News
Business continuity planning
-
July 27, 2022
27
Jul'22
Consumers left out of pocket as security costs soar
As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people
-
July 27, 2022
27
Jul'22
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
-
July 26, 2022
26
Jul'22
No More Ransom initiative helps 1.5 million people in six years
One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project
-
July 25, 2022
25
Jul'22
NCSC seeks community input for Cyber Advisor service
The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
-
July 25, 2022
25
Jul'22
The Security Interviews: Why you need to protect abandoned digital assets
The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias
-
July 21, 2022
21
Jul'22
Russia-linked APTs targeted fleeing Ukrainian civilians
Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment
-
July 20, 2022
20
Jul'22
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide
-
July 15, 2022
15
Jul'22
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come
-
July 14, 2022
14
Jul'22
Videogame maker Bandai Namco confirms cyber attack
Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack
-
July 13, 2022
13
Jul'22
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on
-
July 12, 2022
12
Jul'22
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service
-
July 11, 2022
11
Jul'22
SMEs lagging on multifactor authentication
Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report
-
July 08, 2022
08
Jul'22
Stop telling clients to pay ransomware gangs, solicitors told
The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims
-
July 07, 2022
07
Jul'22
Latest Marriott data breach not as serious as others
Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately
-
July 06, 2022
06
Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
-
July 05, 2022
05
Jul'22
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
-
July 05, 2022
05
Jul'22
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country
-
June 30, 2022
30
Jun'22
ICO to cut back on fines for public sector data breaches
Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over
-
June 28, 2022
28
Jun'22
Russia-aligned hacktivists behind Lithuania DDoS attack
Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin
-
June 27, 2022
27
Jun'22
Brexit a net negative for UK cyber, say CISOs
Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe
-
June 24, 2022
24
Jun'22
Black Basta ransomware crew aiming for ‘big leagues’
Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason
-
June 23, 2022
23
Jun'22
Ukraine cyber agency enlists Radware to protect government networks
Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks
-
June 21, 2022
21
Jun'22
Government won’t regulate on professional cyber standards
The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession
-
June 21, 2022
21
Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best
A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
-
June 20, 2022
20
Jun'22
Complex Russian cyber threat requires we go back to basics
The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
-
June 15, 2022
15
Jun'22
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure
-
June 13, 2022
13
Jun'22
UK, US prepare to launch PET project
A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin
-
June 13, 2022
13
Jun'22
Government recommits to UK’s cyber future in Digital Strategy
New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
-
June 13, 2022
13
Jun'22
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
-
June 09, 2022
09
Jun'22
SolarWinds CEO offers to commit staffers to government cyber agencies
A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response
-
June 09, 2022
09
Jun'22
Cyber researchers step in to fill Patch Tuesday’s shoes
Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss
-
June 08, 2022
08
Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times
The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
-
May 26, 2022
26
May'22
Consultation launched on datacentre, cloud security
The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
-
May 26, 2022
26
May'22
Most CFOs being left out of ransomware conversations
Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
-
May 24, 2022
24
May'22
Ransomware volumes grew faster than ever in 2021
Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
-
May 23, 2022
23
May'22
Did the Conti ransomware crew orchestrate its own demise?
Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise
-
May 20, 2022
20
May'22
Applying international law to cyber will be a tall order
Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
-
May 20, 2022
20
May'22
Microsoft drops emergency patch after Patch Tuesday screw up
Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates
-
May 19, 2022
19
May'22
Nature of cyber war evolving in real time, says Microsoft president
The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London
-
May 19, 2022
19
May'22
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
-
May 17, 2022
17
May'22
(ISC)² to train 100,000 cyber pros in UK
Security association (ISC)² unveils ambitious UK training programme
-
May 11, 2022
11
May'22
CyberUK 22: Five Eyes focuses on MSP security
The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves
-
May 11, 2022
11
May'22
Analysts confirm return of REvil ransomware gang
Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks
-
May 11, 2022
11
May'22
Microsoft fixes three zero-days on May Patch Tuesday
It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days
-
May 10, 2022
10
May'22
CyberUK 22: NCSC refreshes cloud security guidance
The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise
-
April 28, 2022
28
Apr'22
Ransomware recovery costs dwarf actual ransoms
The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data
-
April 28, 2022
28
Apr'22
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity
-
April 28, 2022
28
Apr'22
Russia plumbs new depths in cyber war on Ukraine
Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign
-
April 27, 2022
27
Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time
-
April 27, 2022
27
Apr'22
Ransomware victims paying out when they don’t need to
Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to