November, 2015:

• Internet of malicious things: Yale home automation vulnerable
• Telegram messaging app could be used as stalking tool
• FBI investigates Russian hacker that stole billions of login credentials
• Black SEO offered to cyber-criminals
• Five steps to cyber-security readiness
• Millions of details stolen in toy company breach.
• Parliament calls for written evidence on draft Investigatory Powers Bill
• Hello Barbie poses threat to children's privacy
• Sensible Security and the Cloud
• ICYMI: Madison extortion, Cyber-sec challenge, United bug-bounty, French intelligence, and Anonymous/ISIS spat
• Magspoof: the device that can spoof Amex cards
• Plusnet still giving out plaintext passwords
• Win32/CompromisedCert.D is now certifiably Dell-stroyed
• CryptoWall 4.0 now deploying through the Nuke EK
• News websites offer bitcoin bounty over DDoS attacker
• Style sheet vulnerability allowed attacker to hijack LinkedIn pages
• Social engineering: hacker tricks that make recipients click
• Google removes 440k links under 'Right to be Forgotten' ruling
• Five last minute retail risk mitigations for Black Friday weekend
• Nine percent of HTTPS hosts on the web "share the same private keys"
• Public private partnership results in arrests of two suspected malware creators
• Hilton Worldwide PoS' infected with malware
• Amazon force-resets passwords
• GitHub of dark web offers anonymity, political neutrality
• Dridex rebound continues – US, UK hardest hit
• The interwoven perks and pitfalls in building stress testing models
• Dell found distributing weak certificates – again
• 600,000 cable routers found to have a backdoor within a backdoor
• Anonymous' Twitter war hits stumbling block
• Dell ships laptops pre-vulnerable to man-in-the-middle attacks
• 'Multitude of flaws' found in British alarm platform
• Smart TVs not all that bright when it comes to fighting cyber-threats
• Terrorism? Now is not the time to bury our heads in the sand
• Consumers wise up to protecting their data
• Unwelcome guests: hotel point of sale hacks spiraling
• Retailers warned of 'most advanced POS malware ever'
• Is a software company the next step in the advancement of ransomware?
• Chinese hackers have built a robust business empire
• Two in a thousand people 'view child sexual abuse images at work'
• New Destover malware features two new timestomping utilities
• Porn apps for Android caught stealing personal data
• Algebraic Eraser, the algorithm running the 'Internet of Things' is broken...again
• A game of minesweeper in the inbox
• Alert: SDSR announced - £12bn expenditure increase
• Security researcher blasts United Airlines' bug bounty programme
• UK shoppers lose workday picking up aftermath of cyber-crime
• EU to expand controls on virtual currencies to fight terrorism
• Exclusive: Microsoft 'Delay in fix to Advanced Threat Protection flaw'
• Video: Young and gifted codebreakers compete in cyber-security masterclass final
• Crafty spear-phishing campaign uses terror attack to increase proficiency
• Belgium to join NATO CCDCE
• What does 2016 have in store for IT security?
• New strain of Dyreza trojan emerges
• Chimera ransomware not twitching, must be dead
• Android adware installs itself without permission
• SC Roundtable sponsored by Venafi: how to respond to a breach - successfully
• 69% of users would avoid security controls to make big business deals
• Cyber-threats thriving in Scotland, government warns its people
• Telegram playing cat-and-mouse game trying to curb extremeists accounts
• Strontium hacking team targets NATO members, political advisors
• Purchasing cyber-insurance without a proven security system will leave businesses out of pocket
• Finding secure advantage in the explosion of exploit kit activity
• French intelligence services in crisis following Paris attacks
• 70% of Brits don't think email is a potential cyber-threat
• Apple's Siri can leak personal data
• G-20 nations agree: No cyber-theft of intellectual property
• Report: Banking trojans and weaponised Office docs month's top attack vectors
• Phishing remains a major threat in Russia and the EU
• User behaviour analytics: Combat the threat within
• If ISIS managed to hack UK infrastructure, what could they actually do?
• UK and India to build cyber-security training centre
• Blackhat Amsterdam: BitLocker bypass remediated by Microsoft
• 40% of security experts predict insider data breaches in coming year
• EFF seizes deceptive website used for high-level phishing attacks
• Anonymous 'getting in the way' in campaign against ISIS
• ISIS reported to be operating a secure helpdesk to assist operatives in using secure communications
• Police body cameras pre-infected with Conficker malware
• Tor alleges FBI paid Carnegie Mellon US $1M to hack hidden services
• SC Congress Chicago: New vulnerabilities, new threats stress old security models
• US administrative judge dismisses FTC case against LabMD
• Researchers discover morphed RATs capable of DDoS, phone log manipulation
• Cyber-security assurance earns "C" grade in new study
• Why OEMs need to pay attention to security in the connected car
• UK to develop cyber-offensive capabilities, says UK chancellor in GCHQ speech
• Tinder of China allows man-in-the-middle snoopers spy on lovers
• Update: Government officials being targeted with the retailer's techniques
• Current and former CIA directors blame Paris on Snowden and encryption
• Plymouth boy charged over international cyber-attacks
• Cyber-crime costs Northern Ireland £100m per year
• Phishing scam targeting DHL customers discovered
• How to build a World-Class Threat Intelligence capability from scratch
• Over 40% of UK adults snoop in partner's phone if they smell infidelity
• WITCHCOVEN causes havoc to gather government data
• News Alert: £1.9 bn to counter ISIS cyber-threat
• What the EU's Safe Harbour ruling means for European businesses
• Anonymous promises retribution for Paris attacks
• Hackers could use BadBarcode to launch attacks on systems
• Calls for Investigatory Powers Bill to be accelerated in wake of Paris attacks
• Google plans 'not encrypted' user alert for Gmail
• 10-year-old vulnerability exposes 6% of most popular UK websites
• UK man headed to prison for DDoS attacks
• Blackhat Europe 2015: Automated cars hackable at sensor level
• What are the costs associated with the TalkTalk breach?
• Government demands for user data are growing in 2015
• UK and US test reactions to financial cyber-attacks
• ICYMI: Windows deprecating SHA-1; Apps leaking data; Safe Harbour II; Auto-rooting adware; Apple Pay
• Free market is failing cyber-security, blasts GCHQ chief
• Security researcher warns "future is extortion" as cyber-criminals target SMEs
• New Abaddon malware targets PoS terminals
• BlackHat Amsterdam: 'numbers will make the difference' when securing the IoT
• Google drops Chrome support for older Microsoft and Apple OS
• Security response and the 'Richter Scale' of incidents
• EuroCACS Copenhagen: New ISACA global president sets out vision for future
• Grimsby man shares revenge porn photos of woman from dating website
• Black Hat Amsterdam: Oil & Gas cyber-vulnerabilities
• Hackers compromise 70 million prison inmate phone records
• Black Hat Europe: Researchers demonstrate how to bypass LTE/4G security
• Slush Helsinki: IoT security on the rise, physical security becoming more prevalent
• Connected things in use worldwide will rise 30 percent in 2016
• Malvertising on Barclays Premier League fantasy site exploits Flash vulnerabilities
• German intelligence spied on allies, U.N., the Vatican
• Why data security is now key to successful promotional marketing, and how to achieving it
• Don't be a victim of information ignorance
• Crypto-ransomware hits UK Parliament network
• EuroCACS Copenhagen: Ex-MI5 director Lord Evans defends government crypto approach
• JP Morgan hackers indicted in largest theft of customer details
• Sophisticated Apple Phishing Email making the rounds
• ISSE Berlin: Germany to promote 'digital sovereignty'
• Symantec confirms Macs are vulnerable to ransomware
• Variant of Power Worm locks away data of victims indefinitely
• Comcast's customers details leaked on darkweb
• UK business school study finds students 'safer users' on social media
• Vaccine released for Cryptowall 4.0
• Cyber-security analytics: how to make the numbers meaningful
• ISSE Berlin: Most SMEs do nothing about cyber-security
• EuroCACS 2015 Copenhagen: Professionals still sceptical about cloud
• GCHQ continues outreach efforts with launch of two initiatives
• Facebook fights back after court gives it 48 hours to stop tracking non-users
• ISSE Berlin: Safe Harbour II initial agreement expected
• Potential DD4BC copycat, The Armada Collective target email providers
• Linux web servers targeted in new ransomware scam
• Supposed mastermind behind 'Rocket Kitten' APT identified in research paper
• Nuclear Exploit Kit malware drives users to Kelihos Trojan family
• Best defence against extortion attempts is planning - Neustar
• NIST publishes guide to whitelisting
• Islamic State retaliates for drone killing, leaks credentials for 54K Twitter accounts
• Hackable cars: Functionality at the cost of safety
• The price of outsourcing to reduce IT costs: innovation and business outcomes
• Onapsis finds 21 SAP vulnerabilities, 8 critical with some unpatchable
• New ransomware threatens to make private files public
• Windows accelerates SHA-1 deprecation
• Average mobile app is exposed to 9 vulnerabilities
• Banks warn Apple Pay users against storing family members' fingerprints on iPhones
• JPMorgan Chase CSO reportedly reassigned following data breach
• Many UK workers willing to sell their company's IP: Study
• Up in the air: How to protect against cloud account hijacking
• Cyber-protection events for public supported by EC3
• Too many apps leak personal data to third parties, report finds
• ICYMI: BoE Bank Test; Ransomware; Mac Malware; Russia cyber-security capabilities; RSA coverage;
• Investigatory Powers Bill draws mixed reaction from industry
• RSA: Securing Smart Cities - no turning back
• More than 20,000 apps auto-root Android devices
• IT's vital role protecting company info
• Liquid damage takes cake as lead cause of data loss on mobile devices
• China top source of DDoS attacks - Imperva
• Corporate cyber-attacks mostly happen on Friday
• Protecting the future: working together to combat tomorrow's cyber-security risks
• RSA: Is the internet of things the new BYOD?
• What the hell do we do if password vaults aren't secure enough?
• Hacking Team, famous for supplying malware to spy on journalists, is back in business
• Dropbox reveals revamps in its services
• How vulnerable is the fingerprint scanner on your phone?
• CPS fined £200k by ICO for negligent data protection
• French Connection III: Sarkozy's phone records eyed during coke smuggling probe
• Signal crypto app comes to Android
• Tinba 2.0 banking trojan now hitting Russian banks
• Version 4.0 of ransomware Cryptowall released, now encrypts file names
• Attack on vBulletin board password stokes concerns of wide-ranging zero-day hacks
• Small businesses are losing money to cyber-criminals
• New group begins ranking international tech companies and telecoms on respect for users' rights
• 2nd Update: Surveillance bill; judicial oversight, no encryption ban, archiving browsing data
• Fourth person arrested and bailed in TalkTalk investigation
• RSA: Insider threats – "People are the new perimeter"
• RSA: Cyber-security industry is "fundamentally broken", says Amit Yoran
• DDoS attack lasts two weeks continuously
• 31% of UK workers feel defiled by data theft over home intrusion
• OMB issues detailed cyber-security plan and guidance for agencies
• Sandbox reliance is virtual insanity
• Ransomware's new threat: if you don't pay, we'll publish your photos online
• Kevin Spacey, WISeKey team up to raise cyber-awareness
• 2% of mobiles infected with malware, says report
• Hackers increase attacks on Russian online banking
• Latest Adobe Flash vulnerability now in Angler, Nuclear EKs
• CoinVault and Bitcryptor, R.I.P.
• 000webhost suffers major data breach, loses 13 million plaintext passwords
• Government surveillance in the dock
• 2015 worst year in history for Mac malware
• Mobile Security - the device isn't the problem
• PageFair adblocking site 'recovers' from Halloween hack in 83 minutes
• Bank of England to test banks' security in operation Resilient Shield
• Modern PGP is unusable according to academic study
• Tor launches messenger service, looks to keep things private
• Third person arrested, bailed in TalkTalk investigation
• Anonymous threatens to expose identities of KKK members
• The good, the bad and the secure of mobile identities
• Almost 2,000 Vodafoners open to fraud after details stolen