News
Data breach incident management and recovery
-
November 16, 2023
16
Nov'23
Ransomware gang grasses up uncooperative victim to US regulator
The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off
-
November 16, 2023
16
Nov'23
British Library’s Halloween cyber scare was ransomware
The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack
-
November 15, 2023
15
Nov'23
BlackCat affiliate seen using malvertising to spread ransomware
Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker
-
November 15, 2023
15
Nov'23
US government reinforces ICBC hack link to Citrix Bleed
US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw
-
November 15, 2023
15
Nov'23
How Gigamon is making its mark in deep observability
Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth
-
November 14, 2023
14
Nov'23
Fast-acting cyber gangs increasingly disabling telemetry logs
Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks
-
November 13, 2023
13
Nov'23
Rogue state-aligned actors are most critical cyber threat to UK
The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night
-
November 13, 2023
13
Nov'23
Lloyds Bank warns over rising threat of crypto scams
Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors
-
November 13, 2023
13
Nov'23
Victims’ legal action over 2015 Carphone Warehouse breach moves forward
A class action against Currys Retail over the 2015 data breach of Carphone Warehouse customers has been granted permission to move forward in the courts
-
November 13, 2023
13
Nov'23
ICO alerted after technical ‘issue’ exposed college files to student barristers
A training college for barristers has reported a data breach that left sensitive data on hundreds of current and former students accessible to other trainees
-
November 10, 2023
10
Nov'23
Ransomware attack on major Chinese lender disrupts financial markets
The financial services arm of one of the world’s largest banks was taken offline by a supposed LockBit ransomware attack, causing problems for US markets
-
November 09, 2023
09
Nov'23
Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure
New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine
-
November 09, 2023
09
Nov'23
Suspected ransomware attack hits Scottish council
Systems at Comhairle nan Eilean Siar were downed on 7 November in a suspected ransomware attack
-
November 08, 2023
08
Nov'23
Iconic Singapore hotel caught up in major data breach
The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month
-
November 08, 2023
08
Nov'23
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress
-
November 06, 2023
06
Nov'23
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account
-
November 06, 2023
06
Nov'23
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents
-
November 02, 2023
02
Nov'23
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild
-
November 02, 2023
02
Nov'23
UK workers exhibit poor security behaviours, report reveals
Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working
-
October 31, 2023
31
Oct'23
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature
-
October 31, 2023
31
Oct'23
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks
-
October 27, 2023
27
Oct'23
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk
-
October 27, 2023
27
Oct'23
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft
-
October 27, 2023
27
Oct'23
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings
-
October 27, 2023
27
Oct'23
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts
-
October 26, 2023
26
Oct'23
ChatGPT, Bard, lack effective defences against fraudsters, Which? warns
Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed
-
October 26, 2023
26
Oct'23
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked
-
October 25, 2023
25
Oct'23
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data
-
October 25, 2023
25
Oct'23
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems
-
October 24, 2023
24
Oct'23
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery
-
October 24, 2023
24
Oct'23
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks
-
October 24, 2023
24
Oct'23
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group
-
October 24, 2023
24
Oct'23
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired
-
October 24, 2023
24
Oct'23
NetApp ‘unified storage’ adds new ASA block storage at Insight
Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements
-
October 23, 2023
23
Oct'23
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software
-
October 23, 2023
23
Oct'23
How Ensign is leading the charge in cyber security
Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem
-
October 20, 2023
20
Oct'23
RagnarLocker cyber gang that pioneered double extortion busted
Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline
-
October 19, 2023
19
Oct'23
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures
-
October 19, 2023
19
Oct'23
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source
-
October 18, 2023
18
Oct'23
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations
-
October 17, 2023
17
Oct'23
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats
-
October 10, 2023
10
Oct'23
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m
-
October 05, 2023
05
Oct'23
Ransomware dwell times now measured in hours, says Secureworks
Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report
-
October 03, 2023
03
Oct'23
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date
-
September 27, 2023
27
Sep'23
Researchers offer free threat briefings on Vegas casino hackers
Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment
-
September 27, 2023
27
Sep'23
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence
-
September 26, 2023
26
Sep'23
Sony alleged victim of new extortion gang
A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off
-
September 26, 2023
26
Sep'23
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report
-
September 26, 2023
26
Sep'23
Crest and IASME to deliver upcoming NCSC Cyber Exercise programme
Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job
-
September 21, 2023
21
Sep'23
‘Top’ ransomware gangs favour smaller businesses
Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses