News

Data breach incident management and recovery

• October 13, 2021 13 Oct'21

  Google Cybersecurity Action Team springs into life

  Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 11, 2021 11 Oct'21

  Malaysia’s highway authority improves DR capabilities

  The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster-recovery-as-a-service offering powered by Veeam software

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 08, 2021 08 Oct'21

  Craft beer specialist Brewdog fixes serious app vulnerability

  Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers

• October 08, 2021 08 Oct'21

  Fast-moving Ryuk campaign targets healthcare organisations

  Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 07, 2021 07 Oct'21

  Twitch data breach investigations continue

  Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Apache web server users urged to patch immediately

  New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately

• October 05, 2021 05 Oct'21

  New Python-based ransomware attacks unfold in record time

  Sophos researchers detail a new variety of Python-based ransomware attack targeting VMware ESXi-hosted VMs

• October 04, 2021 04 Oct'21

  Mandiant name returns to fore ahead of FireEye sale

  Mandiant has completed its corporate rebrand pending the imminent sale of the FireEye products business to a private equity group

• October 04, 2021 04 Oct'21

  Two arrests made in European ransomware investigation

  Unnamed ransomware operation was disrupted last week in Kiev, Ukraine, following a coordinated investigation

• October 01, 2021 01 Oct'21

  JVCKenwood hit by Conti ransomware attack

  Nearly 2TB of data was stolen from Japanese electronics firm in a Conti ransomware hit

• October 01, 2021 01 Oct'21

  IR35: Giant Group cyber attack prompts renewed calls for statutory regulation of umbrella companies

  As details about the fallout from the cyber attack on the Giant Group umbrella company emerge, stakeholders say the incident should prompt the government to expedite regulating contractor payroll processing firms

• September 29, 2021 29 Sep'21

  FoggyWeb malware latest tool of dangerous Nobelium APT

  Microsoft’s threat intelligence team warns of a new strain of malware being used by the Russia-linked Nobelium APT

• September 29, 2021 29 Sep'21

  The Security Interviews: How SolarWinds came through its darkest hour

  In his first major UK press interview, SolarWinds CEO Sudhakar Ramakrishna tells Computer Weekly how a relentless focus on transparency saw the company safely through a nightmare cyber breach scenario

• September 29, 2021 29 Sep'21

  UK consumer trust in banks, retailers and telcos declines as scams increase

  Consumers are blaming banks, retailers and social media for the huge increase in online scams, survey shows

• September 28, 2021 28 Sep'21

  How one red team exercise averted a new SolarWinds-style attack

  Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack

• September 27, 2021 27 Sep'21

  Women and BAME people bear brunt of cyber crime impact

  Cyber crime has a disproportionate impact on women and BAME people, according to a new report

• September 27, 2021 27 Sep'21

  Giant Umbrella contractors suffer salary payment delays following suspected ‘data breach’

  Following the discovery of “suspicious network activity” in its systems, payroll processing firm Giant Umbrella has taken itself offline, leaving contractors to fume over missing salary payments

• September 24, 2021 24 Sep'21

  How Australia punches above its weight in cyber security

  Australia is playing to its strengths in niche areas such as governance and deep tech to punch above its weight in the cyber security industry

• September 23, 2021 23 Sep'21

  Fresh alert over Conti ransomware surge

  Conti ransomware crew appears increasingly active, prompting fresh warnings from the US authorities

• September 23, 2021 23 Sep'21

  MoD in second leak of Afghan citizens’ data

  A second breach of data relating to Afghan citizens at risk of Taliban reprisals has been reported by the Ministry of Defence

• September 21, 2021 21 Sep'21

  US sanctions Suex crypto exchange over ransomware links

  US Treasury cracks down on cryptocurrency exchange that supposedly facilitated proceeds from multiple ransomware gangs

• September 21, 2021 21 Sep'21

  Investigation launched after MoD email blunder

  Exposure of PII on Afghan interpreters who worked with the UK may put hundreds at risk of Taliban reprisals

• September 21, 2021 21 Sep'21

  BlackMatter gang ramps up attacks on multiple victims

  A wave of new BlackMatter ransomware attacks is hitting organisations around the world, even as the US authorities mull new sanctions on ransom payment infrastructure

• September 16, 2021 16 Sep'21

  Dutch education administrators underestimate threat of cyber crime

  Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks

• September 16, 2021 16 Sep'21

  Bitdefender launches free REvil ransomware decryptor

  Working alongside law enforcement partners, Bitdefender has developed and released a tool to help REvil victims recover their data for free

• September 16, 2021 16 Sep'21

  Travel-themed phishing lures spiked this summer

  As people begin to take holidays again after more than a year of restrictions and lockdowns, opportunist cyber criminals have taken note, according to new data from Palo Alto’s Unit 42

• September 15, 2021 15 Sep'21

  Australia and Singapore have higher incidences of insecure databases

  Five-year longitudinal study by Imperva shows the proportion of databases with at least one known vulnerability in Australia and Singapore are among the world’s highest

