News

Business continuity planning

• January 27, 2021 27 Jan'21

  Pandemic response has improved privacy posture, says Cisco

  Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report

• January 27, 2021 27 Jan'21

  Mimecast breach was work of SolarWinds attackers

  Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December

• January 27, 2021 27 Jan'21

  Emotet botnet goes offline as cops seize servers

  The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement

• January 26, 2021 26 Jan'21

  ICO extends commissioner Denham’s term of office

  Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor

• January 26, 2021 26 Jan'21

  Cyber fraud a national security issue, says Rusi report

  A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud

• January 22, 2021 22 Jan'21

  Sepa data leaks as agency resists ransom demands

  The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation

• January 21, 2021 21 Jan'21

  Hackney Council tenders for cyber security upgrade

  Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council

• January 21, 2021 21 Jan'21

  Two-thirds of CISOs say they’ll be cyber attack victims this year

  Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked

• January 19, 2021 19 Jan'21

  Value of GDPR fines shows dramatic increase in 2020

  European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise

• January 18, 2021 18 Jan'21

  MoD reports 18% rise in data loss incidents

  The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO

• January 15, 2021 15 Jan'21

  US cyber security agencies get $9bn in Biden plan

  New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack

• January 15, 2021 15 Jan'21

  Coalition proposes secure standard model for Covid-19 passports

  Vaccination Credential Initiative is working to ensure that people vaccinated against Covid-19 can access their records in a secure, verifiable and privacy-preserving way

• January 14, 2021 14 Jan'21

  Old, on-premise systems targeted in Hackney ransomware attack

  Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology

• January 13, 2021 13 Jan'21

  Critical zero-day features in first Patch Tuesday of 2021

  Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender

• January 12, 2021 12 Jan'21

  Mimecast latest security firm to be compromised

  Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident

• January 12, 2021 12 Jan'21

  Early stage UK security startups face funding crisis

  Overall cyber security funding since the advent of the pandemic is well up, but investment is dominated by safe, later-stage firms while those raising capital for the first time fall away

• January 11, 2021 11 Jan'21

  New SolarWinds CEO sets out rescue plan

  Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community

• January 11, 2021 11 Jan'21

  Kaspersky claims link between Solorigate and Kazuar backdoors

  Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship

• January 07, 2021 07 Jan'21

  Biden picks cyber veteran to reinvigorate security response

  Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration

• January 07, 2021 07 Jan'21

  Hackney Council data leaked by Pysa ransomware gang

  Council data stolen in October is leaked online in a double extortion attack

• January 06, 2021 06 Jan'21

  SolarWinds attack almost certainly work of Russian spooks

  Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays

• December 24, 2020 24 Dec'20

  Top 10 cyber crime stories of 2020

  Here are Computer Weekly’s top 10 cyber crime stories of 2020

• December 23, 2020 23 Dec'20

  Top 10 cyber security stories of 2020

  Here are Computer Weekly’s 10 top cyber security stories of 2020

• December 17, 2020 17 Dec'20

  EU security strategy a ‘step up’ on cyber leadership, says Brussels

  The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy

• December 17, 2020 17 Dec'20

  NHS Scotland taps Check Point to secure Covid-19 data

  NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus

• December 17, 2020 17 Dec'20

  AWS brings disaster recovery programme to Australia

  Project Resilience will offer up to $5,000 worth of credits to public sector and community organisations to offset the cost of storing data on Amazon Web Services

• December 11, 2020 11 Dec'20

  Surge in Covid-19 vaccine phishing scams reported

  Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure

• December 10, 2020 10 Dec'20

  After critical year, Vodafone trains security sights on CNI market

  Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets

• December 09, 2020 09 Dec'20

  Amnesia:33 IoT flaws dangerous and patches unlikely, say experts

  The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users

• December 09, 2020 09 Dec'20

  Patch Tuesday: Microsoft presents just 58 CVEs for Christmas

  The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance

• December 09, 2020 09 Dec'20

  There’s no going back to pre-pandemic security approaches

  The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021

• December 07, 2020 07 Dec'20

  HMRC referred 11 data security incidents to ICO in 2019-20

  HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report

• December 07, 2020 07 Dec'20

  A trillion dollars lost to cyber crime every year

  Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime

• December 04, 2020 04 Dec'20

  Opportunistic Egregor ransomware is an emerging and active threat

  Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it

• December 03, 2020 03 Dec'20

  Covid-19 vaccine supply chain attacked by unknown nation state

  An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines

• December 03, 2020 03 Dec'20

  Dangerous Trickbot evolves to target UEFI/BIOS firmware

  Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware

• December 02, 2020 02 Dec'20

  Double extortion ransomware will be a big theme in 2021

  Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration

• December 01, 2020 01 Dec'20

  What it takes for APAC firms to ride out the pandemic

  Whether businesses will recover from the Covid-19 pandemic will depend on how they leverage technology to innovate, create new business models and build digital trust

• November 25, 2020 25 Nov'20

  Securing UK’s critical national infrastructure is a 2021 priority

  Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority

• November 19, 2020 19 Nov'20

  Security sector broadly backs Boris Johnson’s Cyber Force

  Security community says the presence of a robust cyber defence force alongside a robust physical one will be vital to the UK’s national security

• November 17, 2020 17 Nov'20

  Kaspersky shuts down data-processing activities in Russia

  Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland

• November 17, 2020 17 Nov'20

  Ransomware stats overload risks confusing buyers

  UK-based organisations are either more, or less, likely to pay ransoms, depending on which cyber security supplier you want to believe

• November 16, 2020 16 Nov'20

  Hackney systems could be unavailable for months, says council

  A month after a highly disruptive cyber attack on its systems, Hackney Council is still struggling to get back up and running

• November 11, 2020 11 Nov'20

  Security pros coped admirably with remote working transition

  Despite facing tight timescales at the onset of the pandemic, security professionals have come through the transition to remote working remarkably well, according to a report

• November 11, 2020 11 Nov'20

  Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates

  November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of

• November 10, 2020 10 Nov'20

  IT Priorities 2020: After Covid-19, security goes back to basics

  This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals

• November 06, 2020 06 Nov'20

  NHS warned over Ryuk spreading through Trickbot replacements

  NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders

• November 02, 2020 02 Nov'20

  NHS weathers cyber crime storm during pandemic, says NCSC

  The NCSC dealt with over 700 incidents in the 12 months to August 2020, with over 200 specifically related to Covid-19, and the NHS a critical area of focus

• October 30, 2020 30 Oct'20

  Accidental heroes: How one scaleup pivoted to cyber

  Simeon Quarrie designed his business using virtual reality and interactivity as a tool to tell stories that effect cultural change in enterprise environments – then a cyber criminal emptied his bank account

• October 30, 2020 30 Oct'20

  CISOs more confident in identity practice after pandemic shock

  Identity practice and management has become a critical element of cyber security strategies to support remote workers

• October 29, 2020 29 Oct'20

  Zero-trust investment seen accelerating through pandemic

  New analyst report details some of the main indicators for success in zero-trust implementation

• October 27, 2020 27 Oct'20

  Commvault launches Metallic backup service in Europe

  Backup giant adds backup as a service, with cloud-to-cloud backup and e-discovery functionality that can work across on-site datacentres and the AWS and Azure clouds

• October 22, 2020 22 Oct'20

  Protecting remote workers an opportunity to do security better

  Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report

• October 21, 2020 21 Oct'20

  Retailers get access to new security toolkit

  The British Retail Consortium has worked with the NCSC to develop a new cyber security toolkit pitched at retailers

• October 15, 2020 15 Oct'20

  Cloud data protection keeps the Crick’s medical research Covid-secure

  Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic

• October 15, 2020 15 Oct'20

  Hackney services still offline in ongoing cyber attack

  Services remain disrupted two days after council was hit by a serious incident, as residents are warned to be on their guard

• October 14, 2020 14 Oct'20

  Public sector security failings leave UK at risk, says think tank

  Reform report urges adoption of new policies in the next version of the UK’s National Cyber Security Strategy

• October 14, 2020 14 Oct'20

  Microsoft fixes 87 bugs in October 2020 Patch Tuesday

  Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019

• October 08, 2020 08 Oct'20

  NCSC relaunches SME security guide with home working focus

  The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020

• October 08, 2020 08 Oct'20

  Threat of GDPR fines increasingly driving security buying decisions

  Scaring the people who hold the purse strings may be the best option for CISOs who need a little extra budget

• October 07, 2020 07 Oct'20

  Southeast Asia remains hotspot for cyber attacks

  Geopolitics and Covid-19 have been fodder for cyber criminals to advance their motives in Southeast Asia in 2020

• October 06, 2020 06 Oct'20

  Ransomware attacks go through the roof

  The volume of ransomware attacks has jumped 50% in the past three months, according to data produced at Check Point

• October 06, 2020 06 Oct'20

  CISOs struggle to keep up with MITRE ATT&CK framework

  Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley

• October 02, 2020 02 Oct'20

  Honesty is the best policy: Forging a security culture in the NHS

  Clinician and technologist Sam Shah helped set up NHSX in 2019. Now he’s helping advance digital transformation in healthcare from the outside, and a big part of that is addressing security in the sector

• October 02, 2020 02 Oct'20

  Security pros face sanctions if they help ransomware victims pay

  New advisory from the US government warns cyber insurance and incident response specialists that they could be skating on thin ice if they help ransomware victims pay their attackers off

• October 02, 2020 02 Oct'20

  Find and fix your Adobe Flash dependencies, says NCSC

  As Adobe’s Flash Player approaches end-of-life, the National Cyber Security Centre is urging organisations to fix their Flash dependencies

• September 29, 2020 29 Sep'20

  Ryuk attack downs private health provider in major incident

  Private healthcare provider UHS has been been hit by a major big game hunting cyber attack that infected its systems with the Ryuk ransomware

• September 28, 2020 28 Sep'20

  Sustrans opens door to NCSC cyber certification via the cloud

  Sustainable transport charity turned to Qualys to help it attain needed certifications to bid for government work

• September 28, 2020 28 Sep'20

  Security now main driving force behind digital transformation

  Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda

• September 24, 2020 24 Sep'20

  Coronavirus shows inadequacy of rear-view mirror planning

  Looking at historical data has hampered businesses’ attempts to move forward effectively during the pandemic

• September 24, 2020 24 Sep'20

  Race to patch as Microsoft confirms Zerologon attacks in the wild

  Don’t be the organisation that made the headlines because it failed to patch. Microsoft says it is seeing cyber attacks ramping up around the Zerologon CVE-2020-1472 bug

• September 22, 2020 22 Sep'20

  GDS reviewing Cloud First policy post-Schrems II

  Review seeks to determine the future of government engagement with cloud hosting services as they relate to cross-border data flows

• September 18, 2020 18 Sep'20

  US government deplatforms TikTok and WeChat

  The Commerce Department of the US government has banned new downloads of TikTok and WeChat in the US, and announced new prohibitions on doing business with them

• September 18, 2020 18 Sep'20

  German authorities probe ransomware hospital death

  Hackers failed to extort a ransom from University Hospital Düsseldorf, but indirectly caused the death of a patient

• September 17, 2020 17 Sep'20

  Saudi Arabia sees cyber security boom as coronavirus bites

  Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods

• September 17, 2020 17 Sep'20

  What are the habits of highly effective CISOs?

  Data crunched by Gartner analysts reveals the behaviours that differentiate the top-performing chief information security officers from the pack

• September 16, 2020 16 Sep'20

  NCSC steps up ransomware support for schools and universities

  New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks

• September 16, 2020 16 Sep'20

  Retailers urged to get to grips with Magento as attacks spike

  A huge spike in online retailers being hacked with Magecart credit card skimmers is being blamed on unsupported versions of Adobe Magento

• September 15, 2020 15 Sep'20

  Gartner Security Summit: Covid-19 brings agile security to the fore

  The evolving threat landscape is the top driver impacting cyber security during the next three to five years, and Covid-19 has accelerated the trend towards more agile security deployments

• September 11, 2020 11 Sep'20

  Zoom adds two-factor authentication for all users

  Latest enhancements to Zoom security make it easier for organisations to protect users and prevent breaches and unauthorised meeting access

• September 10, 2020 10 Sep'20

  Lorca security scaleups hit funding milestone

  £153m of investment has been raised by Lorca cohort companies in just two years, almost four times the original target

• September 10, 2020 10 Sep'20

  Datacentre firm Equinix investigating ransomware attack

  A number of internal systems at cloud and datacentre firm Equinix have been affected by a ransomware attack

• September 10, 2020 10 Sep'20

  Government launches £500k healthcare security plan

  A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic

• September 09, 2020 09 Sep'20

  September’s Patch Tuesday heavy on RCE vulnerabilities

  Microsoft’s September update contains patches for 129 common vulnerabilities and exposures, including a high number of remote code execution issues

• September 06, 2020 06 Sep'20

  Why predictive threat intelligence is key

  Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur

• September 03, 2020 03 Sep'20

  Phishing scam targets Lloyds Bank customers

  Bank customers warned of emails and SMS messages that direct them to a fraudulent site and then request account log-in details

• September 02, 2020 02 Sep'20

  Northumbria University suffers major disruption after cyber attack

  Some exams cancelled as university appoints external specialists to investigate incident

• August 28, 2020 28 Aug'20

  New Zealand activates security services as DDoS outage enters fourth day

  New Zealand government calls in its national cyber security agencies to help investigate a continuing cyber attack on the country’s financial systems

• August 28, 2020 28 Aug'20

  Machine learning wards off threats at TV studio Bunim Murray

  TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats

• August 27, 2020 27 Aug'20

  DDoS downs New Zealand stock exchange for third day

  Distributed denial of service attack from overseas has left stock exchange offline for days

• August 27, 2020 27 Aug'20

  TikTok CEO clocks off

  TikTok CEO Kevin Mayer has resigned from the firm after just three months

• August 20, 2020 20 Aug'20

  UKAS rejects ISO certification concerns

  UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications

• August 19, 2020 19 Aug'20

  HMRC investigates over 10,000 Covid-19 phishing reports

  HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June

• August 19, 2020 19 Aug'20

  Coronavirus: Thousands of ISO certifications set to lapse

  Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing

• August 17, 2020 17 Aug'20

  The Security Interviews: How Crest is remaking the future of consultancy

  Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models

• August 12, 2020 12 Aug'20

  Microsoft patches two zero-days with active exploits

  Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals

• August 11, 2020 11 Aug'20

  French data protection authorities to probe TikTok as suitors circle

  France’s CNIL has confirmed a new investigation into TikTok’s data protection practices

• August 11, 2020 11 Aug'20

  Hospitality sector is failing on contact-tracing obligations

  Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices

• August 10, 2020 10 Aug'20

  Security teams struggle to keep pace with cloud threats

  Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up

• August 06, 2020 06 Aug'20

  Business leaders banking on technology to drive coronavirus recovery

  GDP and IT spending are down, but business leaders see technology as the way to go when it comes to coping with the global pandemic