News
Security policy and user awareness
-
January 28, 2021
28
Jan'21
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact
-
January 27, 2021
27
Jan'21
Pandemic response has improved privacy posture, says Cisco
Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report
-
January 27, 2021
27
Jan'21
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement
-
January 27, 2021
27
Jan'21
Grindr complaint results in €9.6m GDPR fine
Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices
-
January 27, 2021
27
Jan'21
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately
-
January 26, 2021
26
Jan'21
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard
-
January 26, 2021
26
Jan'21
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group
-
January 26, 2021
26
Jan'21
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor
-
January 26, 2021
26
Jan'21
Cyber fraud a national security issue, says Rusi report
A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud
-
January 22, 2021
22
Jan'21
ICO resumes adtech investigation
The UK Information Commissioner’s Office was criticised for ending its investigation into alleged malpractice in advertising technology, but has now resumed its probe
-
January 22, 2021
22
Jan'21
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation
-
January 21, 2021
21
Jan'21
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council
-
January 21, 2021
21
Jan'21
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia
-
January 21, 2021
21
Jan'21
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked
-
January 21, 2021
21
Jan'21
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals
-
January 20, 2021
20
Jan'21
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?
-
January 20, 2021
20
Jan'21
Malwarebytes also hit by SolarWinds attackers
The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals
-
January 19, 2021
19
Jan'21
UK fraud agency deploys ArcGIS dashboard for data sharing
The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000
-
January 19, 2021
19
Jan'21
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike
-
January 19, 2021
19
Jan'21
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA
-
January 18, 2021
18
Jan'21
MoD reports 18% rise in data loss incidents
The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO
-
January 18, 2021
18
Jan'21
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering
-
January 17, 2021
17
Jan'21
NCSC CyberFirst Girls 2021 contest kicks off
UK’s national cyber agency says it has already had hundreds of entrants in spite of the challenges presented by the pandemic
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack
-
January 14, 2021
14
Jan'21
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems
-
January 14, 2021
14
Jan'21
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work
-
January 13, 2021
13
Jan'21
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline
-
January 13, 2021
13
Jan'21
Critical zero-day features in first Patch Tuesday of 2021
Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender
-
January 12, 2021
12
Jan'21
Parler collapse opens door to phishing attacks
The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern
-
January 11, 2021
11
Jan'21
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community
-
January 08, 2021
08
Jan'21
Government use of 'general warrants' to authorise computer and phone hacking is unlawful
A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens
-
January 04, 2021
04
Jan'21
WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules
Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal
-
December 24, 2020
24
Dec'20
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020
-
December 23, 2020
23
Dec'20
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020
-
December 22, 2020
22
Dec'20
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to ...
-
December 18, 2020
18
Dec'20
Utility supplier People’s Energy has entire customer list stolen
All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident
-
December 17, 2020
17
Dec'20
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast
-
December 17, 2020
17
Dec'20
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy
-
December 15, 2020
15
Dec'20
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next?
-
December 13, 2020
13
Dec'20
Singapore trials beacons to bolster police operations
Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial
-
December 11, 2020
11
Dec'20
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months
-
December 11, 2020
11
Dec'20
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL
-
December 11, 2020
11
Dec'20
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure
-
December 10, 2020
10
Dec'20
French regulators fine Google and Amazon over cookie policies
Google and Amazon rapped over their use of advertising cookies by the French data protection authorities
-
December 10, 2020
10
Dec'20
Cyber Helpline awarded lottery funding to support victims
The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery
-
December 09, 2020
09
Dec'20
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users
-
December 09, 2020
09
Dec'20
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance
-
December 09, 2020
09
Dec'20
FireEye’s ethical hacking tools stolen in state-backed attack
Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye
-
December 08, 2020
08
Dec'20
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices
-
December 07, 2020
07
Dec'20
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime