News

Data breach incident management and recovery

• March 12, 2021 12 Mar'21

  DearCry ransomware targets vulnerable Exchange servers

  As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority

• March 12, 2021 12 Mar'21

  Brewer Molson Coors targeted in cyber attack

  Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers

• March 11, 2021 11 Mar'21

  Attack on surveillance cameras a warning over security, ethics

  The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology

• March 11, 2021 11 Mar'21

  Norwegian government falls victim to Microsoft attacks

  Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers

• March 10, 2021 10 Mar'21

  Patch Tuesday overshadowed by Microsoft Exchange attacks

  Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks

• March 09, 2021 09 Mar'21

  Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network

  More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat

• March 09, 2021 09 Mar'21

  EBA restores services after Microsoft Exchange attack

  European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online

• March 08, 2021 08 Mar'21

  US teases retaliation over state-backed cyber attacks

  Consequences for alleged perpetrators of the SolarWinds attack are expected within the next few weeks

• March 05, 2021 05 Mar'21

  Williams F1 car launch disrupted by data leak

  Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack

• March 05, 2021 05 Mar'21

  Mandiant: MS Exchange bugs first exploited in January

  Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago

• March 05, 2021 05 Mar'21

  Singapore Airlines the latest victim of supply chain attack

  A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system

• March 04, 2021 04 Mar'21

  Microsoft Exchange CVEs more widely exploited than thought

  US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer

• March 04, 2021 04 Mar'21

  Qualys caught up in Accellion FTA breach

  Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product

• March 03, 2021 03 Mar'21

  Emergency patch addresses MS Exchange Server zero-days

  Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server

• February 25, 2021 25 Feb'21

  Npower shuts off app after credential stuffing attack

  Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach

• February 25, 2021 25 Feb'21

  MHRA and other agencies to offer new resources for scam victims

  New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance

• February 24, 2021 24 Feb'21

  Transport for NSW hit by Accellion breach

  Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system

• February 24, 2021 24 Feb'21

  Vaccine passports prove an ethical minefield

  Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design

• February 24, 2021 24 Feb'21

  Babuk ransomware unsophisticated, but highly dangerous

  Intelligence gathered through McAfee’s Mvision service reveals more insight into the emerging Babuk ransomware

• February 24, 2021 24 Feb'21

  Bombardier is latest victim of Accellion supply chain attack

  Canadian aviation company joins the growing list of Accellion breach victims

• February 24, 2021 24 Feb'21

  Warning on security risk from virtual events platforms

  Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack

• February 23, 2021 23 Feb'21

  XDR makes cyber a Stroll in the park for Aston Martin F1

  Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet

• February 22, 2021 22 Feb'21

  Microphones, smartphones, laptops among items stolen from BBC

  A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers

• February 22, 2021 22 Feb'21

  Pandemic has exposed fractures in cyber fraud strategy

  RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem

• February 19, 2021 19 Feb'21

  NCSC cyber defence scheme blocked thousands of scams in 2019

  The NCSC has reported another productive year for its Active Cyber Defence programme

• February 19, 2021 19 Feb'21

  Biden will act on cyber security to fix SolarWinds mess

  US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger

• February 18, 2021 18 Feb'21

  City of Helsinki adopts MyData principles to improve digital services

  Principles on the use of personal data for the benefit of society will guide Finnish capital’s ambitious digital plans

• February 18, 2021 18 Feb'21

  2020 a record year for cyber, thanks to Covid

  The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy

• February 17, 2021 17 Feb'21

  North Korean Lazarus Group hackers indicted in US

  Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures

• February 17, 2021 17 Feb'21

  Security pros agree: We need to take a break

  As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so

• February 17, 2021 17 Feb'21

  Egregor ransomware arrests confirmed

  Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware

• February 17, 2021 17 Feb'21

  Law firm and cyber criminals clash over source of stolen data

  Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees

• February 16, 2021 16 Feb'21

  North Korea accused of Pfizer Covid vaccine cyber attack

  South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour

• February 16, 2021 16 Feb'21

  RDP, SSH exposures off the charts thanks to remote working

  The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report

• February 11, 2021 11 Feb'21

  Hacked Finnish therapy business collapses

  Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy

• February 11, 2021 11 Feb'21

  Low-complexity CVEs a growing concern

  Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments

• February 11, 2021 11 Feb'21

  Singtel falls prey to supply chain attack

  The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack

• February 10, 2021 10 Feb'21

  HelloKitty almost certainly behind CD Projekt ransomware attack

  Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis

• February 10, 2021 10 Feb'21

  Sim-swapping crooks targeted celebrities, influencers

  Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims

• February 09, 2021 09 Feb'21

  Data breaches are a ticking timebomb for consumers

  Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure

• February 09, 2021 09 Feb'21

  Cyberpunk 2077 developer refuses to pay up after ransomware attack

  Polish video game developer CD Projekt has released details of a ransomware attack on its systems

• February 09, 2021 09 Feb'21

  ‘Batman Begins’ cyber attack is a warning to CNI providers

  A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services

• February 08, 2021 08 Feb'21

  Data of thousands of Dutch citizens leaked from government Covid-19 systems

  Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19

• February 05, 2021 05 Feb'21

  Security firm Stormshield loses source code in cyber attack

  Source code from two products developed by French cyber security firm was compromised in a December 2020 incident

• February 04, 2021 04 Feb'21

  Woodland Trust hit by cyber attack in December

  Conservation charity is investigating what it describes as a ‘sophisticated’ cyber attack but has waited nearly two months to inform its members

• February 04, 2021 04 Feb'21

  SolarWinds chases multiple leads in breach investigation

  Investigators at SolarWinds are exploring multiple theories as to how the company’s systems were compromised

• February 04, 2021 04 Feb'21

  Fraud and cyber crime still vastly under-reported

  The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate

• February 03, 2021 03 Feb'21

  Foxtons rejects claims of slow reaction to data leak

  Investigators have unearthed 16,000 data records that seem to have been stolen in an attack on property firm Foxtons last year, but the organisation says it acted by the book in dealing with the incident

• February 03, 2021 03 Feb'21

  ‘Classic’ Cerber ransomware targets health sector in high volumes

  Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black

• February 03, 2021 03 Feb'21

  SolarWinds patches two critical CVEs in Orion platform

  New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet