News

Business continuity planning

• November 12, 2021 12 Nov'21

  BT applies Covid-19 R number modelling to threat response

  A prototype cyber security tool developed at BT uses epidemiological principles to detect and respond to cyber threats

• November 11, 2021 11 Nov'21

  Scale of crime-as-a-service economy a growing concern, say researchers

  The cyber criminal underground continues its evolution towards a service-based economy

• November 10, 2021 10 Nov'21

  November Patch Tuesday drop fixes bugs in Excel, Exchange Server

  Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• October 28, 2021 28 Oct'21

  How ransomware crews pile on the pressure to get victims to pay

  Sophos researchers share some of the more common tactics ransomware gangs use to pressurise their victims into paying up

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 27, 2021 27 Oct'21

  Cyber sector growth exacerbating skills shortage

  Data from security association (ISC)² shows demand for cyber pros is still outpacing supply as the sector continues an upward growth trajectory

• October 26, 2021 26 Oct'21

  Cyber experts on how to nobble a Nobelium attack

  A recent spate of attempted Nobelium cyber attacks were mostly unsuccessful, but serve as a reminder to pay attention to some more fundamental aspects of security

• October 25, 2021 25 Oct'21

  Attempted hack causes Tesco website outage

  Retailer’s website and app back after attempted hack caused problems over the weekend

• October 21, 2021 21 Oct'21

  Airport operator MAG boosts threat visibility with hybrid SOC

  With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience

• October 20, 2021 20 Oct'21

  US intelligence agencies issue advisory on BlackMatter gang

  Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers

• October 20, 2021 20 Oct'21

  LightBasin hackers breach 13 telcos in two years

  Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms

• October 13, 2021 13 Oct'21

  Google Cybersecurity Action Team springs into life

  Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Microsoft warns of MysterySnail on October Patch Tuesday

  Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets

• October 12, 2021 12 Oct'21

  Microsoft thwarts mega-DDoS attack on Azure platform

  2.4Tbps DDoS attack on an undisclosed Microsoft Azure customer may have been the largest ever attempted against a single target

• October 11, 2021 11 Oct'21

  Malaysia’s highway authority improves DR capabilities

  The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster-recovery-as-a-service offering powered by Veeam software

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 08, 2021 08 Oct'21

  Fast-moving Ryuk campaign targets healthcare organisations

  Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 07, 2021 07 Oct'21

  Twitch data breach investigations continue

  Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 04, 2021 04 Oct'21

  One Identity buys OneLogin for access management expertise

  Acquisition of OneLogin adds access management solutions to One Identity’s Unified Identity Security platform

• October 01, 2021 01 Oct'21

  JVCKenwood hit by Conti ransomware attack

  Nearly 2TB of data was stolen from Japanese electronics firm in a Conti ransomware hit

• September 29, 2021 29 Sep'21

  Russia arrests prominent cyber security executive

  Founder and CEO of cyber security firm Group-IB detained in Moscow on treason charges

• September 29, 2021 29 Sep'21

  FoggyWeb malware latest tool of dangerous Nobelium APT

  Microsoft’s threat intelligence team warns of a new strain of malware being used by the Russia-linked Nobelium APT

• September 29, 2021 29 Sep'21

  The Security Interviews: How SolarWinds came through its darkest hour

  In his first major UK press interview, SolarWinds CEO Sudhakar Ramakrishna tells Computer Weekly how a relentless focus on transparency saw the company safely through a nightmare cyber breach scenario

• September 28, 2021 28 Sep'21

  How one red team exercise averted a new SolarWinds-style attack

  Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack

• September 23, 2021 23 Sep'21

  Fresh alert over Conti ransomware surge

  Conti ransomware crew appears increasingly active, prompting fresh warnings from the US authorities

• September 23, 2021 23 Sep'21

  Threat actors target VMware vCenter Server users

  Users of VMware vCenter Server are advised to patch a series of vulnerabilities post haste

• September 16, 2021 16 Sep'21

  Dutch education administrators underestimate threat of cyber crime

  Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks

• September 15, 2021 15 Sep'21

  Microsoft patches 66 vulnerabilities in September update

  Another lighter-than-usual Patch Tuesday update includes important fixes for recently disclosed vulnerabilities, including a dangerous zero-day, and an update in the PrintNightmare saga

• September 14, 2021 14 Sep'21

  Cost of ransomware attack in financial sector exceeds $2m

  Mid-sized financial services organisations worldwide spend an average of over $2m recovering from ransomware attacks

• September 09, 2021 09 Sep'21

  UK GDPR faces changes under planned reforms

  DCMS is launching a major consultation on proposed changes to the UK’s data protection regime, under which several key elements of the GDPR are likely to change

• September 08, 2021 08 Sep'21

  Covid positive for security market, but still a source of stress

  CIISec’s latest “State of the profession report” highlights both positives and challenges for cyber pros arising from the past two years

• September 03, 2021 03 Sep'21

  Mandiant, Sophos detail dangerous ProxyShell attacks

  Threat researchers and incident responders continue to track threat activity around the dangerous ProxyShell Microsoft Exchange vulnerabilities, including impactful ransomware hits

• September 02, 2021 02 Sep'21

  Finance firms faced up to £760,000 costs per DNS attack during pandemic

  Financial services firms have been the focus of attacks by cyber criminals during the Covid-19 crisis

• September 01, 2021 01 Sep'21

  Remote workers routinely bypassed security tools during pandemic

  New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic

• August 27, 2021 27 Aug'21

  Are proposed data protection changes a threat to UK citizens’ privacy?

  Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth

• August 26, 2021 26 Aug'21

  Tech giants commit to Biden's cyber security action plan

  Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden

• August 26, 2021 26 Aug'21

  NZ privacy lead John Edwards named new information commissioner

  DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner

• August 19, 2021 19 Aug'21

  Pub apps harvesting swathes of customer data unnecessarily

  Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners

• August 13, 2021 13 Aug'21

  Cyber Runway programme supports new security businesses

  The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses

• August 11, 2021 11 Aug'21

  The Netherlands still lacks digital resilience, says report

  Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient

• August 10, 2021 10 Aug'21

  Dutch lead the way in protecting themselves against internet risks

  Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent

• July 28, 2021 28 Jul'21

  COP26 cyber resource hub launched for Glasgow businesses

  New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit

• July 25, 2021 25 Jul'21

  Tokyo 2020 hit by data breach

  The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large

• July 23, 2021 23 Jul'21

  Kaseya obtains universal ransomware decryptor

  Kaseya says it obtained a ransomware decryptor key from a trusted third party, but there is no word on whether a ransom was paid

• July 22, 2021 22 Jul'21

  Beeinfotech PH opens telco-neutral datacentre in the Philippines

  Datacentre startup is touting carrier neutrality, bespoke services and cyber security capabilities to meet the growing demand for co-location services in the Philippines

• July 14, 2021 14 Jul'21

  REvil ransomware crew drops offline, reasons murky

  The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated