News

Data breach incident management and recovery

• November 21, 2024 21 Nov'24

  Brit charged in US over Scattered Spider cyber attacks

  A UK national named as Tyler Robert Buchanan has been charged in the US over his alleged involvement in cyber attacks perpetrated by the Scattered Spider gang

• November 20, 2024 20 Nov'24

  Apple addresses two iPhone, Mac zero-days

  Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks

• November 13, 2024 13 Nov'24

  China’s Volt Typhoon rebuilds botnet in wake of takedown

  Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever

• November 12, 2024 12 Nov'24

  Zero-day exploits increasingly sought out by attackers

  Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023

• November 12, 2024 12 Nov'24

  More data stolen in 2023 MOVEit attacks comes to light

  Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web

• November 08, 2024 08 Nov'24

  ESET shines light on cyber criminal RedLine empire

  ESET publishes fresh data on the inner workings of the RedLine Stealer malware empire, which was taken down at the end of October

• November 07, 2024 07 Nov'24

  AI a force multiplier for the bad guys, say cyber pros

  CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders

• November 05, 2024 05 Nov'24

  Post Office data breach caused by botched website upgrade

  Data breach exposed personal details of the hundreds of former subpostmasters who had defeated the Post Office in the High Court

• November 01, 2024 01 Nov'24

  CISA looks to global collaboration as fraught US election begins

  The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats

• October 28, 2024 28 Oct'24

  UK launches cyber guidance package for tech startups

  The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage

• October 25, 2024 25 Oct'24

  Dutch critical infrastructure at risk despite high leadership confidence

  Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise

• October 23, 2024 23 Oct'24

  Democracy campaigner to sue Saudi Arabia over Pegasus and QuaDream spyware in UK court

  Pro-democracy campaigner Yahya Assiri given permission to file legal action in London court against Saudi Arabia over its use of Israeli spyware

• October 22, 2024 22 Oct'24

  Danish government reboots cyber security council amid AI expansion

  Denmark’s government relaunches digital security initiative to protect business sectors and society at large

• October 21, 2024 21 Oct'24

  Can AI be secure? Experts discuss emerging threats and AI safety

  International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence

• October 17, 2024 17 Oct'24

  NCSC chief warns of gap in cyber threats and defence capabilities

  The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief

• October 10, 2024 10 Oct'24

  NCSC issues fresh alert over wave of Cozy Bear activity

  The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks

• October 10, 2024 10 Oct'24

  Government launches cyber standard for local authorities

  Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks

• October 10, 2024 10 Oct'24

  Internet Archive web historians target of hacktivist cyber attack

  The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists

• October 10, 2024 10 Oct'24

  How Recorded Future finds ransomware victims before they get hit

  Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them

• October 10, 2024 10 Oct'24

  Australia bolsters cyber defences with security bill

  Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience

• October 09, 2024 09 Oct'24

  MoneyGram customer data breached in attack

  MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff

• October 08, 2024 08 Oct'24

  Secureworks: Ransomware takedowns didn’t put off cyber criminals

  The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks

• October 08, 2024 08 Oct'24

  UK’s cyber incident reporting law to move forward in 2025

  The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses

• October 07, 2024 07 Oct'24

  IBM: Data breach cost in ASEAN hits new high

  The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems

• October 04, 2024 04 Oct'24

  UK telcos including BT at risk from DrayTek router vulnerabilities

  A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis

• October 04, 2024 04 Oct'24

  NCSC celebrates eight years as Horne blows in

  Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne

• October 03, 2024 03 Oct'24

  Microsoft files lawsuit to seize domains used by Russian spooks

  Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections

• October 03, 2024 03 Oct'24

  SOC teams falling out of love with threat detection tools

  Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report

• October 02, 2024 02 Oct'24

  UK and Singapore to collaborate on supporting ransomware victims

  At the fourth Counter Ransomware Initiative Summit in the US, both the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models

• October 01, 2024 01 Oct'24

  Unmasked: The Evil Corp cyber gangster who worked for LockBit

  The NCA has named and shamed a prominent member of the Evil Corp cyber crime collective who also worked as an affiliate of the LockBit ransomware gang as the UK unveils new sanctions against 16 Russian cyber criminals

• September 27, 2024 27 Sep'24

  UK on high alert over Iranian spear phishing attacks, says NCSC

  The NCSC and counterpart agencies in the US have issued a warning over enhanced Iranian spear phishing activity targeting politicians, journalists, activists and others with an interest in Middle Eastern affairs

• September 26, 2024 26 Sep'24

  Racist Network Rail Wi-Fi hack was work of malicious insider

  Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers

• September 26, 2024 26 Sep'24

  Islamophobic cyber attack downs Wi-Fi at UK transport hubs

  An apparent hacktivist attack disrupted public-facing Wi-Fi networks at UK rail stations to display Islamophobic content

• September 25, 2024 25 Sep'24

  CrowdStrike apologises to US government for global mega-outage

  CrowdStrike executive Adam Meyers appears before a US government committee to explain the series of errors that led directly to one of the biggest IT outages in history

• September 24, 2024 24 Sep'24

  Money transfer firm MoneyGram rushes to contain cyber attack

  Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident

• September 23, 2024 23 Sep'24

  Microsoft shares progress on Secure Future Initiative

  Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture

• September 18, 2024 18 Sep'24

  NCSC exposes Chinese company running malicious Mirai botnet

  The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions

• September 17, 2024 17 Sep'24

  First CyberBoost Catalyse startup cohort named

  The first group of companies named to a cyber incubator programme run by Plexal and the National University of Singapore includes two growing UK businesses

• September 13, 2024 13 Sep'24

  UN-backed cyber security report highlights global shortfalls in preparedness

  In the three years since the UN-backed cyber security report was published, countries have been making a concerted effort to protect themselves from cyber threats, but there’s more to do

• September 13, 2024 13 Sep'24

  Cyber workforce must almost double to meet global talent need

  Research from ISC2 finds global cyber workforce needs additional 4.8 million people to fully secure businesses

• September 11, 2024 11 Sep'24

  ICO and NCA sign MoU to provide joint support for cyber crime victims

  UK data protection watchdog joins forces with law enforcement agency to provide more support for organisations that fall victim to cyber crime and ransomware attacks

• September 06, 2024 06 Sep'24

  Longstanding Darktrace CEO Poppy Gustafsson to step down

  Darktrace CEO Poppy Gustafsson is to leave the AI cyber company she helped build with Mike Lynch after more than a decade, following its acquisition by a private equity firm

• September 05, 2024 05 Sep'24

  NCSC and allies call out Russia's Unit 29155 over cyber warfare

  The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155

• September 05, 2024 05 Sep'24

  Fog ransomware crew evolving into wide-ranging threat

  The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims

• September 05, 2024 05 Sep'24

  Ongoing TfL cyber attack takes out Dial-a-Ride service

  The Dial-a-Ride assisted transit service for disabled people had to temporarily suspend part of its operations as Transport for London deals with an ongoing cyber attack, but the service has now been recovered

• September 03, 2024 03 Sep'24

  Transport for London hit by cyber attack

  London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services

• August 29, 2024 29 Aug'24

  Iranian APT caught acting as access broker for ransomware crews

  Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits

• August 28, 2024 28 Aug'24

  Iranian APT Peach Sandstorm teases new Tickler malware

  Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence

• August 28, 2024 28 Aug'24

  Global cyber spend to rise 15% in 2025, pushed along by AI

  Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner

• August 28, 2024 28 Aug'24

  How Kaspersky is driving growth in APAC

  Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region