOffice 6.0: power, simplicity, security and interoperability from desktop to cloud

31/01/18

[elrepo] Announcement: EL7 New kernel-ml Release [4.15.0-1]

31/01/18

Denial of Service (DoS) guidance collection

31/01/18

Oracle point-of-sale system vulnerabilities get Big Red cross

31/01/18

Meltdown/Spectre Update

30/01/18

Reckoning The Spectre And Meltdown Performance Hit For HPC

30/01/18

Car-share biz GoGet became data share biz after 2017 hack attack

30/01/18

Ugly, perfect ten-rated bug hits Cisco VPNs

30/01/18

Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability

29/01/18

US-CERT Vulnerability Summary for the Week of January 22, 2018

29/01/18

The hidden well-known phishing sites

29/01/18

UK infrastructure firms to face £17m fine if their cybersecurity sucks

29/01/18

Estimating the Cost of Internet Insecurity

29/01/18

You can't ignore Spectre. Look, it's pressing its nose against your screen

29/01/18

Thar she blows: Strava heat map shows folk on shipwreck packed with 1,500 tonnes of bombs

29/01/18

Fitness tracking app Strava gives away location of secret US army bases

28/01/18

Government acts to protect essential services from cyber attack

28/01/18

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

28/01/18

First ‘Jackpotting’ Attacks Hit U.S. ATMs

27/01/18

The Effects of the Spectre and Meltdown Vulnerabilities

26/01/18

Linux and Intel slowly hack their way to a Spectre patch

26/01/18

Introducing nProbe Cento 1.4 with Hardware Flow Offload

26/01/18

Alphabet launches new cybersecurity company, Chronicle, out of its X moonshot factory

25/01/18

ClamAV 0.99.3 has been released!

25/01/18

Intel alerted computer makers to chip flaws on Nov 29 - new claim

25/01/18

Dutch agencies provide crucial intel about Russia's interference in US-elections

25/01/18

Mastercard to Implement Biometrics for In-Store Card Payments

25/01/18

Digital Charter will set new online standards for years to come

25/01/18

SHL just got real-mode: US lawmakers demand answers on Meltdown, Spectre handling from Intel, Microsoft and pals

25/01/18

IT 'heroes' saved Maersk from NotPetya with ten-day reinstallation bliz

25/01/18

NHS deploys Microsoft threat detection service on just 30,000 devices

24/01/18

Give Good the Advantage

24/01/18

[openssl-project] 1.1.1 Release timetable (again)

24/01/18

SentinelOne Releases Free Linux Tool to Detect Meltdown Vulnerability Exploitations

24/01/18

New PCI Software-Based PIN Entry on COTS Standard

24/01/18

Death notice: Moore's Law. 19 April 1965 - 2 January 2018

24/01/18

Police probing Bell Canada data breach; up to 100,000 customers affected

23/01/18

Major cyber-attack on UK a matter of 'when, not if' - security chief

23/01/18

Meltdown and Spectre Patching Has Been a Total Train Wreck

23/01/18

'WHAT THE F*CK IS GOING ON?' Linus Torvalds explodes at Intel spinning Spectre fix as a security feature

22/01/18

CYBERUK 2018 - registration now open

22/01/18

US-CERT Vulnerability Summary for the Week of January 15, 2018

22/01/18

Top 500 Legal Firms Have Over a Million of Their Credentials Leaked on the Dark Web

22/01/18

ICO investigates Age UK after two data breaches

22/01/18

Meltdown/Spectre week three: World still knee-deep in something nasty

22/01/18

Network Monitoring 101: A Beginner's Guide to Understanding ntop Tools

22/01/18

Xen Project Spectre / Meltdown FAQ (Jan 22 Update)

22/01/18

Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

21/01/18

Teen accessed top US security officials' emails

19/01/18

OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks

19/01/18

NCSC Weekly Threat Report 19th January 2018

19/01/18

We need more phishing sites on HTTPS!

19/01/18

AusCERT Week in Review for 19th January 2018

19/01/18

Meltdown and Spectre Linux Kernel Status - Update

19/01/18

Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

18/01/18

Deprecating SPDY

18/01/18

Intel fix causes reboots and slowdowns

18/01/18

Red Hat slams into reverse on CPU fix for Spectre design blunder

18/01/18

Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised

18/01/18

However improbable: The story of a processor bug

18/01/18

Into the Implementation of Spectre

17/01/18

Red Hat reverts microcode update to mitigate Spectre, refers to hardware vendors for fix

17/01/18

How a 22 Year-Old Discovered the Worst Chip Flaws in History

17/01/18

GCC 7.3 Preparing For Release To Ship Spectre Patches

17/01/18

Some thoughts on security after ten years of qmail 1.0

17/01/18

Some thoughts on Spectre and Meltdown

17/01/18

2017 Cyber Attacks Statistics

17/01/18

Oracle says SPARCv9 has Spectre CPU bug, patches coming soon

16/01/18

ISC Releases Security Advisories for DHCP, BIND

16/01/18

Latvia's e-health system hit by cyberattack from abroad

16/01/18

CVE-2017-3145: Improper fetch cleanup sequencing in the resolver can cause named to crash

16/01/18

Hospital injects $60,000 into crims' coffers to cure malware infection

16/01/18

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

16/01/18

Retpoline Support Backport Lands In GCC 7

16/01/18

ENISA report: the 2017 cyber threat landscape

15/01/18

Customers reporting credit card fraud after using OnePlus webstore

15/01/18

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

15/01/18

US-CERT Vulnerability Summary for the Week of January 8, 2018

15/01/18

Secure Contexts Everywhere

15/01/18

I'm taking a break from cron.weekly

13/01/18

Intel puts security on the todo list, Tavis topples torrent tool, and more

13/01/18

NCSC Weekly Threat Report 12th January 2018

12/01/18

Protecting our Google Cloud customers from new vulnerabilities without impacting performance

11/01/18

AMD Processors: Google Project Zero, Spectre and Meltdown

11/01/18

Intel Security Issue Update: Addressing Reboot Issues

11/01/18

Meltdown and Spectre fallout: patching problems persist

11/01/18

Carphone Warehouse fined £400,000 after serious failures placed customer and employee data at risk

10/01/18

Adrift on a sea of data: Architecting for GDPR

10/01/18

Miami Bitcoin Conference Stops Accepting Bitcoin Due to Fees and Congestion

10/01/18

How will Certificate Transparency Logs be Audited in Practice?

10/01/18

WebKitGTK+ Security Advisory WSA-2018-0001

10/01/18

A look at the handling of Meltdown and Spectre

09/01/18

[patch RFC 5/5] x86/speculation: Add basic speculation control code

09/01/18

Meltdown, Spectre bug patch slowdown gets real - and what you can do about it

09/01/18

Meltdown and Spectre: Critical processor vulnerabilities

08/01/18

US-CERT Vulnerability Summary for the Week of January 1, 2018

08/01/18

UK Companies Set to Splurge on Cyber-Risk Mitigation

08/01/18

Pessimism over the economy lessens, by Brexit, cyber security and diversity remain key issues for UK Boards

08/01/18

Spamhaus Botnet Threat Report 2017

08/01/18

Benchmarking Linux With The Retpoline Patches For Spectre

08/01/18

Net boffins brew poison for BGP hijacks

08/01/18

FCA 'gold-plates' EU rule, bans BYOD across entire UK finance sector

08/01/18

Re: [PATCH RFC 3/4] x86/pti: don't mark the user PGD with _PAGE_NX.

08/01/18

Australian government "Small Business Cyber Security Best Practice Guide"

08/01/18

Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok

07/01/18

Feedback on 4.9 performance after PTI fixes

07/01/18

Triple Meltdown: How So Many Researchers Found a 20-Year-Old Chip Flaw At the Same Time

07/01/18

[dns-operations] responsible disclosure on an IDN-related attack

06/01/18

I'm harvesting credit card numbers and passwords from your site. Here's how.

06/01/18

Meltdown and Spectre Linux Kernel Status

06/01/18

NCSC Weekly Threat Report 5th January 2018

05/01/18

Spectre and Meltdown Attacks Against Microprocessors

05/01/18

Meltdown and Spectre - what should organisations be doing to protect people's personal data?

05/01/18

AusCERT Week in Review for 5th January 2018

05/01/18

Woo-yay, Meltdown CPU fixes are here. Now, Spectre flaws will haunt tech industry for years

05/01/18

NCSC: Home user guidance to manage processor vulnerabilities "Meltdown" and "Spectre"

05/01/18

NCSC: 'Meltdown' and 'Spectre' guidance

05/01/18

December 2017 Cyber Attacks Statistics

04/01/18

More details about mitigations for the CPU Speculative Execution issue

04/01/18

US-CERT: Meltdown and Spectre Side-Channel Vulnerability Guidance

04/01/18

Speculative Execution Exploit Performance Impacts - Describing the performance impacts to security patches for CVE-2017-5754 CVE-2017-5753 and CVE-2017-5715

04/01/18

DHS Admits Major Leak Affecting 247,000 Employees

04/01/18

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

03/01/18

Update to NIST Special Publication 800-160, Systems Security Engineering

03/01/18

16-31 December 2017 Cyber Attacks Timeline

03/01/18

NCSC response to reports about flaws in processors

03/01/18

Meltdown and Spectre Side-Channel Vulnerabilities

03/01/18

Bulletproof TLS Newsletter #36

03/01/18

Anonymous Hacks Italian Speed Camera Database

02/01/18

GPS tracking vulnerabilities leave millions of products at risk

02/01/18

'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

02/01/18

US-CERT Vulnerability Summary for the Week of December 25, 2017

01/01/18

27,000 UnEncrypted Credit Cards left in shared Database by Thefly.com

01/01/18

Sign Up

Sign Up For the Latest News, Briefings & Announcements






ECSC Group plc

ECSC has over 15 years' experience in the design, implementation and management of IT security solutions.

Reg No. 3964848

VAT No. 746361914

Contact

28 Campus Road
Listerhills Science Park
Bradford
BD7 1HR
United Kingdom

+44 (0) 1274 736 223

info@ecsc.co.uk