News
Data breach incident management and recovery
-
April 30, 2025
30
Apr'25
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack
-
April 29, 2025
29
Apr'25
Scattered Spider on the hook for M&S cyber attack
The infamous Scattered Spider hacking collective may have been behind the ongoing cyber attack on Marks and Spencer that has crippled systems at the retailer and left its ecommerce operation in disarray.
-
April 29, 2025
29
Apr'25
Kaspersky calls for cyber immunity amid growing cyber threats
The rise of professional cyber crime groups and state-sponsored actors targeting critical infrastructure requires a move towards inherently secure ‘cyber immune’ systems, says Kaspersky CEO Eugene Kaspersky
-
April 25, 2025
25
Apr'25
M&S suspends all online sales as cyber attack worsens
M&S shuts down online sales as it works to contain and mitigate a severe cyber attack on its systems
-
April 24, 2025
24
Apr'25
M&S systems remain offline days after cyber incident
M&S is still unable to provide contactless payment or click-and-collect services amid a cyber attack that it says has forced it to move a number of processes offline to safeguard its customers, staff and business
-
April 24, 2025
24
Apr'25
Data breach class action costs mount up
Organisations exposed to the US market paid out over $150m in class action settlements in just six months. Security leaders must do more to address cyber gaps, respond better to incidents and demonstrate compliance
-
April 24, 2025
24
Apr'25
March ransomware slowdown probably a red herring
An apparent slowdown in ransomware attack volumes is raising eyebrows, but the statistics never tell the full story
-
April 23, 2025
23
Apr'25
Financially motivated cyber crime remains biggest threat source
Mandiant’s latest annual threat report reveals data on how financially motivated cyber criminals, such as ransomware gangs, dominate the cyber security landscape
-
April 23, 2025
23
Apr'25
Qualys goes to bat for US cricket side San Francisco Unicorns
Cloud security specialist Qualys partners with US T20 cricket squad San Francisco Unicorns and its Sparkle Army fanclub as the team prepares for its summer 2025 campaign
-
April 22, 2025
22
Apr'25
Cyber attack downs systems at Marks & Spencer
A cyber attack at Marks & Spencer has caused significant disruption to customers, leaving them unable to make contactless payments or use click-and-collect services
-
April 15, 2025
15
Apr'25
Hertz warns UK customers of Cleo-linked data breach
Car hire giant Hertz reveals UK customer data was affected in a cyber incident orchestrated via a series of vulnerabilities in Cleo managed file transfer products
-
April 14, 2025
14
Apr'25
Government faces claims of serious security and data protection problems in One Login digital ID
The Government Digital Service was warned about serious cyber security and data protection problems in its flagship digital identity system, with insider claims that the data of three million users may still be at risk
-
April 10, 2025
10
Apr'25
Google bets on unifying security tools to ease CISO pain
At Google Cloud Next in Las Vegas, Google launches its Unified Security platform with the goal of bringing together disparate security solutions to help cyber leaders and practitioners address their most keenly felt pain points
-
April 08, 2025
08
Apr'25
Government punts cyber governance code of practice for UK businesses
The Department for Science, Innovation and Technology’s cyber security minister Feryal Clark announces a cyber security code of governance for UK businesses to follow
-
April 07, 2025
07
Apr'25
UK SMEs losing over £3bn a year to cyber incidents
A lack of access to technology, little to no staff training, and competing priorities are losing UK SMEs up to £3.4bn to cyber incidents every year
-
April 04, 2025
04
Apr'25
Norway and Nordic financial sector ramps up cyber security
Finans Norge sets up cyber security unit CTSU to support the finance sector in Norway amid increasing threats
-
March 31, 2025
31
Mar'25
Top 1,000 IT service providers in scope of UK cyber bill
The government’s proposed Cyber Security and Resilience Bill is set to include regulatory provisions covering both datacentre operators and larger IT service providers
-
March 26, 2025
26
Mar'25
Advanced Software fined £3m over LockBit attack
The ICO has issued a £3m fine to software provider Advanced in the wake of security failings that led to significant disruption to NHS customers in a ransomware attack
-
March 19, 2025
19
Mar'25
Clop resurgence drives ransomware attacks in February
The exploitation of two new vulnerabilities in a popular file transfer service saw the Clop ransomware gang soar in February, according to NCC
-
March 18, 2025
18
Mar'25
Largest ever cyber deal reflects Google’s CNAPP ambitions
In a signal of its future ambitions, Google lays down $32bn to acquire cloud-native application protection platform Wiz, reflecting the increasing need to secure multicloud environments
-
March 18, 2025
18
Mar'25
Seaco charts course for unified security strategy
Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations
-
March 13, 2025
13
Mar'25
Chinese espionage group UNC3886 targets Juniper routers
Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring
-
March 13, 2025
13
Mar'25
US Congress demands UK lifts gag on Apple encryption order
Apple and Google have told US lawmakers that they cannot tell Congress whether they have received technical capability notices from the UK
-
March 13, 2025
13
Mar'25
SuperBlack ransomware may have ties to LockBit
Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive
-
March 11, 2025
11
Mar'25
Perimeter security appliances source of most ransomware hits
Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports
-
March 11, 2025
11
Mar'25
UK government under-prepared for catastrophic cyber attack, hears PAC
The Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par
-
March 11, 2025
11
Mar'25
Post Office scandal data leak interim compensation offers made
