News

Hackers and cybercrime prevention

September 15, 2025 15 Sep'25
ShinyHunters linked to breach of French luxury goods house

Kering, the parent group of fashion houses including Balenciaga and Gucci, becomes the latest organisation to allegedly fall victim to ShinyHunters
September 11, 2025 11 Sep'25
M&S parts ways with CTO after cyber attack

M&S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer’s systems
September 11, 2025 11 Sep'25
Students an increasing source of cyber threat in UK schools

Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools
September 10, 2025 10 Sep'25
Splunk.conf: Cisco and Splunk expand agentic SOC vision

The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims

September 10, 2025 10 Sep'25
Jaguar Land Rover admits data has been compromised in cyber attack

The car maker revealed that data was stolen in the cyber attack that began on 31 August, as its production line continues to be affected
September 10, 2025 10 Sep'25
UK contactless card payment limits could be unlimited

The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit
September 09, 2025 09 Sep'25
Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right
September 09, 2025 09 Sep'25
UK AI sector balloons by 85% to 5,800 companies from 2023 to 2025

A Perspective Economics study commissioned by DSIT sizes the UK AI sector at 5,800 companies, an increase of 85% over two years
September 08, 2025 08 Sep'25
PCI council eyes wider data protection role beyond payments

Hailed as the gold standard for securing credit card information, the Payment Card Industry Data Security Standard (PCI DSS) could be extended to protect other kinds of data following industry feedback
September 05, 2025 05 Sep'25
US politicians ponder Wimwig cyber intel sharing law

US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities

September 05, 2025 05 Sep'25
Jaguar Land Rover cyber attack keeps workers at home

The recent cyber attack on Jaguar Land Rover is keeping workers out of the plants as possible attack group identity becomes public
September 03, 2025 03 Sep'25
Fastly CEO plots course through AI and security

Chief exec Kip Compton explains how Fastly’s unified platform is solving the web’s biggest challenges, from content scrapping by AI bots to distributed denial-of-service attacks
September 02, 2025 02 Sep'25
Cyber attackers damage Jaguar Land Rover production

Jaguar Land Rover reports a cyber attack has ‘severely disrupted’ its vehicle production and retail operations, recalling similar attacks on other prominent British brands this year
August 28, 2025 28 Aug'25
UK cyber security centre helps expose China-based cyber campaign

GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses
August 27, 2025 27 Aug'25
Ransomware activity levelled off in July, says NCC

Ransomware levels held steady in the month of July, although the risk remained as persistent as ever
August 26, 2025 26 Aug'25
Three new Citrix NetScaler zero-days under active exploitation

Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor
August 25, 2025 25 Aug'25
How to secure the identity perimeter and prepare for AI agents

Ping Identity CEO Andre Durand explains why identity has become the critical security battleground, how decentralised credentials will reduce data breach risks, and why AI agents will need their own identities to be trusted
August 25, 2025 25 Aug'25
Ransomware attack volumes up nearly three times on 2024

During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024
August 21, 2025 21 Aug'25
Moscow exploiting seven-year-old Cisco flaw, says FBI

US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software
August 21, 2025 21 Aug'25
Apple iOS update fixes new iPhone zero-day flaw

Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users
August 20, 2025 20 Aug'25
Warlock claims more victims as cyber attacks hit Colt and Orange

Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt
August 19, 2025 19 Aug'25
Deepfake AI scammers target the Big Yin

Cyber criminal scammers exploiting GenAI to create deepfake AI tools are targeting one of the UK’s most beloved comics, and one of its strongest accents
August 19, 2025 19 Aug'25
US says UK has agreed to drop encryption ‘backdoor’ demands against Apple

US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users
August 18, 2025 18 Aug'25
Workday hit in wave of social engineering attacks

A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday
August 18, 2025 18 Aug'25
Extremist hacker who defaced websites and stole data imprisoned

Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology
August 18, 2025 18 Aug'25
L’Oréal to promote cyber resilience for Britain’s beauty salons

L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice
August 15, 2025 15 Aug'25
Warlock claims ransomware attack on network services firm Colt

UK network services firm Colt is attempting to recover various customer-facing systems following a cyber attack that has been claimed by the Warlock ransomware gang and may have arisen via a SharePoint flaw
August 13, 2025 13 Aug'25
BlackSuit ransomware payment recovered in takedown operation

US authorities reveal how over a million dollars’ worth of cryptocurrency assets laundered by the BlackSuit ransomware gang were seized ahead of a July takedown operation
August 12, 2025 12 Aug'25
Researchers firm up ShinyHunters, Scattered Spider link

ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs
August 12, 2025 12 Aug'25
UK work visa sponsors are target of phishing campaign

Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud
August 12, 2025 12 Aug'25
Norway fixing Big Bang e-health botch with fintech security

Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks
August 11, 2025 11 Aug'25
McCullough Review into PSNI spying on journalists and lawyers delayed

Angus McCullough KC is to present findings of an independent review of police spying on phone data of lawyers, journalists and NGOs in Northern Ireland in October
August 06, 2025 06 Aug'25
Black Hat USA: Startup breaks secrets management tools

Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms
August 06, 2025 06 Aug'25
Cyber criminals would prefer businesses don’t use Okta

Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use
August 05, 2025 05 Aug'25
Attacker could defeat Dell firmware flaws with a vegetable

Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion
August 04, 2025 04 Aug'25
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback

Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers
August 04, 2025 04 Aug'25
Agentic AI a target-rich zone for cyber attackers in 2025

At Black Hat USA 2025, CrowdStrike warns that cyber criminals and nation-states are weaponising GenAI to scale attacks and target AI agents, turning autonomous systems against their makers
July 31, 2025 31 Jul'25
Palo Alto Networks to acquire CyberArk for $25bn

The deal marks Palo Alto Networks’ entry into the identity and access management space amid the growing need to secure human, machine and emerging AI agent identities
July 30, 2025 30 Jul'25
Scattered Spider tactics continue to evolve, warn cyber cops

CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things
July 30, 2025 30 Jul'25
Industry experts warn crypto infrastructure is ‘creaking’

A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing
July 29, 2025 29 Jul'25
Austrian government faces likely legal challenge over state spyware

Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law
July 28, 2025 28 Jul'25
Data resilience critical as ransomware attacks target backups

With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy
July 24, 2025 24 Jul'25
US seeks ‘unquestioned’ AI dominance

US AI action plan sets out aims to expand American dominance in the world of artificial intelligence
July 24, 2025 24 Jul'25
SharePoint users hit by Warlock ransomware, says Microsoft

Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware
July 24, 2025 24 Jul'25
Scattered Spider victim Clorox sues helpdesk provider

Cleaning products manufacturer Clorox fell victim to a Scattered Spider social engineering attack two years ago – it blames its IT helpdesk provider, Cognizant
July 24, 2025 24 Jul'25
Dutch researchers use heartbeat detection to unmask deepfakes

Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate
July 24, 2025 24 Jul'25
Monzo’s £21m fine highlights banks’ cyber security failures

Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world
July 23, 2025 23 Jul'25
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’

Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud
July 22, 2025 22 Jul'25
Microsoft confirms China link to SharePoint hacks

Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
July 22, 2025 22 Jul'25
Chinese cyber spies among those linked to SharePoint attacks

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors