News

Data breach incident management and recovery

• November 25, 2020 25 Nov'20

  Three cyber criminals arrested in Nigerian BEC investigation

  Prolific cyber criminal gang is thought to have compromised up to half a million victims since 2017

• November 23, 2020 23 Nov'20

  Manchester United praised for swift response to cyber attack

  Manchester United’s systems were attacked last week, and the club has been praised for a swift and decisive response

• November 20, 2020 20 Nov'20

  Security pros fear prosecution under outdated UK laws

  CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs

• November 19, 2020 19 Nov'20

  Covid-19 shift to remote working adds to Earth’s growing e-waste problem

  The shift to remote working has forced firms to purchase new IT equipment, but many are still lacking sustainable end-of-life processes for their devices

• November 19, 2020 19 Nov'20

  Security sector broadly backs Boris Johnson’s Cyber Force

  Security community says the presence of a robust cyber defence force alongside a robust physical one will be vital to the UK’s national security

• November 18, 2020 18 Nov'20

  2021 the year of commodity ransomware, says Sophos

  Sophos researchers anticipate a trickle-down effect in the cyber criminal underground

• November 17, 2020 17 Nov'20

  Kaspersky shuts down data-processing activities in Russia

  Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland

• November 17, 2020 17 Nov'20

  Ransomware stats overload risks confusing buyers

  UK-based organisations are either more, or less, likely to pay ransoms, depending on which cyber security supplier you want to believe

• November 17, 2020 17 Nov'20

  Financial services data volumes heighten risk of insider breach

  Financial services organisations hold so much data that it is becoming virtually impossible to safeguard properly against data breaches caused by malicious or careless employees

• November 16, 2020 16 Nov'20

  How Standard Chartered approaches cyber security

  Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches

• November 16, 2020 16 Nov'20

  Resident Evil studio Capcom confirms scale of Ragnar Locker breach

  Videogame studio says the data of up to 350,000 people was likely to have been compromised in a Ragnar Locker ransomware attack

• November 16, 2020 16 Nov'20

  Human error blamed in Welsh Covid-19 patient data leak

  Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked

• November 16, 2020 16 Nov'20

  Hackney systems could be unavailable for months, says council

  A month after a highly disruptive cyber attack on its systems, Hackney Council is still struggling to get back up and running

• November 13, 2020 13 Nov'20

  Ticketmaster fined £1.25m by ICO for failing to protect customer data

  Ticket website’s customer data was exposed through an attack on a third-party chatbot

• November 12, 2020 12 Nov'20

  Online kids’ game Animal Jam confirms large breach

  Cyber criminals have stolen data on 46 million Animal Jam player accounts via a third-party attack

• November 10, 2020 10 Nov'20

  Leaky AWS S3 bucket once again at centre of data breach

  Prestige Software exposed millions of records after failing to pay attention to the security of its cloud instances

• November 10, 2020 10 Nov'20

  IT Priorities 2020: After Covid-19, security goes back to basics

  This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals

• November 06, 2020 06 Nov'20

  NHS warned over Ryuk spreading through Trickbot replacements

  NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders

• November 04, 2020 04 Nov'20

  India and Japan report stronger concern over cyber threats

  Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic

• November 02, 2020 02 Nov'20

  NHS weathers cyber crime storm during pandemic, says NCSC

  The NCSC dealt with over 700 incidents in the 12 months to August 2020, with over 200 specifically related to Covid-19, and the NHS a critical area of focus

• November 02, 2020 02 Nov'20

  Maze ransomware shuts down with bizarre announcement

  The operators of Maze announce they are shutting down, and claim their crime spree was merely intended to demonstrate lax security at their targets

• October 30, 2020 30 Oct'20

  Accidental heroes: How one scaleup pivoted to cyber

  Simeon Quarrie designed his business using virtual reality and interactivity as a tool to tell stories that effect cultural change in enterprise environments – then a cyber criminal emptied his bank account

• October 30, 2020 30 Oct'20

  ICO slashes Marriott breach fine to £18.4m

  Reduced fine reflects both improvements made to hotel group’s cyber security and impact of coronavirus on the travel and hospitality sector

• October 29, 2020 29 Oct'20

  Surge in Ryuk ransomware attacks has hospitals on alert

  Russian cyber criminals are conducting a targeted campaign against hospitals with Ryuk ransomware

• October 28, 2020 28 Oct'20

  Trump supporters targeted by cryptocurrency scammers

  The successful breach of Donald Trump’s official website shows up lax security on his campaign team and is yet another timely warning that nobody is immune to cyber crime

• October 28, 2020 28 Oct'20

  Finnish therapy centre accused of covering up cyber attack

  Private therapy practice Vastaamo faces questions over its security and business practices in the months leading up to one of the biggest data breaches in Finland’s history

• October 28, 2020 28 Oct'20

  Barracuda eyes Indochina markets

  Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos

• October 27, 2020 27 Oct'20

  Calls for clarity over Amazon insider breach

  Security experts call for more clarity from Amazon over an apparent leak of customer data

• October 26, 2020 26 Oct'20

  Highly unusual hacking attack directly threatens therapy patients

  A hacker has directly contacted therapy patients to say their highly personal therapy notes will be put on the internet unless they pay the ransom

• October 23, 2020 23 Oct'20

  Cyber attack on Hackney Council is ‘morally repugnant’, says mayor

  Mayor of Hackney is ‘incredibly angry’ at the cyber criminals behind the attack, which will continue to disrupt key council services for some time

• October 21, 2020 21 Oct'20

  Charities warned over ‘Robin Hood’ cyber criminals

  Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it

• October 21, 2020 21 Oct'20

  Customer loyalty accounts in danger from cyber criminals

  Billions of credential stuffing attacks are harvesting valuable customer data for the dark web economy

• October 21, 2020 21 Oct'20

  Retailers get access to new security toolkit

  The British Retail Consortium has worked with the NCSC to develop a new cyber security toolkit pitched at retailers

• October 20, 2020 20 Oct'20

  Hackney Council services to be disrupted ‘for some time’

  Inability to make housing benefit payments is likely to sting some tenants as Hackney cyber attack drags on

• October 20, 2020 20 Oct'20

  Resilient Trickbot down but not yet knocked out

  Global, Microsoft-led effort to disrupt the Trickbot botnet has seen some success, but new command and control servers continue to pop up

• October 20, 2020 20 Oct'20

  BA breach penalty sets new GDPR precedents

  The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection

• October 20, 2020 20 Oct'20

  Six Russians charged over NotPetya and other attacks

  Six members of the APT group known as Sandworm have been charged in the US over a series of attacks including the destructive NotPetya incident

• October 16, 2020 16 Oct'20

  BA argues ICO data breach fine down to £20m

  Information Commissioner’s Office levies fine of £20m on British Airways for failing to protect the personal data of hundreds of thousands of passengers – a vast reduction on the initial £183m penalty

• October 15, 2020 15 Oct'20

  Cloud data protection keeps the Crick’s medical research Covid-secure

  Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic

• October 15, 2020 15 Oct'20

  Arrests and indictments made in cyber money laundering ring

  The NCA has revealed six men were arrested in the UK as part of an international investigation into a money laundering network which handled transactions for some of the world’s most prolific cyber criminal groups

• October 15, 2020 15 Oct'20

  Hackney services still offline in ongoing cyber attack

  Services remain disrupted two days after council was hit by a serious incident, as residents are warned to be on their guard

• October 14, 2020 14 Oct'20

  Public sector security failings leave UK at risk, says think tank

  Reform report urges adoption of new policies in the next version of the UK’s National Cyber Security Strategy

• October 14, 2020 14 Oct'20

  US Elections: Malicious internet domains spike as campaigns heat up

  Internet domains related to the US presidential election are 56% more likely to be malicious than regular ones

• October 14, 2020 14 Oct'20

  Fintech ‘unicorn’ Klarna probed over data misuse

  Online bank blames misuse of user data on human error as Information Commissioner’s Office weighs in

• October 13, 2020 13 Oct'20

  Suppliers neglecting virtual appliance security, putting users at risk

  Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report

• October 13, 2020 13 Oct'20

  Hackney Council services offline after ‘serious’ cyber attack

  Services to residents of the London borough of Hackney are being disrupted by a cyber attack

• October 12, 2020 12 Oct'20

  Trickbot forced offline in major cyber security victory

  Coalition led by Microsoft obtained a court order enabling them to take down the infamous Trickbot botnet’s back-end server infrastructure

• October 12, 2020 12 Oct'20

  Cyber security skills ad branded ‘crass’ by minister

  Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic

• October 12, 2020 12 Oct'20

  Software AG caught in double extortion ransomware hit

  Data stolen from prominent German software company by Clop ransomware gang appears on the dark web

• October 12, 2020 12 Oct'20

  Making sense of zero-trust security

  Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint

• October 09, 2020 09 Oct'20

  Magecart strikes website of school payments service Wisepay

  Magecart credit card skimmer harvested financial data of users of Wisepay’s platform over a two-day period

• October 08, 2020 08 Oct'20

  NCSC relaunches SME security guide with home working focus

  The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020

• October 08, 2020 08 Oct'20

  Emotet rated September’s ‘most popular’ malware

  The current resurgence of Emotet is attracting attention as governments issue new warnings and cyber criminals rush to exploit the chaotic US election

• October 08, 2020 08 Oct'20

  Crown Prosecution Service suffers 1,600 data breaches in 12 months

  CPS sees a spike in data security incidents, many of them serious enough to be reported to the Information Commissioner’s Office

• October 07, 2020 07 Oct'20

  UK accounts for 45% of Europe’s card fraud as criminals target online transactions

  Payment card fraudsters steal €1.5bn, with card-not-present attacks accounting for three-quarters of this sum

• October 07, 2020 07 Oct'20

  ICO wraps up Cambridge Analytica investigation

  Information Commissioner’s Office concludes its investigation into Cambridge Analytica, saying no additional evidence has come to light that would change its previous assessments

• October 07, 2020 07 Oct'20

  Southeast Asia remains hotspot for cyber attacks

  Geopolitics and Covid-19 have been fodder for cyber criminals to advance their motives in Southeast Asia in 2020

• October 06, 2020 06 Oct'20

  Ransomware attacks go through the roof

  The volume of ransomware attacks has jumped 50% in the past three months, according to data produced at Check Point

• October 06, 2020 06 Oct'20

  CISOs struggle to keep up with MITRE ATT&CK framework

  Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley

• October 02, 2020 02 Oct'20

  Honesty is the best policy: Forging a security culture in the NHS

  Clinician and technologist Sam Shah helped set up NHSX in 2019. Now he’s helping advance digital transformation in healthcare from the outside, and a big part of that is addressing security in the sector

• October 02, 2020 02 Oct'20

  Security pros face sanctions if they help ransomware victims pay

  New advisory from the US government warns cyber insurance and incident response specialists that they could be skating on thin ice if they help ransomware victims pay their attackers off

• October 01, 2020 01 Oct'20

  Judge to give verdict on Julian Assange’s extradition after Christmas

  Judge Vanessa Baraitser said today that she would make a ruling in early January on whether WikiLeaks founder Julian Assange should be extradited to the US

• October 01, 2020 01 Oct'20

  Blackbaud admits hackers stole banking details, passwords

  Software firm paid off a ransomware gang, believed its hackers when they said they had destroyed the data, and has now discovered the cyber criminals accessed even more sensitive information than it thought

• September 29, 2020 29 Sep'20

  Threat actors becoming vastly more sophisticated

  Malicious actors have been busily honing their craft and cyber security incidents are up across the board as a result, according to a Microsoft report

• September 29, 2020 29 Sep'20

  NCSC expands schools programme to north-east England and Northern Ireland

  Following an initial roll-out in Gloucestershire and Wales, the NCSC’s CyberFirst Schools programme is being extended to north-east England and Northern Ireland

• September 29, 2020 29 Sep'20

  Ryuk attack downs private health provider in major incident

  Private healthcare provider UHS has been been hit by a major big game hunting cyber attack that infected its systems with the Ryuk ransomware

• September 28, 2020 28 Sep'20

  Security now main driving force behind digital transformation

  Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda

• September 28, 2020 28 Sep'20

  Airbnb hosts’ account data exposed in internal leak

  Data exposure within Airbnb’s system was the result of a technical issue but was swiftly fixed, says the firm

• September 25, 2020 25 Sep'20

  Forensic expert questions US claims that Julian Assange conspired to crack military password

  Forensic computer expert Patrick Eller told the Old Bailey that US allegations that WikiLeaks founder Julian Assange attempted to decrypt a password to help former soldier Chelsea Manning leak sensitive government documents anonymously do not fit ...

• September 24, 2020 24 Sep'20

  Government blasted over ‘reckless’ contact-tracing security

  The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security

• September 24, 2020 24 Sep'20

  Australians want more control over privacy

  Nearly nine in 10 Australians want more control and choice over the collection and use of their personal information amid declining trust in how organisations handle personal data, survey finds

• September 23, 2020 23 Sep'20

  WikiLeaks founder Julian Assange has Asperger syndrome and depression, court hears

  Julian Assange is on the autistic spectrum and has a history of depression that would put him at risk of suicide if he is extradited to a US prison, psychiatrists tell the court

• September 23, 2020 23 Sep'20

  Video gamers barraged with cyber attacks

  From credential stuffing to SQL injection and DDoS, video game producers and players are seeing massive volumes of cyber attacks

• September 22, 2020 22 Sep'20

  Activision shoots down data breach claims

  Gaming company denies there has been any data breach after up to 500,000 accounts appeared to have been compromised, but evidence mounts that credential stuffing attacks are to blame

• September 18, 2020 18 Sep'20

  Outgoing NCSC CEO: Ransomware threat kept us up at night

  Former NCSC CEO Ciaran Martin sheds some light on some of the biggest cyber threats currently facing the UK

• September 18, 2020 18 Sep'20

  Congressman offered Julian Assange a ‘win-win’ deal that would help President Trump

  Details have emerged of US congressman Dana Rohrabacher’s offer of a pardon to WikiLeaks founder Julian Assange in a ‘win-win deal that would benefit US President Donald Trump

• September 18, 2020 18 Sep'20

  US government deplatforms TikTok and WeChat

  The Commerce Department of the US government has banned new downloads of TikTok and WeChat in the US, and announced new prohibitions on doing business with them

• September 18, 2020 18 Sep'20

  German authorities probe ransomware hospital death

  Hackers failed to extort a ransom from University Hospital Düsseldorf, but indirectly caused the death of a patient

• September 17, 2020 17 Sep'20

  Maze ransomware borrows Ragnar Locker tactics to sneak past defences

  New research from the Sophos threat response team has found the Maze ransomware gang has adopted techniques pioneered by the cyber criminals behind Ragnar Locker

• September 17, 2020 17 Sep'20

  Saudi Arabia sees cyber security boom as coronavirus bites

  Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods

• September 17, 2020 17 Sep'20

  Seven charged in connection with Chinese state-backed cyber attacks

  Attacks by APT41, or Wicked Panda, targeted hundreds of organisations, including the UK government

• September 16, 2020 16 Sep'20

  NCSC steps up ransomware support for schools and universities

  New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks

• September 16, 2020 16 Sep'20

  Julian Assange held back 15,000 documents to prevent harm to US government

  Investigative journalist John Goetz said today that WikiLeaks held back publication of thousands of documents that could harm individuals

• September 16, 2020 16 Sep'20

  Retailers urged to get to grips with Magento as attacks spike

  A huge spike in online retailers being hacked with Magecart credit card skimmers is being blamed on unsupported versions of Adobe Magento

• September 15, 2020 15 Sep'20

  Data of every Welsh Covid-19 patient leaked online

  Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error

• September 11, 2020 11 Sep'20

  Travel industry websites are laughably insecure, claims Which?

  The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation

• September 10, 2020 10 Sep'20

  Cyber security is next frontier for open source

  Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM

• September 10, 2020 10 Sep'20

  Datacentre firm Equinix investigating ransomware attack

  A number of internal systems at cloud and datacentre firm Equinix have been affected by a ransomware attack

• September 08, 2020 08 Sep'20

  Julian Assange warned against interrupting witnesses in extradition hearing

  On the second day of his extradition hearing at the Old Bailey, judge informs the WikiLeaks founder he could be removed and potentially banned from court for interrupting witnesses

• September 07, 2020 07 Sep'20

  Court rejects request to exclude ‘11th hour’ US evidence against WikiLeaks founder Julian Assange

  Lawyers for Julian Assange say the US has introduced an 11th hour indictment against the WikiLeaks founder that provides additional grounds for his extradition

• September 06, 2020 06 Sep'20

  Why predictive threat intelligence is key

  Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur

• September 03, 2020 03 Sep'20

  Phishing scam targets Lloyds Bank customers

  Bank customers warned of emails and SMS messages that direct them to a fraudulent site and then request account log-in details

• September 03, 2020 03 Sep'20

  UK businesses hardest hit financially by fallout from cyber attacks, research shows

  Latest edition of Hiscox’s annual cyber readiness report suggests UK businesses are among those worst affected by the financial fallout from cyber attacks

• September 02, 2020 02 Sep'20

  Northumbria University suffers major disruption after cyber attack

  Some exams cancelled as university appoints external specialists to investigate incident

• August 28, 2020 28 Aug'20

  Machine learning wards off threats at TV studio Bunim Murray

  TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats

• August 28, 2020 28 Aug'20

  Benefit fraud: Underground trade in stolen identities revealed

  A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds

• August 26, 2020 26 Aug'20

  Avaddon ransomware operators having a go at double extortion

  The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm

• August 25, 2020 25 Aug'20

  North Korea’s Lazarus targets cryptocurrency vertical

  APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research

• August 21, 2020 21 Aug'20

  Australian regulator sues RI Advice for cyber security lapses

  The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives

• August 20, 2020 20 Aug'20

  Social media data leak highlights murky world of data scraping

  A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it