News

Business continuity planning

• April 25, 2022 25 Apr'22

  Sophos soaks up SOC.OS

  Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services

• April 22, 2022 22 Apr'22

  What’s up with Conti and REvil, and should we be worrying?

  New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back

• April 22, 2022 22 Apr'22

  UAE bolsters cyber security

  The United Arab Emirates has successfully improved its security posture amid mounting cyber threats

• April 21, 2022 21 Apr'22

  Five Eyes in new Russia cyber warning

  Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure

• April 21, 2022 21 Apr'22

  Impact of Lapsus$ attack on Okta less than feared

  Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential

• April 14, 2022 14 Apr'22

  Lack of expertise hurting UK government’s cyber preparedness

  UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report

• April 11, 2022 11 Apr'22

  Border IT system fixed after 10-day outage

  Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand

• April 07, 2022 07 Apr'22

  US shuts down Russia’s Cyclops Blink botnet operation

  Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’

• March 30, 2022 30 Mar'22

  One-third of UK firms suffer a cyber attack every week

  New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors

• March 29, 2022 29 Mar'22

  NCSC: Not necessarily wise to ditch Kaspersky

  UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates

• March 29, 2022 29 Mar'22

  Wave of Log4j-linked attacks targeting VMware Horizon

  Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell

• March 25, 2022 25 Mar'22

  London police arrest seven in connection to Lapsus$

  Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks

• March 24, 2022 24 Mar'22

  Ransomware demands and payments increase with use of leak sites

  Ransomware demands and payments continue to climb as gangs increasingly turn to Dark Web leak sites to add pressure on victims

• March 18, 2022 18 Mar'22

  Ukrainian cyber defences prove resilient

  Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks

• March 17, 2022 17 Mar'22

  Kaspersky CEO: Ukraine war must end through diplomacy

  Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting

• March 17, 2022 17 Mar'22

  FCSA takes steps to help umbrella company members protect themselves better from cyber attacks

  After a spate of suspected ransomware attacks on its members, the Freelance and Contractor Services Association is partnering with a cyber security firm that can coach its umbrella firms on how to protect themselves better

• March 16, 2022 16 Mar'22

  Biden signs ransomware reporting mandate into law

  CNI operators in the US must now report cyber attacks within 72 hours, and ransomware payments within 24 hours

• March 16, 2022 16 Mar'22

  German authorities warn on Kaspersky but stop short of ban

  Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine

• March 10, 2022 10 Mar'22

  Tech brands sign on to HackerOne responsible security drive

  Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices

• March 09, 2022 09 Mar'22

  China’s APT41 exploited Log4j within hours

  APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims

• March 09, 2022 09 Mar'22

  Microsoft serves up three zero-days on March Patch Tuesday

  Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders

• March 03, 2022 03 Mar'22

  Nato Cyber Security unit tests post-quantum VPN

  Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN

• March 03, 2022 03 Mar'22

  Direct action is a risky business for Ukraine's volunteer hackers

  Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea

• March 02, 2022 02 Mar'22

  Cyber companies step up support for Ukraine

  Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine

• March 01, 2022 01 Mar'22

  Toyota production to resume after supply chain attack

  Toyota production has been set back by over 10,000 vehicles following a cyber attack on a critical components supplier in Japan

• March 01, 2022 01 Mar'22

  DCMS opens consultation on telecoms cyber standards

  Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act

• February 28, 2022 28 Feb'22

  Ukraine cyber attacks seen spiking, but no destructive cyber war yet

  While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  Security organisations form Nonprofit Cyber coalition

  Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  Salesforce pays out over £2m in bug bounties

  Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  DDoS attacks hit Ukrainian defence ministry and banks

  A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region

• February 16, 2022 16 Feb'22

  BlackCat ransomware gang claims responsibility for Swissport attack

  Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm

• February 15, 2022 15 Feb'22

  China emerges as leader in vulnerability exploitation

  Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs

• February 11, 2022 11 Feb'22

  CMA secures final Privacy Sandbox guarantees from Google

  The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 11, 2022 11 Feb'22

  Why security professionals should pay attention to what Russia is doing

  Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to

• February 09, 2022 09 Feb'22

  Ransomware ever more sophisticated and impactful, warns NCSC

  UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs

• February 09, 2022 09 Feb'22

  Microsoft stomps on 48 bugs in February Patch Tuesday update

  It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 07, 2022 07 Feb'22

  Airport services firm thwarts attempted ransomware heist

  Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack

• February 04, 2022 04 Feb'22

  Cyber attacks on European oil facilities spreading

  Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them

• February 02, 2022 02 Feb'22

  Zero-trust to soar in 2022, but dogged by implementation challenges

  IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite

• February 01, 2022 01 Feb'22

  German fuel supplier taken offline in cyber attack

  Cyber attack against Germany’s Oiltanking, a major fuel logistics company, affects 13 distribution terminals across Germany, in an incident with echoes of last year’s hit on Colonial Pipeline

• February 01, 2022 01 Feb'22

  Over one-fifth of ransomware attacks target financial sector

  Newly published data reveals a significant uptick in cyber attacks against the financial services sector during the third quarter of 2021