News

Hackers and cybercrime prevention

• October 04, 2018 04 Oct'18

  Apps are gateway to business data for cyber attackers

  Application security is becoming increasingly important because apps are often the main way cyber attackers are getting into corporate networks, a threat researcher warns

• October 04, 2018 04 Oct'18

  UK and allies accuse Russia of cyber attack campaign

  The UK National Cyber Security Centre has identified a campaign by the Russian military intelligence service of “indiscriminate and reckless” cyber attacks

• October 04, 2018 04 Oct'18

  How Starbucks is using Splunk to automate mundane security tasks

  Coffee giant Starbucks is using Splunk to automate some of its more tedious security tasks to reduce the workload for its cyber staff

• October 03, 2018 03 Oct'18

  Companies failing to recognise the internal cyber threat

  The focus at many companies is on external cyber threats, and internal threats are being overlooked as a consequence, a researcher warns

• October 03, 2018 03 Oct'18

  Majority of businesses believe they are open to cyber attack

  More than two-thirds of businesses believe their network is open to attack, a report on the state of web application security reveals

• October 03, 2018 03 Oct'18

  AI full of possibilities with the right tools and understanding

  Artificial intelligence has the potential to assist in the analysis of data in a range of topics, but businesses need to understand its limitations and have the right tools to get the most benefit, says a Swiss entrepreneur

• October 03, 2018 03 Oct'18

  Rise in data-stealing Betabot malware

  Researchers are warning about an increase in Betabot malware after detecting multiple infections in recent weeks, underlining the importance of software patching

• October 02, 2018 02 Oct'18

  How Bank of England is using Splunk for proactive security

  Head of the Bank of England’s security operations centre talks about how Splunk is helping it to take a more proactive approach to preventing cyber attacks

• October 01, 2018 01 Oct'18

  UK firms’ password security score ‘average’

  While businesses are making strides in strengthening password security, there is more work to be done, with the UK password score lagging behind the frontrunners, a survey shows

• October 01, 2018 01 Oct'18

  Tesco Bank gets first cyber-related FCA fine

  UK’s financial watchdog issues its first cyber-related fine to Tesco Bank in connection with a multimillion-pound cyber fraud in 2016

• October 01, 2018 01 Oct'18

  Facebook could face up to $1.6bn fine for data breach

  Facebook is under increased pressure to demonstrate that users’ personal data is protected as it faces a potential fine of more than a billion dollars for a data breach affecting millions of users

• September 28, 2018 28 Sep'18

  Cyber attackers are increasingly exploiting RDP, warns FBI

  Businesses should to act to reduce the likelihood of compromise from cyber attackers exploiting the remote desktop protocol, warns the FBI

• September 27, 2018 27 Sep'18

  Blockchain is no ‘magic wand’ for cyber security

  The decentralised nature of blockchain networks may deter some cyber crooks, but ASEAN organisations still need to pay heed to the security of their blockchain infrastructure

• September 27, 2018 27 Sep'18

  Network growth brings management challenges

  As enterprise networks grow, so do the challenges of managing them effectively, says a report compiled by Oracle’s communications unit

• September 27, 2018 27 Sep'18

  Business is at inflection point for proactive cyber security

  The time is ripe for proactive cyber security, but many organisations must first overcome four key obstacles to achieve effective protection, according to a research report

• September 27, 2018 27 Sep'18

  Explosion in fake data-stealing shopping sites

  Cyber attackers are ramping up efforts to steal personal data by setting up look-alike domains that pose a phishing risk to online shoppers, researchers warn

• September 27, 2018 27 Sep'18

  Norwegian state discusses vulnerabilities with IT sector

  Government is collaborating with the country’s IT industry to improve the availability of security expertise

• September 27, 2018 27 Sep'18

  Uber fined $148m for data breach cover-up

  US court hits Uber with heavy fine which security industry commentators hope will encourage firms to take cyber security more seriously and resist the urge to cover up data breaches

• September 27, 2018 27 Sep'18

  Australian teen Apple hacker avoids jail time

  “Fan” who broke into Apple’s mainframe from his home in Melbourne has avoided prison because the information he gathered was recovered

• September 26, 2018 26 Sep'18

  Financial services firms face potential security bombshell

  UK financial services are facing a security crisis over outdated services and applications, a survey shows

• September 26, 2018 26 Sep'18

  Fujitsu teams up with UTCs on cyber security training

  Fujitsu, University Technical Colleges across England and other private sector partners have joined forces to help address the cyber security skills gap

• September 25, 2018 25 Sep'18

  PCI DSS compliance falls despite security benefit

  Despite the benefits of the payment card industry security standard, there is a concerning downward trend in compliance, a report reveals

• September 25, 2018 25 Sep'18

  WannaCry and NotPetya inspiring new attacks

  Designs and techniques used in 2017’s global cyber attacks have inspired a new breed of malware that exploits software vulnerabilities, according to a McAfee report

• September 25, 2018 25 Sep'18

  Mac OS Mojave zero-day warning

  The latest version of Apple’s Mac operating system contains a vulnerability that could be exploited by attackers to access protected files, a researcher warns

• September 24, 2018 24 Sep'18

  NHS Digital hires chief information security officer

  Robert Coles will lead the health and care sector’s response to cyber attacks and help local organisations meet the government’s cyber security standards

• September 24, 2018 24 Sep'18

  Business leaders expect suppliers to ensure they are cyber secure

  Most UK business leaders expect suppliers to be cyber secure and nearly a third of businesses would terminate contracts because of suppliers’ security failings, a survey has revealed

• September 19, 2018 19 Sep'18

  Equifax fined by ICO for security failings

  The Information Commissioners Office has fined Equifax UK in relation to a data breach at its UK parent last year

• September 19, 2018 19 Sep'18

  Europol cyber crime report highlights emerging threats to enterprise security

  Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises

• September 19, 2018 19 Sep'18

  IT sector advises Swedish government on elections and voting system

  Swedish IT secure is helping the government make election systems more secure and reduce external influence

• September 18, 2018 18 Sep'18

  AI is crucial element of security strategy in the IoT era

  Machine learning and network visibility for users and internet of things devices are essential to battle threats inside the enterprise, according to a new report

• September 17, 2018 17 Sep'18

  Singapore government to start bug bounty programme

  Singapore’s bug bounty programme will help the authorities identify cyber blind spots and benchmark its defences against skilled hackers

• September 17, 2018 17 Sep'18

  Lib Dems want ‘Geneva Convention’ for use of tech in modern warfare

  Deputy leader of the Liberal Democrats, Jo Swinson, wants an international treaty on use of technology in modern warfare, and warns of the dangers of new technology leaving people behind

• September 12, 2018 12 Sep'18

  NCSC issues core questions to help boards assess cyber risk

  The National Cyber Security Centre has published its first in a series of guidance for board members which highlights what businesses should be asking security teams

• September 12, 2018 12 Sep'18

  FCA warns it cannot manage financial crime risks without sharing data with EU

  FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities.

• September 12, 2018 12 Sep'18

  Two-thirds of emails not clean, says research

  Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research

• September 11, 2018 11 Sep'18

  Higher education sector's poor response to cyber threats laid bare in EfficientIP report

  The 2018 EfficientIP Global DNS Report shines a light on how ill-prepared the higher education sector is for handling cyber threats

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• September 07, 2018 07 Sep'18

  North Korean programmer charged for WannaCry attacks

  The US has charged a member of a group of North Korean hackers linked to the WannaCry, Sony Pictures and other cyber attacks around the world

• September 07, 2018 07 Sep'18

  Ransomware down, but not out, report reveals

  Cryptojacking has taken over from ransomware as the top money spinner for cyber criminals, but the threat is not over and spam is also seeing a resurgence as an attack method, a report reveals

• September 07, 2018 07 Sep'18

  BA praised for swift GDPR-aligned action on data breach

  British Airways has been praised for its swift response to a customer data breach, which could be the first test case under the EU’s GDPR and new UK GDPR-aligned data protection laws

• September 06, 2018 06 Sep'18

  Chrome 69 security improvements welcomed

  The cyber security community has welcomed the improvements in the latest version of the Chrome browser, especially when it comes to generating strong, unique passwords

• September 05, 2018 05 Sep'18

  Half a million UK firms hit by CEO fraud, Lloyds Bank estimates

  Nearly 500,000 UK businesses are being hit by impersonation fraud, according to estimations by Lloyds Bank, with the legal sector most at risk

• September 05, 2018 05 Sep'18

  People top target for cyber attackers, report confirms

  As security controls have improved, cyber attackers are increasingly focusing their efforts on people within organisations as a way into corporate IT systems, a report confirms

• September 04, 2018 04 Sep'18

  UK and allies call for backdoors in encryption products

  The Five Eyes intelligence alliance is calling on tech firms to include backdoors in their encrypted products to give access to law enforcement authorities or face various measures

• August 31, 2018 31 Aug'18

  Security Serious Week to feature flash mob event

  “Flash mob” event will create a human collage, highlighting cyber security advice

• August 31, 2018 31 Aug'18

  Fraudulent money transfers are top aim of business email compromise

  Business email compromise is increasingly popular with cyber criminals to steal money and information as well as spread malware, security researchers find

• August 30, 2018 30 Aug'18

  Cobalt cyber heist group mounts new campaign

  Security researchers discover new campaign using two malicious links to double the chances of infection, which is believed to be linked to a notorious cyber crime group

• August 30, 2018 30 Aug'18

  Machine identity management crisis looming

  Managing machine identities is looming as the next big security challenge, a study reveals, with few organisations capable of protecting them as they increasingly form the basis of online communications

• August 30, 2018 30 Aug'18

  Fourth man jailed for iCloud celebrity hacking

  The final hacker charged with leaking nude images of female celebrities in 2014 has been jailed

• August 29, 2018 29 Aug'18

  Improving security is top driver for ISO 27001

  Organisations are implementing the ISO 27001 standard in recognition of the fact that cyber attacks are increasingly inevitable and that it is best to be well-prepared to fend off attacks and mitigate their effect

• August 29, 2018 29 Aug'18

  Security teams and C-suite exec views not aligned

  There are key differences and potential challenges when it comes to security teams and C-suite executives communicating and aligning about cyber threats, a study shows

• August 28, 2018 28 Aug'18

  Cyber attackers switching to covert tactics

  Cyber criminals are moving away from mass, high-profile attacks to ones that are stealthy and more subtle – as well as attacks targeting systems typically used in critical infrastructure, researchers say

• August 28, 2018 28 Aug'18

  Sharp rise in business email compromise

  Cyber attackers are expanding their attack methods to steal money and to gain access to corporate and employee data, a report reveals

• August 24, 2018 24 Aug'18

  UK universities targeted by Iranian hackers

  UK universities are among those targeted by a cyber threat group associated with the Iranian government

• August 24, 2018 24 Aug'18

  North Koreans add Mac OS to cryptocurrency-stealing malware attacks

  A North Korean hacking group is targeting cryptocurrency exchanges using Trojanised cryptocurrency trading software designed for both Microsoft’s Windows and Apple’s Mac OS, say researchers

• August 23, 2018 23 Aug'18

  Cryptographic agility is key to post-quantum security

  Although post-quantum security is not an issue for all organisations today, an expert believes that those needing to ensure data is secure for decades to come should aim to achieve cryptographic agility above all else

• August 23, 2018 23 Aug'18

  Apache Struts users urged to update due to new security flaw

  Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017

• August 22, 2018 22 Aug'18

  European cloud adopters still lack basic security

  Despite outpacing the rest of the world, the majority of organisations adopting cloud in Europe, the Middle East and Africa lack basic security, a report reveals

• August 22, 2018 22 Aug'18

  Superdrug denies data breach

  Superdrug has warned online customers it believes may have had personal details exposed, but claims its systems were not compromised, in what could be the first GDPR-related extortion attempt

• August 21, 2018 21 Aug'18

  New Zealand to run national cyber security exercise

  The island-nation will test the resilience of its critical infrastructure in November 2018, bringing together multiple agencies to protect assets of national significance

• August 21, 2018 21 Aug'18

  Online crime costs more than $1m a minute

  More than $1m is lost to cyber crime every minute, a report reveals, underlining the increasing and significant threats businesses face online

• August 21, 2018 21 Aug'18

  Retail and finance top cyber targets

  Retail and finance remain the top cyber attack targets, but the second quarter also saw a spike in attacks against the manufacturing industry and an increase in remote desktop attacks, a report reveals

• August 21, 2018 21 Aug'18

  Microsoft announces free election cyber defence tools

  Microsoft has revealed it recently disrupted domains associated with a Russian cyber attack group believed to be targeting US political groups ahead of the midterm elections

• August 20, 2018 20 Aug'18

  NHS trusts lose nearly 10,000 patient records a year

  Report calls for NHS trusts to work to abolish handwritten notes in hospitals to prevent loss of personal documents and to introduce a patient identity protocol

• August 20, 2018 20 Aug'18

  Planned Australian law raises tech firms’ security concerns

  A digital industry group representing some of the world’s largest tech firms is opposed to proposed Australian laws aimed at compelling them to help security agencies and police

• August 17, 2018 17 Aug'18

  Cyber Security Challenge UK to scale up

  Cybersecurity Challenge UK plans to scale up its events and its role in coordinating UK industry efforts to attract talented people to the cyber security profession

• August 17, 2018 17 Aug'18

  Apple confirms teen hacker took no customer data

  Teenage “fan” who broke into Apple’s mainframe from his home in Melbourne is believed to have downloaded 90GB of secure files, but no customer data

• August 16, 2018 16 Aug'18

  Trump sparks speculation after repealing cyber attack restraints

  The US president has sparked speculation about US policy on launching cyber attacks by repealing Obama-era restraints, underlining the need for international rules on cyber warfare

• August 16, 2018 16 Aug'18

  Global infosec spending to top $114bn in 2018, says Gartner

  The need for improved detection, response and privacy is driving the demand for security products and services in response to security risks, business needs and industry changes, Gartner reveals

• August 16, 2018 16 Aug'18

  Google Chrome flaw puts privacy at risk

  Imperva security researcher urges Google Chrome users to update to the latest version after discovering a vulnerability that could be exploited to uncover private data

• August 15, 2018 15 Aug'18

  ICS security at risk in key verticals, report shows

  The security of industrial control systems (ICS) is at risk in key verticals due to under staffing, under investment and human error, a report reveals

• August 15, 2018 15 Aug'18

  Intel releases fix for latest chip security flaws

  Businesses and consumers are advised to download security updates from Intel for new security flaws that could allow attackers to access protected data, but some cloud providers could see a performance impact

• August 14, 2018 14 Aug'18

  Businesses urged to patch Microsoft flaw allowing MFA bypass

  Security researchers are urging enterprises to update their software after the discovery of a vulnerability that could undermine the security provided by multifactor authentication

• August 14, 2018 14 Aug'18

  Consumers accept fraud danger as online shopping increases, research finds

  The majority of UK consumers see the threat of online fraud as “inevitable” as e-commerce popularity rises

• August 14, 2018 14 Aug'18

  Phishing remains top fraud enabler, RSA reports

  Phishing is the most popular way of enabling fraud for cyber criminals, who are also increasingly using rogue mobile apps, mobile browsers and social media, a report reveals

• August 14, 2018 14 Aug'18

  FBI warns of global ATM cyber crime spree

  The FBI has issued a warning to banks that cyber criminals are planning to steal millions in a coordinated worldwide attack on cash machines

• August 13, 2018 13 Aug'18

  Banks lead in digital era fraud detection

  All e-commerce businesses should follow the banks’ lead in how to detect fraud in the digital era, says RSA fraud and risk expert

• August 13, 2018 13 Aug'18

  Most security pros concerned about election infrastructure

  A majority of information security professionals believe that election infrastructure is vulnerable to cyber attack, a survey shows

• August 13, 2018 13 Aug'18

  UK firms concerned about cyber arms race

  Continuous investment and activity are key in the cyber arms race, according to Databarracks, as research shows UK firms are worried about keeping up with security challenges

• August 13, 2018 13 Aug'18

  Millions of businesses vulnerable to fax-based cyber attack

  Hackers could exploit security vulnerabilities in fax machines to launch cyber attacks in millions of organisations around the world, researchers warn, underlining the need for cyber resilience

• August 12, 2018 12 Aug'18

  Over 146 billion records to be stolen over next five years

  The US will bear the brunt of data exfiltration efforts by cyber criminals, though Asia-Pacific nations such as Singapore will not be spared

• August 10, 2018 10 Aug'18

  Mimecast extends core email security to enable cyber resilience

  Mimecast continues to widen its cyber security capability through in-house development and strategic acquisition, as well as extend its core email security technologies to all other areas it applies

• August 10, 2018 10 Aug'18

  NCR patches ATM vulnerabilities

  NCR has patched ATM vulnerabilities discovered by Positive Technologies

• August 09, 2018 09 Aug'18

  Under half of firms use vulnerability assessments

  Less than half of organisations base their cyber defences on strategic vulnerability assessments, and a third of these do the bare minimum to meet compliance requirements, a study shows

• August 09, 2018 09 Aug'18

  Smart cities a tempting target for cyber attackers

  Smart cities are an attractive target for cyber attackers because of the growing number of connected systems embedded throughout their infrastructure

• August 09, 2018 09 Aug'18

  Brace for more Triton-like attacks, researchers warn

  The world has not seen the last of industrial control system (ICS) attacks like Triton, researchers have warned

• August 09, 2018 09 Aug'18

  Incomplete visibility a top security failing

  Incomplete visibility of IT environments is among the most common basic enterprise security failings, as most organisations are still failing to achieve basic cyber security hygiene, a survey reveals

• August 08, 2018 08 Aug'18

  Check Point warns of WhatsApp vulnerabilities

  Researchers are warning of vulnerabilities in WhatsApp that allow threat actors to intercept and manipulate messages sent in a group chat

• August 08, 2018 08 Aug'18

  Cyber security double agents most common in the UK

  Cyber security professionals who alternate between criminal and legitimate activities or move full-time into cyber criminal activity are more common in the UK than other countries, a report reveals

• August 08, 2018 08 Aug'18

  Australia calls for interventionist approach in new cyber agenda

  The Australian government is forming a cyber defence network comprising security agencies and private sector partners to support a more interventionist approach towards cyber security

• August 07, 2018 07 Aug'18

  AI security hype putting businesses at risk

  The hype around artificial intelligence may be putting businesses at risk, according to a study that found most IT decision-makers believe AI is the answer to all cyber security challenges

• August 07, 2018 07 Aug'18

  Lack of Dmarc email validation puts brands and customers at risk 

  There is a worldwide lack of Dmarc email validation to defend against fraud and phishing attacks, putting organisations and customers at risk, a study shows

• August 07, 2018 07 Aug'18

  Industrial control systems a specialised cyber target

  Cyber attackers specialising in industrial control systems are fast, efficient and able to move between IT and OT environments, a study has revealed

• August 06, 2018 06 Aug'18

  Mobile banking Trojans reach all-time high

  Mobile banking Trojans topped the list of cyber threats in the second quarter of the year, according to research by Kaspersky Lab

• August 06, 2018 06 Aug'18

  Virus outbreak at iPhone chip plant could delay shipments

  A computer virus at an iPhone chip manufacturing plant could delay shipments of Apple’s latest smartphones, but the impact will be limited, say analysts

• August 06, 2018 06 Aug'18

  Alibaba Cloud makes deeper inroads into Malaysia

  The Chinese cloud supplier’s second availability zone and upcoming DDoS scrubbing centre in Malaysia comes on the heels of growing investments in the Southeast Asian nation

• August 03, 2018 03 Aug'18

  UK security centre to launch IoT security standard

  The London-based Centre for Strategic Cyber Space and Security Science is working on an internet of things security standard and has roped in participants from eight markets

• August 03, 2018 03 Aug'18

  Google to alert firms of state-sponsored attacks on G Suite users

  As cyber security increasingly becomes a market differentiator, Google has announced that businesses using G Suite cloud-based software can opt in to cyber attack alerts

• August 02, 2018 02 Aug'18

  Gorgon Group shows simple cyber attacks remain effective

  A highly effective cyber attack group that appears to be based in Pakistan is carrying out targeted attacks against nation states at the same time as criminal operations, researchers have found