January, 2016:

• TalkTalk loses 250,000 customers post-breach - now supplier scam too
• HSBC DDoSed
• Israeli Electricity Authority was hit by ransomware, power grid not affected
• FireEye report identifies iOS security storm-in-a-tea-cup
• The Power of Privacy: review
• ICYMI: €50 m cyber-fraud; Codoso back; MS/US gov clash; Adultery extortionists; Apple's encryption key
• Lincolnshire County Council shuts down after hit by ransomware
• GCHQ certified course to improve cyber-attack response and recovery
• Mozilla patches 11 issues with Firefox, three rated critical
• Know your enemy: making a business case for identity and access management
• 2015 was Data Protection Awareness Year
• Adrian Davis: Is the free market failing cyber-security?
• CISO salaries and demand for cyber-skills skyrockets, surprising no-one
• Lucrative pay offered to hackers in India to work for ISIS
• Opponents to Swiss surveillance law force direct public vote
• Has Lenovo lost the security plot?
• Netgear ProSafe gigabit switch vulnerable to password reset
• Best practices: Server configuration
• Zero-day affects Linux computers—and Android devices?
• Data transfers after Schrems: discord in the EU
• Gemalto reporting on a global lack of payment data security
• PayPal's business site vulnerable to remote code execution
• Symantec detects 3500 servers infected with a malicious script
• Malicious Chrome extension inundates users with annoying popups
• DDoS attacks on the rise - touching 500gbps
• FIC 2016: Is security the main challenge of the Internet of Everything?
• Unencrypted web form and travel delays anger UK c2c rail commuters
• Are firewalls still relevant to security?
• New government scheme to provide boost for cyber-security startups
• Apple can read your iMessages despite them being encrypted
• FIC 2016: Bernard Cazeneuve says 'do away with internal partitions'
• New Magic ransomware abuses open-source 'educational' code
• Aeroplane part maker claims cyber-fraud cost it €50 million
• Video: 'It's asymmetrical warfare' between the hackers and defenders
• Financial institutions will suffer from data breaches in other industries, says report
• Social media and tech giants must combat online extremism better
• Magento issues fixes for 20 vulnerabilities, two rated critical
• Keeping abreast of governance risk and compliance goals
• FIC 2016: The cyber-security arms race
• Symantec reseller caught using Norton name in tech support scam
• UK privacy watchdog warns consumers that shops can track them
• BlackBerry: police did not break our encryption
• Strasbourg approves unified approach to digital single market
• Chinese cyber-espionage group Codoso 'back in action'
• Cyber-police to deter cyber-attacks in Ukraine
• Fortinet on SSH vulnerabilities: look, this really isn't a backdoor, honest
• International fraud trends
• Microsoft and US government clash over Ireland-held cloud data
• Hungarian government guilty of snooping on its citizens
• RSA site captures plain text Twitter logins
• Nest, other IoT devices, sent user info in the clear
• Ashley Madison users threatened with extortion in letters
• ICYMI: New PayPal spam; WEF top risks; Ukraine cyber-attack; OpenSSH vulnerabilities; IoT Doorbell flawed;
• Dutch watchdog sues Samsung over lack of Android security updates
• Nivdort trojan found in new Facebook phishing attack
• Is your reputation at risk?
• Bridging the Linux security perception gap
• Attacks redoubled on Ukrainian power - but who is to blame?
• House of Cards star fears Sony hack repeat
• DDoS attack disrupts Irish National Lottery
• Apple updates iOS, OS X and Safari
• Bot fraud will net criminals $7.2bn from advertising budgets in 2016
• Android devices more susceptible to vulnerabilities, says new study
• Can bug bounties replace traditional web security?
• Trustwave faces £280,000 lawsuit over "woefully inadequate" breach probe
• Cops aim to enlist volunteers in fight against cyber-crime
• Cyber-security threat could cause 'Fukushima-like disaster'
• Crackas strike again! Xfinity account of John Holdren is breached
• Princeton PhD candidate develops framework for measuring web privacy
• Kernel bug allows full takeover of Linux devices
• Watch out! Trojan Tinba is back and it's after your money
• Gatekeeper flaw opens Apple systems to intrusion
• Recognising and combating insider threat
• Android.Bankosy malware targets 'voice' two-factor authorisation
• Dropbear SSH daemon doesn't authenticate users
• Turkish cyber-criminals post their flag on hacked Russian Embassy site
• Cisco Annual Security Report 2016: "There is a higher calling"
• New report shows million of enterprise mobiles are open to attack
• Video: Insurance industry 'will drag cyber-security into the light'
• EU regulators to meet next month on Safe Harbour replacement
• The rise of the political and ideological motivated attack
• Ukraine blames Russia for cyber-attack on airport
• New type of PayPal spam discovered
• OpenSSH vulnerability means your keys are OpenPREY
• Let's spam! David Bowie death exploited by social engineering campaign
• Protecting personal data during HMRC phishing season
• Quarter of respondents would pay ransom to protect stolen data, survey says
• ICYMI: Citrix 'hack', D-Link webcam hacked, flaws and more hacks
• Brazilian hackers brazen and bold, says report
• Cyber-attack among World Economic Forum's top global risks
• 'High risk' for users of FRITZ!Box routers
• Bush shows teeth, says Clinton 'didn't take cyber-security seriously'
• Arrested hackers revealed to be outfit behind MegalodonHTTP trojan
• Global cloud IAM will dominate in revenue by 2020
• The 'silver lining' of growing cyber-security concerns
• Thank you to the bad guys
• 2 Minutes On: Safe Harbour ruled invalid
• Threat of the month: POS systems
• Last Word: A CISO checklist
• Industry Innovators: Access Control
• Industry Innovators: Perimeter Defence
• Industry Innovators: Data Protection
• Industry Innovators: Analysis and testing
• Industry Innovators: Risk and policy management
• Industry Innovators: Hall of Fame
• Industry Innovators: Security infrastructure
• Industry Innovators: Next-generation security monitoring and analytics
• Industry Innovators: Cyber-threat analysis and intelligence
• Industry Innovators: Virtualisation and cloud security
• Securing data wherever it may be
• Do your data policies stand up to scrutiny?
• Silver linings while clouds gather
• Predictions: 2016 and beyond
• Movers & Makers: Winter 2016
• ECHR rules companies can monitor employees' online comms
• IoT 'ding-donger' reveals WiFi passwords
• Industry sceptical of new NIS directive passed today
• UK doesn't undertake mass surveillance – Theresa May
• Spear-phishing increasingly large concern for IT professionals
• How can security vendors reduce their own attack surface?
• UK dry cleaners find over 22,000 tech devices each year
• Shadow IT and the Middle East - innovation versus risk
• General Motors opens bug bounty without the bounty
• 'Key member' of DD4BC arrested in international crackdown
• Cracka got Clapper – US intelligence director hacked
• 'Trochilus' RAT targets government of Myanmar
• Commercial drones are threat to UK civilians
• We can read encrypted emails on BlackBerry devices, Dutch team says
• Not so fast, was OS X really the most vulnerable of 2015?
• Lessons learned? A look back at five cyber-security trends of 2015
• Trend Micro patched flaws would let hackers execute malicious code
• In time, the smartwatch will make us vulnerable
• 98% of mobile apps lack binary protection
• Hack turns cheap D-Link webcam into a network backdoor
• Three versions of Internet Explorer reach end of life cycle
• Malware using legit certs to avoid detection, surveil users
• Scammers exploit EU cookie law
• Prosecution for breach-deniers says Liam Fox MP
• Turkish hacker's latest sentence brings total to unprecedented 334 years in jail
• Are backdoors a necessity, or just a 'welcome' sign to hackers?
• I hacked Citrix, says Russian hacker w0rm
• Jeremy Corbyn's Twitter account hacked for a few minutes
• Juniper Networks backdoor password 'hackable' within six hours
• Star Wars BB-8 vulnerable to firmware hacking
• Payment card data attacks worry over half of UK and US businesses
• UK security products market could reach US $1.7 billion in 2019
• NSA Whistleblower slams bulk collection in Snooper's Charter
• Tech big guns confront UK parliament on backdoors, encryption
• Fighting a war without being at war
• ICYMI: OS X most vulnerable? Bank SSL use; GDPR agreed; Dutch damn backdoors; Baltic security boost
• Researchers find two flaws in OAuth 2.0
• Let's Encrypt certificates issued for malvertising campaign
• Fitbit warranty fraud bombards and fools customer service
• Time Warner Cable: 320,000 customer emails possibly stolen
• WordPress 4.4.1 patches 52 security issues
• Backdoor battle puts encrypted phone vendors in thorny position
• Ensuring IT resilience in the face of change
• Comcast XFINITY flaw sounds Internet of Things security alarm
• 13 Play Store apps infected with Brain Test malware
• Most common January online sales scams revealed
• Former online fraudster hired by West Midlands Police
• Drupal install process appears to be dripping
• Eight arrested in eastern Europe over ATM malware attacks
• The rise of hybrid IT and the implications for CISOs
• Dutch government rejects UK government approach to encryption legislation
• Blackphone given black eye by vulnerability discovery
• Zerodium puts out $100,000 contract on Flash's heap isolation
• European Parliament informally agrees GDPR to come into power by 2018
• Understand your attacker: A practical guide to identifying TTPs with Threat Intelligence
• Loose talk on social media big security risk for firms, says Kaspersky
• Best practices to securing your data within EU Regulation
• 2 million sets of personal records stolen in 2015 Japanese cyber-attacks
• Anonymous takes credit for shutting down 14 Thai police wesbites
• Sony PSN downed – hacking group claims DDoS attack
• Dutch gov supports encryption, citing privacy, freedom of expression
• Why password sharing has become a common working practice
• UK high-street banks accused of "shockingly bad" online security
• Tor launching bug bounty programme
• Mystery database leaks conservative's personal details
• Microsoft promises to tell users of state-sponsored hacking attempts
• SCADA hackers reveal endemic ICS vulnerabilities in European rail
• Anti-ISIS hacktivists take credit for attacks on Trump, BBC, BlackLivesMatter
• ISIS hacking pro killed in drone strike
• Contain yourself: The new wave of cyber-security
• "Russian" DarkEnergy malware strikes at Ukrainian media and energy firms
• Novel JavaScript ransomware could be an equal opportunity infecter
• Apple OS X named most vulnerable software of 2015
• Series of DDoS attacks hit Linode over Christmas holiday
• Cisco says chat client vulnerable to man-in-the-middle attack
• SC: Video Interview: Bankers v hackers with Dr Luke Hebbes
• Baltics states to strengthen national IT security
• Rethinking how we relay risk - why poor cyber-risk reporting is still an issue