• September 14, 2021 14 Sep'21

  Mass health tracker data breach has UK impact

  The leak of a database of 61 million users of health-tracking devices includes records on individuals located in the UK

• September 14, 2021 14 Sep'21

  Cost of ransomware attack in financial sector exceeds $2m

  Mid-sized financial services organisations worldwide spend an average of over $2m recovering from ransomware attacks

• September 14, 2021 14 Sep'21

  Apple patches ForcedEntry vulnerability used by spyware firm NSO

  Apple patches ForcedEntry vulnerability that was used to target political activists with spyware

• September 13, 2021 13 Sep'21

  Olympus likely victim of BlackMatter ransomware

  Key IT systems remain shut off at Olympus, five days after what seems to have been a BlackMatter ransomware attack

• September 09, 2021 09 Sep'21

  UK GDPR faces changes under planned reforms

  DCMS is launching a major consultation on proposed changes to the UK’s data protection regime, under which several key elements of the GDPR are likely to change

• September 08, 2021 08 Sep'21

  REvil reappearance may herald new ransom campaigns

  The re-emergence of the infamous REvil ransomware gang is a likely sign that more high-profile attacks will unfold over the coming weeks

• September 08, 2021 08 Sep'21

  Stolen credit card data worth about £13 on dark web, PayPal worth more

  The average price of a stolen credit card on a dark web marketplace comes in at around $17.40, or £12.60, according to new data – but the real money for cyber criminals is in hacked PayPal accounts

• September 07, 2021 07 Sep'21

  OT security in APAC remains work in progress

  Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges

• September 03, 2021 03 Sep'21

  Mandiant, Sophos detail dangerous ProxyShell attacks

  Threat researchers and incident responders continue to track threat activity around the dangerous ProxyShell Microsoft Exchange vulnerabilities, including impactful ransomware hits

• September 03, 2021 03 Sep'21

  China accused of cyber attacks on Norwegian IT systems

  China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway

• September 02, 2021 02 Sep'21

  Finance firms faced up to £760,000 costs per DNS attack during pandemic

  Financial services firms have been the focus of attacks by cyber criminals during the Covid-19 crisis

• September 01, 2021 01 Sep'21

  Experts warn on Office 365 phishing attacks

  Newly observed campaign is particularly dangerous because it appears to neutralise one of the most widely known anti-phishing techniques

• August 31, 2021 31 Aug'21

  GovTech launches vulnerability rewards programme

  Vulnerability rewards programme will offer rewards ranging from $250 to $5,000 to white hat hackers who find vulnerabilities in critical government systems

• August 27, 2021 27 Aug'21

  Are proposed data protection changes a threat to UK citizens’ privacy?

  Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth

• August 26, 2021 26 Aug'21

  Tech giants commit to Biden's cyber security action plan

  Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden

• August 26, 2021 26 Aug'21

  Government unveils post-Brexit data flow proposals

  The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law

• August 26, 2021 26 Aug'21

  NZ privacy lead John Edwards named new information commissioner

  DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner

• August 25, 2021 25 Aug'21

  Calling the cops for ransomware attacks doesn’t help, say cyber pros

  A new study for the #Ransomaware campaign reveals some insight into why so few victims report ransomware attacks

• August 24, 2021 24 Aug'21

  13 million malware attacks on Linux seen in wild

  Cryptominers, web shells and ransomware are the most common varieties of malwares targeting Linux systems, thanks to its prevalence as the backbone of most public cloud services

• August 24, 2021 24 Aug'21

  Half of MS Exchange servers at risk in ProxyShell debacle

  Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited

• August 24, 2021 24 Aug'21

  Over a million opt out of NHS data-sharing

  Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme

• August 23, 2021 23 Aug'21

  Flexxon and Lenovo tie up on AI-infused SSDs

  Singapore-based Flexxon teams up with Lenovo to make its solid-state drive that uses artificial intelligence to fend off cyber threats available on ThinkPad-based laptops

• August 20, 2021 20 Aug'21

  Swedish IT industry braced for China’s response to Huawei 5G ban

  Swedish IT and communications equipment suppliers fear economic backlash from China following Huawei ban

• August 19, 2021 19 Aug'21

  IT leaders fear ‘trickle-down’ of nation-state cyber attacks

  Three-quarters of IT decision-makers are concerned that the tactics, techniques and procedures used by nation-state attackers could be used against them

• August 18, 2021 18 Aug'21

  MoD seeks security tech to harden military systems

  The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks

• August 17, 2021 17 Aug'21

  Educational publisher Pearson fined for data breach cover-up

  Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach

• August 16, 2021 16 Aug'21

  Nearly half of retailers hit by ransomware in 2020

  In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases

• August 13, 2021 13 Aug'21

  Cyber Runway programme supports new security businesses

  The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses

• August 11, 2021 11 Aug'21

  US wins bid to widen grounds of appeal in Julian Assange extradition case

  The US government accused medical expert professor Michael Kopelman of misleading the court by failing to disclose details of Assange’s relationship 

