News
Data breach incident management and recovery
-
June 07, 2024
07
Jun'24
Sophos uncovers Chinese state-sponsored campaign in Southeast Asia
Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea
-
June 06, 2024
06
Jun'24
FBI finds 7,000 LockBit decryption keys in blow to criminal gang
The US authorities say they now have more than 7,000 LockBit decryption keys in their possession and are urging victims of the prolific ransomware gang to come forward
-
June 05, 2024
05
Jun'24
Qilin ransomware gang likely behind crippling NHS attack
Security experts investigating a major cyber attack on an NHS partner that has caused frontline services across South London to grind to a halt say the Qilin ransomware gang appears to be the culprit
-
June 04, 2024
04
Jun'24
OAIC files civil penalty action against Medibank
The OAIC alleges that Medibank failed to take reasonable steps to protect the personal information of 9.7 million Australians in the October 2022 data breach
-
June 04, 2024
04
Jun'24
NHS services at major London hospitals disrupted by cyber attack
A major cyber attack at NHS services provider Synnovis is disrupting frontline care at hospitals across London
-
June 03, 2024
03
Jun'24
97 FTSE 100 firms exposed to supply chain breaches
Between March 2023 and March 2024, 97 out of 100 companies on the UK’s FTSE 100 list were put at risk of compromise following supply chain breaches at third-party suppliers
-
June 03, 2024
03
Jun'24
Major breaches allegedly caused by unsecured Snowflake accounts
Significant data breaches at Ticketmaster and Santander appear to have been orchestrated through careful targeting of the victims’ Snowflake cloud data management accounts
-
June 03, 2024
03
Jun'24
Sellafield local authority slammed over response to North Korean ransomware attack
The local authority for Europe’s biggest nuclear site has been slammed by auditors for its response to a North Korea-linked cyber attack that temporarily crippled its operations
-
June 02, 2024
02
Jun'24
Ticketek Australia hit by data breach
Customer names, dates of birth and email addresses of Ticketek Australia account holders reportedly impacted in latest data breach affecting event ticketing firm
-
May 31, 2024
31
May'24
Law student ‘unfairly disciplined’ after reporting data breach blunder
A law student has accused a leading legal college of unethical behaviour and a “lack of integrity” after it brought misconduct proceedings against him when he reported a data security blunder
-
May 30, 2024
30
May'24
Europol sting operation smokes multiple botnets
Malware droppers including Bumblebee and Smokeloader were among those targeted in one of the largest ever joint operations against cyber criminal botnets
-
May 21, 2024
21
May'24
The Security Interviews: What is the real cyber threat from China?
Former NCSC boss Ciaran Martin talks about nation-state attacks, why the UK has become so exercised about cyber espionage, and how our leaders are in danger of misunderstanding their adversaries
-
May 20, 2024
20
May'24
WikiLeaks founder Julian Assange granted appeal
Two high court judges granted WikiLeaks founder Julian Assange leave to appeal against extradition to the US after defence lawyers argued that the US had failed to give adequate assurances
-
May 15, 2024
15
May'24
US authorities crack BreachForums for a second time
The BreachForums data leak website has been seized by the FBI and international partners again
-
May 15, 2024
15
May'24
WikiLeaks founder’s extradition case labelled ‘institutional corruption’
Call for Julian Assange to be prosecuted in the US has been condemned as ‘institutional corruption on a judicial level’ with the WikiLeaks founder a ‘political prisoner’
-
May 14, 2024
14
May'24
CyberUK 24: UK insurance industry gets tough on ransomware
Three of the UK’s largest insurance associations have signed on to a new initiative spearheaded by the NCSC to try to bring down the number of ransomware payments being made
-
May 10, 2024
10
May'24
Major breach of customer information developing at Dell
Almost 50 million data records relating to Dell customers appear to have been compromised in a major cyber breach
-
May 10, 2024
10
May'24
Over 5.3 billion data records exposed in April 2024
The number of data records breached in April 2024 hit over five billion, a staggering year-on-year increase
-
May 09, 2024
09
May'24
Cyber attack victims need to speak up, says ICO
The Information Commissioner’s Office is urging organisations to be transparent and learn from each other’s mistakes as it reveals most of the cyber attacks it responds to stem from the same core errors
-
May 09, 2024
09
May'24
Wales gets UK’s first national SOC
The first national security operations centre of its kind in the UK has opened in the south of Wales to safeguard public sector bodies across the country
-
May 07, 2024
07
May'24
Chinese APT suspected of Ministry of Defence hack
A cyber attack on the Ministry of Defence is suspected to be the work of threat actors working on behalf of Chinese intelligence
-
May 07, 2024
07
May'24
NCA unmasks LockBitSupp cyber gangster who toyed with pursuers
The NCA and its partners have named the administrator of the LockBit ransomware gang, LockBitSupp, as Dmitry Khoroshev, who now faces sanctions and criminal charges
-
May 06, 2024
06
May'24
Microsoft beefs up cyber initiative after hard-hitting US report
Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems
-
May 03, 2024
03
May'24
Patch GitLab vuln without delay, users warned
The addition of a serious vulnerability in the GitLab open source platform to CISA’s KEV catalogue prompts a flurry of concern
-
May 03, 2024
03
May'24
EU calls out Fancy Bear over attacks on Czech, German governments
The European Union, alongside member states Czechia and Germany, have accused Russian government APT Fancy Bear of being behind a series of attacks on political parties and government bodies
-
May 03, 2024
03
May'24
Why IAM is central to cyber security
BeyondTrust’s chief security strategist talks up the importance of identity and access management, and the role of cyber insurance in driving security improvements
-
May 02, 2024
02
May'24
NCSC updates warning over hacktivist threat to CNI
The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked
-
May 02, 2024
02
May'24
Ukrainian national sentenced over REvil ransomware spree
A 24-year-old Ukrainian man has been sentenced to more than 13 years in prison after being convicted of his role in the REvil ransomware attacks
-
May 02, 2024
02
May'24
Dropbox Sign user information accessed in data breach
Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure
-
May 02, 2024
02
May'24
BBC instructs lawyers over allegations of police surveillance of journalist
Lawyers for the BBC have written to the Investigatory Powers Tribunal over allegations that the Police Service of Northern Ireland spied on investigative journalist Vincent Kearney
-
May 02, 2024
02
May'24
How Okta is fending off identity-based attacks
Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks
-
May 01, 2024
01
May'24
EMEA CISOs must address human factors behind cyber incidents
The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching
-
May 01, 2024
01
May'24
Australia’s Qantas apologises for mobile app data breach
Australian flag carrier Qantas has apologised after a glitch in its mobile application temporarily enabled some customers to view the flights and booking details of other frequent fliers on two separate occasions
-
April 30, 2024
30
Apr'24
Persistent data breaches deny people with HIV dignity and privacy
The ICO has urged charities and healthcare organisations that work with people living with HIV to do better when it comes to protecting their personal data, after the HIV status of more than 100 people was accidentally disclosed by London’s Central ...
-
April 25, 2024
25
Apr'24
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag
-
April 23, 2024
23
Apr'24
GooseEgg proves golden for Fancy Bear, says Microsoft
Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler
-
April 22, 2024
22
Apr'24
Fujifilm plans to ‘make tape easy’ with Kangaroo SME appliance
Fujifilm to add 100TB SME-focused Kangaroo tape infrastructure in a box to existing 1PB offer, as energy efficiency and security of tape make it alluring to customers
-
April 18, 2024
18
Apr'24
CSA warns of emerging security risks with cloud and AI
Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh
-
April 17, 2024
17
Apr'24
Mandiant formally pins Sandworm cyber attacks on APT44 group
Mandiant has formally attributed a long-running campaign of cyber attacks by a Russian state actor known as Sandworm to a newly designated advanced persistent threat group to be called APT44
-
April 16, 2024
16
Apr'24
CISOs not yet convinced to invest in AI
CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority
-
April 16, 2024
16
Apr'24
Recognising APAC’s trailblazers in digital transformation
DBS Bank and NUS were among the top industry innovators that were lauded for various transformational initiatives at the Computer Weekly Innovation Awards APAC 2024
-
April 09, 2024
09
Apr'24
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures
-
April 08, 2024
08
Apr'24
UK vet network CVS hit by cyber attack
Operations at UK-based veterinary network CVS have been disrupted by a cyber incident of an as-yet undisclosed nature
-
April 05, 2024
05
Apr'24
How Oracle Red Bull Racing guards against cyber threats
The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware
-
April 04, 2024
04
Apr'24
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks
-
April 03, 2024
03
Apr'24
RDP abused in over 90% of cyber attacks, Sophos finds
Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics
-
April 03, 2024
03
Apr'24
Ransomware kill switch may save 99% of files from encryption
MDR specialist Adlumin says its new features will help customers stop in-progress ransomware attacks before they can cause significant damage
-
April 01, 2024
01
Apr'24
Open source alert over intentionally placed backdoor
A backdoor in the open source XZ Utils data compression library could have led to widespread compromise across the Linux ecosystem - and the community is on the trail of a developer who seems to be behind it
-
March 28, 2024
28
Mar'24
UK plc going backwards on cyber maturity, Cisco report claims
Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape
-
March 28, 2024
28
Mar'24
Sellafield to be prosecuted over alleged cyber compliance failure
Sellafield Ltd, the organisation responsible for cleaning up and decommissioning the UK's largest nuclear waste site, is to be prosecuted over alleged cyber security failings dating back to 2019