News

Data breach incident management and recovery

May 26, 2023 26 May'23
Cisco joins growing Manchester cyber security hub

Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills
May 26, 2023 26 May'23
Bumbling IT security analyst convicted of blackmail offences

A Hertfordshire man has been convicted of blackmail and other offences after piggybacking on an in-progress ransomware attack to try to defraud his employer, but failing to cover his tracks in any meaningful way
May 25, 2023 25 May'23
Alert over Chinese cyber campaign targeting critical networks

A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence
May 24, 2023 24 May'23
Almost all ransomware attacks target backups, says Veeam

Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey

May 23, 2023 23 May'23
Cohesity Turing aims AI tools at backup and ransomware

Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance
May 16, 2023 16 May'23
NetApp to promise ransomware warranty payout

NetApp will recover data hit by ransomware or pay a warranty, and has added entry-level SAN arrays and full access to all NetApp software across its hardware families
May 16, 2023 16 May'23
Scality pushes anti-ransomware features in Artesca object storage

Object storage specialist announces v2.0 of Artesca, with a heavy focus on functionality that can protect against ransomware such as object locking, sharding, backup to object etc
May 12, 2023 12 May'23
Let’s put an end to secrecy and cover-ups in ransomware attacks

The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them
May 12, 2023 12 May'23
How Splunk is driving security automation

Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region
May 11, 2023 11 May'23
Australia to shore up cyber and digital capabilities in Budget 2023

Australia is spending more than A$2bn to strengthen cyber resilience, improve digital government services and fuel AI adoption, among other areas, in its latest budget

May 10, 2023 10 May'23
Black Basta ransomware attack to cost Capita over £15m

Exceptional costs arising from the March 2023 Black Basta ransomware attack on the systems of outsourcer Capita will be somewhere between £15m and £20m, the organisation says
May 10, 2023 10 May'23
Nebulon aims Tripline at ransomware detection in storage

Tripline claims ransomware detection from samples every 30 seconds and works in conjunction with snapshots to deliver recovery from an attack in four minutes
May 10, 2023 10 May'23
How datacentre operators can fend off cyber attacks

Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats
May 05, 2023 05 May'23
Capita pension clients told data may have leaked

Capita has told trustees of some of the pension funds for which it provides outsourced services that their customer data may have been stolen by the Black Basta ransomware operation
May 04, 2023 04 May'23
Inside BlackBerry’s cyber security playbook

BlackBerry’s president of cyber security discusses the company’s cyber security strategy and what it is doing to deliver an integrated set of capabilities for enterprises
May 03, 2023 03 May'23
Cyber Action Plan for Wales launched

The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country
April 27, 2023 27 Apr'23
Google Cloud seals bug that could have led to data breaches

The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed
April 26, 2023 26 Apr'23
Researchers deal blow to Gootloader gang that supported REvil

Thousands of compromised WordPress blogs have been spreading the Gootloader malware for years, but eSentire’s security research team are turning the tables on the gang that played a key role in REvil ransomware attacks
April 26, 2023 26 Apr'23
Ransomware gang exploiting unpatched Veeam backup products

Cyber criminals with links to multiple virulent ransomware strains are exploiting a recently disclosed vulnerability in Veeam’s Backup & Replication product, threat analysts have warned
April 25, 2023 25 Apr'23
CISOs under-supported, under pressure, Trellix finds

The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job
April 25, 2023 25 Apr'23
Almost three-quarters of cyber attacks involve ransomware

Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware
April 21, 2023 21 Apr'23
CyberUK 23: New advice on smart city security issued

The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities
April 20, 2023 20 Apr'23
Bumblebee malware flies on the wings of Zoom and ChatGPT

Bumblebee malware, often used as a stepping stone to ransomware, is now spreading via trojanised installers for popular software applications
April 20, 2023 20 Apr'23
UK Emergency Alert Test sparks cyber fraud warning

Fraudsters and scammers are likely to use the upcoming test of the UK's new mobile Emergency Alert system as bait in their attacks, while misinformation and conspiracy theories spread
April 20, 2023 20 Apr'23
3CX incident may be world’s first double supply chain attack

It’s supply chain attacks all the way down as Mandiant publishes information suggesting that the 3CX software supply chain compromise was initiated via a prior software supply chain compromise
April 20, 2023 20 Apr'23
Capita customer data was stolen in March ransomware attack

Capita says it has uncovered evidence of data exfiltration from a small proportion of its server estate following a cyber attack at the end of March
April 19, 2023 19 Apr'23
CyberUK 23: Ukraine offers masterclass in withstanding cyber war

Russian cyber activity has seen an unprecedented evolution in scale and pace over the past year, but Ukraine’s resilience has enabled it to mount a masterful response, says the NCSC
April 19, 2023 19 Apr'23
CyberUK 23: Irresponsible use of commercial hacking tools a rising threat

Commercial cyber tools and hackers-for-hire pose a growing threat to organisations and individuals worldwide, according to an NCSC report
April 19, 2023 19 Apr'23
UK plc sees fewer cyber breaches and attacks, but lacks resilience

Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears...
April 19, 2023 19 Apr'23
CyberUK 23: NCSC launches Cyber Advisor service for SMEs

The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out
April 19, 2023 19 Apr'23
CyberUK 23: NCSC CEO calls for collaboration and warns against complacency

NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency
April 19, 2023 19 Apr'23
Global finance firms take part in NATO cyber attack simulation

Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure
April 19, 2023 19 Apr'23
CyberUK 23: Alert over mercenary Russian threat to CNI

Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned
April 18, 2023 18 Apr'23
CyberUK 23: NCSC conference centres cyber collaboration

The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda
April 18, 2023 18 Apr'23
UK presses on with post-Brexit data protection reform

The revised version of the Data Protection and Digital Information Bill has had its second reading in Parliament as the government presses on with post-Brexit changes, but critics remain sceptical that the EU will be convinced to maintain the UK's ...
April 17, 2023 17 Apr'23
Restaurants hit by IT problems after BlackCat attack on supplier NCR

Ransomware attack on systems of payments giant causing service outages for restaurants around the world
April 17, 2023 17 Apr'23
Charity data stolen in ransomware attack on supplier

A number of charities in Ireland and the UK have had their data compromised following a ransomware attack on an IT supplier
April 11, 2023 11 Apr'23
Anne Keast-Butler named as new director of GCHQ

The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ
April 11, 2023 11 Apr'23
KFC, Pizza Hut data stolen in January ransomware attack

Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack
April 06, 2023 06 Apr'23
Clop ransomware booms in March as Fortra zero-day pays off for gang

Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers
April 05, 2023 05 Apr'23
Cops bust Genesis cyber crime marketplace

Multinational Operation Cookie Monster takes down Genesis Market, a crucial source of compromised data used by criminals for fraud and other cyber attacks
April 05, 2023 05 Apr'23
Italy’s ChatGPT ban: Sober precaution or chilling overreaction?

Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms?
April 04, 2023 04 Apr'23
TikTok fined in UK over unlawful use of children’s data

The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13
April 04, 2023 04 Apr'23
Threat researchers dissect anatomy of a Royal ransomware attack

Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022
April 04, 2023 04 Apr'23
Over 90% of organisations find threat hunting a challenge

Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report
April 03, 2023 03 Apr'23
Australia’s media and telecoms sector saw most data breaches in 2022

The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture
April 03, 2023 03 Apr'23
Three-day Capita outage was result of cyber attack

Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps
March 30, 2023 30 Mar'23
NHS Highland rapped over data breach affecting HIV patients

NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene
March 30, 2023 30 Mar'23
Reactive approach to cyber procurement risks damaging businesses

Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes
March 30, 2023 30 Mar'23
3CX unified comms users hit by supply chain attacks

Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors