Google has released the results of a year-long investigation into Gmail account hijacking, which finds that phishing is far riskier for users than data breaches, because of the additional information phishers collect. Read more

NATO wants to add the cyberwarfare capabilities of member states to its range of military options.”We must be just as effective in the cyber domain as we are on land, at sea and in the air, with real-time understanding of the threats we face and the ability to respond however and whenever we choose,” said

It’s the kind of thinking you expect from someone who lives in a volcano lair: exfiltrating data from remote screen pixel values.The idea comes from Pen Test Partners’ Alan Monie, taking a break from sex toy hacks and wondering how to get data over a connection like RDP (remote desktop protocol) when the target had

A total of 2,531 of the top 3 million websites (1 in 1,000) are running the Coinhive miner, according to new stats from analytics firm Red Volcano. BitTorrent sites and the like were the main offenders but the batch also included the Ecuadorian Papa John’s Pizza website [see source code]. Read more

FBI agents investigating the murder-suicide of 26 people in a church in Sutherland Springs, Texas, on Sunday, have said they can’t yet unlock the shooter’s smartphone. In a press conference on Tuesday, special agent Chris Combs said that investigations into the motives and actions of the gunman was ongoing, but that his mobe was a

A system that aims to identify stolen passwords before breaches are reported or even detected was launched on Tuesday.Shape Security’s Blackfish credential defence system is designed to detect the use of stolen usernames and passwords by criminals and in real time. Read more

The Google Play store has made headlines recently when cyber criminals were able to hack in and post a fake WhatsApp messenger update for download. More than a million Android phone users were tricked into downloading the app but the overall breach was relatively minor. Read more

Microsoft has released a new document explaining the minimum hardware and firmware requirements to create a “highly secure” Windows 10 device. If you’ve got a Surface Pro 4, which has a sixth-generation Intel processor, it doesn’t meet Microsoft’s newly published standard. Read more

Cisco has patched a vulnerability in IOS XE which if exploited can corrupt data and force denial-of-service (DoS) attacks. Last week, the tech giant said the bug, CVE-2017-12319, is found in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE, a network operating system designed for the enterprise.

A newly-discovered bug exposes the real-world IP addresses of those who are using the Tor browser, used by millions for anonymity and private browsing. The bug, called TorMoil by security firm We Are Segment, which discovered it, is triggered when a user clicks on a local file-based address, like file://, rather than http:// or https://.