News
Data breach incident management and recovery
-
June 23, 2020
23
Jun'20
Twitter contacts business users over data exposure
Issue relates to how web browsers cached confidential data entered in Twitter’s ads and analytics services, but is unlikely to have resulted in compromise
-
June 21, 2020
21
Jun'20
APAC still hotbed for cyber attacks
Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds
-
June 19, 2020
19
Jun'20
Australian prime minister confirms country is suffering repeated nation-state cyber attacks
Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors
-
June 17, 2020
17
Jun'20
Cosmetics company Avon offline after cyber attack
Representatives left unable to place orders after company’s back-end systems went offline over a week ago
-
June 15, 2020
15
Jun'20
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March
-
June 14, 2020
14
Jun'20
Coronavirus: Enterprise VPN adoption in India set to rise
Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData
-
June 12, 2020
12
Jun'20
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed
-
June 12, 2020
12
Jun'20
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors
-
June 10, 2020
10
Jun'20
Unsecured Elasticsearch server breached in eight hours flat
Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot
-
June 10, 2020
10
Jun'20
Virtual GP practice accidentally exposes patient video calls
A small number of users of Babylon’s GP at Hand service were briefly able to view other patients’ video GP consultations thanks to a bug in a new software feature
-
June 10, 2020
10
Jun'20
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm
-
June 09, 2020
09
Jun'20
Honda investigates suspected Snake ransomware attack
Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended
-
June 09, 2020
09
Jun'20
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data
-
June 04, 2020
04
Jun'20
Dutch organisations invest heavily in compliance – but in vain
Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment
-
June 04, 2020
04
Jun'20
Data privacy groups pile in on UK contact-tracing app
UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app
-
June 03, 2020
03
Jun'20
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic?
-
June 01, 2020
01
Jun'20
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending
-
May 29, 2020
29
May'20
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme
-
May 29, 2020
29
May'20
Singapore’s contact-tracing app tops privacy study
Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds
-
May 25, 2020
25
May'20
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector
-
May 22, 2020
22
May'20
EasyJet to be sued over customer data breach
If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn
-
May 20, 2020
20
May'20
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message
-
May 20, 2020
20
May'20
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats
-
May 19, 2020
19
May'20
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales
-
May 19, 2020
19
May'20
GDPR wholly inappropriate to govern contact-tracing data
Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app
-
May 19, 2020
19
May'20
Doubts mount over effectiveness of UK contact-tracing app
Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app
-
May 19, 2020
19
May'20
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline
-
May 19, 2020
19
May'20
Sodinokibi cyber criminals plot to ‘auction’ Madonna data
The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time
-
May 19, 2020
19
May'20
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it
-
May 15, 2020
15
May'20
Questions raised after UK’s electrical grid shrugs off cyber attack
Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse
-
May 15, 2020
15
May'20
Law firm hackers threaten to release dirt on Trump
A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts
-
May 14, 2020
14
May'20
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China
-
May 13, 2020
13
May'20
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport
-
May 13, 2020
13
May'20
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list
-
May 13, 2020
13
May'20
Can Lady Gaga and Madonna get people to take security seriously?
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers
-
May 12, 2020
12
May'20
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app
-
May 12, 2020
12
May'20
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos
-
May 12, 2020
12
May'20
APAC firms still coming to grips with data protection
More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain
-
May 12, 2020
12
May'20
Maze ransomware attack will cost Cognizant at least $50m to $70m
Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold
-
May 12, 2020
12
May'20
How Australian firms can plug data protection gaps
Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene
-
May 11, 2020
11
May'20
Pitney Bowes hit by Maze in second ransomware attack in a year
Shipping services firm falls victim to Maze ransomware just seven months after a previous major attack
-
May 07, 2020
07
May'20
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang
-
May 06, 2020
06
May'20
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study
-
May 05, 2020
05
May'20
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations
-
May 05, 2020
05
May'20
GoDaddy owns up to October 2019 data breach
Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts
-
May 05, 2020
05
May'20
Building security and privacy into contact-tracing apps
Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA
-
May 04, 2020
04
May'20
Xen Orchestra latest victim of Salt cryptojackers
More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward
-
May 04, 2020
04
May'20
NHSX contact-tracing app needs legislative oversight
Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app
-
May 04, 2020
04
May'20
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability
-
May 04, 2020
04
May'20
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study