An investigation by the BBC consumer rights show Watchdog Live has revealed that UK telco Talk Talk botched the breach notification that followed a 2015 cybersecurity incident by failing to inform 4545 impacted customers. The company acknowledged the mistake, describing it as “a genuine error.” The firm says it has

Cambridge University researchers have discovered a new kind of “fingerprinting attack” that could enable websites to keep track of individual users as they visit other websites using the same browser. Fingerprinting is a nightmare for people who care about their privacy. It can be used to target people with customized

Cybercriminals are increasingly using rogue mobile applications to carry out fraud attacks, a new RSA report shows. In the first three months of this year, fraud associated with such apps surged by 300%. Rogue apps are malicious copies of legitimate applications. Fraud campaigns involving financial malware also increased in Q1

Europol together with Dutch and Luxembourg authorities seized Bestmixer.io on Wednesday because they believe the “world’s leading cryptocurrency mixing service” has laundered over $200 million in cryptocurrency linked to criminal activities. Bestmixer.io had been operating for about one year when it was shut down. By “mixing” cryptocurrencies from multiple sources

New figures from Chronicle show that threat actors increasingly manage to abuse digital certificates in order to sign malware. As a result, operating systems can no longer reliably use such certificates to distinguish legitimate software from malicious programs. The study, which looked only at highly malicious programs targeting Windows operating

This Sunday will mark one year since the EU’s General Data Protection Regulation (GDPR) went into effect. A new nCipher survey shows that awareness of privacy issues has increased in the US. A small majority of Americans (52%) care about keeping their data private and 41% even consider data privacy

Just one day after notorious Windows exploit developer “SandboxEscaper” released a Windows zero-day exploit, she posted two additional zero-days on her GitHub account. One is a sandbox escape impacting Internet Explorer 11 and the other is a local privilege escalation flaw affecting Windows Error Reporting. The latter is very difficult

More than two weeks after the City of Baltimore, Maryland suffered a ransomware attack, the city’s email system and various other systems have still not been restored. The City was targeted by a ransomware strain dubbed Robbinhood. The threat actors behind the file-encrypting malware demanded a ransom of 13 Bitcoin

New research by Zscaler highlights how companies are putting themselves at risk through the use of poorly secured IoT devices. The report found that a staggering 91.5% of IoT data transactions on enterprise networks are not encrypted. If a threat actor manages to intercept that traffic, they can therefore access

Campaign group Avaaz has uncovered a vast far disinformation campaign spreading fake news stories on Facebook in order to promote far right political positions to European voters ahead of the European Parliament election that will be held between 23 and 26 May. After being notified of the results of the