News
Data breach incident management and recovery
-
November 12, 2019
12
Nov'19
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country
-
November 12, 2019
12
Nov'19
PCI DSS payment security compliance drops again
Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling
-
November 12, 2019
12
Nov'19
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked
-
November 08, 2019
08
Nov'19
Morrisons in new appeal over data breach fine
The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data
-
November 07, 2019
07
Nov'19
Saudis recruited Twitter employees to spy on critics
Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents
-
November 06, 2019
06
Nov'19
Trend Micro insider breach exposes need for data-centric protection
Simple measures could have saved consumer security product supplier from insider breach
-
November 06, 2019
06
Nov'19
Global security workforce must more than double to meet demand
There are about 2.8 million cyber security professionals working today, and the world needs four million more
-
November 06, 2019
06
Nov'19
Professional cyber criminals command $75k per annum
An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers
-
November 05, 2019
05
Nov'19
Ransomware authors seeking new ways to avoid being spotted
Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls
-
October 31, 2019
31
Oct'19
Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches
Social media giant also promises to change the way its platform is used to protect people’s data
-
October 29, 2019
29
Oct'19
NordVPN enlists ethical hackers, launches bug bounty programme
Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers
-
October 29, 2019
29
Oct'19
Fancy Bear resumes Olympic hacks ahead of Tokyo games
Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft
-
October 24, 2019
24
Oct'19
Know Fraud database became backlog dump
Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services
-
October 24, 2019
24
Oct'19
£4,000 bug bounty could have saved BA from record ICO fine
British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities
-
October 23, 2019
23
Oct'19
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load
-
October 22, 2019
22
Oct'19
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue
-
October 22, 2019
22
Oct'19
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets
-
October 22, 2019
22
Oct'19
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period
-
October 21, 2019
21
Oct'19
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords
-
October 21, 2019
21
Oct'19
Alleged state hackers adapting to cover their tracks, says NCSC
A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence
-
October 21, 2019
21
Oct'19
Trend Micro buys cloud security firm to broaden offering
Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals
-
October 21, 2019
21
Oct'19
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots
-
October 17, 2019
17
Oct'19
BEIS launches multimillion-pound security investment package
Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme
-
October 17, 2019
17
Oct'19
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service
-
October 17, 2019
17
Oct'19
Security threat landscape becomes more organised and business-like
Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape
-
October 16, 2019
16
Oct'19
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack
-
October 14, 2019
14
Oct'19
Researchers reveal the cyber campaign that built China's new airliner
CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry
-
October 03, 2019
03
Oct'19
IT contractor charged over cyber attack on property valuation firm
Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web
-
October 03, 2019
03
Oct'19
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank
-
October 03, 2019
03
Oct'19
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year
-
October 03, 2019
03
Oct'19
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore
-
October 03, 2019
03
Oct'19
Cyber war as big a threat as nuclear war, says ex-RSA head Coviello
Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them
-
October 01, 2019
01
Oct'19
Singapore outlines initiatives to tackle OT and IoT security
The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things
-
September 27, 2019
27
Sep'19
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen
-
September 27, 2019
27
Sep'19
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to
-
September 26, 2019
26
Sep'19
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs
-
September 26, 2019
26
Sep'19
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach
-
September 26, 2019
26
Sep'19
Teen TalkTalk hacker accused of cryptocurrency fraud in US
Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges
-
September 24, 2019
24
Sep'19
Singapore payment card data compromised by JavaScript sniffers
Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer
-
September 24, 2019
24
Sep'19
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee
-
September 24, 2019
24
Sep'19
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure
-
September 18, 2019
18
Sep'19
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection
-
September 18, 2019
18
Sep'19
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers
-
September 17, 2019
17
Sep'19
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?
-
September 16, 2019
16
Sep'19
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence
-
September 13, 2019
13
Sep'19
When AIs go to war: Autonomous cyber weapons ‘inevitable’
CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson
-
September 12, 2019
12
Sep'19
UN agency Unicef praised for response to accidental data leak
The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora
-
September 12, 2019
12
Sep'19
Mirai descendants dominate IoT threat environment
Attacks leveraging compromised IoT devices are growing in size, scale and frequency, report security experts at F-Secure and Trend Micro, with Mirai-related botnets a major source of trouble
-
September 11, 2019
11
Sep'19
Equifax and Heartbleed are most-Googled cyber security terms
Analysis of 15 years’ worth of Google search data has revealed some insight into what cyber security trends are capturing the imagination
-
September 11, 2019
11
Sep'19
GDPR non-compliance worse than feared
Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts