News

Data breach incident management and recovery

• March 31, 2021 31 Mar'21

  Cyber Security Council to champion UK security pros

  A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base

• March 30, 2021 30 Mar'21

  Ransomware attack on London schools highlights warnings

  Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector

• March 30, 2021 30 Mar'21

  The Security Interviews: How to secure an F1 team in a pandemic

  A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data

• March 29, 2021 29 Mar'21

  UK courts face evidence ‘black hole’ over police EncroChat mass hacking

  French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence

• March 29, 2021 29 Mar'21

  Cyber attack takes Channel Nine off-air

  The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio

• March 26, 2021 26 Mar'21

  Retailer FatFace pays $2m ransom to Conti cyber criminals

  Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate

• March 25, 2021 25 Mar'21

  Cyber security complacency puts UK at risk, says NCSC head

  National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber

• March 25, 2021 25 Mar'21

  Four in five UK businesses seek new security suppliers

  Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves

• March 25, 2021 25 Mar'21

  More than £34.5m stolen in pandemic scams over past year

  City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations

• March 24, 2021 24 Mar'21

  Oil giant Shell hit through Accellion FTA breach

  Energy firm discloses cyber attack through Accellion File Transfer Appliance

• March 24, 2021 24 Mar'21

  Apparent drop in cyber incidents highlights underlying problems

  UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report

• March 23, 2021 23 Mar'21

  NCSC beefs up support for education sector after spate of attacks

  Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks

• March 22, 2021 22 Mar'21

  $50m ransomware demand on Acer is highest ever

  Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer

• March 18, 2021 18 Mar'21

  Eastern Health reports ‘cyber incident’, takes systems offline

  Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident

• March 17, 2021 17 Mar'21

  Average ransomware cost triples, says report

  The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report

• March 17, 2021 17 Mar'21

  Cyber sector welcomes PM’s defence review

  Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet

• March 16, 2021 16 Mar'21

  MoD partners playing fast and loose with confidential data

  Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD

• March 16, 2021 16 Mar'21

  Unusual DearCry ransomware uses ‘rare’ approach to encryption

  Hybrid approach to encryption used by DearCry bears similarities to WannaCry

• March 16, 2021 16 Mar'21

  Microsoft releases one-click ProxyLogon mitigation tool

  Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers

• March 15, 2021 15 Mar'21

  UK plans ‘full spectrum’ approach to national cyber security

  PM Boris Johnson expands on proposed National Cyber Force and plans to set up a north of England Cyber Corridor

• March 15, 2021 15 Mar'21

  Microsoft Exchange ProxyLogon attacks spike 10 times in four days

  Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days

• March 15, 2021 15 Mar'21

  Judges refuse EncroChat defendants’ appeal to Supreme Court

  Experts suggest Parliament and Investigatory Powers Tribunal need to consider the implications of a court decision on police use of data from the EncroChat phone network

• March 12, 2021 12 Mar'21

  NCSC issues emergency alert on Microsoft Exchange patch

  UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately

• March 12, 2021 12 Mar'21

  DearCry ransomware targets vulnerable Exchange servers

  As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority

• March 12, 2021 12 Mar'21

  Brewer Molson Coors targeted in cyber attack

  Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers

• March 11, 2021 11 Mar'21

  Attack on surveillance cameras a warning over security, ethics

  The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology

• March 11, 2021 11 Mar'21

  Norwegian government falls victim to Microsoft attacks

  Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers

• March 10, 2021 10 Mar'21

  Patch Tuesday overshadowed by Microsoft Exchange attacks

  Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks

• March 09, 2021 09 Mar'21

  Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network

  More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat

• March 09, 2021 09 Mar'21

  EBA restores services after Microsoft Exchange attack

  European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online

• March 08, 2021 08 Mar'21

  US teases retaliation over state-backed cyber attacks

  Consequences for alleged perpetrators of the SolarWinds attack are expected within the next few weeks

• March 05, 2021 05 Mar'21

  Williams F1 car launch disrupted by data leak

  Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack

• March 05, 2021 05 Mar'21

  Mandiant: MS Exchange bugs first exploited in January

  Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago

• March 05, 2021 05 Mar'21

  Singapore Airlines the latest victim of supply chain attack

  A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system

• March 04, 2021 04 Mar'21

  Microsoft Exchange CVEs more widely exploited than thought

  US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer

• March 04, 2021 04 Mar'21

  Qualys caught up in Accellion FTA breach

  Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product

• March 03, 2021 03 Mar'21

  Emergency patch addresses MS Exchange Server zero-days

  Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server

• February 25, 2021 25 Feb'21

  Npower shuts off app after credential stuffing attack

  Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach

• February 25, 2021 25 Feb'21

  MHRA and other agencies to offer new resources for scam victims

  New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance

• February 24, 2021 24 Feb'21

  Transport for NSW hit by Accellion breach

  Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system

• February 24, 2021 24 Feb'21

  Vaccine passports prove an ethical minefield

  Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design

• February 24, 2021 24 Feb'21

  Babuk ransomware unsophisticated, but highly dangerous

  Intelligence gathered through McAfee’s Mvision service reveals more insight into the emerging Babuk ransomware

• February 24, 2021 24 Feb'21

  Bombardier is latest victim of Accellion supply chain attack

  Canadian aviation company joins the growing list of Accellion breach victims

• February 24, 2021 24 Feb'21

  Warning on security risk from virtual events platforms

  Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack

• February 23, 2021 23 Feb'21

  XDR makes cyber a Stroll in the park for Aston Martin F1

  Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet

• February 22, 2021 22 Feb'21

  Microphones, smartphones, laptops among items stolen from BBC

  A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers

• February 22, 2021 22 Feb'21

  Pandemic has exposed fractures in cyber fraud strategy

  RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem

• February 19, 2021 19 Feb'21

  NCSC cyber defence scheme blocked thousands of scams in 2019

  The NCSC has reported another productive year for its Active Cyber Defence programme

• February 19, 2021 19 Feb'21

  Biden will act on cyber security to fix SolarWinds mess

  US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger

• February 18, 2021 18 Feb'21

  City of Helsinki adopts MyData principles to improve digital services

  Principles on the use of personal data for the benefit of society will guide Finnish capital’s ambitious digital plans