News
Hackers and cybercrime prevention
-
December 07, 2023
07
Dec'23
NCSC exposes Russian cyber attacks on UK political processes
The NCSC has firmly attributed a long-running campaign of cyber attacks targeting UK political processes to a group run out of Russia’s FSB intelligence agency, known as Star Blizzard
-
December 07, 2023
07
Dec'23
2023 may have seen highest ransomware ‘body count’ yet
Ransomware, or cyber extortion as it is increasingly being termed, remained the most prominent security threat in 2023 – and thanks to large-scale supply chain attacks, the past 12 months may have seen the most victims ever
-
December 07, 2023
07
Dec'23
How Proofpoint is helping to mitigate AI security threats
Proofpoint is offering monitoring tools to prevent leakage of sensitive information in generative AI models and other capabilities to mitigate AI mediated attacks
-
December 06, 2023
06
Dec'23
Government launches UK-wide Cyber Explorers Cup
Schoolkids across the UK are being called on to team up and defeat Herbert the Hacker in a new government-backed competition
-
December 05, 2023
05
Dec'23
Operator of Sellafield nuclear facility denies hacking claims
The operator of the Sellafield nuclear site has denied allegations that senior managers covered up a series of cyber security lapses that enabled Chinese and Russian threat actors to compromise its networks
-
December 04, 2023
04
Dec'23
Rhysida ransomware gang hits hospital holding royal family’s data
Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital
-
December 01, 2023
01
Dec'23
Report reveals sorry state of cyber security at UK football clubs
Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report
-
November 30, 2023
30
Nov'23
Government’s Online Fraud Charter welcomed
The government has corralled 11 of the largest tech platforms in the world to commit to its Online Fraud Charter, designed to tackle online scams, fake adverts, and more
-
November 30, 2023
30
Nov'23
Rhysida gang stole hundreds of gigabytes of British Library data
The Rhysida ransomware gang behind the cyber attack on the British Library has published almost 600GB of stolen data to its dark web leak site
-
November 29, 2023
29
Nov'23
Law enforcement dismembers major ransomware operation in Ukraine
A joint law enforcement operation between the Ukrainian authorities, Europol and Eurojust has seem five ransomware operators taken into custody
-
November 29, 2023
29
Nov'23
Scope of Okta helpdesk breach widens to impact all users
Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light
-
November 28, 2023
28
Nov'23
Scope of British Library data breach widens
Personal data on British Library users has appeared for sale on the dark web following a Rhysida ransomware attack, as the scope of the still-developing incident widens again
-
November 28, 2023
28
Nov'23
Volume of unique malware samples threatens to overwhelm defenders
A massive increase in malware volumes could cause problems for security teams tasked with adapting their defences against them
-
November 27, 2023
27
Nov'23
The Security Interviews: Zeki Turedi, field CTO Europe, CrowdStrike
Organisations are racing to keep their security up to date against the latest threats. CrowdStrike’s Zeki Turedi explains how to protect against novel and innovative cyber attacks
-
November 24, 2023
24
Nov'23
APAC organisations warm to microsegmentation
Nearly two-thirds of organisations in the APAC region see microsegmentation as a way to protect their IT assets, but lack the skills to deploy the technology
-
November 23, 2023
23
Nov'23
MOVEit incident spurred UK decision makers to spend big on cyber
The MOVEit cyber attacks that unfolded in the spring and summer of 2023 seem to have driven an increase in both ransomware awareness and spend, according to a report
-
November 23, 2023
23
Nov'23
North Korean APTs go all in on supply chain attacks, warns NCSC
Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks
-
November 23, 2023
23
Nov'23
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities
-
November 22, 2023
22
Nov'23
An inside look at a Scattered Spider cyber attack
Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated
-
November 22, 2023
22
Nov'23
CISA reveals how LockBit hacked Boeing via Citrix Bleed
As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew
-
November 21, 2023
21
Nov'23
Over half of SME cyber incidents now ‘malware-free’
The age of malware-driven cyber attacks may have peaked, at least when it comes to incidents affecting small and medium sized enterprises
-
November 21, 2023
21
Nov'23
Internal documents leaked as Rhysida claims responsibility for British Library ransomware attack
Ransomware group Rhysida threatens to sell documents stolen from the British Library to the highest bidder
-
November 20, 2023
20
Nov'23
Defence lawyers seek appeal of tribunal ruling on police EncroChat cryptophone hack
Defence lawyers are seeking leave to appeal against a tribunal ruling that found the National Crime Agency had lawfully obtained warrants to access messages from 9,000 cryptophones used in the UK
-
November 16, 2023
16
Nov'23
Royal Mail spent £10m on cyber measures after LockBit attack
Royal Mail has spent approximately £10m on recovery and improved cyber resilience measures in the wake of the January 2023 LockBit ransomware attack
-
November 16, 2023
16
Nov'23
Ransomware gang grasses up uncooperative victim to US regulator
The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off
-
November 16, 2023
16
Nov'23
British Library’s Halloween cyber scare was ransomware
The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack
-
November 15, 2023
15
Nov'23
BlackCat affiliate seen using malvertising to spread ransomware
Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker
-
November 15, 2023
15
Nov'23
Russian cyber criminal pleads guilty to running IPStorm botnet
Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement
-
November 15, 2023
15
Nov'23
US government reinforces ICBC hack link to Citrix Bleed
US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw
-
November 15, 2023
15
Nov'23
How Gigamon is making its mark in deep observability
Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth
-
November 14, 2023
14
Nov'23
Fast-acting cyber gangs increasingly disabling telemetry logs
Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks
-
November 13, 2023
13
Nov'23
Rogue state-aligned actors are most critical cyber threat to UK
The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night
-
November 13, 2023
13
Nov'23
Lloyds Bank warns over rising threat of crypto scams
Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors
-
November 13, 2023
13
Nov'23
Encrypted mail service Tuta says it was wrongly accused of being a front for intelligence services
German encrypted email service Tuta, formerly known as Tutanota, has denied claims by a former Canadian police intelligence officer accused of passing secrets to criminals that it was compromised by intelligence services
-
November 13, 2023
13
Nov'23
Victims’ legal action over 2015 Carphone Warehouse breach moves forward
A class action against Currys Retail over the 2015 data breach of Carphone Warehouse customers has been granted permission to move forward in the courts
-
November 10, 2023
10
Nov'23
Ransomware attack on major Chinese lender disrupts financial markets
The financial services arm of one of the world’s largest banks was taken offline by a supposed LockBit ransomware attack, causing problems for US markets
-
November 10, 2023
10
Nov'23
APAC cyber security workforce hits record high
The cyber security workforce in Asia-Pacific now stands at just under a million people, but demand for cyber security talent in the region continues to outpace supply
-
November 09, 2023
09
Nov'23
Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure
New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine
-
November 09, 2023
09
Nov'23
NCSC makes annual Black Friday plea to consumers
Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams
-
November 09, 2023
09
Nov'23
Suspected ransomware attack hits Scottish council
Systems at Comhairle nan Eilean Siar were downed on 7 November in a suspected ransomware attack
-
November 08, 2023
08
Nov'23
Iconic Singapore hotel caught up in major data breach
The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month
-
November 08, 2023
08
Nov'23
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress
-
November 07, 2023
07
Nov'23
Researchers ‘break’ rule designed to guard against Barracuda vulnerability
Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective
-
November 07, 2023
07
Nov'23
Unesco unveils seven-point anti-disinformation plan
United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation
-
November 06, 2023
06
Nov'23
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account
-
November 06, 2023
06
Nov'23
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents
-
November 02, 2023
02
Nov'23
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild
-
November 02, 2023
02
Nov'23
How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data
UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network
-
November 01, 2023
01
Nov'23
Lloyds bank kicks off Hyderabad operation
Lloyds Banking Group has opened its latest tech operation in Hyderabad, with plans to recruit around 600 IT experts
-
October 31, 2023
31
Oct'23
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature