News

Endpoint security

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 18, 2022 18 Feb'22

  Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

  Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 08, 2022 08 Feb'22

  Microsoft to start blocking macros to thwart malware

  Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 04, 2022 04 Feb'22

  Check Point looks to plug ASEAN’s cyber security gap

  Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors

• February 03, 2022 03 Feb'22

  BlackCat crew supposedly behind OilTanking ransomware heist

  Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group

• February 02, 2022 02 Feb'22

  Zero-trust to soar in 2022, but dogged by implementation challenges

  IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite

• January 28, 2022 28 Jan'22

  Korean researchers invent silk-based security device

  Experts from the Gwangju Institute of Science have built a digital security device based on natural silk fibres that they claim is practically unbreachable

• January 26, 2022 26 Jan'22

  MPs to debate landmark IoT security law

  Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain

• January 25, 2022 25 Jan'22

  Cyber Essentials programme gets biggest update since launch

  NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape

• January 24, 2022 24 Jan'22

  India’s cyber security industry doubles in size amid pandemic

  Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy

• January 21, 2022 21 Jan'22

  Scam losses in Australia hit record high

  Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses

• January 20, 2022 20 Jan'22

  MoonBounce firmware bootkit shows advances in malicious implants

  MoonBounce firmware bootkit shows evident technical improvements over others, making it a more dangerous threat to organisations. It is being used by Chinese state-backed actors

• January 19, 2022 19 Jan'22

  Investigators find Beijing 2022 app riddled with security flaws

  Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack

• January 19, 2022 19 Jan'22

  Trellix looks to democratise access to XDR in APAC

  The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region

• January 19, 2022 19 Jan'22

  Trellix XDR platform forged out of McAfee, FireEye union

  The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology

• January 12, 2022 12 Jan'22

  MEPs demand EU probe into Pegasus spyware abuse

  A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it

• January 11, 2022 11 Jan'22

  Banks accused of neglecting customer security measures

  Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes

• January 11, 2022 11 Jan'22

  IT departments struggling to secure printer endpoints

  Printers are at risk of attack, just as any other endpoint device, but many IT leaders are struggling to secure their print infrastructure

• January 09, 2022 09 Jan'22

  Singapore retailer hit by data breach

  The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised

• January 03, 2022 03 Jan'22

  How APAC firms can stay ahead of cyber threats

  Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks

• December 23, 2021 23 Dec'21

  Top 10 cyber security stories of 2021

  Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?

• December 15, 2021 15 Dec'21

  After Log4j, December Patch Tuesday piles on the pressure

  December’s Patch Tuesday update from Microsoft contains several critical CVEs, but this month all attention is focused on the fall-out from Log4Shell, and burn-out is becoming a real issue

• December 09, 2021 09 Dec'21

  UK and US to collaborate on privacy innovation contest

  Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC

• December 08, 2021 08 Dec'21

  Most consumers expect banks to cover losses to scams

  Consumers expect banks to cover losses to cyber crime, as the number of attacks grows

• December 02, 2021 02 Dec'21

  Millions of credit card details for sale on dark web for as little as 75p

  The credit card details of millions of people from across the world can be bought by criminals using the dark web for as little as $1

• December 01, 2021 01 Dec'21

  Kaspersky introduces cyber policy for bionic devices

  Cyber firm Kaspersky has become one of the first organisations in the world to develop and implement a security policy covering the use of bionic devices and other forms of human augmentation

• November 30, 2021 30 Nov'21

  Compliance, device management a challenge for NHS cyber teams

  Information gleaned by asset visibility specialist Armis reveals that despite improvements, some daunting security challenges still dog the NHS

• November 30, 2021 30 Nov'21

  HP patches bugs in over 150 printer models

  More than 150 HP multifunction printers are at risk of compromise through a series of newly disclosed vulnerabilities, one of them wormable

• November 26, 2021 26 Nov'21

  UK’s surveillance culture may be normalising use of tech for abuse

  Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships

• November 24, 2021 24 Nov'21

  Consumer cyber bill to protect mobiles, smart devices

  Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings

• November 22, 2021 22 Nov'21

  Black Friday cyber warning for 4,000 card-skimming victims

  NCSC warns thousands of small retailers that their websites are being exploited to steal customer data

• November 18, 2021 18 Nov'21

  Alert over spate of Iran-linked BitLocker attacks

  A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets

• November 17, 2021 17 Nov'21

  Security startups line up on Cyber Runway

  Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator

• November 17, 2021 17 Nov'21

  GovTech to enhance Government on Commercial Cloud

  GCC 2.0 will include improvements in user onboarding and provide single credential access to public cloud services and engineering tools, among other areas

• November 12, 2021 12 Nov'21

  IT Priorities 2022: APAC enterprises invest in digital future

  Nearly two-thirds of enterprises in Asia-Pacific plan to increase their IT budgets next year in areas such as cloud computing and cyber security to secure their digital future

• November 11, 2021 11 Nov'21

  HPE’s Aruba networking unit hit by cyber attack

  Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key

• November 11, 2021 11 Nov'21

  Finance ombudsman overturns more than three-quarters of bank decisions on APP fraud

  The financial services ombudsman is siding with customers in over 75% of complaints against banks that refuse to repay losses to authorised push payment fraud

• November 11, 2021 11 Nov'21

  Bank of England loses 161 computing devices in three years

  Bank cannot account for phones, laptops and tablets that have gone missing over the past three years

• November 10, 2021 10 Nov'21

  November Patch Tuesday drop fixes bugs in Excel, Exchange Server

  Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited

• November 08, 2021 08 Nov'21

  How cosmetics retailer Lush made over its approach to authentication

  Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle

• November 07, 2021 07 Nov'21

  Technology spending reaches record levels, fuelling jobs boom

  Spending on IT has reached its highest levels for a decade but a shortage of skilled IT professionals could dampen growth