News

Hackers and cybercrime prevention

• September 23, 2020 23 Sep'20

  Public admires security professionals, but doesn’t want their jobs

  (ISC)² research finds attitudes towards security roles are increasingly positive, but not many people fancy joining the fight against cyber crime

• September 23, 2020 23 Sep'20

  Video gamers barraged with cyber attacks

  From credential stuffing to SQL injection and DDoS, video game producers and players are seeing massive volumes of cyber attacks

• September 23, 2020 23 Sep'20

  US agencies warn of election disinformation and cyber attacks

  Federal agencies are warning of heightened disinformation as the crucial 2020 presidential election nears

• September 22, 2020 22 Sep'20

  Activision shoots down data breach claims

  Gaming company denies there has been any data breach after up to 500,000 accounts appeared to have been compromised, but evidence mounts that credential stuffing attacks are to blame

• September 22, 2020 22 Sep'20

  Scam mobile apps spreading via rogue TikTok accounts

  Malicious TikTok accounts are promoting a number of adware scam mobile apps

• September 22, 2020 22 Sep'20

  WikiLeaks published unredacted cables after password was disclosed in book

  WikiLeaks published a cache of unredacted government cables after the publication of a book containing the password led to their publication on other parts of the internet, court told

• September 21, 2020 21 Sep'20

  Trump implicated in plans to prosecute Assange over war leaks

  US journalist and Trump supporter, Cassandra Fairbanks, said she was given advanced details of US plans to oust Wikileaks founder Julian Assange from the Ecuadorian Embassy and to arrest him for over documents leaked by former soldier Chelsea Manning

• September 21, 2020 21 Sep'20

  WikiLeaks cables showed US interfered in German torture investigation

  Khalid El-Masri, a German citizen who was kidnapped and tortured by the CIA in a case of mistaken identity, told a court that disclosures by WikiLeaks showed that the US had intervened in a German judicial investigation into his treatment

• September 21, 2020 21 Sep'20

  WikiLeaks video ‘electrified’ public to civilian war deaths, court hears

  New Zealand investigative journalist and author Nicky Hager said that WikiLeaks’ publication of a video showing a US helicopter firing on civilians, along with the publication of secret war logs, ‘electrified’ the world to civilian deaths

• September 18, 2020 18 Sep'20

  Ex-NCSC boss Ciaran Martin joins cyber venture capital outfit

  Outgoing NCSC CEO Ciaran Martin is to take up a new role guiding new investments in cyber security

• September 18, 2020 18 Sep'20

  Outgoing NCSC CEO: Ransomware threat kept us up at night

  Former NCSC CEO Ciaran Martin sheds some light on some of the biggest cyber threats currently facing the UK

• September 18, 2020 18 Sep'20

  Congressman offered Julian Assange a ‘win-win’ deal that would help President Trump

  Details have emerged of US congressman Dana Rohrabacher’s offer of a pardon to WikiLeaks founder Julian Assange in a ‘win-win deal that would benefit US President Donald Trump

• September 18, 2020 18 Sep'20

  German authorities probe ransomware hospital death

  Hackers failed to extort a ransom from University Hospital Düsseldorf, but indirectly caused the death of a patient

• September 18, 2020 18 Sep'20

  Rampant Kitten spent six years hacking Iranian dissidents

  Details emerge of an ongoing campaign by Tehran-backed threat actors targeting dissidents and activists

• September 17, 2020 17 Sep'20

  Maze ransomware borrows Ragnar Locker tactics to sneak past defences

  New research from the Sophos threat response team has found the Maze ransomware gang has adopted techniques pioneered by the cyber criminals behind Ragnar Locker

• September 17, 2020 17 Sep'20

  Saudi Arabia sees cyber security boom as coronavirus bites

  Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods

• September 17, 2020 17 Sep'20

  Seven charged in connection with Chinese state-backed cyber attacks

  Attacks by APT41, or Wicked Panda, targeted hundreds of organisations, including the UK government

• September 17, 2020 17 Sep'20

  Assange revelations among most important in US history, says Daniel Ellsberg

  Daniel Ellsberg, who leaked highly classified documents that changed the course of the Vietnam War in the 1970s, says WikiLeaks exposed a serious pattern of US war crimes

• September 16, 2020 16 Sep'20

  NCSC steps up ransomware support for schools and universities

  New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks

• September 16, 2020 16 Sep'20

  Julian Assange held back 15,000 documents to prevent harm to US government

  Investigative journalist John Goetz said today that WikiLeaks held back publication of thousands of documents that could harm individuals

• September 16, 2020 16 Sep'20

  Retailers urged to get to grips with Magento as attacks spike

  A huge spike in online retailers being hacked with Magecart credit card skimmers is being blamed on unsupported versions of Adobe Magento

• September 16, 2020 16 Sep'20

  Banks report surge in impersonation scams

  Fraudsters are using the Covid-19 crisis to trick people into transferring money to them

• September 16, 2020 16 Sep'20

  Lorca security scaleups to get Splunk data expertise

  Lorca inducts Splunk onto its co-marketing programme, giving security scaleups access to new data expertise

• September 16, 2020 16 Sep'20

  Western Australia government goes all-in on Microsoft

  State agencies in Western Australia will be able to tap Azure cloud services and cloud applications through a new Microsoft agreement

• September 15, 2020 15 Sep'20

  MEPs denied access as observers to Julian Assange extradition hearing

  MEPs and NGOs say they have been denied access to observe extradition proceedings against WikiLeaks founder in Central Criminal Court

• September 14, 2020 14 Sep'20

  Julian Assange faces solitary confinement if extradited, court hears

  WikiLeaks founder Julian Assange will be held under special administrative measures if extradited to the US, said Eric Lewis, a US legal expert, effectively placing him in solitary confinement

• September 11, 2020 11 Sep'20

  Travel industry websites are laughably insecure, claims Which?

  The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation

• September 11, 2020 11 Sep'20

  Zoom adds two-factor authentication for all users

  Latest enhancements to Zoom security make it easier for organisations to protect users and prevent breaches and unauthorised meeting access

• September 11, 2020 11 Sep'20

  Russian interference in US elections ramps up on schedule

  With the critical US 2020 presidential election looming, Russian-state backed hackers are once again after organisations directly involved in political elections, launching thousands of targeted attacks

• September 10, 2020 10 Sep'20

  Cyber security is next frontier for open source

  Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM

• September 10, 2020 10 Sep'20

  Lorca security scaleups hit funding milestone

  £153m of investment has been raised by Lorca cohort companies in just two years, almost four times the original target

• September 10, 2020 10 Sep'20

  Datacentre firm Equinix investigating ransomware attack

  A number of internal systems at cloud and datacentre firm Equinix have been affected by a ransomware attack

• September 10, 2020 10 Sep'20

  Government launches £500k healthcare security plan

  A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic

• September 10, 2020 10 Sep'20

  Assange prosecution would put journalists around the world at risk

  Trevor Timm, co-founder of the Freedom of the Press Foundation, tells a court that if the US prosecutes WikiLeaks founder Julian Assange, every reporter who receives a secret document will be criminalised

• September 09, 2020 09 Sep'20

  Branch-based anti-fraud scheme to be expanded to online banking

  A successful branch-based anti-fraud scheme will be expanded by banks to include online and telephone banking

• September 09, 2020 09 Sep'20

  September’s Patch Tuesday heavy on RCE vulnerabilities

  Microsoft’s September update contains patches for 129 common vulnerabilities and exposures, including a high number of remote code execution issues

• September 09, 2020 09 Sep'20

  US conspiracy charges against WikiLeaks founder Julian Assange ‘politically motivated’

  US journalism historian and investigative journalist Mark Feldstein tells a UK court that use of the Espionage Act against Assange will have wide implications for the press

• September 08, 2020 08 Sep'20

  Julian Assange warned against interrupting witnesses in extradition hearing

  On the second day of his extradition hearing at the Old Bailey, judge informs the WikiLeaks founder he could be removed and potentially banned from court for interrupting witnesses

• September 07, 2020 07 Sep'20

  Court rejects request to exclude ‘11th hour’ US evidence against WikiLeaks founder Julian Assange

  Lawyers for Julian Assange say the US has introduced an 11th hour indictment against the WikiLeaks founder that provides additional grounds for his extradition

• September 06, 2020 06 Sep'20

  Why predictive threat intelligence is key

  Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur

• September 04, 2020 04 Sep'20

  Lockdown sees increase in girls applying for GCHQ cyber courses

  The shift to online learning saw an increase in participants for its CyberFirst cyber security training programme, GCHQ found

• September 03, 2020 03 Sep'20

  Phishing scam targets Lloyds Bank customers

  Bank customers warned of emails and SMS messages that direct them to a fraudulent site and then request account log-in details

• September 03, 2020 03 Sep'20

  Only 10% of tech talent have cyber skills to fill skills gap

  The UK has a growing need for cyber skills as a result of the pandemic, but few IT professionals have the skills firms actually need

• September 03, 2020 03 Sep'20

  One actor behind Magecart skimmer kit

  RiskIQ has identified that variations in software tools used for Magecart ecommerce site attacks are based on kits from the same group

• September 03, 2020 03 Sep'20

  UK businesses hardest hit financially by fallout from cyber attacks, research shows

  Latest edition of Hiscox’s annual cyber readiness report suggests UK businesses are among those worst affected by the financial fallout from cyber attacks

• September 02, 2020 02 Sep'20

  Northumbria University suffers major disruption after cyber attack

  Some exams cancelled as university appoints external specialists to investigate incident

• September 01, 2020 01 Sep'20

  Norway’s corporates want government to support ‘herd immunity’ to cyber attack

  Leading business organisations in Norway call on government to play a more active role in improving and coordinating the country’s cyber defences

• August 28, 2020 28 Aug'20

  New Zealand activates security services as DDoS outage enters fourth day

  New Zealand government calls in its national cyber security agencies to help investigate a continuing cyber attack on the country’s financial systems

• August 28, 2020 28 Aug'20

  Machine learning wards off threats at TV studio Bunim Murray

  TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats

• August 28, 2020 28 Aug'20

  Benefit fraud: Underground trade in stolen identities revealed

  A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds

• August 27, 2020 27 Aug'20

  DDoS downs New Zealand stock exchange for third day

  Distributed denial of service attack from overseas has left stock exchange offline for days

• August 26, 2020 26 Aug'20

  Avaddon ransomware operators having a go at double extortion

  The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm

• August 25, 2020 25 Aug'20

  North Korea’s Lazarus targets cryptocurrency vertical

  APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research

• August 21, 2020 21 Aug'20

  Australian regulator sues RI Advice for cyber security lapses

  The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives

• August 20, 2020 20 Aug'20

  Social media data leak highlights murky world of data scraping

  A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it

• August 19, 2020 19 Aug'20

  HMRC investigates over 10,000 Covid-19 phishing reports

  HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June

• August 19, 2020 19 Aug'20

  Marriott slapped with class action lawsuit over 2018 breach

  Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period

• August 18, 2020 18 Aug'20

  Carnival cruise lines hit by ransomware, customer data stolen

  Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack

• August 14, 2020 14 Aug'20

  US decision to file new charges against Julian Assange ‘astonishing and potentially abusive’

  Lawyer for WikiLeaks founder slams US decision to serve a second indictment at the 11th hour alleging that Assange conspired with hackers, as a potential abuse of process

• August 14, 2020 14 Aug'20

  Russia’s Fancy Bear targets Linux environments with Drovorub malware

  The Russian intelligence-linked Fancy Bear group is deploying a new malware called Drovorub against Linux environments as part of a cyber espionage operation, according to US warnings

• August 13, 2020 13 Aug'20

  Ed Sheeran is not promoting investment opportunities, says NCSC

  The National Cyber Security Centre has issued a new warning after uncovering a series of online scams promoting fraudulent celebrity-endorsed investment opportunities

• August 13, 2020 13 Aug'20

  APAC consumers do not feel responsible for data security

  Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on

• August 12, 2020 12 Aug'20

  How Dharma ransomware became an effective services business

  New research looks under the bonnet of a Dharma ransomware attack, with the ransomware's ease of use being particularly dangerous for small to medium-sized enterprises

• August 12, 2020 12 Aug'20

  Microsoft patches two zero-days with active exploits

  Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals

• August 12, 2020 12 Aug'20

  Security training body Sans Institute hit by data breach

  Around 28,000 items of personally identifiable data were lost in a phishing attack on Sans, proving that even the professionals can be caught out

• August 11, 2020 11 Aug'20

  NHS hit by thousands of malicious emails at height of pandemic

  The NHS received nearly 30,000 malicious emails at the height of the Covid-19 pandemic in March and April

• August 11, 2020 11 Aug'20

  Citrix users urged to patch five XenMobile CVEs

  Patches are available for CVEs 2020-8208 through 8212 and should be installed as soon as possible

• August 11, 2020 11 Aug'20

  Coronavirus: Phishing lures pivot to exploit vaccine hopes

  Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19

• August 10, 2020 10 Aug'20

  Retailer Monsoon allegedly exposing data via Pulse Connect server

  A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures

• August 10, 2020 10 Aug'20

  Security teams struggle to keep pace with cloud threats

  Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up

• August 07, 2020 07 Aug'20

  Virgin Media customers targeted in Twitter phish

  Customers seeking help from the ISP are being targeted by a scam Twitter account

• August 07, 2020 07 Aug'20

  Capital One hit with $80m fine by US regulators over 2019 data breach

  US regulator imposes fine over data breach that affected 106 million Capital One customers in the US and Canada

• August 06, 2020 06 Aug'20

  Australia updates cyber security strategy but offers little new

  The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas

• August 06, 2020 06 Aug'20

  Qualcomm chip vulnerability puts millions of phones at risk

  Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors

• August 06, 2020 06 Aug'20

  Canon said to be latest Maze ransomware victim

  Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang

• August 06, 2020 06 Aug'20

  GCHQ seeks researchers to tackle deep fakes and misinformation

  A GCHQ research fellowship based at its Manchester office will explore various national security priorities such as deep fakes, fake news and the impact of AI

• August 05, 2020 05 Aug'20

  Second wave of Covid-19 cyber attacks locked in

  More cyber attacks exploiting the pandemic seem likely, says Interpol

• August 04, 2020 04 Aug'20

  Five signs you’re about to get hit with ransomware

  A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens

• August 04, 2020 04 Aug'20

  Liam Fox hack raises questions over government security

  The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government

• August 04, 2020 04 Aug'20

  New foundation to bolster security of open source software

  The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  Labour Party is latest victim of Blackbaud ransomware attack

  Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour

• July 31, 2020 31 Jul'20

  Twitter confirms it was hit by targeted spearphishing attack

  Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident

• July 31, 2020 31 Jul'20

  EU sanctions China and Russia over cyber attacks

  The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU

• July 30, 2020 30 Jul'20

  Former UC Global staff confirm Embassy surveillance operation against Julian Assange

  Spanish court investigates claims that security company illegally recorded meetings between Julian Assange, politicians, lawyers and celebrities at the Ecuadorian Embassy in London

• July 30, 2020 30 Jul'20

  Diversity in cyber improving but inclusion needs work, says NCSC

  Study into diversity and inclusion in the cyber security sector has found that diversity is off to a good start, but inclusion is lacking

• July 30, 2020 30 Jul'20

  List of Blackbaud breach victims tops 120

  More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform

• July 29, 2020 29 Jul'20

  Serious BootHole vulnerability puts millions of systems at risk

  BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise

• July 29, 2020 29 Jul'20

  Majority of organisations at risk of cloud data exposure

  Report casts doubt on the effectiveness of the shared responsibility model of cloud security

• July 29, 2020 29 Jul'20

  Bank of Ireland fined for six-year-old IT breach

  Bank of Ireland fined by regulator for its failings to prevent fraud six years ago

• July 28, 2020 28 Jul'20

  De Montfort, KCL, Newcastle universities join list of Blackbaud victims

  Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities

• July 28, 2020 28 Jul'20

  Garmin may have paid hackers ransom, reports suggest

  Garmin’s services are coming back online, but the company remains tight-lipped about what exactly happened to it

• July 28, 2020 28 Jul'20

  Digital bank customer data breached through third party

  FBI is investigating digital bank customer data breach that occurred via a former third-party supplier

• July 28, 2020 28 Jul'20

  NCSC names national security expert Lindy Cameron as new CEO

  New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad

• July 28, 2020 28 Jul'20

  Scotland’s security resilience centre concept goes national

  Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK

• July 28, 2020 28 Jul'20

  NCSC inducts six security startups to Cyber Accelerator

  10-week programme will guide some of the UK’s most innovative security startups as they scale their businesses for future growth

• July 27, 2020 27 Jul'20

  MI6 apologises after attempt to interfere with intelligence court

  The UK Secret Intelligence Service, MI6, has apologised after attempting to persuade the secretary of Britain’s most secret court to withhold documents from senior judges in a case about crimes by undercover agents

• July 27, 2020 27 Jul'20

  Court adjourns hearing into Assange extradition as US delays serving new indictment

  Westminster Magistrates Court suspends scheduled extradition hearing into WikiLeaks founder after it emerged the US had failed to serve a second superseding indictment against him

• July 26, 2020 26 Jul'20

  Australia issues new cloud computing guidelines

  The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience

• July 24, 2020 24 Jul'20

  Garmin outage prompts ransomware attack speculation

  Details are thin on the ground following a major service outage at Garmin, prompting industry speculation that the firm has fallen victim to a ransomware attack