News

Data breach incident management and recovery

November 30, 2022 30 Nov'22
NIS regulations to be extended to cover MSPs

The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope
November 29, 2022 29 Nov'22
Cyber criminals exploiting naked TikTok ‘challenge’

Malware operators lured targets by promising them they would be able to view nude videos of TikTok users
November 25, 2022 25 Nov'22
Data management, backup becoming the CISO's responsibility

More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year
November 24, 2022 24 Nov'22
Not-for-profit aims to encourage 1,300 girls into cyber careers

CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber

November 23, 2022 23 Nov'22
Red team tool developer slams ‘irresponsible’ disclosure

UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors
November 23, 2022 23 Nov'22
Dutch national cyber security strategy aims to protect digital society

Cabinet sets up national cyber security strategy to make the Netherlands digitally secure
November 22, 2022 22 Nov'22
Ducktail spins new tales to hijack Facebook Business accounts

The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts
November 21, 2022 21 Nov'22
Bug Bounty Calculator helps organisations fine-tune their payouts

Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention
November 18, 2022 18 Nov'22
Is Elon Musk’s Twitter safe, and should you stop using it?

With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use
November 18, 2022 18 Nov'22
New gold standard to protect good faith hackers

HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking

November 18, 2022 18 Nov'22
CyberPeace Institute helps NGOs improve their security resilience

Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people
November 17, 2022 17 Nov'22
Another Log4Shell warning after Iranian attack on US government

The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching
November 16, 2022 16 Nov'22
Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures
November 15, 2022 15 Nov'22
APP fraud volumes expected to double by 2026, says report

Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue
November 14, 2022 14 Nov'22
How Google and Mandiant are forging synergies in cyber security

Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security
November 13, 2022 13 Nov'22
Online scam victims lose an average of £1,000 each

New data from the National Fraud Intelligence Bureau shows victims of online fraud lose an average of £1,000 per person
November 11, 2022 11 Nov'22
Volume of self-reported breaches to ICO jumps 30%

The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022
November 10, 2022 10 Nov'22
Cyber criminals have World Cup Qatar 2022 in their sights

Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so
November 09, 2022 09 Nov'22
Optus earmarks A$140m to cover cost of data breach

Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers
November 09, 2022 09 Nov'22
UK’s National Cyber Advisory Board convenes for first time

Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online
November 09, 2022 09 Nov'22
Why Sophos is bullish on managed security services

Sophos has grown its managed detection and response business to more than $100m over the last three years as more organisations grapple with the increasingly complex cyber security landscape
November 08, 2022 08 Nov'22
NortonLifeLock, Avast debut new ‘Gen’ identity

The combined NortonLifeLock and Avast consumer cyber business, Gen, says it will serve over 500 million customers worldwide
November 07, 2022 07 Nov'22
Department for Education escapes £10m fine over data misuse

Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules
November 04, 2022 04 Nov'22
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022

The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare
November 03, 2022 03 Nov'22
Microsoft pledges $100m in new IT support for Ukraine

Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future
November 03, 2022 03 Nov'22
Automated threats biggest source of cyber risk for retailers

Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report
November 03, 2022 03 Nov'22
Global coalition reaffirms commitment to fight ransomware

Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC
November 02, 2022 02 Nov'22
Dropbox code compromised in phishing attack

Cloud storage service says malicious actors successfully accessed some of its code within GitHub, but insists customer data is secure
November 02, 2022 02 Nov'22
UK spent £6.4m on secret cyber package for Ukraine

Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks
November 01, 2022 01 Nov'22
A third of UK cyber leaders want to quit, report says

Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload
November 01, 2022 01 Nov'22
NCSC looks back on year of ‘profound change’ for cyber

The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful
October 31, 2022 31 Oct'22
Prepare today for potentially high-impact OpenSSL bug

OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
October 27, 2022 27 Oct'22
NCSC’s Levy steps down after 20-year intelligence career

NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’
October 27, 2022 27 Oct'22
NHS to get new national CISO

The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
October 27, 2022 27 Oct'22
Medibank breach casts spotlight on data security

Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia
October 26, 2022 26 Oct'22
Australia budget closes in on digital divide, cyber resilience

Australia’s latest budget is geared towards providing better broadband connectivity in regional and rural areas, shoring up the cyber security posture of its businesses and plugging tech talent shortages, among other areas
October 25, 2022 25 Oct'22
Global digital trust market to double by 2027

The global market for digital trust technology is expected to double to $537bn by 2027, up from $270bn today as demand for cyber security and other capabilities continues to grow
October 24, 2022 24 Oct'22
Complacency biggest cyber risk to UK plc, says ICO

Information commissioner John Edwards warns against complacency as his office issues a multimillion-pound fine to a building company that failed to prevent a ransomware attack
October 24, 2022 24 Oct'22
Half of staff might quit after a cyber attack, report says

Findings from a survey of CISOs, IT leaders and staffers reveal how experiencing a cyber incident may take a larger-than-thought toll on employee retention
October 21, 2022 21 Oct'22
Microsoft slams external researchers over its own data leak

Microsoft inadvertently leaked customer data after misconfiguring an Azure Blob, but has hit out at the organisation that discovered its error, claiming it is exaggerating the scope of the issue
October 20, 2022 20 Oct'22
Cyber professional shortfall hits 3.4 million

Shortage of cyber security professionals continues to grow and shows no signs of abating, says report
October 20, 2022 20 Oct'22
NatWest data breach whistleblower demands bank pay data controller fee to ICO

Whistleblower calls for NatWest to pay the Information Commissioner’s Office annual data controller fee, as the personal details of 1,600 current and former NatWest customers remain under her bed
October 19, 2022 19 Oct'22
Ransomware crews regrouping as LockBit rise continues

Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead
October 19, 2022 19 Oct'22
Treat cyber crime as a ‘strategic threat’, UK businesses told

The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community
October 14, 2022 14 Oct'22
Annual costs of Hackney ransomware attack exceed £12m

Hackney Council reveals new insight into the ongoing cost of a ransomware attack that devastated its systems two years ago
October 14, 2022 14 Oct'22
Advanced: Healthcare data was stolen in LockBit 3.0 attack

Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack
October 14, 2022 14 Oct'22
Australia becoming hotbed for cyber attacks

Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency
October 12, 2022 12 Oct'22
NCSC urges organisations to secure supply chains

NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers
October 11, 2022 11 Oct'22
Contractor left Toyota source code exposed for five years

Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor
October 07, 2022 07 Oct'22
Australia to amend telecoms regulations following Optus breach

Amendments to Australia’s telecoms regulations are in the works to temporarily allow sharing of individuals’ identifier information between telcos and financial institutions