News

Data breach incident management and recovery

• May 02, 2025 02 May'25

  Retail cyber crime spree a ‘wake-up call’, says NCSC CEO

  The National Cyber Security Centre confirms it is providing assistance to M&S, Co-op and Harrods as concerns grow among UK retailers

• May 01, 2025 01 May'25

  Harrods becomes latest UK retailer to fall victim to cyber attack

  Harrods confirms it is the latest UK retailer to experience a cyber attack, shutting off a number of systems in an attempt to lessen the impact

• May 01, 2025 01 May'25

  Co-op instructs staff to be wary of lurking hackers

  Co-op tells staff to stop using their VPNs and be wary that their communications channels may be being monitored, as a cyber attack on the organisation continues to develop

• May 01, 2025 01 May'25

  Thomas Herdman’s legal battle over Sky ECC encrypted phone distribution set to enter fifth year

  Computer Weekly speaks to Julie Kawai Herdman, daughter of Thomas Herdman, the only person in custody for distributing Sky ECC encrypted phones

• April 30, 2025 30 Apr'25

  Co-op shuts off IT systems to contain cyber attack

  A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack

• April 29, 2025 29 Apr'25

  Scattered Spider on the hook for M&S cyber attack

  The infamous Scattered Spider hacking collective may have been behind the ongoing cyber attack on Marks and Spencer that has crippled systems at the retailer and left its ecommerce operation in disarray.

• April 29, 2025 29 Apr'25

  Kaspersky calls for cyber immunity amid growing cyber threats

  The rise of professional cyber crime groups and state-sponsored actors targeting critical infrastructure requires a move towards inherently secure ‘cyber immune’ systems, says Kaspersky CEO Eugene Kaspersky

• April 25, 2025 25 Apr'25

  M&S suspends all online sales as cyber attack worsens

  M&S shuts down online sales as it works to contain and mitigate a severe cyber attack on its systems

• April 24, 2025 24 Apr'25

  M&S systems remain offline days after cyber incident

  M&S is still unable to provide contactless payment or click-and-collect services amid a cyber attack that it says has forced it to move a number of processes offline to safeguard its customers, staff and business

• April 24, 2025 24 Apr'25

  Data breach class action costs mount up

  Organisations exposed to the US market paid out over $150m in class action settlements in just six months. Security leaders must do more to address cyber gaps, respond better to incidents and demonstrate compliance

• April 24, 2025 24 Apr'25

  March ransomware slowdown probably a red herring

  An apparent slowdown in ransomware attack volumes is raising eyebrows, but the statistics never tell the full story

• April 23, 2025 23 Apr'25

  Financially motivated cyber crime remains biggest threat source

  Mandiant’s latest annual threat report reveals data on how financially motivated cyber criminals, such as ransomware gangs, dominate the cyber security landscape

• April 23, 2025 23 Apr'25

  Qualys goes to bat for US cricket side San Francisco Unicorns

  Cloud security specialist Qualys partners with US T20 cricket squad San Francisco Unicorns and its Sparkle Army fanclub as the team prepares for its summer 2025 campaign

• April 22, 2025 22 Apr'25

  Cyber attack downs systems at Marks & Spencer

  A cyber attack at Marks & Spencer has caused significant disruption to customers, leaving them unable to make contactless payments or use click-and-collect services

• April 15, 2025 15 Apr'25

  Hertz warns UK customers of Cleo-linked data breach

  Car hire giant Hertz reveals UK customer data was affected in a cyber incident orchestrated via a series of vulnerabilities in Cleo managed file transfer products

• April 14, 2025 14 Apr'25

  Government faces claims of serious security and data protection problems in One Login digital ID

  The Government Digital Service was warned about serious cyber security and data protection problems in its flagship digital identity system, with insider claims that the data of three million users may still be at risk

• April 10, 2025 10 Apr'25

  Google bets on unifying security tools to ease CISO pain

  At Google Cloud Next in Las Vegas, Google launches its Unified Security platform with the goal of bringing together disparate security solutions to help cyber leaders and practitioners address their most keenly felt pain points

• April 08, 2025 08 Apr'25

  Government punts cyber governance code of practice for UK businesses

  The Department for Science, Innovation and Technology’s cyber security minister Feryal Clark announces a cyber security code of governance for UK businesses to follow

• April 07, 2025 07 Apr'25

  UK SMEs losing over £3bn a year to cyber incidents

  A lack of access to technology, little to no staff training, and competing priorities are losing UK SMEs up to £3.4bn to cyber incidents every year

• April 04, 2025 04 Apr'25

  Norway and Nordic financial sector ramps up cyber security

  Finans Norge sets up cyber security unit CTSU to support the finance sector in Norway amid increasing threats

• March 31, 2025 31 Mar'25

  Top 1,000 IT service providers in scope of UK cyber bill

  The government’s proposed Cyber Security and Resilience Bill is set to include regulatory provisions covering both datacentre operators and larger IT service providers

• March 26, 2025 26 Mar'25

  Advanced Software fined £3m over LockBit attack

  The ICO has issued a £3m fine to software provider Advanced in the wake of security failings that led to significant disruption to NHS customers in a ransomware attack

• March 19, 2025 19 Mar'25

  Clop resurgence drives ransomware attacks in February

  The exploitation of two new vulnerabilities in a popular file transfer service saw the Clop ransomware gang soar in February, according to NCC

• March 18, 2025 18 Mar'25

  Largest ever cyber deal reflects Google’s CNAPP ambitions

  In a signal of its future ambitions, Google lays down $32bn to acquire cloud-native application protection platform Wiz, reflecting the increasing need to secure multicloud environments

• March 18, 2025 18 Mar'25

  Seaco charts course for unified security strategy

  Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations

• March 13, 2025 13 Mar'25

  Chinese espionage group UNC3886 targets Juniper routers

  Advanced persistent threat group UNC3886 deployed custom backdoors on end-of-life Juniper Networks routers, underscoring the need for timely patching and advanced security monitoring

• March 13, 2025 13 Mar'25

  US Congress demands UK lifts gag on Apple encryption order

  Apple and Google have told US lawmakers that they cannot tell Congress whether they have received technical capability notices from the UK

• March 13, 2025 13 Mar'25

  SuperBlack ransomware may have ties to LockBit

  Forescout researchers report on a new ransomware gang that appears to be keeping the legacy of the notorious LockBit crew alive

• March 11, 2025 11 Mar'25

  Perimeter security appliances source of most ransomware hits

  Perimeter security appliances and devices, particularly VPNs, prove to be the most popular entry points into victim networks for financially motivated ransomware gangs, according to reports

• March 11, 2025 11 Mar'25

  UK government under-prepared for catastrophic cyber attack, hears PAC

  The Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par

• March 11, 2025 11 Mar'25

  Post Office scandal data leak interim compensation offers made

  Some subpostmasters affected by Post Office data breach offered interim compensation payments

• March 11, 2025 11 Mar'25

  Singapore IT leaders boost AI security defences

  Study reveals a surge in perceived importance of artificial intelligence for cyber security in Singapore, but declining investment in traditional measures raises concerns as sophisticated cyber attacks intensify

• March 07, 2025 07 Mar'25

  Managing security in the AI age

  Gartner experts offer guidance on harnessing AI’s power while mitigating its risks, from managing shadow AI to implementing security controls and policies

• March 05, 2025 05 Mar'25

  NHS investigating how API flaw exposed patient data

  NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer

• March 04, 2025 04 Mar'25

  Aussie businesses ramp up security spending

  Australian organisations are set to spend A$6.2bn on security and risk management in 2025, a 14.4% jump from the previous year, driven by the rise of AI and a growing threat landscape

• March 03, 2025 03 Mar'25

  Singapore’s HomeTeamNS hit by ransomware attack

  The non-profit organisation suffered a ransomware attack that affected some servers containing employee and member data, prompting an investigation and enhanced security measures

• February 28, 2025 28 Feb'25

  NHS staff lack confidence in health service cyber measures

  NHS staff understand their role in protecting the health service from cyber threats and the public backs them in this aim, but legacy tech and a lack of training are hindering efforts, according to BT

• February 26, 2025 26 Feb'25

  CISOs spending more on insider risk

  Insider risk management budgets have more than doubled in the past 12 months and look set to grow further still in 2025, according to a report

• February 25, 2025 25 Feb'25

  Singapore rolls out guidelines to bolster cloud and datacentre resilience

  New advisory guidelines to enhance resilience and security of cloud services and datacentres in Singapore amid potential service disruptions and growing cyber threats

• February 25, 2025 25 Feb'25

  Ransomware: on the murky trail of one of the leaders of Black Basta

  The internal exchanges within the Black Basta group revealed last week offer a new opportunity to investigate one of its leaders: Tramp. He may have been arrested in Armenia in June 2024, before being released

• February 24, 2025 24 Feb'25

  European Union calls for more cyber data-sharing with Nato

  Updates to the EU’s Cyber Blueprint, establishing best practice for multilateral security incident response in Europe, include calls for more collaboration with Nato member states, as the geopolitical environment becomes ever more fractious

• February 23, 2025 23 Feb'25

  Check Point co-founder on AI, quantum and independence

  Gil Shwed, Check Point’s co-founder and executive chairman, discusses the company’s focus on artificial intelligence-driven security and his commitment to remaining an independent force in the cyber security market

• February 21, 2025 21 Feb'25

  A landscape forever altered? The LockBit takedown one year on

  The NCA-led takedown of the LockBit ransomware gang in February 2024 heralded a transformative year in the fight against cyber crime. One year on, we look back at Operation Cronos and its impact

• February 20, 2025 20 Feb'25

  Watchdog approves Sellafield physical security, but warns about cyber

  The Office for Nuclear Regulation has taken Sellafield out of special measures for physical security, but harbours cyber security concerns

• February 18, 2025 18 Feb'25

  MSP cuts costs with Scality pay-as-you-go anti-ransomware storage

  Autodata gets Scality as-a-service for on-site immutable storage via Artesca, to allow customers to rapidly recover from ransomware and at the same cost per terabyte no matter the volume

• February 18, 2025 18 Feb'25

  CPX 2025: Check Point CEO talks up hybrid mesh security

  At CPX 2025 in Bangkok, Check Point CEO Nadav Zafrir outlined a vision for network security centred on hybrid mesh architecture and AI-powered capabilities

• February 14, 2025 14 Feb'25

  Lenovo CSO: AI adoption fuels security paranoia

  Doug Fisher, Lenovo’s chief security officer, outlines the company’s approach to security and AI governance, and the importance of having a strong security culture to combat cyber threats amplified by the use of AI

• February 13, 2025 13 Feb'25

  UK government sanctions target Russian cyber crime network Zservers

  The UK government has imposed sanctions on a Russian cyber crime syndicate responsible for aiding ransomware attacks, targeting the group and individual members

• February 11, 2025 11 Feb'25

  Google: Cyber crime meshes with cyber warfare as states enlist gangs

  A report from the Google Threat Intelligence Group depicts China, Russia, Iran and North Korea as a bloc using cyber criminal gangs to attack the national security of western countries

• February 07, 2025 07 Feb'25

  US lawmakers move to ban DeepSeek AI tool

  US politicians have introduced a bill seeking to ban the use of the DeepSeek AI tool on government-owned devices, citing national security concerns due to its alleged links to the Chinese state