News
Hackers and cybercrime prevention
-
February 01, 2021
01
Feb'21
SBRC picks Check Point to support cyber helpline
The Scottish Business Resilience Centre has enlisted Check Point as the first security supplier to join its incident response partnership programme
-
January 31, 2021
31
Jan'21
Indian firms see growing value of data
Half of Indian IT leaders see a permanent increase in value of data as their organisations come under threat from mounting cyber attacks amid the pandemic
-
January 29, 2021
29
Jan'21
Hunting and anti-hunting groups locked in tit-for-tat row over data gathering
The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices
-
January 29, 2021
29
Jan'21
Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters
Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee
-
January 29, 2021
29
Jan'21
Manufacturing particularly at risk of Solorigate-linked breaches
Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers
-
January 29, 2021
29
Jan'21
Human factor dominates Australia’s latest data breach numbers
The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report
-
January 28, 2021
28
Jan'21
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact
-
January 27, 2021
27
Jan'21
Mimecast breach was work of SolarWinds attackers
Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December
-
January 27, 2021
27
Jan'21
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement
-
January 27, 2021
27
Jan'21
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately
-
January 26, 2021
26
Jan'21
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group
-
January 26, 2021
26
Jan'21
Saudi IT spending to hit $11bn in 2021
Saudi Arabian organisations will spend about $11bn on IT this year, with emerging technologies high on shopping lists
-
January 26, 2021
26
Jan'21
Cyber fraud a national security issue, says Rusi report
A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud
-
January 25, 2021
25
Jan'21
Cracking the message in a bottle
Between 2016 and 2019, a number of bottles washed ashore in Hamburg, each containing an ‘uncrackable’ message
-
January 25, 2021
25
Jan'21
Are banks overburdened with responsibility for money lost to online scams?
Bank boss calls for cross-industry cooperation to reduce scams that trick people into making instant payments online
-
January 22, 2021
22
Jan'21
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation
-
January 21, 2021
21
Jan'21
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council
-
January 21, 2021
21
Jan'21
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia
-
January 21, 2021
21
Jan'21
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked
-
January 21, 2021
21
Jan'21
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals
-
January 20, 2021
20
Jan'21
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?
-
January 20, 2021
20
Jan'21
Malwarebytes also hit by SolarWinds attackers
The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals
-
January 19, 2021
19
Jan'21
Questions raised by New Zealand central bank boss, following cyber attack investigation
The governor of New Zealand’s central bank said the organisation must answer questions about its security following a ‘significant’ attack
-
January 19, 2021
19
Jan'21
UK fraud agency deploys ArcGIS dashboard for data sharing
The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000
-
January 19, 2021
19
Jan'21
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike
-
January 19, 2021
19
Jan'21
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA
-
January 19, 2021
19
Jan'21
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks
-
January 18, 2021
18
Jan'21
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering
-
January 17, 2021
17
Jan'21
NCSC CyberFirst Girls 2021 contest kicks off
UK’s national cyber agency says it has already had hundreds of entrants in spite of the challenges presented by the pandemic
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack
-
January 14, 2021
14
Jan'21
Old, on-premise systems targeted in Hackney ransomware attack
Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology
-
January 14, 2021
14
Jan'21
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work
-
January 13, 2021
13
Jan'21
Three-quarters of finance firms report more potentially criminal activity in their networks
Fears of failing to comply with strict regulations grow as financial services firms identify more suspicious financial activity on their networks
-
January 13, 2021
13
Jan'21
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline
-
January 13, 2021
13
Jan'21
Stolen Pfizer/BioNTech Covid-19 vaccine data leaked
Data dump understood to include screenshots of emails, peer review information, PDFs and PowerPoint presentations
-
January 13, 2021
13
Jan'21
Critical zero-day features in first Patch Tuesday of 2021
Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender
-
January 12, 2021
12
Jan'21
Palo Alto Networks opens Australia cloud location
The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services
-
January 12, 2021
12
Jan'21
Mimecast latest security firm to be compromised
Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident
-
January 12, 2021
12
Jan'21
Parler collapse opens door to phishing attacks
The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern
-
January 12, 2021
12
Jan'21
Early stage UK security startups face funding crisis
Overall cyber security funding since the advent of the pandemic is well up, but investment is dominated by safe, later-stage firms while those raising capital for the first time fall away
-
January 11, 2021
11
Jan'21
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community
-
January 11, 2021
11
Jan'21
Kaspersky claims link between Solorigate and Kazuar backdoors
Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship
-
January 11, 2021
11
Jan'21
New Zealand central bank IT system breached in cyber attack
Bank is responding to a cyber attack after hackers breached the system of a third-party supplier
-
January 08, 2021
08
Jan'21
Government use of 'general warrants' to authorise computer and phone hacking is unlawful
A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens
-
January 08, 2021
08
Jan'21
Which? online banking investigation reveals ‘worrying gaps’ in security
Consumer rights organisation has ranked the security of UK online current account providers
-
January 07, 2021
07
Jan'21
Biden picks cyber veteran to reinvigorate security response
Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration
-
January 07, 2021
07
Jan'21
Trump bans Chinese payment apps
US president signs executive order banning the use of Chinese payments app, citing national security risks
-
January 07, 2021
07
Jan'21
Hackney Council data leaked by Pysa ransomware gang
Council data stolen in October is leaked online in a double extortion attack
-
January 06, 2021
06
Jan'21
WikiLeaks founder Julian Assange to remain in prison despite winning extradition battle
Judge cites Assange’s support of NSA whistleblower as one of the reasons for him being at high risk of absconding. He will remain in Belmarsh prison until the US government completes its appeal
-
January 06, 2021
06
Jan'21
SolarWinds attack almost certainly work of Russian spooks
Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays
-
January 05, 2021
05
Jan'21
Scammers impersonating the ACSC on the prowl
The Australian Cyber Security Centre warns of scammers who are using its name to gain control of personal computers and trick users into revealing personal information
-
January 04, 2021
04
Jan'21
WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules
Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal
-
December 31, 2020
31
Dec'20
Top 10 investigations and national security stories of 2020
Here are Computer Weekly’s top 10 investigations and national security stories of 2020
-
December 30, 2020
30
Dec'20
Top 10 ASEAN IT stories of 2020
Here are Computer Weekly’s top 10 ASEAN IT stories of 2020
-
December 24, 2020
24
Dec'20
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020
-
December 23, 2020
23
Dec'20
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020
-
December 18, 2020
18
Dec'20
Finnish government tables laws to protect data from cyber criminals
Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre
-
December 18, 2020
18
Dec'20
Utility supplier People’s Energy has entire customer list stolen
All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident
-
December 18, 2020
18
Dec'20
SolarWinds cyber attack is ‘grave risk’ to global security
More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear
-
December 17, 2020
17
Dec'20
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast
-
December 17, 2020
17
Dec'20
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy
-
December 17, 2020
17
Dec'20
NHS Scotland taps Check Point to secure Covid-19 data
NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus
-
December 17, 2020
17
Dec'20
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue
-
December 15, 2020
15
Dec'20
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next?
-
December 15, 2020
15
Dec'20
Cyber crime victims in the Netherlands not reporting offences
Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied
-
December 14, 2020
14
Dec'20
FireEye identifies flaw in networking monitoring software as US agencies attacked
Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software
-
December 11, 2020
11
Dec'20
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months
-
December 11, 2020
11
Dec'20
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL
-
December 11, 2020
11
Dec'20
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure
-
December 10, 2020
10
Dec'20
Cyber Helpline awarded lottery funding to support victims
The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery
-
December 10, 2020
10
Dec'20
After critical year, Vodafone trains security sights on CNI market
Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets
-
December 10, 2020
10
Dec'20
Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack
The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen
-
December 09, 2020
09
Dec'20
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users
-
December 09, 2020
09
Dec'20
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance
-
December 09, 2020
09
Dec'20
FireEye’s ethical hacking tools stolen in state-backed attack
Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye
-
December 09, 2020
09
Dec'20
Top IT predictions in APAC in 2021
The Asia-Pacific region will continue to be a cradle for technology innovation in the new year, whether it is 5G services, artificial intelligence, cloud computing or cyber security
-
December 08, 2020
08
Dec'20
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices
-
December 08, 2020
08
Dec'20
Russian state actors exploiting VMware bug to hijack data, users warned
Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings
-
December 07, 2020
07
Dec'20
HMRC referred 11 data security incidents to ICO in 2019-20
HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report
-
December 07, 2020
07
Dec'20
Grindr and others patch critical Android bug
Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability
-
December 07, 2020
07
Dec'20
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime
-
December 04, 2020
04
Dec'20
Opportunistic Egregor ransomware is an emerging and active threat
Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it
-
December 03, 2020
03
Dec'20
Cyber Aware campaign to help safeguard Christmas shoppers
New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas
-
December 03, 2020
03
Dec'20
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines
-
December 03, 2020
03
Dec'20
Lax Android app developers putting millions of users at risk
Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk
-
December 03, 2020
03
Dec'20
Dangerous Trickbot evolves to target UEFI/BIOS firmware
Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware
-
December 02, 2020
02
Dec'20
Covid-19: Cyber criminals will target vaccine programmes
Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use
-
December 02, 2020
02
Dec'20
Double extortion ransomware will be a big theme in 2021
Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration
-
December 02, 2020
02
Dec'20
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats
-
December 01, 2020
01
Dec'20
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020
-
December 01, 2020
01
Dec'20
22,000 malicious .uk domains suspended in past year
Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected
-
December 01, 2020
01
Dec'20
What it takes for APAC firms to ride out the pandemic
Whether businesses will recover from the Covid-19 pandemic will depend on how they leverage technology to innovate, create new business models and build digital trust
-
November 30, 2020
30
Nov'20
IT Priorities: APAC enterprises readying recovery budget
Enterprises in Asia-Pacific are investing in cloud and other key technologies to not only survive but thrive in the post-pandemic world
-
November 27, 2020
27
Nov'20
How Grab is using technology to improve trust and safety
Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay
-
November 26, 2020
26
Nov'20
APAC plagued by APT, ransomware attacks
The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020
-
November 25, 2020
25
Nov'20
Three cyber criminals arrested in Nigerian BEC investigation
Prolific cyber criminal gang is thought to have compromised up to half a million victims since 2017
-
November 25, 2020
25
Nov'20
Securing UK’s critical national infrastructure is a 2021 priority
Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority
-
November 25, 2020
25
Nov'20
Use of abusive stalkerware against women skyrocketed in 2020
Rise in the use of malicious stalkerware correlates closely to increased domestic violence during lockdown
-
November 24, 2020
24
Nov'20
Belgian security researcher hacks Tesla with Raspberry Pi
Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard
-
November 24, 2020
24
Nov'20
Nominet introduces new resources for cyber scam victims
Domain name registrar is working with law enforcement to provide new information, guidance and resources for potential victims of online scams