Some subpostmasters affected by Post Office data breach offered interim compensation payments
-
March 11, 2025
11
Mar'25
Singapore IT leaders boost AI security defences
Study reveals a surge in perceived importance of artificial intelligence for cyber security in Singapore, but declining investment in traditional measures raises concerns as sophisticated cyber attacks intensify
-
March 07, 2025
07
Mar'25
Managing security in the AI age
Gartner experts offer guidance on harnessing AI’s power while mitigating its risks, from managing shadow AI to implementing security controls and policies
-
March 05, 2025
05
Mar'25
NHS investigating how API flaw exposed patient data
NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer
-
March 04, 2025
04
Mar'25
Aussie businesses ramp up security spending
Australian organisations are set to spend A$6.2bn on security and risk management in 2025, a 14.4% jump from the previous year, driven by the rise of AI and a growing threat landscape
-
March 03, 2025
03
Mar'25
Singapore’s HomeTeamNS hit by ransomware attack
The non-profit organisation suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures
-
February 28, 2025
28
Feb'25
NHS staff lack confidence in health service cyber measures
NHS staff understand their role in protecting the health service from cyber threats and the public backs them in this aim, but legacy tech and a lack of training are hindering efforts, according to BT
-
February 26, 2025
26
Feb'25
CISOs spending more on insider risk
Insider risk management budgets have more than doubled in the past 12 months and look set to grow further still in 2025, according to a report
-
February 25, 2025
25
Feb'25
Singapore rolls out guidelines to bolster cloud and datacentre resilience
New advisory guidelines to enhance resilience and security of cloud services and datacentres in Singapore amid potential service disruptions and growing cyber threats
-
February 25, 2025
25
Feb'25
Ransomware: on the murky trail of one of the leaders of Black Basta
The internal exchanges within the Black Basta group revealed last week offer a new opportunity to investigate one of its leaders: Tramp. He may have been arrested in Armenia in June 2024, before being released
-
February 24, 2025
24
Feb'25
European Union calls for more cyber data-sharing with Nato
Updates to the EU’s Cyber Blueprint, establishing best practice for multilateral security incident response in Europe, include calls for more collaboration with Nato member states, as the geopolitical environment becomes ever more fractious
-
February 23, 2025
23
Feb'25
Check Point co-founder on AI, quantum and independence
Gil Shwed, Check Point’s co-founder and executive chairman, discusses the company’s focus on artificial intelligence-driven security and his commitment to remaining an independent force in the cyber security market
-
February 21, 2025
21
Feb'25
A landscape forever altered? The LockBit takedown one year on
The NCA-led takedown of the LockBit ransomware gang in February 2024 heralded a transformative year in the fight against cyber crime. One year on, we look back at Operation Cronos and its impact
-
February 20, 2025
20
Feb'25
Watchdog approves Sellafield physical security, but warns about cyber
The Office for Nuclear Regulation has taken Sellafield out of special measures for physical security, but harbours cyber security concerns
-
February 18, 2025
18
Feb'25
MSP cuts costs with Scality pay-as-you-go anti-ransomware storage
Autodata gets Scality as-a-service for on-site immutable storage via Artesca, to allow customers to rapidly recover from ransomware and at the same cost per terabyte no matter the volume
-
February 18, 2025
18
Feb'25
CPX 2025: Check Point CEO talks up hybrid mesh security
At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities
-
February 14, 2025
14
Feb'25
Lenovo CSO: AI adoption fuels security paranoia
Doug Fisher, Lenovo’s chief security officer, outlines the company’s approach to security and AI governance, and the importance of having a strong security culture to combat cyber threats amplified by the use of AI
-
February 13, 2025
13
Feb'25
UK government sanctions target Russian cyber crime network Zservers
The UK government has imposed sanctions on a Russian cyber crime syndicate responsible for aiding ransomware attacks, targeting the group and individual members
-
February 11, 2025
11
Feb'25
Google: Cyber crime meshes with cyber warfare as states enlist gangs
A report from the Google Threat Intelligence Group depicts China, Russia, Iran and North Korea as a bloc using cyber criminal gangs to attack the national security of western countries
-
February 07, 2025
07
Feb'25
US lawmakers move to ban DeepSeek AI tool
US politicians have introduced a bill seeking to ban the use of the DeepSeek AI tool on government-owned devices, citing national security concerns due to its alleged links to the Chinese state
-
February 07, 2025
07
Feb'25
Ransomware payment value fell over 30% in 2024
Several factors, including the impact of law enforcement operations disrupting cyber criminal gangs and better preparedness among users, may be behind a significant drop in the total value of ransomware payments
-
February 06, 2025
06
Feb'25
UK’s Cyber Monitoring Centre begins incident classification work
The Cyber Monitoring Centre will work to categorise major incidents against a newly developed scale to help organisations better understand the nature of systemic cyber attacks and learn from their impact
-
January 31, 2025
31
Jan'25
DeepSeek API, chat log exposure a ‘rookie’ cyber error
Security researchers at Wiz find a trove of DeepSeek data including API secrets and chat logs publicly exposed via an open source database management tool, raising questions about the fast-growing service’s approach to security
-
January 29, 2025
29
Jan'25
Vallance rejects latest charge to reform UK hacking laws
Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit