Alex Scroxton

Threat actors increasingly favour zero-day exploits to attack their victims before patches become available according to the NCSC and CISA, which have just published a list of the most widely-used vulnerabilities of 2023

High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update

Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever

A multi-region campaign, launching first in the US, will teach pre-teen children cyber security basics – with a little help from F1 star Alex Albon.

Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign.

AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025.

Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks

A UK national named as Tyler Robert Buchanan has been charged in the US over his alleged involvement in cyber attacks perpetrated by the Scattered Spider gang

Microsoft's Digital Crimes Unit has conducted a successful takedown of almost 250 malicious websites used in the cyber criminal ONNX phishing-as-a-service operation

The Australian and American cyber authorities have published updated intelligence on the BianLian ransomware gang, which has undergone a rapid evolution in tactics