News

Hackers and cybercrime prevention

• June 22, 2018 22 Jun'18

  Firms look to automation for cloud security

  In the face of increasingly sophisticated and nation-state-sponsored cyber attacks, organisations are looking to managed security services and automation for security in the cloud and on-premise

• June 21, 2018 21 Jun'18

  Infosec pros expect increase in nation state cyber attacks

  Most information security professionals expect a rise in nation state cyber attacks, with more than two-thirds preparing to defend against them

• June 21, 2018 21 Jun'18

  Government sponsors diversity cyber academy

  The UK government has awarded a grant for the establishment of a cyber academy to promote neurodiversity in the industry

• June 21, 2018 21 Jun'18

  Younger employees 'main culprits' for security breaches

  UK senior decision makers believe younger workers are the biggest risk to cyber security, but are doing little to support them and reduce that risk, a report reveals

• June 20, 2018 20 Jun'18

  Palo Alto Networks opens cyber range in Australia

  The first of its kind in Asia-Pacific, the cyber range training facility will let Australian IT and security teams hone their skills through cyber security exercises

• June 20, 2018 20 Jun'18

  Dutch organisations must unite to fight DDoS attacks

  Experts in the Netherlands call on Dutch corporations and institutions to work together to help prevent distributed denial of service attacks

• June 20, 2018 20 Jun'18

  Most small businesses fail to act after a cyber attack  

  Nearly half of small businesses have suffered at least one cyber attack in the past year, yet most fail to take action afterwards, citing lack of budget at the biggest challenge

• June 19, 2018 19 Jun'18

  Singapore remains hotbed for cyber threats

  Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency

• June 19, 2018 19 Jun'18

  Surface web used in private data sales

  The surface web plays an integral role in the selling of personal information, a report on identify fraud has revealed

• June 19, 2018 19 Jun'18

  MPs see risk to critical infrastructure as top threat

  A majority of MPs are concerned about the cyber threat to critical national infrastructure, a survey has revealed

• June 18, 2018 18 Jun'18

  Singapore faced cyber attacks during Trump-Kim summit

  Russian attackers allegedly scanned IP phones in the city-state for vulnerabilities, although it was unclear what they were after or whether they were successful

• June 14, 2018 14 Jun'18

  Encryption is under attack, says Venafi CEO Jeff Hudson

  Encryption is one of the fundamental principles on which the internet is built, but this vital technology is under threat from criminals and ill-advised government policies, says Venafi CEO Jeff Hudson

• June 14, 2018 14 Jun'18

  Cyber attack warnings highlight need to be prepared

  Fresh warnings about the vulnerability of national infrastructure to cyber attacks show the need for securing and monitoring associated control systems connected to the internet

• June 14, 2018 14 Jun'18

  NCSC urges action after Dixons Carphone breach

  The National Cyber Security Centre (NCSC) is urging UK business to improve data protection capabilities after Dixons Carphone revealed that millions of payment card and personal data records may have been compromised in a cyber breach

• June 13, 2018 13 Jun'18

  Dixons Carphone admits 'falling short' on data protection

  Dixons Carphone has warned that millions of credit card and personal data records may have been compromised in a cyber breach

• June 12, 2018 12 Jun'18

  Insurer Beazley meets global challenge to secure mobile workforce

  Beazley has stolen a march on other London-market insurers by implementing a versatile global digital workspace with improved security

• June 12, 2018 12 Jun'18

  Investigators close Nokia extortion probe without finding a motive or making an arrest

  New details of €2m blackmail of Nokia in 2007 emerge as Finland’s NBI calls a halt to its investigation

• June 12, 2018 12 Jun'18

  BT announces “unhackable” quantum-secured network

  In the face of the threat that quantum computers could crack many of the encryption methods used to protect highly sensitive data, BT has developed a “quantum-secured” network

• June 12, 2018 12 Jun'18

  Email-based cyber attacks gathering momentum

  Email-based cyber attacks are gathering momentum and the cost of these attacks are rising, with several hidden costs, a survey of IT professionals in Europe, Middle East and Africa reveals

• June 11, 2018 11 Jun'18

  Singapore career website hit by PageUp malware scare

  A Singapore government career website was among others affected by a malware attack on an Australian recruitment technology supplier

• June 11, 2018 11 Jun'18

  Industry must do more to open up cyber security profession

  Talented and successful cyber security researcher and passionate advocate for the profession, James Lyne reveals that he fell into security more by accident than design, and says training and recruitment must change to find and develop talented ...

• June 11, 2018 11 Jun'18

  Security Think Tank: Data flow visibility is essential to security

  Why is it important to know where data flows, with whom it is shared and where it lives at rest, and what is the best way of achieving this?

• June 11, 2018 11 Jun'18

  Coinrail cyber heist highlights need for exchange security

  A cyber heist at South Korea’s Coinrail has prompted fresh calls for industry regulations to drive better cyber security at cryptocurrency exchanges

• June 11, 2018 11 Jun'18

  APAC remains a hotbed for software piracy

  The Asia-Pacific region is still seeing the highest use of unlicensed software installations globally, making enterprises more susceptible to cyber attacks from malware

• June 08, 2018 08 Jun'18

  Parliamentary computers at risk after staff targeted by phone phishing

  Police are investigating phone phishing attacks targeted against Parliament. Staff warned not to disclose details of their computers to fraudulent callers.

• June 08, 2018 08 Jun'18

  BYOD for mobile ‘a year away’ for Williams F1

  Companies in the Williams Group – the Formula One racing operation Williams Grand Prix Engineering and its high-growth sister operation Williams Advanced Engineering – are investing with mobile security front-of-mind to enable more agile working ...

• June 08, 2018 08 Jun'18

  Businesses must report cyber crime, panel urges

  By reporting cyber crimes, private enterprise can help improve national and international cyber defences and bring criminals to justice, according to an expert panel

• June 07, 2018 07 Jun'18

  Cyber security focus too much on tech, says Domino’s CISO

  Many organisations are still focusing only on technology and compliance, which means their cyber defences are not as solid as they think, according to Domino’s Pizza chief information security officer

• June 07, 2018 07 Jun'18

  IT spending reaches 10-year high as CIOs struggle with digital technology strategy

  IT leaders have seen their budgets and headcounts rise for the first time in 10 years, but face challenges implementing their digital strategies

• June 07, 2018 07 Jun'18

  Nation state cyber attacks affect all, says former GCHQ boss

  Cyber attacks by nation states used to be a small part of the problem for state authorities to address, but now all organisations are potential targets of nation state attacks, according to former GCHQ head

• June 07, 2018 07 Jun'18

  Business not learning from past cyber security incidents

  Businesses are still not getting the basics right and they are not learning from past security incidents, according to world-renowned security blogger and trainer

• June 06, 2018 06 Jun'18

  Understanding is key to security awareness, says specialist

  Only if people understand why cyber security matters will they change their behaviours as a result of awareness training, according to a human behaviour specialist and cyber security consultant

• June 06, 2018 06 Jun'18

  Cyber attacks not sophisticated, says Just Eat CISO

  The chief information security officer of Just Eat has challenged the perception that all cyber attacks are sophisticated and that it is impossible to fill cyber security jobs

• June 05, 2018 05 Jun'18

  Boards not asking right security questions, says Dido Harding

  Former TalkTalk CEO says boards are still not asking the right cyber security questions, do not understand that they should be making cyber risk decisions, and are not communicating with engineers

• June 04, 2018 04 Jun'18

  Technology key to new UK counter-terrorism strategy

  Technologies such as machine learning and data analytics are key to the UK government’s updated counter-terrorism strategy

• June 04, 2018 04 Jun'18

  One-third of firms would pay ransoms rather than invest in security

  Report says businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness

• June 04, 2018 04 Jun'18

  Offensive AI unlikely in the near future, says Mikko Hypponen

  Cyber criminals are not close to being able to use AI for attack purposes, according to industry veteran Mikko Hypponen, who has been at the forefront of AI use in cyber defence for several years

• June 01, 2018 01 Jun'18

  Huge rise in TSB-themed mobile phishing attacks after IT meltdown

  Scammers have used bank’s IT problems as an opportunity to target its customers with mobile phishing attacks

• June 01, 2018 01 Jun'18

  Ethical hacker, 86, rises to Santander’s challenge

  Elderly hacker with little computing experience was able to hack WiFi and create phishing attack

• June 01, 2018 01 Jun'18

  Security suppliers need to interact with community, says researcher

  Security suppliers need to interact with the community to get feedback on their products before launch to ensure they have not missed any vulnerabilities, a security researchers advises

• May 31, 2018 31 May'18

  VPN hacks can be lethal, warns security expert

  Organisations should not overlook the need to secure VPN connections because failure to do so could be fatal, but 2FA alone is not enough, warns a security expert

• May 30, 2018 30 May'18

  Security community urged to prepare for quantum computing

  A top European chief information security officer is urging the security community to prepare for quantum computing to ensure their encryption processes are ready in time

• May 30, 2018 30 May'18

  US issues warning about North Korean malware

  US government has identified more than 85 networks compromised by two malware families believed to be North Korean in origin

• May 30, 2018 30 May'18

  US jails Canadian resident who helped Russia hack Yahoo emails

  A US court has jailed a hacker on charges of computer fraud for hacking Yahoo email accounts on behalf of the Russian government

• May 29, 2018 29 May'18

  Business still not addressing insider threat

  Businesses are still not addressing inside threats when it comes to cyber security, leaving themselves wide open to data breaches as a result, according to a security analyst

• May 29, 2018 29 May'18

  UK security spend low despite breaches

  The UK is the most breached country in Europe, but IT security spend remains low compared with other countries in the region, a report reveals

• May 25, 2018 25 May'18

  Former Macedonian PM convicted in corruption case exposed by illegal government surveillance

  Information exposed by leaked recordings that were part an illegal mass surveillance campaign orchestrated under the government of former prime minster Nikola Gruevski have led to his conviction for corruption. He was found guilty of rigging a ...

• May 25, 2018 25 May'18

  Commitment is the watchword on GDPR D-Day

  New rules for protecting European citizens’ personal data are now enforceable by law, and organisations are being advised to focus broadly on commitment rather than narrowly on compliance

• May 24, 2018 24 May'18

  Grab outlines its approach to cyber security

  Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement

• May 24, 2018 24 May'18

  EU cyber security agencies pledge to up cooperation

  Four European cyber security agencies have agreed to increase collaboration in five key areas

• May 23, 2018 23 May'18

  Mobile fraud up 680% since 2015, RSA reports

  Fake profiles and throw-away devices are transforming social media into a cyber criminal marketplace, a fraud report reveals

• May 23, 2018 23 May'18

  Skills shortage a major cyber security risk

  Skill shortages remain a major risk to long-term information security capability and business is still struggling to defend against cyber breaches – but it is getting better at dealing with them, an IISP survey shows

• May 22, 2018 22 May'18

  Legit tools exploited in bank heists

  Cyber criminals attacking the finance and other industry sector are continuing to exploit legitimate administration tools to hide their activities, highlighting the need for threat hunting, a report reveals

• May 22, 2018 22 May'18

  Security researchers find fourth CPU flaw

  Security researchers have reported another flaw in common microprocessor chips related to the Meltdown and Spectre vulnerabilities

• May 22, 2018 22 May'18

  Finland government examines centralised cyber defence

  The Finnish government is attempting to centralise its fight against increasing cyber threats to its infrastructure

• May 21, 2018 21 May'18

  Pen testers find weaknesses in banks’ cyber security

  Humans are the biggest weakness in banks’ cyber defences, but there are several others that also need attention, penetration testers have revealed

• May 21, 2018 21 May'18

  UK government promises laws to police 'Wild West Internet'

  UK government plans laws to make online activity safer after green paper reveals more needs to be done to protect citizens

• May 21, 2018 21 May'18

  APAC organisations could lose $1.75tn from cyber attacks

  A study by Frost and Sullivan has found that losses from cyber security incidents could account for 7% of the region’s GDP in 2017

• May 18, 2018 18 May'18

  NCSC calls for greater interaction with UK business

  The UK’s cyber security agency has called for greater interaction with business, particularly when it comes to cyber security incidents

• May 18, 2018 18 May'18

  BYOD in UK SMEs linked to security incidents

  Bring your own device practices have been identified as a cyber security risk for six in 10 SMEs in research published a week ahead of the GDPR compliance deadline

• May 17, 2018 17 May'18

  Report highlights security risk of open source code to business

  Increased adoption of open source code is introducing vulnerabilities into commercial software, with many audited codebases containing the Apache Struts flaw that enabled the Equifax breach, a report shows

• May 17, 2018 17 May'18

  GDPR impact on Whois data raising concern

  The negative impact of the GDPR on internet domain registration information is raising concern in cyber security circles because the data is key to cyber crime fighting operations

• May 17, 2018 17 May'18

  European cyber attacks up nearly a third in first quarter 2018

  The volume of cyber attacks hitting digital transactions in Europe was up by almost a third in the first quarter of 2018 compared with same period a year ago, a report reveals

• May 16, 2018 16 May'18

  US considers UK-style cyber defence model

  The US is considering adopting a similar cyber defence model to the UK’s in recognition of the growing threat to all levels of society

• May 15, 2018 15 May'18

  SMEs more worried about GDPR’s threat to reputation than fines

  SMEs are more worried about the damage GDPR non compliance will do to their reputations than their wallets

• May 15, 2018 15 May'18

  Credential theft a top priority, Rapid 7 report shows

  Credential theft is still a top priority for organisations to address in terms of making it more difficult for cyber attackers to gain unauthorised access to their networks, report reveals

• May 15, 2018 15 May'18

  Cross-site scripting a top vulnerability, hackers find

  Despite the much-publicised advances in cyber attack techniques, a well-known, well-documented and avoidable vulnerability is still the most popular for attackers to exploit – along with others like it that are often overlooked, white hat hackers ...

• May 15, 2018 15 May'18

  Cage director Rabbani heads for Supreme Court after appeals court rules password demands lawful

  Muhammad Rabbani, director of campaigning group Cage, will appeal to the Supreme Court after Court of Appeal rules that police did not act unlawfully by demanding his computer and mobile phone passwords under Section 7 of the Terrorism Act

• May 15, 2018 15 May'18

  Enterprise cyber threat remediation ineffective, study shows

  Enterprise cyber threat remediation needs to improve in several key areas, according to an analysis of common remediation strategies

• May 15, 2018 15 May'18

  BSI launches kitemark for internet of things devices

  The British Standards Institution has launched a new kitemark for IoT devices, designed to improve consumer trust in the technology

• May 15, 2018 15 May'18

  No need to panic about Efail attacks

  Initial reports about vulnerabilities in email encryption technologies have urged organisations to disable encryption tools, but some security experts are taking a more balanced approach

• May 14, 2018 14 May'18

  Technology continues to transform crime, warns NCA

  The UK’s National Crime Agency warns that developments in technology will continue to transform the future crime landscape, in its latest report on serious and organised crime

• May 14, 2018 14 May'18

  IoT and personal devices pose huge security risk to enterprises

  After years of speculation about the risk IoT and personal devices pose to enterprise security, research has revealed the threat is “immense” and probably greater than most firms realise

• May 11, 2018 11 May'18

  WannaCry’s EternalBlue exploit still a threat

  A year after the global WannaCry attacks, the EternalBlue exploit that was a key enabler for the malware is still a threat to many organisations, and many UK firms have not taken action, security researchers warn

• May 10, 2018 10 May'18

  Citrix touts digital workspace app in services play

  Software supplier Citrix’s cloud-based workspace app is part of its efforts to deliver integrated services that support the modern workplace

• May 09, 2018 09 May'18

  CNI providers face hefty fines for cyber security failings

  UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018

• May 09, 2018 09 May'18

  Equifax breach lessons not learned

  Businesses are still downloading vulnerable versions of the software that was at the heart of the Equifax data breach and failing to update to safe versions, a security firm has revealed

• May 09, 2018 09 May'18

  Breach disclosure time still high, report shows

  Companies are getting faster at disclosing breaches, but the average is still too high in the light of the GDPR and other breach disclosure regulations, a report shows

• May 08, 2018 08 May'18

  Nigerian cyber attackers up their game

  Nigerian cyber attackers have modernised their approach to cyber crime, security researchers warn

• May 08, 2018 08 May'18

  Financial sector cyber-related laws are a bellwether, says Deloitte

  As the regulatory landscape becomes more complex, organisations should look to the financial sector to see what else is coming, as well as focus on three key areas of GDPR compliance, according to Deloitte

• May 08, 2018 08 May'18

  Majority of security professionals favour shorter disclosure deadline

  Google’s Project Zero unit’s 90-day deadline for software suppliers to disclose vulnerabilities has always been controversial, but a survey reveals that most security professionals feel even that is too long

• May 04, 2018 04 May'18

  Security pros must avoid hype, demonstrate value, says RBS CISO

  Security professionals must avoid over-hyping cyber threats, and penetration testers need to reinvent themselves to demonstrate value to businesses to remain relevant, says RBS CISO

• May 04, 2018 04 May'18

  Twitter password security bug underlines need for industry change

  Twitter has revealed that a bug in its systems resulted in some passwords being stored in a log in clear text, underlining the need for alternative authentication methods, say industry commentators

• May 03, 2018 03 May'18

  City Police use Lego simulation to teach businesses cyber security

  City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life

• May 03, 2018 03 May'18

  Redscan warns of GDPR phishing scams

  Cyber criminals are using fake GDPR-related privacy notices to trick recipients into disclosing personal data and spread malware, a security firm warns

• May 02, 2018 02 May'18

  ARM aims to boost physical security of IoT

  Chipmaker ARM announces microprocessor aimed at improving the physical security capabilities of devices making up the internet of things

• May 02, 2018 02 May'18

  Critical infrastructure firms urged to patch Schneider Electric flaws

  Critical infrastructure suppliers and manufacturing firms are being urged to ensure that their systems are patched up to date, after researchers discover Schneider Electric remote code execution vulnerability

• May 02, 2018 02 May'18

  Ransomware still a threat to business, F-Secure warns

  Ransomware attacks tapered off towards the end of 2017 after an explosion in such attacks earlier in the year, but ransomware remains a threat to big business, a report reveals

• May 02, 2018 02 May'18

  Security industry welcomes City of London Police cyber initiative

  The security industry has welcomed plans to fight cyber crime in the heart of London using a community-based approach, but says more investment in cyber security skills is required

• May 01, 2018 01 May'18

  Google Chrome helps clean up certificate authority industry

  The security industry has welcomed the introduction of measures by the Google Chrome browser aimed at achieving certificate transparency

• May 01, 2018 01 May'18

  Password practices still poor despite increased threats

  Despite growing cyber threats and heightened global awareness of hacking and data breaches, password behaviours remain poor and UK users are in denial, a study has revealed

• May 01, 2018 01 May'18

  UK critical services need to up cyber defences to avoid fines

  UK critical infrastructure providers could be liable for fines of millions of pounds if they do not improve their cyber defences and resilience of their IT infrastructure, a study reveals

• April 30, 2018 30 Apr'18

  Getting cyber security innovation to market is key, says NCSC

  Getting cyber security innovation to market is an important area of focus, according to the National Cyber Security Centre, which runs a cyber accelerator programme and recently stated a Dragons Den style security innovation pitch at the 2018 ...

• April 30, 2018 30 Apr'18

  Security industry welcomes NHS move to Windows 10

  Representatives of the security industry have welcomed the announcement that the NHS will be migrating to Windows 10 as part of a multi-million pound deal with Microsoft, but warn that the move will not be without its challenges

• April 27, 2018 27 Apr'18

  Microsoft releases Windows 10 security pack

  Microsoft has released a download pack that incorporates NCSC guidance to save UK companies weeks of work to secure Windows 10 and comply with government guidelines

• April 26, 2018 26 Apr'18

  Finnish R&D and utilities in line of cyber espionage fire, say security police

  Finnish research and development, as well as critical infrastructure, are being targeted by state-backed cyber espionage attacks, says report

• April 26, 2018 26 Apr'18

  NCSC shows support for common standards for secure communication

  The UK cyber security authority is supporting an industry drive towards common standards for secure communication by joining an industry organisation that aims to achieve this goal

• April 26, 2018 26 Apr'18

  Digital economy research projects to get funding

  Research projects aimed at building trust, privacy and security in the use of personal data and digital technologies are to receive funding

• April 25, 2018 25 Apr'18

  Government urges UK businesses to beef up cyber crime defences

  Government is urging UK organisations to defend against cyber crime, as newly released figures show that large numbers of businesses and charities suffered at least one cyber attack in the past year

• April 25, 2018 25 Apr'18

  Major DDoS cyber crime website shut down

  International law enforcement has shut down the Webstresser cyber crime website, which was the world’s biggest marketplace for selling distributed denial of service attack services that were used against seven UK banks