News

Endpoint security

• January 12, 2022 12 Jan'22

  MEPs demand EU probe into Pegasus spyware abuse

  A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it

• January 11, 2022 11 Jan'22

  Banks accused of neglecting customer security measures

  Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes

• January 11, 2022 11 Jan'22

  IT departments struggling to secure printer endpoints

  Printers are at risk of attack, just as any other endpoint device, but many IT leaders are struggling to secure their print infrastructure

• January 09, 2022 09 Jan'22

  Singapore retailer hit by data breach

  The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised

• January 03, 2022 03 Jan'22

  How APAC firms can stay ahead of cyber threats

  Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks

• December 23, 2021 23 Dec'21

  Top 10 cyber security stories of 2021

  Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?

• December 15, 2021 15 Dec'21

  After Log4j, December Patch Tuesday piles on the pressure

  December’s Patch Tuesday update from Microsoft contains several critical CVEs, but this month all attention is focused on the fall-out from Log4Shell, and burn-out is becoming a real issue

• December 09, 2021 09 Dec'21

  UK and US to collaborate on privacy innovation contest

  Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC

• December 08, 2021 08 Dec'21

  Most consumers expect banks to cover losses to scams

  Consumers expect banks to cover losses to cyber crime, as the number of attacks grows

• December 02, 2021 02 Dec'21

  Millions of credit card details for sale on dark web for as little as 75p

  The credit card details of millions of people from across the world can be bought by criminals using the dark web for as little as $1

• December 01, 2021 01 Dec'21

  Kaspersky introduces cyber policy for bionic devices

  Cyber firm Kaspersky has become one of the first organisations in the world to develop and implement a security policy covering the use of bionic devices and other forms of human augmentation

• November 30, 2021 30 Nov'21

  Compliance, device management a challenge for NHS cyber teams

  Information gleaned by asset visibility specialist Armis reveals that despite improvements, some daunting security challenges still dog the NHS

• November 30, 2021 30 Nov'21

  HP patches bugs in over 150 printer models

  More than 150 HP multifunction printers are at risk of compromise through a series of newly disclosed vulnerabilities, one of them wormable

• November 26, 2021 26 Nov'21

  UK’s surveillance culture may be normalising use of tech for abuse

  Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships

• November 24, 2021 24 Nov'21

  Consumer cyber bill to protect mobiles, smart devices

  Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings

• November 22, 2021 22 Nov'21

  Black Friday cyber warning for 4,000 card-skimming victims

  NCSC warns thousands of small retailers that their websites are being exploited to steal customer data

• November 18, 2021 18 Nov'21

  Alert over spate of Iran-linked BitLocker attacks

  A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets

• November 17, 2021 17 Nov'21

  Security startups line up on Cyber Runway

  Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator

• November 17, 2021 17 Nov'21

  GovTech to enhance Government on Commercial Cloud

  GCC 2.0 will include improvements in user onboarding and provide single credential access to public cloud services and engineering tools, among other areas

• November 12, 2021 12 Nov'21

  IT Priorities 2022: APAC enterprises invest in digital future

  Nearly two-thirds of enterprises in Asia-Pacific plan to increase their IT budgets next year in areas such as cloud computing and cyber security to secure their digital future

• November 11, 2021 11 Nov'21

  HPE’s Aruba networking unit hit by cyber attack

  Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key

• November 11, 2021 11 Nov'21

  Finance ombudsman overturns more than three-quarters of bank decisions on APP fraud

  The financial services ombudsman is siding with customers in over 75% of complaints against banks that refuse to repay losses to authorised push payment fraud

• November 11, 2021 11 Nov'21

  Bank of England loses 161 computing devices in three years

  Bank cannot account for phones, laptops and tablets that have gone missing over the past three years

• November 10, 2021 10 Nov'21

  November Patch Tuesday drop fixes bugs in Excel, Exchange Server

  Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited

• November 08, 2021 08 Nov'21

  How cosmetics retailer Lush made over its approach to authentication

  Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle

• November 07, 2021 07 Nov'21

  Technology spending reaches record levels, fuelling jobs boom

  Spending on IT has reached its highest levels for a decade but a shortage of skilled IT professionals could dampen growth

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• November 03, 2021 03 Nov'21

  Spyware firm NSO and others added to US banned Entity List

  US government bans target Israeli spyware makers and cyber firms in Russia and Singapore

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 27, 2021 27 Oct'21

  Cyber sector growth exacerbating skills shortage

  Data from security association (ISC)² shows demand for cyber pros is still outpacing supply as the sector continues an upward growth trajectory

• October 26, 2021 26 Oct'21

  Lacework expands into ANZ, eyes APAC market

  DevSecOps supplier Lacework’s expansion into Australia and New Zealand will pave the way for a broader move into the Asia-Pacific region

• October 21, 2021 21 Oct'21

  Airport operator MAG boosts threat visibility with hybrid SOC

  With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience

• October 21, 2021 21 Oct'21

  APAC organisations warm to zero trust

  Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds

• October 18, 2021 18 Oct'21

  How Samlesbury, Lancashire became the home of the National Cyber Force

  The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region

• October 14, 2021 14 Oct'21

  NHS Digital enhances in-house cyber awareness drive

  Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Microsoft warns of MysterySnail on October Patch Tuesday

  Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 11, 2021 11 Oct'21

  Singapore refreshes cyber security strategy

  The city-state updates its national cyber security strategy to shore up the security of critical infrastructure and enterprises while growing its cyber security industry, among other goals

• October 04, 2021 04 Oct'21

  One Identity buys OneLogin for access management expertise

  Acquisition of OneLogin adds access management solutions to One Identity’s Unified Identity Security platform

• September 30, 2021 30 Sep'21

  UK consumers would collectively pay over £1bn a year for control of their data

  UK consumers are willing to pay a small fee per month to have control of the data they share with Google and Facebook

• September 30, 2021 30 Sep'21

  NUS and Thales to develop quantum technologies

  The National University of Singapore and Thales have joined hands to test quantum technologies for commercial applications in security and sensing

• September 29, 2021 29 Sep'21

  Security boost in Windows 11 limits PC reuse

  Microsoft has put a lot of emphasis on improving security in Windows 11, but this comes at a cost as old hardware is no longer supported

• September 27, 2021 27 Sep'21

  Women and BAME people bear brunt of cyber crime impact

  Cyber crime has a disproportionate impact on women and BAME people, according to a new report

• September 23, 2021 23 Sep'21

  Authorised push payment fraud sees huge increase as criminals switch tactics

  Criminals tricking people into making payments through channels such as fake emails and websites have stolen more money than payment card fraudsters

• September 16, 2021 16 Sep'21

  Dutch education administrators underestimate threat of cyber crime

  Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks

• September 15, 2021 15 Sep'21

  Microsoft patches 66 vulnerabilities in September update

  Another lighter-than-usual Patch Tuesday update includes important fixes for recently disclosed vulnerabilities, including a dangerous zero-day, and an update in the PrintNightmare saga

• September 14, 2021 14 Sep'21

  Mass health tracker data breach has UK impact

  The leak of a database of 61 million users of health-tracking devices includes records on individuals located in the UK

• September 14, 2021 14 Sep'21

  Apple patches ForcedEntry vulnerability used by spyware firm NSO

  Apple patches ForcedEntry vulnerability that was used to target political activists with spyware

• September 07, 2021 07 Sep'21

  OT security in APAC remains work in progress

  Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges

• September 03, 2021 03 Sep'21

  Berlin court reverses ban on use of EncroChat evidence in criminal trials

  Berlin Superior Court allows use of EncroChat evidence in criminal trials but lawyers say the question will ultimately need to be decided by the German Supreme Court

• September 03, 2021 03 Sep'21

  China accused of cyber attacks on Norwegian IT systems

  China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway

• September 02, 2021 02 Sep'21

  How high can the contactless card limit go without two-factor authentication?

  The spending limit for contactless cards has reached an eyebrow-raising triple-digit figure – £100 – raising questions about the need for user authentication

• September 01, 2021 01 Sep'21

  Remote workers routinely bypassed security tools during pandemic

  New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic

• August 24, 2021 24 Aug'21

  Half of MS Exchange servers at risk in ProxyShell debacle

  Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited

• August 24, 2021 24 Aug'21

  More data breaches in Australia arising from ransomware

  The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, according to OAIC’s latest data breach report

• August 18, 2021 18 Aug'21

  MoD seeks security tech to harden military systems

  The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks

• August 16, 2021 16 Aug'21

  Nearly half of retailers hit by ransomware in 2020

  In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases

• August 13, 2021 13 Aug'21

  Cyber Runway programme supports new security businesses

  The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses

• August 11, 2021 11 Aug'21

  Microsoft fixes seven critical bugs on light Patch Tuesday

  All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service

• August 11, 2021 11 Aug'21

  The Netherlands still lacks digital resilience, says report

  Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient

• August 09, 2021 09 Aug'21

  Possible ransomware attack hits Italian vaccine booking system

  It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor

• August 04, 2021 04 Aug'21

  Initial access brokers unaffected by ransomware content bans

  Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021

• August 03, 2021 03 Aug'21

  Destruction and integrity cyber attacks on the rise

  Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data

• July 30, 2021 30 Jul'21

  Hospitality firms must accelerate digital transformation to secure long-term recovery

  Key retail sector must respond quickly to new post-pandemic digital-first demands and consumer behaviours to regain competitive edge, says study

• July 27, 2021 27 Jul'21

  US lawmakers call for probe into ‘arrogant’ spyware firm

  US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal

• July 27, 2021 27 Jul'21

  How IBM is solving the data privacy problem

  IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy

• July 21, 2021 21 Jul'21

  France’s Macron among alleged Pegasus targets

  Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware

• July 16, 2021 16 Jul'21

  Legacy SonicWall kit exploited in ransom campaign

  Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign

• July 14, 2021 14 Jul'21

  Multiple Microsoft bugs being actively exploited

  Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited

• July 13, 2021 13 Jul'21

  Dutch prosecutor ordered to give evidence on EncroChat hack

  Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide

• July 12, 2021 12 Jul'21

  NSW department of education hit by cyber attack

  Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday

• July 11, 2021 11 Jul'21

  Ransomware and botnets among top cyber threats in Singapore

  The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic

• July 08, 2021 08 Jul'21

  PrintNightmare haunts Microsoft as patch may miss mark

  Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied

• July 02, 2021 02 Jul'21

  Should I be worried about PrintNightmare?

  The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be?

• July 02, 2021 02 Jul'21

  Cyber attackers up the ante on embattled IT teams

  Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements

• July 01, 2021 01 Jul'21

  NCSC joins US authorities to expose Russian brute force campaign

  A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments

• July 01, 2021 01 Jul'21

  Cyber espionage campaign targeted central Asian states

  The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT

• July 01, 2021 01 Jul'21

  Nominations open for 2021 Security Serious Unsung Heroes Awards

  Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators

• June 30, 2021 30 Jun'21

  Half of mobile phones sold in the UK at risk of security issues

  Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates

• June 29, 2021 29 Jun'21

  New Nobelium attacks a reminder to attend to cyber basics

  A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated

• June 29, 2021 29 Jun'21

  Video game industry under relentless cyber attacks

  Web application attacks against the global video game industry grew by 340% in 2020 as more people turn to gaming during pandemic lockdowns

• June 28, 2021 28 Jun'21

  Lazada rolls out public bug bounty programme

  Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty

• June 24, 2021 24 Jun'21

  Stalkerware apps becoming normalised among young people

  Data in a new report appears to show that dangerous stalkerware apps are becoming normalised in younger age groups

• June 23, 2021 23 Jun'21

  Time to patch increases significantly during pandemic

  New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security

• June 22, 2021 22 Jun'21

  Innova and RISE drive node development in Sweden

  Swedish cyber security project, National Node, opens its doors to the country’s security firms

• June 21, 2021 21 Jun'21

  Parliamentary devices left in taxis, buses, trains and pubs

  Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020

• June 18, 2021 18 Jun'21

  Lorca Ignite programme targets breakout cyber talent

  Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme

• June 17, 2021 17 Jun'21

  UnitingCare Queensland restores IT systems after cyber attack

  Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year

• June 10, 2021 10 Jun'21

  Australian organisations face heightened cyber attacks

  Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020

• June 04, 2021 04 Jun'21

  HSBC offers all businesses scam awareness app

  HSBC is sharing information on the latest scams and how to defend against them thorough its latest app, available to all businesses

• June 04, 2021 04 Jun'21

  Secrecy around EncroChat cryptophone hack breaches French constitution, court hears

  French lawyers claim that investigators are unlawfully withholding details of a cryptophone hacking operation in a case that could impact UK prosecutions

• June 03, 2021 03 Jun'21

  Norway’s auditor general lifts lid on energy industry’s cyber security risks

  Auditor General’s Office questions the security posture of Norway’s energy industry

• June 03, 2021 03 Jun'21

  FireEye sold to private equity, Mandiant regains independence

  FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business

• May 25, 2021 25 May'21

  CyberSprinters game gives kids a head start, says NCSC

  An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online

• May 25, 2021 25 May'21

  McAfee to change terms of auto-renewing consumer plans

  Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Dutch researchers build security software to mimic human immune system

  Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection

• May 24, 2021 24 May'21

  Why the security stack needs to move to the edge

  Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge

• May 20, 2021 20 May'21

  Malicious scans for at-risk systems start minutes after disclosure

  Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes