News
Data breach incident management and recovery
-
March 29, 2023
29
Mar'23
New North Korean APT launders crypto to fund spying programmes
Mandiant has attributed an ongoing campaign of malicious activity to a newly designated APT that is engaged in the acquisition and laundering of cryptocurrency to fund the regime’s espionage activities
-
March 29, 2023
29
Mar'23
How organisations can weaponise data privacy
Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner
-
March 28, 2023
28
Mar'23
Microsoft expands AI Copilot project into security realm
New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams
-
March 28, 2023
28
Mar'23
Inside Group-IB’s cyber security playbook
A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market
-
March 28, 2023
28
Mar'23
Ransomware attacks up 45% in February, LockBit responsible
NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active
-
March 22, 2023
22
Mar'23
Why Veeam thinks ransomware warranty payouts are unlikely
Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts
-
March 22, 2023
22
Mar'23
Government launches seven-year NHS cyber strategy
The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike
-
March 21, 2023
21
Mar'23
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat
-
March 21, 2023
21
Mar'23
Hitachi Energy emerges as victim of Clop gang’s Fortra attack
The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe
-
March 21, 2023
21
Mar'23
Ferrari rejects ransom demand after cyber attack
Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data
-
March 21, 2023
21
Mar'23
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order
-
March 20, 2023
20
Mar'23
NCSC launches cyber check-up tools for SMEs
The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack
-
March 16, 2023
16
Mar'23
BEC attacks doubled in 2022, outstripping ransomware
Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks
-
March 16, 2023
16
Mar'23
Rubrik customer, partner data exposed in possible Clop attack
Rubrik was supposedly compromised by the Clop ransomware gang via a zero-day vulnerability in a managed file transfer software package it uses
-
March 15, 2023
15
Mar'23
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update
-
March 08, 2023
08
Mar'23
How ForgeRock is tackling identity management
ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy
-
March 07, 2023
07
Mar'23
APAC IT leaders bullish on tech spending
Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas
-
March 01, 2023
01
Mar'23
Data breaches in Australia on the rise, says OAIC
Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner
-
February 28, 2023
28
Feb'23
LastPass attack saw employee’s home computer hacked
The ongoing investigation into a series of linked security incidents at LastPass has found that the attacker was successfully able to compromise a developer’s home PC using a vulnerability in a media software package
-
February 24, 2023
24
Feb'23
Royal Mail stands firm as LockBit leaks data and renews ransom demand
The LockBit ransomware gang has made good on its threat to leak data exfiltrated from Royal Mail’s systems, but the postal service is not entertaining the possibility of giving in
-
February 23, 2023
23
Feb'23
WithSecure proposes ‘undo’ button for ransomware
WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening
-
February 22, 2023
22
Feb'23
UK forces lead live-fire cyber war exercise
The seven-day Defence Cyber Marvel 2 exercise put cyber responders from 11 countries through their paces
-
February 22, 2023
22
Feb'23
Researchers find new bug ‘class’ in Apple devices
A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix
-
February 21, 2023
21
Feb'23
Royal Mail resumes full export service after cyber attack
Royal Mail resumes the last of its international services as it recovers from a ransomware attack, while the Post Office offers postmasters compensation for their lost business
-
February 20, 2023
20
Feb'23
Singapore organisations struggle to operationalise threat intelligence
Organisations in the city-state were satisfied with the quality of their threat intelligence, but they struggled to operationalise the information due to talent shortages and other challenges
-
February 16, 2023
16
Feb'23
Financial advisory firm Succession Wealth probes cyber attack
Aviva-owned wealth consultancy and financial advisory practice Succession Wealth was hit by an undisclosed security incident on 8 February
-
February 15, 2023
15
Feb'23
Royal Mail refused to pay £66m LockBit ransom demand, logs reveal
Leaked chat logs reveal Royal Mail has supposedly refused to pay a £66m ransom demand from the LockBit ransomware gang
-
February 13, 2023
13
Feb'23
Security buyers lack insight into threats, attackers, report finds
The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report
-
February 13, 2023
13
Feb'23
Killnet DDoS attacks disrupt Nato websites
A series of distributed denial of service attacks on various public websites belonging to the Nato alliance were largely repelled but some resources remain unavailable
-
February 13, 2023
13
Feb'23
Whistleblower in limbo as sensitive NatWest customer files remain under her bed
Whistleblower and NatWest at stalemate as regulators leave it up to them to come to an agreement on return of sensitive customer data
-
February 10, 2023
10
Feb'23
Social media platform Reddit breached in phishing attack
An unspecified threat actor obtained access to internal documents, code and business systems at Reddit after stealing employee credentials in a phishing attack
-
February 09, 2023
09
Feb'23
UK imposes sanctions on Conti ransomware gang leaders
Seven Russian nationals associated with the Conti and Ryuk ransomware operations have been sanctioned by the UK
-
February 09, 2023
09
Feb'23
How Check Point is keeping pace with the cyber security landscape
Check Point Software CEO Gil Shwed talks up the company’s growth areas, its approach to cloud security and the impact of generative AI on cyber security
-
February 08, 2023
08
Feb'23
Campaigners lament lack of movement on Computer Misuse Act reform
Westminster has opened a new consultation on proposed reforms to the Computer Misuse Act of 1990, but campaigners who want the law changed to protect cyber professionals have been left disappointed
-
February 07, 2023
07
Feb'23
LockBit cartel finally claims Royal Mail ransomware attack
The LockBit ransomware gang claims it has stolen sensitive data from Royal Mail and will leak it later this week if its demands go unmet
-
February 07, 2023
07
Feb'23
APP fraud reimbursement proposal is ‘fundamentally flawed’, say MPs
MPs claim the involvement of a bank-sponsored organisation in reimbursing victims of APP fraud would be a conflict of interest
-
February 06, 2023
06
Feb'23
Post Office branches struggling after Royal Mail cyber attack
Royal Mail has restored almost all of its international services to some extent, but remains unable to accept parcels bought over the counter in a Post Office branch
-
February 06, 2023
06
Feb'23
The Security Interviews: How to overcome data protection compliance challenges
Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how?
-
February 06, 2023
06
Feb'23
Ransomware operator turns their fire on two-year-old VMware bug
A vulnerability in VMware ESXi servers that users should have patched in 2021 is now being exploited to spread ransomware
-
February 05, 2023
05
Feb'23
Australian organisations underinvesting in cyber security
Over half of Australian organisations failed to invest enough in cyber security over past three years, though awareness is improving in aftermath of high-profile data breaches
-
February 03, 2023
03
Feb'23
LockBit gang confirms Ion cyber attack as disruption continues
The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February
-
February 02, 2023
02
Feb'23
North Korea’s Lazarus gang exposes itself in opsec failure
WithSecure researchers linked a campaign of cyber attacks targeting medical research and energy firms to North Korea’s infamous Lazarus APT after a group member accidentally screwed up
-
February 02, 2023
02
Feb'23
Suspected LockBit ransomware attack causes havoc in City of London
A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders
-
February 02, 2023
02
Feb'23
Arnold Clark customer data was stolen in Play ransomware attack
Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack
-
February 01, 2023
01
Feb'23
Cloud security top risk to enterprises in 2023, says study
A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year
-
February 01, 2023
01
Feb'23
CryptoRom scam abuses Apple and Google app stores to claim victims
Sophos researchers report on two fake apps used by romance scammers to lure victims into parting with their money, both of which were able to escape the attention of Apple and Google app store safeguards
-
January 31, 2023
31
Jan'23
Russian DDoS hacktivists seen targeting western hospitals
A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk
-
January 31, 2023
31
Jan'23
GitHub warns Desktop, Atom users after code-signing certificates pinched
Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users
-
January 31, 2023
31
Jan'23
Royal Mail recovers more International Tracked services
Royal Mail is making further progress in recovering IT systems hit by a ransomware attack, and has re-enabled another tranche of international export services
-
January 30, 2023
30
Jan'23
Data of 10 million JD Sports customers accessed in cyber attack
Data on 10 million people who shopped online at JD Sports over a two-year period was accessed and potentially stolen in a cyber attack