News
Hackers and cybercrime prevention
-
October 31, 2023
31
Oct'23
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks
-
October 27, 2023
27
Oct'23
Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent
Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances
-
October 27, 2023
27
Oct'23
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft
-
October 27, 2023
27
Oct'23
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings
-
October 27, 2023
27
Oct'23
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts
-
October 26, 2023
26
Oct'23
ChatGPT, Bard, lack effective defences against fraudsters, Which? warns
Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed
-
October 26, 2023
26
Oct'23
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked
-
October 25, 2023
25
Oct'23
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data
-
October 25, 2023
25
Oct'23
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems
-
October 25, 2023
25
Oct'23
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems
-
October 24, 2023
24
Oct'23
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery
-
October 24, 2023
24
Oct'23
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks
-
October 24, 2023
24
Oct'23
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group
-
October 24, 2023
24
Oct'23
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired
-
October 24, 2023
24
Oct'23
NetApp ‘unified storage’ adds new ASA block storage at Insight
Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements
-
October 23, 2023
23
Oct'23
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software
-
October 23, 2023
23
Oct'23
How Ensign is leading the charge in cyber security
Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem
-
October 20, 2023
20
Oct'23
Computer Weekly contributor named Godfather of UK Security
Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards
-
October 20, 2023
20
Oct'23
Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets
Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets
-
October 20, 2023
20
Oct'23
RagnarLocker cyber gang that pioneered double extortion busted
Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline
-
October 19, 2023
19
Oct'23
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures
-
October 19, 2023
19
Oct'23
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source
-
October 18, 2023
18
Oct'23
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations
-
October 17, 2023
17
Oct'23
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats
-
October 17, 2023
17
Oct'23
Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine
Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine
-
October 17, 2023
17
Oct'23
Alert sounded over dangerous Cisco IOS XE zero-day
Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems
-
October 17, 2023
17
Oct'23
What it takes to succeed in DevSecOps
Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey
-
October 13, 2023
13
Oct'23
US SEC launches probe into mass MOVEit breach
Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected
-
October 11, 2023
11
Oct'23
Why only 1% of the Snowden Archive will ever be published
Speaking to Computer Weekly after we published new revelations from the Snowden archive, the Guardian’s Pulitzer Prize winner, Ewen MacAskill, explains why more of the Snowden trove is unlikely to see the light of day
-
October 10, 2023
10
Oct'23
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m
-
October 05, 2023
05
Oct'23
Microsoft: Nation-state cyber espionage on rise in 2023
Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering
-
October 05, 2023
05
Oct'23
Red Cross issues rules of engagement for hackers in conflicts
The digital rules of engagement are the first time cyber activity has been looked at by the conflict watchdog, but a number of hacker groups have already come out and said they will not be following them
-
October 05, 2023
05
Oct'23
Ransomware dwell times now measured in hours, says Secureworks
Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report
-
October 03, 2023
03
Oct'23
Cyber experts urge EU to rethink vulnerability disclosure plans
The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, ...
-
October 03, 2023
03
Oct'23
RSA and other crypto systems vulnerable to side-channel attack
A researcher has found that a flaw in RSA is still vulnerable – a quarter of a century after it was first discovered
-
October 03, 2023
03
Oct'23
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date
-
October 03, 2023
03
Oct'23
Top science journal faced secret attacks from Covid conspiracy theory group
A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly
-
September 28, 2023
28
Sep'23
Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app
The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps
-
September 28, 2023
28
Sep'23
How Akamai is driving growth in APAC
Akamai's managing director for the region outlines the company’s growth journey, how it sets itself apart from competitors, and its strategies to drive the next phase of growth
-
September 28, 2023
28
Sep'23
Yahoo picks Intigriti to run crowdsourced bug bounty programme
Digital media brand Yahoo is setting up a crowdsourced bug bounty programme with ethical hacking specialist Intigriti, and is reaching out to the Capture the Flag community to participate
-
September 27, 2023
27
Sep'23
Researchers offer free threat briefings on Vegas casino hackers
Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment
-
September 27, 2023
27
Sep'23
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence
-
September 26, 2023
26
Sep'23
Sony alleged victim of new extortion gang
A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off
-
September 26, 2023
26
Sep'23
Crest and IASME to deliver upcoming NCSC Cyber Exercise programme
Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job
-
September 25, 2023
25
Sep'23
Apple fixes three vulnerabilities found by spyware researchers
Apple has patched three more vulnerabilities uncovered by spyware and surveillance researchers at The Citizen Lab
-
September 22, 2023
22
Sep'23
Annual Security Serious Awards nominations announced
Annual Security Serious Awards will recognise the professionals and organisations doing the most to safeguard and advance cyber security, as well as those committed to diversity and mental health in the industry
-
September 22, 2023
22
Sep'23
Cyber experts set out plan to secure future US elections
A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past
-
September 21, 2023
21
Sep'23
‘Top’ ransomware gangs favour smaller businesses
Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses
-
September 19, 2023
19
Sep'23
New revelations from the Snowden archive surface
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...
-
September 19, 2023
19
Sep'23
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed