News
Data breach incident management and recovery
-
December 04, 2024
04
Dec'24
Nordics move to deepen cyber security cooperation
Nordic countries are increasing collaboration on cyber security amid more sophisticated and aggressive attacks
-
December 03, 2024
03
Dec'24
US updates telco security guidance after mass Chinese hack
Following the widespread Salt Typhoon hacks of US telecoms operators including AT&T and Verizon, CISA and partner agencies have launched refreshed security guidance for network engineers and defenders alike
-
December 02, 2024
02
Dec'24
APAC businesses face cyber onslaught
The Asia-Pacific region is a cyber security hotspot, enduring significantly more cyber attacks than the global average, with AI-powered threats and skills shortages exacerbating the problem
-
December 02, 2024
02
Dec'24
NCSC boss calls for ‘sustained vigilance’ in an aggressive world
NCSC CEO Richard Horne is to echo wider warnings about the growing number and severity of cyber threats facing the UK as he launches the security body’s eighth annual report
-
November 29, 2024
29
Nov'24
Second Merseyside hospital hit by cyber attack
Hot on the heels of a major cyber attack at a nearby NHS trust, one of Europe’s biggest and busiest children’s hospitals is reportedly scrambling to deal with ransomware gang
-
November 28, 2024
28
Nov'24
Energy sector’s digital shift opens door to cyber threats
The transition to renewable energy and the increasing integration of IT and OT systems in the energy sector are creating new cyber security challenges
-
November 27, 2024
27
Nov'24
Further disruption expected after latest NHS cyber attack
IT and security teams at Wirral University Teaching Hospitals NHS Trust continue to work around the clock following a major cyber incident, with services disrupted and no timeline for resolution
-
November 26, 2024
26
Nov'24
Sellafield operator opens dedicated cyber centre
The UK’s Nuclear Decommissioning Authority has opened a cyber security centre spanning its activities across the nuclear sector
-
November 26, 2024
26
Nov'24
Blue Yonder ransomware attack breaks systems at UK retailers
UK supermarkets continue to deal with the impact of a ransomware attack on the systems of supply chain software supplier Blue Yonder, which is disrupting multiple aspects of their businesses including deliveries and staff management
-
November 26, 2024
26
Nov'24
Russian threat actors poised to cripple power grid, UK warns
UK government escalates cyber rhetoric in a speech at a Nato event, saying Russian advanced persistent threats stand ready to conduct cyber attacks that could ‘turn off the lights for millions’
-
November 25, 2024
25
Nov'24
Metropolitan Police officer dismissed for unlawfully accessing Sarah Everard files
Over 100 Met Police officers and staff have been investigated for accessing sensitive data related to the Sarah Everard case, leading to the dismissal of a Roads and Transport officer who accessed the information while off-duty
-
November 25, 2024
25
Nov'24
Microsoft calls on Trump to ‘push harder’ on cyber threats
Microsoft’s Brad Smith urges president-elect Donald Trump to keep the faith when it comes to fighting back against hostile cyber actors from China, Iran and Russia
-
November 25, 2024
25
Nov'24
Geopolitical strife drives increased ransomware activity
The lines between financially motivated cyber criminals and nation state APTs are rapidly blurring, as geopolitical influences weigh heavily on the threat landscape, according to data from NCC
-
November 21, 2024
21
Nov'24
BianLian cyber gang drops encryption-based ransomware
The Australian and American cyber authorities have published updated intelligence on the BianLian ransomware gang, which has undergone a rapid evolution in tactics
-
November 21, 2024
21
Nov'24
Brit charged in US over Scattered Spider cyber attacks
A UK national named as Tyler Robert Buchanan has been charged in the US over his alleged involvement in cyber attacks perpetrated by the Scattered Spider gang
-
November 20, 2024
20
Nov'24
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks
-
November 13, 2024
13
Nov'24
China’s Volt Typhoon rebuilds botnet in wake of takedown
Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever
-
November 12, 2024
12
Nov'24
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023
-
November 12, 2024
12
Nov'24
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web
-
November 08, 2024
08
Nov'24
ESET shines light on cyber criminal RedLine empire
ESET publishes fresh data on the inner workings of the RedLine Stealer malware empire, which was taken down at the end of October
-
November 07, 2024
07
Nov'24
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders
-
November 05, 2024
05
Nov'24
Post Office data breach caused by botched website upgrade
Data breach exposed personal details of the hundreds of former subpostmasters who had defeated the Post Office in the High Court
-
November 01, 2024
01
Nov'24
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats
-
October 28, 2024
28
Oct'24
UK launches cyber guidance package for tech startups
The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage
-
October 25, 2024
25
Oct'24
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise
-
October 23, 2024
23
Oct'24
Democracy campaigner to sue Saudi Arabia over Pegasus and QuaDream spyware in UK court
Pro-democracy campaigner Yahya Assiri given permission to file legal action in London court against Saudi Arabia over its use of Israeli spyware
-
October 22, 2024
22
Oct'24
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large
-
October 21, 2024
21
Oct'24
Can AI be secure? Experts discuss emerging threats and AI safety
International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence
-
October 17, 2024
17
Oct'24
NCSC chief warns of gap in cyber threats and defence capabilities
The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief
-
October 10, 2024
10
Oct'24
NCSC issues fresh alert over wave of Cozy Bear activity
The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks
-
October 10, 2024
10
Oct'24
Government launches cyber standard for local authorities
Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks
-
October 10, 2024
10
Oct'24
Internet Archive web historians target of hacktivist cyber attack
The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists
-
October 10, 2024
10
Oct'24
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them
-
October 10, 2024
10
Oct'24
Australia bolsters cyber defences with security bill
Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience
-
October 09, 2024
09
Oct'24
MoneyGram customer data breached in attack
MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff
-
October 08, 2024
08
Oct'24
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks
-
October 08, 2024
08
Oct'24
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses
-
October 07, 2024
07
Oct'24
IBM: Data breach cost in ASEAN hits new high
The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems
-
October 04, 2024
04
Oct'24
UK telcos including BT at risk from DrayTek router vulnerabilities
A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis
-
October 04, 2024
04
Oct'24
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne
-
October 03, 2024
03
Oct'24
Microsoft files lawsuit to seize domains used by Russian spooks
Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections
-
October 03, 2024
03
Oct'24
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report
-
October 02, 2024
02
Oct'24
UK and Singapore to collaborate on supporting ransomware victims
At the fourth Counter Ransomware Initiative Summit in the US, both the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models
-
October 01, 2024
01
Oct'24
Unmasked: The Evil Corp cyber gangster who worked for LockBit
The NCA has named and shamed a prominent member of the Evil Corp cyber crime collective who also worked as an affiliate of the LockBit ransomware gang as the UK unveils new sanctions against 16 Russian cyber criminals
-
September 27, 2024
27
Sep'24
UK on high alert over Iranian spear phishing attacks, says NCSC
The NCSC and counterpart agencies in the US have issued a warning over enhanced Iranian spear phishing activity targeting politicians, journalists, activists and others with an interest in Middle Eastern affairs
-
September 26, 2024
26
Sep'24
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers
-
September 26, 2024
26
Sep'24
Islamophobic cyber attack downs Wi-Fi at UK transport hubs
An apparent hacktivist attack disrupted public-facing Wi-Fi networks at UK rail stations to display Islamophobic content
-
September 25, 2024
25
Sep'24
CrowdStrike apologises to US government for global mega-outage
CrowdStrike executive Adam Meyers appears before a US government committee to explain the series of errors that led directly to one of the biggest IT outages in history
-
September 24, 2024
24
Sep'24
Money transfer firm MoneyGram rushes to contain cyber attack
Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident
-
September 23, 2024
23
Sep'24
Microsoft shares progress on Secure Future Initiative
Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture