News
Data breach incident management and recovery
-
February 18, 2021
18
Feb'21
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy
-
February 17, 2021
17
Feb'21
North Korean Lazarus Group hackers indicted in US
Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures
-
February 17, 2021
17
Feb'21
Security pros agree: We need to take a break
As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so
-
February 17, 2021
17
Feb'21
Egregor ransomware arrests confirmed
Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware
-
February 17, 2021
17
Feb'21
Law firm and cyber criminals clash over source of stolen data
Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees
-
February 16, 2021
16
Feb'21
North Korea accused of Pfizer Covid vaccine cyber attack
South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour
-
February 16, 2021
16
Feb'21
RDP, SSH exposures off the charts thanks to remote working
The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report
-
February 11, 2021
11
Feb'21
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy
-
February 11, 2021
11
Feb'21
Low-complexity CVEs a growing concern
Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments
-
February 11, 2021
11
Feb'21
Singtel falls prey to supply chain attack
The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack
-
February 10, 2021
10
Feb'21
HelloKitty almost certainly behind CD Projekt ransomware attack
Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis
-
February 10, 2021
10
Feb'21
Sim-swapping crooks targeted celebrities, influencers
Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims
-
February 09, 2021
09
Feb'21
Data breaches are a ticking timebomb for consumers
Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure
-
February 09, 2021
09
Feb'21
Cyberpunk 2077 developer refuses to pay up after ransomware attack
Polish video game developer CD Projekt has released details of a ransomware attack on its systems
-
February 09, 2021
09
Feb'21
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services
-
February 08, 2021
08
Feb'21
Data of thousands of Dutch citizens leaked from government Covid-19 systems
Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19
-
February 05, 2021
05
Feb'21
Security firm Stormshield loses source code in cyber attack
Source code from two products developed by French cyber security firm was compromised in a December 2020 incident
-
February 04, 2021
04
Feb'21
Woodland Trust hit by cyber attack in December
Conservation charity is investigating what it describes as a ‘sophisticated’ cyber attack but has waited nearly two months to inform its members
-
February 04, 2021
04
Feb'21
SolarWinds chases multiple leads in breach investigation
Investigators at SolarWinds are exploring multiple theories as to how the company’s systems were compromised
-
February 04, 2021
04
Feb'21
Fraud and cyber crime still vastly under-reported
The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate
-
February 03, 2021
03
Feb'21
Foxtons rejects claims of slow reaction to data leak
Investigators have unearthed 16,000 data records that seem to have been stolen in an attack on property firm Foxtons last year, but the organisation says it acted by the book in dealing with the incident
-
February 03, 2021
03
Feb'21
‘Classic’ Cerber ransomware targets health sector in high volumes
Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black
-
February 03, 2021
03
Feb'21
SolarWinds patches two critical CVEs in Orion platform
New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet
-
February 01, 2021
01
Feb'21
Serco confirms Babuk ransomware attack
Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal
-
February 01, 2021
01
Feb'21
UKRI suspends services after ransomware attack
UK Research and Innovation was hit by an undisclosed strain of ransomware at the end of January
-
February 01, 2021
01
Feb'21
CISOs invisible to their organisations, says BT report
Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard
-
February 01, 2021
01
Feb'21
SBRC picks Check Point to support cyber helpline
The Scottish Business Resilience Centre has enlisted Check Point as the first security supplier to join its incident response partnership programme
-
January 31, 2021
31
Jan'21
Indian firms see growing value of data
Half of Indian IT leaders see a permanent increase in value of data as their organisations come under threat from mounting cyber attacks amid the pandemic
-
January 29, 2021
29
Jan'21
Hunting and anti-hunting groups locked in tit-for-tat row over data gathering
The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices
-
January 29, 2021
29
Jan'21
Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters
Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee
-
January 29, 2021
29
Jan'21
Manufacturing particularly at risk of Solorigate-linked breaches
Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers
-
January 29, 2021
29
Jan'21
Human factor dominates Australia’s latest data breach numbers
The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report
-
January 28, 2021
28
Jan'21
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact
-
January 27, 2021
27
Jan'21
Mimecast breach was work of SolarWinds attackers
Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December
-
January 27, 2021
27
Jan'21
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement
-
January 27, 2021
27
Jan'21
Grindr complaint results in €9.6m GDPR fine
Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices
-
January 26, 2021
26
Jan'21
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard
-
January 26, 2021
26
Jan'21
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group
-
January 26, 2021
26
Jan'21
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor
-
January 22, 2021
22
Jan'21
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation
-
January 21, 2021
21
Jan'21
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council
-
January 21, 2021
21
Jan'21
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia
-
January 21, 2021
21
Jan'21
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals
-
January 20, 2021
20
Jan'21
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?
-
January 19, 2021
19
Jan'21
Questions raised by New Zealand central bank boss, following cyber attack investigation
The governor of New Zealand’s central bank said the organisation must answer questions about its security following a ‘significant’ attack
-
January 19, 2021
19
Jan'21
Value of GDPR fines shows dramatic increase in 2020
European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise
-
January 19, 2021
19
Jan'21
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA
-
January 19, 2021
19
Jan'21
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks
-
January 18, 2021
18
Jan'21
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack