News
Hackers and cybercrime prevention
-
September 11, 2025
11
Sep'25
M&S parts ways with CTO after cyber attack
M&S chief digital and technology officer Rachel Higham steps back from her role in the wake of the April 2025 cyber attack on the retailer’s systems
-
September 11, 2025
11
Sep'25
Students an increasing source of cyber threat in UK schools
Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools
-
September 10, 2025
10
Sep'25
Splunk.conf: Cisco and Splunk expand agentic SOC vision
The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims
-
September 10, 2025
10
Sep'25
Jaguar Land Rover admits data has been compromised in cyber attack
The car maker revealed that data was stolen in the cyber attack that began on 31 August, as its production line continues to be affected
-
September 10, 2025
10
Sep'25
UK contactless card payment limits could be unlimited
The UK Financial Conduct Authority says contactless payment technology and fraud protections have advanced enough for firms to adjust the limit
-
September 09, 2025
09
Sep'25
Splunk.conf: Splunk urges users to eat their ‘cyber veggies’
The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right
-
September 09, 2025
09
Sep'25
UK AI sector balloons by 85% to 5,800 companies from 2023 to 2025
A Perspective Economics study commissioned by DSIT sizes the UK AI sector at 5,800 companies, an increase of 85% over two years
-
September 08, 2025
08
Sep'25
PCI council eyes wider data protection role beyond payments
Hailed as the gold standard for securing credit card information, the Payment Card Industry Data Security Standard (PCI DSS) could be extended to protect other kinds of data following industry feedback
-
September 05, 2025
05
Sep'25
US politicians ponder Wimwig cyber intel sharing law
US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities
-
September 05, 2025
05
Sep'25
Jaguar Land Rover cyber attack keeps workers at home
The recent cyber attack on Jaguar Land Rover is keeping workers out of the plants as possible attack group identity becomes public
-
September 03, 2025
03
Sep'25
Fastly CEO plots course through AI and security
Chief exec Kip Compton explains how Fastly’s unified platform is solving the web’s biggest challenges, from content scrapping by AI bots to distributed denial-of-service attacks
-
September 02, 2025
02
Sep'25
Cyber attackers damage Jaguar Land Rover production
Jaguar Land Rover reports a cyber attack has ‘severely disrupted’ its vehicle production and retail operations, recalling similar attacks on other prominent British brands this year
-
August 28, 2025
28
Aug'25
UK cyber security centre helps expose China-based cyber campaign
GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses
-
August 27, 2025
27
Aug'25
Ransomware activity levelled off in July, says NCC
Ransomware levels held steady in the month of July, although the risk remained as persistent as ever
-
August 26, 2025
26
Aug'25
Three new Citrix NetScaler zero-days under active exploitation
Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor
-
August 25, 2025
25
Aug'25
How to secure the identity perimeter and prepare for AI agents
Ping Identity CEO Andre Durand explains why identity has become the critical security battleground, how decentralised credentials will reduce data breach risks, and why AI agents will need their own identities to be trusted
-
August 25, 2025
25
Aug'25
Ransomware attack volumes up nearly three times on 2024
During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024
-
August 21, 2025
21
Aug'25
Moscow exploiting seven-year-old Cisco flaw, says FBI
US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software
-
August 21, 2025
21
Aug'25
Apple iOS update fixes new iPhone zero-day flaw
Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users
-
August 20, 2025
20
Aug'25
Warlock claims more victims as cyber attacks hit Colt and Orange
Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt
-
August 19, 2025
19
Aug'25
Deepfake AI scammers target the Big Yin
Cyber criminal scammers exploiting GenAI to create deepfake AI tools are targeting one of the UK’s most beloved comics, and one of its strongest accents
-
August 19, 2025
19
Aug'25
US says UK has agreed to drop encryption ‘backdoor’ demands against Apple
US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users
-
August 18, 2025
18
Aug'25
Workday hit in wave of social engineering attacks
A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday
-
August 18, 2025
18
Aug'25
Extremist hacker who defaced websites and stole data imprisoned
Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology
-
August 18, 2025
18
Aug'25
L’Oréal to promote cyber resilience for Britain’s beauty salons
L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice
-
August 15, 2025
15
Aug'25
Warlock claims ransomware attack on network services firm Colt
UK network services firm Colt is attempting to recover various customer-facing systems following a cyber attack that has been claimed by the Warlock ransomware gang and may have arisen via a SharePoint flaw
-
August 13, 2025
13
Aug'25
BlackSuit ransomware payment recovered in takedown operation
US authorities reveal how over a million dollars’ worth of cryptocurrency assets laundered by the BlackSuit ransomware gang were seized ahead of a July takedown operation
-
August 12, 2025
12
Aug'25
Researchers firm up ShinyHunters, Scattered Spider link
ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs
-
August 12, 2025
12
Aug'25
UK work visa sponsors are target of phishing campaign
Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud
-
August 12, 2025
12
Aug'25
Norway fixing Big Bang e-health botch with fintech security
Experts call for Europe’s health sector to protect medical APIs with security originated from UK open banking as officials take urgent measures against unprecedented attacks
-
August 11, 2025
11
Aug'25
McCullough Review into PSNI spying on journalists and lawyers delayed
Angus McCullough KC is to present findings of an independent review of police spying on phone data of lawyers, journalists and NGOs in Northern Ireland in October
-
August 06, 2025
06
Aug'25
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms
-
August 06, 2025
06
Aug'25
Cyber criminals would prefer businesses don’t use Okta
Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use
-
August 05, 2025
05
Aug'25
Attacker could defeat Dell firmware flaws with a vegetable
Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion
-
August 04, 2025
04
Aug'25
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback
Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers
-
August 04, 2025
04
Aug'25
Agentic AI a target-rich zone for cyber attackers in 2025
At Black Hat USA 2025, CrowdStrike warns that cyber criminals and nation-states are weaponising GenAI to scale attacks and target AI agents, turning autonomous systems against their makers
-
July 31, 2025
31
Jul'25
Palo Alto Networks to acquire CyberArk for $25bn
The deal marks Palo Alto Networks’ entry into the identity and access management space amid the growing need to secure human, machine and emerging AI agent identities
-
July 30, 2025
30
Jul'25
Scattered Spider tactics continue to evolve, warn cyber cops
CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things
-
July 30, 2025
30
Jul'25
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing
-
July 29, 2025
29
Jul'25
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law
-
July 28, 2025
28
Jul'25
Data resilience critical as ransomware attacks target backups
With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy
-
July 24, 2025
24
Jul'25
US seeks ‘unquestioned’ AI dominance
US AI action plan sets out aims to expand American dominance in the world of artificial intelligence
-
July 24, 2025
24
Jul'25
SharePoint users hit by Warlock ransomware, says Microsoft
Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware
-
July 24, 2025
24
Jul'25
Scattered Spider victim Clorox sues helpdesk provider
Cleaning products manufacturer Clorox fell victim to a Scattered Spider social engineering attack two years ago – it blames its IT helpdesk provider, Cognizant
-
July 24, 2025
24
Jul'25
Dutch researchers use heartbeat detection to unmask deepfakes
Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate
-
July 24, 2025
24
Jul'25
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world
-
July 23, 2025
23
Jul'25
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’
Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud
-
July 22, 2025
22
Jul'25
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
-
July 22, 2025
22
Jul'25
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors
-
July 22, 2025
22
Jul'25
UK government to bring in ransomware payment ban
Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware