Sometimes a company’s staff can be a bigger security liability than malware or hackers, as was the case with the recent Swedish transport agency database situation.
IT Security Thing has been getting a handle on the industry perspective regarding WannaCrypt0r and the attack on the NHS
The Vault 7 leak consists of more than 8,000 pages of classified material that describes in detail the methodology and technology used by the CIA to spy on targets.
According to a number of reports 2016 was a piss-poor year as far as stopping phishing was concerned
Fuzzing is the automated injecting of malformed data in a hope of causing something to break. Netgear routers got fuzzed, and they broke very badly indeed.
IT Security Thing invited Ray Watson from Masergy Communications to explain what big data analytics brings to the network security party.
Researchers from cyber security consultancy Hacker House, as part of a Sky News investigation, have found a number of NHS trusts fall short when it comes to online data security.
In a speech in London this week, the Chancellor of the Exchequer Philip Hammond MP set out his plans on how best to spend £1.9 billion defending the UK against cyber attacks.
Dridex is not dead, but it has evolved. The malware seems to be returning as a crypto-currency stealing Trojan with Bitcoin in the crosshairs.
Just before the weekend, the National Crime Agency (NCA) published the Cyber Crime Assessment 2016 report.
The Android world is so full of FUD (Fear, Uncertainty and Doubt) that even great research sometimes gets buried behind hyperbolic headlines.
MEEM is a Kickstarter campaign success story; a power cable that is also an automatic Android backup device as it has a built-in USB drive.
Following the TalkTalk breach its profits are way down. This should come as no surprise to anyone who takes security seriously. We look at what went wrong.
In the fast moving world of IT security, the insider threat remains one of the most, if not the most, insidious threat in almost any environment.
According to a leading security expert the cybersecurity industry has been fighting the wrong battle for 20 years and it’s time to change.
The USB Thief sounds like a James Bond spy gadget. Look closer and you’ll find a truly intriguing, potentially dangerous development in malware technology.
IT Security Thing we met with Joseph Opacki, VP at PhishLabs, who spoke about the latest organisational phishing threats, such as Business Email Compromise (BEC).
There is no doubting that WordPress is popular, very popular. In use by around 25% of the top 10 million websites currently, that gives it a content management system market share of 59%, which makes WordPress security very important.
IT Security Thing has been talking to Lorenzo Grespan, a developer with Pentest Limited about secure software development.
In order to prepare people for phishing scam emails, PhishMe runs simulations. Its findings, however, aren’t that revealing though.
As we approach the end of 2015, it’s traditional for us here at IT Security Thing to hold an annual big fat cybersecurity quiz of the year.
Towards the end of November, Hilton Worldwide issued an official statement admitting that it had “identified and taken action to eradicate unauthorized malware that targeted payment card information in some point-of-sale systems.”
The ModPOS threat has been described both as “the most sophisticated point-of-sale malware we have seen” and “a complex, highly functional and modular code base…”
Trojanised, auto-rooting adware attacks Android phones, installs itself as a system app and can survive a factory reset
The Cybersecurity Information Sharing Act (CISA) bill has been passed by the US Senate. But what is CISA, why does it matter to everyone who uses the Internet and what does the IT security industry have to say about it?
White Team hackers infect thousands of routers with Linux.Wifatch malware to remove SYNful Knock malware.
As T-Mobile data from the Experian data breach starts to go up for sale on the dark web, IT Security Thing explores what the IT security industry thinks of this debacle.
Human vulnerabilities exist within every organisation, and social engineering exists to find and exploit them.
While military intelligence is often used as a prime example of an oxymoron, there’s nothing moronic about security intelligence; without it your organisation would be much more vulnerable. So, what exactly is security intelligence then?
Once the domain of political hacktivists and old-school protection racketeers, the DDoS attack is increasingly being used in common or garden data theft. Here’s what you need to know.
Man in the middle (MitM) attacks are, unfortunately, both nothing new and well exploited out there in the wild. Could man in the cloud attacks emerge as the next attack surface ripe for exploiting?
In-car insecurity has now become big news, of the simply cannot afford to be ignored variety, courtesy of the Wired Jeep Hack. But how dangerous is your car, really?