News
Data breach incident management and recovery
-
May 26, 2023
26
May'23
Cisco joins growing Manchester cyber security hub
Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills
-
May 26, 2023
26
May'23
Bumbling IT security analyst convicted of blackmail offences
A Hertfordshire man has been convicted of blackmail and other offences after piggybacking on an in-progress ransomware attack to try to defraud his employer, but failing to cover his tracks in any meaningful way
-
May 25, 2023
25
May'23
Alert over Chinese cyber campaign targeting critical networks
A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence
-
May 24, 2023
24
May'23
Almost all ransomware attacks target backups, says Veeam
Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey
-
May 23, 2023
23
May'23
Cohesity Turing aims AI tools at backup and ransomware
Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance
-
May 16, 2023
16
May'23
NetApp to promise ransomware warranty payout
NetApp will recover data hit by ransomware or pay a warranty, and has added entry-level SAN arrays and full access to all NetApp software across its hardware families
-
May 16, 2023
16
May'23
Scality pushes anti-ransomware features in Artesca object storage
Object storage specialist announces v2.0 of Artesca, with a heavy focus on functionality that can protect against ransomware such as object locking, sharding, backup to object etc
-
May 12, 2023
12
May'23
Let’s put an end to secrecy and cover-ups in ransomware attacks
The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them
-
May 12, 2023
12
May'23
How Splunk is driving security automation
Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region
-
May 11, 2023
11
May'23
Australia to shore up cyber and digital capabilities in Budget 2023
Australia is spending more than A$2bn to strengthen cyber resilience, improve digital government services and fuel AI adoption, among other areas, in its latest budget
-
May 10, 2023
10
May'23
Black Basta ransomware attack to cost Capita over £15m
Exceptional costs arising from the March 2023 Black Basta ransomware attack on the systems of outsourcer Capita will be somewhere between £15m and £20m, the organisation says
-
May 10, 2023
10
May'23
Nebulon aims Tripline at ransomware detection in storage
Tripline claims ransomware detection from samples every 30 seconds and works in conjunction with snapshots to deliver recovery from an attack in four minutes
-
May 10, 2023
10
May'23
How datacentre operators can fend off cyber attacks
Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats
-
May 05, 2023
05
May'23
Capita pension clients told data may have leaked
Capita has told trustees of some of the pension funds for which it provides outsourced services that their customer data may have been stolen by the Black Basta ransomware operation
-
May 04, 2023
04
May'23
Inside BlackBerry’s cyber security playbook
BlackBerry’s president of cyber security discusses the company’s cyber security strategy and what it is doing to deliver an integrated set of capabilities for enterprises
-
May 03, 2023
03
May'23
Cyber Action Plan for Wales launched
The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country
-
April 27, 2023
27
Apr'23
Google Cloud seals bug that could have led to data breaches
The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed
-
April 26, 2023
26
Apr'23
Researchers deal blow to Gootloader gang that supported REvil
Thousands of compromised WordPress blogs have been spreading the Gootloader malware for years, but eSentire’s security research team are turning the tables on the gang that played a key role in REvil ransomware attacks
-
April 26, 2023
26
Apr'23
Ransomware gang exploiting unpatched Veeam backup products
Cyber criminals with links to multiple virulent ransomware strains are exploiting a recently disclosed vulnerability in Veeam’s Backup & Replication product, threat analysts have warned
-
April 25, 2023
25
Apr'23
CISOs under-supported, under pressure, Trellix finds
The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job
-
April 25, 2023
25
Apr'23
Almost three-quarters of cyber attacks involve ransomware
Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware
-
April 21, 2023
21
Apr'23
CyberUK 23: New advice on smart city security issued
The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities
-
April 20, 2023
20
Apr'23
Bumblebee malware flies on the wings of Zoom and ChatGPT
Bumblebee malware, often used as a stepping stone to ransomware, is now spreading via trojanised installers for popular software applications
-
April 20, 2023
20
Apr'23
UK Emergency Alert Test sparks cyber fraud warning
Fraudsters and scammers are likely to use the upcoming test of the UK's new mobile Emergency Alert system as bait in their attacks, while misinformation and conspiracy theories spread
-
April 20, 2023
20
Apr'23
3CX incident may be world’s first double supply chain attack
It’s supply chain attacks all the way down as Mandiant publishes information suggesting that the 3CX software supply chain compromise was initiated via a prior software supply chain compromise
-
April 20, 2023
20
Apr'23
Capita customer data was stolen in March ransomware attack
Capita says it has uncovered evidence of data exfiltration from a small proportion of its server estate following a cyber attack at the end of March
-
April 19, 2023
19
Apr'23
CyberUK 23: Ukraine offers masterclass in withstanding cyber war
Russian cyber activity has seen an unprecedented evolution in scale and pace over the past year, but Ukraine’s resilience has enabled it to mount a masterful response, says the NCSC
-
April 19, 2023
19
Apr'23
CyberUK 23: Irresponsible use of commercial hacking tools a rising threat
Commercial cyber tools and hackers-for-hire pose a growing threat to organisations and individuals worldwide, according to an NCSC report
-
April 19, 2023
19
Apr'23
UK plc sees fewer cyber breaches and attacks, but lacks resilience
Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears...
-
April 19, 2023
19
Apr'23
CyberUK 23: NCSC launches Cyber Advisor service for SMEs
The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out
-
April 19, 2023
19
Apr'23
CyberUK 23: NCSC CEO calls for collaboration and warns against complacency
NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency
-
April 19, 2023
19
Apr'23
Global finance firms take part in NATO cyber attack simulation
Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure
-
April 19, 2023
19
Apr'23
CyberUK 23: Alert over mercenary Russian threat to CNI
Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned
-
April 18, 2023
18
Apr'23
CyberUK 23: NCSC conference centres cyber collaboration
The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda
-
April 18, 2023
18
Apr'23
UK presses on with post-Brexit data protection reform
The revised version of the Data Protection and Digital Information Bill has had its second reading in Parliament as the government presses on with post-Brexit changes, but critics remain sceptical that the EU will be convinced to maintain the UK's ...
-
April 17, 2023
17
Apr'23
Restaurants hit by IT problems after BlackCat attack on supplier NCR
Ransomware attack on systems of payments giant causing service outages for restaurants around the world
-
April 17, 2023
17
Apr'23
Charity data stolen in ransomware attack on supplier
A number of charities in Ireland and the UK have had their data compromised following a ransomware attack on an IT supplier
-
April 11, 2023
11
Apr'23
Anne Keast-Butler named as new director of GCHQ
The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ
-
April 11, 2023
11
Apr'23
KFC, Pizza Hut data stolen in January ransomware attack
Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack
-
April 06, 2023
06
Apr'23
Clop ransomware booms in March as Fortra zero-day pays off for gang
Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers
-
April 05, 2023
05
Apr'23
Cops bust Genesis cyber crime marketplace
Multinational Operation Cookie Monster takes down Genesis Market, a crucial source of compromised data used by criminals for fraud and other cyber attacks
-
April 05, 2023
05
Apr'23
Italy’s ChatGPT ban: Sober precaution or chilling overreaction?
Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms?
-
April 04, 2023
04
Apr'23
TikTok fined in UK over unlawful use of children’s data
The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13
-
April 04, 2023
04
Apr'23
Threat researchers dissect anatomy of a Royal ransomware attack
Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022
-
April 04, 2023
04
Apr'23
Over 90% of organisations find threat hunting a challenge
Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report
-
April 03, 2023
03
Apr'23
Australia’s media and telecoms sector saw most data breaches in 2022
The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture
-
April 03, 2023
03
Apr'23
Three-day Capita outage was result of cyber attack
Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps
-
March 30, 2023
30
Mar'23
NHS Highland rapped over data breach affecting HIV patients
NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene
-
March 30, 2023
30
Mar'23
Reactive approach to cyber procurement risks damaging businesses
Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes
-
March 30, 2023
30
Mar'23
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors