News
Hackers and cybercrime prevention
-
September 06, 2024
06
Sep'24
Longstanding Darktrace CEO Poppy Gustafsson to step down
Darktrace CEO Poppy Gustafsson is to leave the AI cyber company she helped build with Mike Lynch after more than a decade, following its acquisition by a private equity firm
-
September 05, 2024
05
Sep'24
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155
-
September 05, 2024
05
Sep'24
Fog ransomware crew evolving into wide-ranging threat
The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims
-
September 05, 2024
05
Sep'24
Ongoing TfL cyber attack takes out Dial-a-Ride service
The Dial-a-Ride assisted transit service for disabled people had to temporarily suspend part of its operations as Transport for London deals with an ongoing cyber attack, but the service has now been recovered
-
September 04, 2024
04
Sep'24
PyPI loophole puts thousands of packages at risk of compromise
Thousands of PyPI packages are at risk of an attack technique dubbed Revival Hijack, which exploits a loophole in the platform’s package naming feature
-
September 04, 2024
04
Sep'24
Fraud and scam complaints hit highest ever level in UK
The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded
-
September 03, 2024
03
Sep'24
Transport for London hit by cyber attack
London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services
-
September 02, 2024
02
Sep'24
UK and Ukraine digital trade deal comes into force
The UK eases access to the deep tech startup community in Ukraine through digital-only agreement
-
August 30, 2024
30
Aug'24
Norwegian Refugee Council leverages Okta for Good cyber scheme
Pietro Galli, CIO of the Norwegian Refugee Council, reveals how the globally distributed NGO has been taking advantage of the Okta for Good CSR programme to improve its own cyber security and data protection practice, and elevate good practice in ...
-
August 29, 2024
29
Aug'24
Check Point secured for annual Security Serious cyber awards
The annual Security Serious Unsung Heroes awards, recognising the champions of the UK cyber security industry, are back once again, with a new headline sponsor joining the party
-
August 29, 2024
29
Aug'24
Telegram CEO Pavel Durov under formal investigation, released on bail
European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act
-
August 29, 2024
29
Aug'24
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits
-
August 29, 2024
29
Aug'24
US offers $2.5m bounty for on-the-run malware dev
US State Department puts a $2.5m bounty on the head of Angler exploit kit developer and ransomware crew member Volodymyr Kadariya as part of a major developing case
-
August 28, 2024
28
Aug'24
Iranian APT Peach Sandstorm teases new Tickler malware
Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence
-
August 28, 2024
28
Aug'24
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region
-
August 27, 2024
27
Aug'24
Palo Alto Networks bets on ‘precision AI’
Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’
-
August 22, 2024
22
Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
-
August 21, 2024
21
Aug'24
Pakistani national arrested over Southport ‘cyber terrorism’
Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack
-
August 20, 2024
20
Aug'24
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report
-
August 20, 2024
20
Aug'24
Helsinki braced for elevated cyber attacks
The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems
-
August 19, 2024
19
Aug'24
Popular Microsoft apps for Mac at risk of code injection attacks
Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem
-
August 16, 2024
16
Aug'24
New Relic CEO on APAC growth and future of observability
New Relic CEO Ashan Willy talks up growth trajectory in APAC, the company’s long-term vision, and how going private has enabled it to make strategic investments
-
August 16, 2024
16
Aug'24
Thousands of NetSuite customers accidentally exposing their data
Misconfigured permissions across live websites are leaving thousands of NetSuite users open to having their valuable customer data stolen, researchers say
-
August 15, 2024
15
Aug'24
Google Cloud survey shows GenAI business benefits
Survey on behalf of Google Cloud suggests that business can start generating value from GenAI within six months
-
August 15, 2024
15
Aug'24
ASEAN organisations lack mature AI strategy
IBM-commissioned study reveals that while ASEAN organisations are engaging with AI, only 4% have reached a transformative level of AI maturity
-
August 14, 2024
14
Aug'24
August Patch Tuesday proves busy with six zero-days to fix
Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
-
August 13, 2024
13
Aug'24
Cyber criminal kingpin ‘J.P. Morgan’ appears in US court
‘J.P. Morgan’, a Belarusian cyber criminal who ran a major ransomware campaign supported by malvertising scams, faces decades in prison in the United States after being extradited from the EU
-
August 13, 2024
13
Aug'24
Australia’s cyber security skills gap remains pressing issue
Study reveals Australia’s critical shortage of cyber security professionals, escalating the risk of data breaches
-
August 08, 2024
08
Aug'24
Royal ransomware crew puts on a BlackSuit in rebrand
The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA
-
August 08, 2024
08
Aug'24
US lawmakers seek to brand ransomware gangs as terrorists
Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers
-
August 06, 2024
06
Aug'24
2024 seeing more CVEs than ever before, but few are weaponised
The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies
-
August 05, 2024
05
Aug'24
Chinese cyber attack sparks alert over six-year-old MS vuln
After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824
-
August 05, 2024
05
Aug'24
Russia’s luxury car phish continues to prove effective
Government organisations and other bodies operating in Ukraine continue to be targeted by a relatively unsophisticated phishing campaign that has proven so effective for Russia’s cyber spooks that there are now multiple agencies involved
-
August 02, 2024
02
Aug'24
How CrowdStrike is leveraging AI to empower security teams
CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges
-
August 01, 2024
01
Aug'24
Banks, telcos call for more data sharing to fight fraud
A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud
-
July 31, 2024
31
Jul'24
API attacks surge by 65% in APAC, fuelled by rapid digitisation
Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit
-
July 31, 2024
31
Jul'24
Campaigners call for evidence to reform UK cyber laws
The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work
-
July 31, 2024
31
Jul'24
Breach costs soar as record ransomware payment made
IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made
-
July 30, 2024
30
Jul'24
Basic failures led to hack of Electoral Commission data on 40 million people
UK government identifies Chinese state-linked hackers as likely to have been behind attack on the Electoral Commission
-
July 30, 2024
30
Jul'24
Core British Library services to return for new academic year
The British Library’s recovery from a devastating ransomware attack that laid waste to its IT systems continues - with hopes that some of its most popular services will be running again in September
-
July 29, 2024
29
Jul'24
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out
-
July 25, 2024
25
Jul'24
North Korean cyber APT targeting nuclear secrets
Mandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, including nuclear secrets
-
July 24, 2024
24
Jul'24
Mimecast to buy insider threat specialist Code42
Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms
-
July 23, 2024
23
Jul'24
NCA seizes thousands of social media accounts used by people smugglers
A three-year campaign has seen thousands of social media posts and accounts used to advertise the services of illegal people smugglers taken down
-
July 22, 2024
22
Jul'24
NCA cracks digitalstress DDoS-for-hire operation
The UK authorities have taken down a major component of the multinational DDoS cyber attack-for-hire ecosystem, hacking into the digitalstress.su service and exfiltrating data on its users, who now face arrest
-
July 22, 2024
22
Jul'24
NCSC: Beware of criminal CrowdStrike opportunists
Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow
-
July 18, 2024
18
Jul'24
Growth in nude image sharing heightens cyber abuse risk
The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky
-
July 17, 2024
17
Jul'24
UK Cyber Bill teases mandatory ransomware reporting
In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting
-
July 17, 2024
17
Jul'24
Hackney Council reprimanded over 2020 ransomware attack
The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating cyber attack, but at the same time, the regulator praised the local authority for its response and commitment to making improvements
-
July 17, 2024
17
Jul'24
Labour government plans new laws around cyber security, data sharing and skills
The King's Speech outlined the legislative agenda for the new Parliament, including several bills that will impact the tech community