News
Endpoint security
-
March 23, 2021
23
Mar'21
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks
-
March 18, 2021
18
Mar'21
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident
-
March 16, 2021
16
Mar'21
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry
-
March 16, 2021
16
Mar'21
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers
-
March 16, 2021
16
Mar'21
Government calls for input into Covid-19 vaccine passports
Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme
-
March 15, 2021
15
Mar'21
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days
-
March 14, 2021
14
Mar'21
Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime
The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals
-
March 12, 2021
12
Mar'21
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately
-
March 12, 2021
12
Mar'21
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority
-
March 11, 2021
11
Mar'21
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology
-
March 11, 2021
11
Mar'21
After Emotet takedown, Trickbot roars up threat charts
Malicious actors are turning to new tricks as Emotet fades away
-
March 09, 2021
09
Mar'21
Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network
More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat
-
March 09, 2021
09
Mar'21
Private equity house buys McAfee enterprise business
Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation
-
March 05, 2021
05
Mar'21
Singapore Airlines the latest victim of supply chain attack
A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system
-
March 04, 2021
04
Mar'21
Okta picks up Auth0 for $6.5bn
Multibillion-dollar acquisition a vote of confidence in future of identity and access management services
-
March 04, 2021
04
Mar'21
Microsoft Exchange CVEs more widely exploited than thought
US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer
-
March 04, 2021
04
Mar'21
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product
-
March 04, 2021
04
Mar'21
UK contactless payment limit more than doubled
UK increases the amount that can be spent in one go using a contactless payments card to £100
-
March 03, 2021
03
Mar'21
Emergency patch addresses MS Exchange Server zero-days
Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server
-
February 24, 2021
24
Feb'21
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design
-
February 24, 2021
24
Feb'21
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it
-
February 23, 2021
23
Feb'21
XDR makes cyber a Stroll in the park for Aston Martin F1
Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet
-
February 22, 2021
22
Feb'21
Microphones, smartphones, laptops among items stolen from BBC
A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers
-
February 18, 2021
18
Feb'21
More than two-thirds of firms would invest in dedicated remote working connectivity
Firms are faced with supporting more remote working for their businesses going forward, and a survey has shed light on what form this support will take and what firms believe they will need in the ‘new normal’
-
February 18, 2021
18
Feb'21
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy
-
February 18, 2021
18
Feb'21
Fingerprints will help payment cards retain relevance
Biometric payment cards using fingerprint technology could add billions to global banking revenues, says UBS
-
February 11, 2021
11
Feb'21
Singtel falls prey to supply chain attack
The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack
-
February 10, 2021
10
Feb'21
Windows 10, Server 2019 users must patch serious zero-day
Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update
-
February 09, 2021
09
Feb'21
NHS reports fewer phishing emails in 2020
The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020
-
February 08, 2021
08
Feb'21
Too few UK organisations offering cyber training for remote work
Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers
-
February 05, 2021
05
Feb'21
Google Chrome update to patch serious zero-day
A serious heap buffer overflow vulnerability means Google Chrome users should patch their browsers as soon as possible
-
February 05, 2021
05
Feb'21
Security firm Stormshield loses source code in cyber attack
Source code from two products developed by French cyber security firm was compromised in a December 2020 incident
-
February 03, 2021
03
Feb'21
Tata Communications grows IoT footprint
India’s Tata Communications has been shoring up its IoT capabilities through a handful of acquisitions and partnerships with telcos
-
February 01, 2021
01
Feb'21
CISOs invisible to their organisations, says BT report
Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard
-
January 29, 2021
29
Jan'21
Manufacturing particularly at risk of Solorigate-linked breaches
Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers
-
January 27, 2021
27
Jan'21
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately
-
January 26, 2021
26
Jan'21
Saudi IT spending to hit $11bn in 2021
Saudi Arabian organisations will spend about $11bn on IT this year, with emerging technologies high on shopping lists
-
January 26, 2021
26
Jan'21
Gartner: IT budgets shift to mature processes around remote business
The pandemic forced businesses to work remotely. Now, almost a year on, CIOs must consider the IT to run long-term remote business strategies
-
January 21, 2021
21
Jan'21
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia
-
January 20, 2021
20
Jan'21
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?
-
January 19, 2021
19
Jan'21
Legacy security architectures threaten to disrupt remote working
Annual survey of IT leaders finds network security is of prime concern as most companies continue with work-from-home policies
-
January 19, 2021
19
Jan'21
Questions raised by New Zealand central bank boss, following cyber attack investigation
The governor of New Zealand’s central bank said the organisation must answer questions about its security following a ‘significant’ attack
-
January 19, 2021
19
Jan'21
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike
-
January 19, 2021
19
Jan'21
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks
-
January 18, 2021
18
Jan'21
MoD reports 18% rise in data loss incidents
The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO
-
January 18, 2021
18
Jan'21
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering
-
January 14, 2021
14
Jan'21
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work
-
January 13, 2021
13
Jan'21
Critical zero-day features in first Patch Tuesday of 2021
Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender
-
January 12, 2021
12
Jan'21
Palo Alto Networks opens Australia cloud location
The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services
-
January 12, 2021
12
Jan'21
Mimecast latest security firm to be compromised
Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident