The UK's National Cyber Security Centre and its western intel pals have today put out a report spotlighting the most commonly wielded hacking utilities. The study sets out five categories of publicly available hacking tools used by crims, spies and hacktivists worldwide. The list won't come as too much of a surprise to …

Underground hacker forums in China and Russia are as different as each country's regular shopping bazaars, according to research from Recorded Future. Both Russian and Chinese forums host a wide variety of international content. Russian forums rarely if ever feature data dumps from Russian firms. By contrast, data dumps and …

The payment-card-skimming malware operation dubbed Magecart has turned up again, this time in Shopper Approved, a customer rating plugin for websites. Shopper Approved is a toolkit used by hundreds of e-commerce sites, and it was infected with the MageCart spyware, allowing crooks to siphon off bank card data entered into …

Government-backed spies and hackers are increasingly using commercially available malware – thanks to a flourishing market of off-the-shelf software nasties – making it harder for researchers to identify who exactly is behind a cyber-attack. Traditionally, infosec bods have sought to pinpoint and unmask hacking crews by …

The Port of San Diego in California has shipping in outside help to deal with a crippling ransomware infection that is now in its third day. Port CEO Randa Coniglio said on Thursday that a number of services, including park permits, public records requests, and business document filings, have been hit by file-scrambling …

The Brit limb of unfortunately named and reassuringly expensive domestic appliance maker Smeg is up on its feet again after being hacked. The firm said yesterday it was "back up and running" after an "unfortunate cyber attack" that hit Wednesday 12 September. Important notice for Smeg UK customers: pic.twitter.com/XbBfWuZGHz …

Bristol Airport deliberately yanked its flight screens offline for two days over the weekend in response to a cyberattack. Techies took down computer-based flight information systems at the airport in provincial England between Friday morning and the wee hours of Sunday morning. The electronic screens were replaced by …

Persistence pays off for crooks when it comes to sextortion-based phishing scams, research into its effectiveness suggests. One variant bombards prospective marks with threats to release non-existent footage of them watching smut unless they give in to demands. Cleverly, these threats are lent an air of authenticity by using …

Two crooks scammed Vodafone customers in the Czech Republic out of $26,000 thanks to weak telco-issued PIN codes. Vodafone preset the online passwords for their customers with a numerical password of 4-6 digits. A pair of chancers with no technical skills were able to launch a brute-force attack that reportedly involved trying …

A pair of cybercrooks who may have started out as legit infosec pros have expanded their operations outside Russia and begun attacking banks across the world. "Silence is an example of a mobile, small, and young group that has been progressing rapidly," Group-IB said, adding that the cybercrime group has shown signs of …

The last of the four hackers collared for stealing and leaking people's private nude photos from their online accounts back in 2014 has been sentenced to eight months' imprisonment. George Garofano, 26, of North Branford, Connecticut, was also sentenced to three years' supervision post-release as punishment for his role in " …

A notorious hacking group suspected in attacks across dozens of countries has launched a campaign against banks in eastern Europe and Russia. The so-called Cobalt Group is slinging spear-phishing emails in an attempt to get into the systems of targeted financial organisations. The emails are set up to look like they were sent …

Security researchers have taken a deep dive into the cyber attack on the SWIFT/ATM infrastructure of Cosmos Bank, the recent victim of a $13.5m cyber-heist. Experts at Securonix have outlined the most likely progression of the attack against the bank, the latest financial institution to face hacks blamed on state-backed North …

Crooks are now taking to encrypted messenger Telegram to tout their online how-to courses on cybercrime, according to risk management biz Digital Shadows. Russian criminals have for some time now taught classes over the internet on how to rip off folks and credit card companies. Digital Shadows, which chronicled this trade …

Rogue mobile apps have become the most common fraud attack vector, according to the latest quarterly edition of RSA Security's global fraud report. Fraud from mobile browsers and mobile applications made up 71 per cent of total fraudulent transactions recorded (of approximately 402,000) in Q2 2018, compared to 61 per cent in …

New figures reveal UK identity fraud dropped during the first six months of 2018 to reach a four-year low. Cifas members recorded 84,463 cases of identity fraud in the first six months of the year, a 5 per cent drop compared to the same period in 2017 (89,199). Despite the reduction, identity fraud still represents over half …

UK police are looking to cybersecurity firms to help implement a strategy of steering youngsters away from a life in online crime. The National Crime Agency's Prevent campaign sits within the wider five-year UK National Cyber Security Strategy of 2016-2021. The NCA's scheme aims to point teenagers towards careers in cyber …

The Professional Golfers' Association of America (PGA) was hit by ransomware just before one of the sport's biggest pro events, which teed off on Thursday. Scrambled files on its infected computers include "creative materials" for this week's PGA Championship as well as next month's Ryder Cup, Golf Week reported. The software …