• August 11, 2021 11 Aug'21

  The Netherlands still lacks digital resilience, says report

  Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient

• August 10, 2021 10 Aug'21

  Dutch lead the way in protecting themselves against internet risks

  Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent

• August 09, 2021 09 Aug'21

  Possible ransomware attack hits Italian vaccine booking system

  It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor

• August 05, 2021 05 Aug'21

  Cloud misconfiguration a growing cause of security incidents

  Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks

• August 04, 2021 04 Aug'21

  Six Isle of Wight schools hit by ransomware attack

  Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September

• August 03, 2021 03 Aug'21

  Destruction and integrity cyber attacks on the rise

  Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data

• July 29, 2021 29 Jul'21

  Technical hiccups force Babuk ransomware gang to change tactics

  The Babuk ransomware operation backed away from encrypting its victims’ files, and technical difficulties may be to blame, reports McAfee

• July 28, 2021 28 Jul'21

  Top vulnerabilities target perimeter devices

  The most frequently exploited CVEs of the year so far are to be found in perimeter and network access devices, according to a joint advisory from the NCSC and partners

• July 28, 2021 28 Jul'21

  COP26 cyber resource hub launched for Glasgow businesses

  New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit

• July 27, 2021 27 Jul'21

  ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower

  The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank

• July 27, 2021 27 Jul'21

  US lawmakers call for probe into ‘arrogant’ spyware firm

  US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal

• July 27, 2021 27 Jul'21

  How IBM is solving the data privacy problem

  IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy

• July 26, 2021 26 Jul'21

  No More Ransom initiative saves £850m over five years

  Initiative’s free ransomware decryption tools have been used by more than six million people since 2016

• July 25, 2021 25 Jul'21

  Tokyo 2020 hit by data breach

  The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large

• July 25, 2021 25 Jul'21

  OAIC: Uber failed to protect personal data of Australians

  Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog

• July 23, 2021 23 Jul'21

  Kaseya obtains universal ransomware decryptor

  Kaseya says it obtained a ransomware decryptor key from a trusted third party, but there is no word on whether a ransom was paid

• July 21, 2021 21 Jul'21

  France’s Macron among alleged Pegasus targets

  Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware

• July 20, 2021 20 Jul'21

  NCSC’s Cameron urges deeper cyber alliance-building

  Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration

• July 19, 2021 19 Jul'21

  UK, US confirm Chinese state backed MS Exchange Server attacks

  UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors

• July 15, 2021 15 Jul'21

  Singapore to invest S$50m in ‘digital trust’ capabilities

  The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management

• July 14, 2021 14 Jul'21

  REvil ransomware crew drops offline, reasons murky

  The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated

• July 13, 2021 13 Jul'21

  Secureworks sets up in EU datacentre for XDR services

  New datacentre location helps Secureworks’ customers meet EU data residency requirements

• July 12, 2021 12 Jul'21

  Kaseya VSA services coming online after week-long outage

  Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online

• July 11, 2021 11 Jul'21

  Ransomware and botnets among top cyber threats in Singapore

  The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic

• July 09, 2021 09 Jul'21

  Ransomware gangs seek people skills for negotiations

  The process of negotiating a ransomware payment is delicate, hence cyber criminal organisations are prepared to offer good terms to those with the right skillsets

• July 08, 2021 08 Jul'21

  Kaseya apologises for extended downtime after ransom attack

  CEO of Kaseya apologises after pushing back the restoration of the firm’s VSA service following a REvil ransomware attack

• July 07, 2021 07 Jul'21

  How the UK Cyber Security Council plans to professionalise security

  As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is

• July 07, 2021 07 Jul'21

  Opportunists seen targeting Kaseya REvil victims

  Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident

• July 06, 2021 06 Jul'21

  About 60 Kaseya customers hit by REvil

  Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend

• July 06, 2021 06 Jul'21

  Klarna under investigation by Swedish finance watchdog

  Swedish fintech is being investigated by financial services regulator after customer information was visible to others

• July 06, 2021 06 Jul'21

  Cyber insurance costs up by a third

  The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance

• July 06, 2021 06 Jul'21

  BA reaches settlement in data breach group action

  A group action against BA following its 2018 data breach has been successfully settled

• July 05, 2021 05 Jul'21

  REvil crew wants $70m in Kaseya ransomware heist

  Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo

• July 02, 2021 02 Jul'21

  Should I be worried about PrintNightmare?

  The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be?

• July 02, 2021 02 Jul'21

  Cyber attackers up the ante on embattled IT teams

  Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements

• July 01, 2021 01 Jul'21

  NCSC joins US authorities to expose Russian brute force campaign

  A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments

• July 01, 2021 01 Jul'21

  Cyber espionage campaign targeted central Asian states

  The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT