News

Hackers and cybercrime prevention

• March 29, 2016 29 Mar'16

  Cyber criminals use Microsoft PowerShell in ransomware attacks

  A newly discovered family of ransomware, dubbed PowerWare, uses Microsoft PowerShell to target organisations through macro-enabled documents

• March 29, 2016 29 Mar'16

  IoT security not a priority for Asean organisations

  IT leaders in the Asean region need to push IoT security up their priority list, as an Intel survey finds them lagging

• March 29, 2016 29 Mar'16

  FBI investigating cyber attack on US hospital group Medstar

  US hospital group Medstar Health appears to be the latest target of ransomware as it suspends IT system to halt malware infection

• March 24, 2016 24 Mar'16

  Government warned of smart meter security threat back in 2012

  The government was warned four years ago that its plans for a nationwide smart meter roll-out represented a “potentially significant” security and privacy threat, Computer Weekly has learned

• March 24, 2016 24 Mar'16

  Businesses urged to update Apple software to dodge zero-day attacks

  Security experts are urging Apple Mac, iPhone and iPad users to update their operating systems to avoid data-stealing attacks that exploit a new zero-day vulnerability

• March 24, 2016 24 Mar'16

  Phishing attack at US retailer underlines need for proactive security

  Security experts say a phishing attack on US retailer Sprouts Farmers Market shows the need to educate employees and correctly configure IT systems

• March 24, 2016 24 Mar'16

  Chinese man admits conspiring to hack US military secrets

  A Chinese national working in Canada has pleaded guilty to helping hackers in China access US military secrets from defence contractors, including fighter jet blueprints

• March 23, 2016 23 Mar'16

  UK tech industry welcomes government’s new anti-crime strategy

  Only a modern strategy that incorporates technological advances and the greater use of data analytics can improve UK crime prevention, says TechUK

• March 23, 2016 23 Mar'16

  US hospital claims to have fought off a ransomware attack

  A hospital in Kentucky claims to have regained control of its IT systems five days after cyber criminals hit it with a ransomware attack

• March 23, 2016 23 Mar'16

  Malicious domain name service infrastructure rebounds to near-record levels

  Infoblox calls for the US, Germany and other sources of malicious domain name service (DNS) infrastructure to improve processes for removing the threat

• March 22, 2016 22 Mar'16

  Cyber security budgets not rising in line with threats, say security pros

  While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape, says IISP

• March 22, 2016 22 Mar'16

  Only 42% of infosec pros use threat intelligence, survey shows

  Cyber threat intelligence sharing is a necessity, says Intel's McAfee Labs – but less than half of infosec pros use it, despite the benefits, a survey reveals

• March 21, 2016 21 Mar'16

  Australian government defence report recognises cyber threat

  The cyber threat to Australia is outlined in the recent government defence white paper, but experts are unimpressed

• March 21, 2016 21 Mar'16

  The cyber threat to eastern European enterprises

  Organisations in eastern Europe are targets for cyber criminals and although they are aware of it, they often fail to protect themselves against it

• March 21, 2016 21 Mar'16

  National Cyber Security Centre to be UK authority on information security

  The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin

• March 18, 2016 18 Mar'16

  HSCIC’s CareCERT head wants NHS and social care to be prepared for cyber attacks

  Health and care organisations should not be afraid to acknowledge that cyber attacks will happen, but must be ready to handle breaches effectively, says CareCERT’s programme head

• March 18, 2016 18 Mar'16

  Cyber crime is driving UK fraud losses, totalling £755m in 2015

  Payment card fraud accounted for 75% of UK fraud losses in 2015, most of which was remote purchase fraud using card details stolen though data hacks and malware, says FFA UK

• March 18, 2016 18 Mar'16

  Australian girls believe online harassment is endemic

  There are clear signals that online threats against women and attempts to invade their privacy are becoming societal norms in Australia

• March 18, 2016 18 Mar'16

  UK workers more diligent about cyber security at home

  UK employees expect an IT safety net to protect them at work and are more willing to take responsibility for security at home, a survey commissioned by Citrix has revealed

• March 18, 2016 18 Mar'16

  Most students say cyber security is a growing threat

  Some 70% of higher education students say they are aware that cyber crime and attacks are a threat, but less than half think security is their responsibility

• March 18, 2016 18 Mar'16

  FBI issues warning about car hacking

  US security service calls on consumers and vehicle manufacturers to take steps to reduce the increasing risk of car hacking and to report incidents

• March 17, 2016 17 Mar'16

  Most Britons adopting IoT devices cannot secure them

  Two-thirds of UK consumers are concerned about the security of IoT devices – but nearly 75% cannot take steps to secure them, a survey reveals

• March 17, 2016 17 Mar'16

  Cyber security is becoming a Dutch export

  IT security is about to rival cheese, tulips, windmills and flood defences as an export from the Netherlands

• March 16, 2016 16 Mar'16

  Crypto ransomware lurks in ads on popular websites

  Security researchers warn that the major ransomware malvertising campaign that hit popular websites at the weekend may not be over yet

• March 16, 2016 16 Mar'16

  Apple iCloud and Gmail hacker set to plead guilty, say US authorities

  A US hacker faces up to five years in jail and fines of up to $250,000 after admitting he accessed more than 100 Apple iCloud and Gmail accounts illegally

• March 15, 2016 15 Mar'16

  Cyber security study reveals lack of boardroom governance across UK industries

  While 81% of UK boards have increased cyber security scrutiny after the TalkTalk breach, only 53% have data breach management plans in place, a survey has revealed

• March 15, 2016 15 Mar'16

  IT decision makers admit they need to do more to protect data

  More than a quarter of IT decision makers at UK organisations admit they need to do more to protect data, a survey reveals

• March 14, 2016 14 Mar'16

  TechUK to spotlight cyber threat intelligence

  The ability to sift through that data and spot trends and emerging threats is becoming a useful and important tool for security professionals, according to TechUK's Talal Rajab

• March 14, 2016 14 Mar'16

  New UK law will criminalise failure to hack on demand

  MPs have been given only two weeks to read 1,200 pages of documents which disclose new powers to require technology companies to install secret surveillance capabilities in software, computer equipment or networks

• March 14, 2016 14 Mar'16

  IoT “plug and pray” all over again, says security consultant

  The increasing interconnectedness of IoT systems and services creates vulnerabilities that are making ‘cascade failure’ almost inevitable, says security consultant David Alexander

• March 11, 2016 11 Mar'16

  Ofcom data breach highlights insider threat

  That a former employee of communications regulator Ofcom stole data should act as a warning about the insider threat in every organisation, say experts

• March 11, 2016 11 Mar'16

  $1bn cyber bank heist thwarted by spelling error

  Cyber thieves made 30 requests for the New York Federal Reserve to transfer nearly $1bn from the Bangladesh central bank’s account, but a typo and the volume of requests alerted banking officials

• March 10, 2016 10 Mar'16

  Segment and segregate to defend data from cyber attack in 2016, urges F-Secure

  Attackers will focus on critical data in 2016, mainly with the motive of cyber extortion, according to the latest threat report from F-Secure

• March 09, 2016 09 Mar'16

  Lack of security knowledge limiting business initiatives, survey shows

  Security concerns are limiting the adoption of cloud and mobility throughout organisations, according to the first Dell Data Security Survey

• March 08, 2016 08 Mar'16

  Half of IT professionals struggle with enterprise patching

  Many businesses struggle with the volume of software security updates and believe IT teams do not understand the difference between applying a patch and remediating a vulnerability, a survey has revealed

• March 08, 2016 08 Mar'16

  Ransomware migrates to Apple Mac computers

  Apple Mac users and security professionals must be more vigilant with the discovery of what is believed to be the first Mac OS X ransomware in the wild

• March 07, 2016 07 Mar'16

  RSAC16: Microsoft’s Windows PowerShell fully weaponised, security expert warns

  Security expert Ed Skoudis says the PowerShell Empire open-source security tool is as much use to attackers as it is to defenders

• March 07, 2016 07 Mar'16

  Lack of cyber security awareness putting UK organisations at risk

  UK organisations are putting their reputation, customer trust and competitive advantage at greater risk by failing to provide their staff with effective security training, a study reveals

• March 04, 2016 04 Mar'16

  BBC reporter demonstrates mobile phone hack to steal from producer's bank account

  A reporter on the BBC Radio Four You and Yours programme has managed to hack a NatWest online bank account and extract cash

• March 04, 2016 04 Mar'16

  RSAC16: Cyber criminals are hiding in plain sight, says RSA report

  Cyber criminals are using social media as a communication and sales channel, not just for reconnaissance and phishing, an RSA study has revealed

• March 03, 2016 03 Mar'16

  Businesses covering up cyber attacks, says IoD

  The Institute of Directors warns that businesses are actively covering up when they have been the victim of a cyber attack

• March 03, 2016 03 Mar'16

  RSAC16: UK government to change tack on cyber security

  The UK government is thinking about becoming more interventionist to ensure the next five years yield a better return on investment in cyber security, according to CESG cyber security head

• March 02, 2016 02 Mar'16

  RSAC16: Security industry needs to do more, says Intel Security Group head

  Chris Young calls on security industry to pay more attention to cyber threat intelligence sharing and encouraging people to become information security professionals

• March 02, 2016 02 Mar'16

  RSAC16: RSA’s Amit Yoran comes out in support of strong encryption

  A policy of weakened encryption would harm US economic interests and undermine those trying to defend digital environments, according to RSA president Amit Yoran

• March 02, 2016 02 Mar'16

  Drown attack sinks SSL security

  Researchers publish paper outlining how an attacker could crack the TLS security protocol to gain access to millions of secure websites

• March 02, 2016 02 Mar'16

  RSAC16: Microsoft’s chief legal officer Brad Smith champions encryption

  Information security requires a comprehensive approach including strong encryption, says Microsoft chief legal officer Brad Smith

• March 01, 2016 01 Mar'16

  RSAC16: US works on data access agreement with UK

  The US is negotiating with the UK to establish a new framework that will permit UK authorities to access electronic communications directly from US companies

• March 01, 2016 01 Mar'16

  Theresa May revises Investigatory Powers Bill to address right of access

  The Home Office has tweaked the draft Investigatory Powers Bill, taking on committee recommendations – but questions remain

• March 01, 2016 01 Mar'16

  Cyber security professionals in Singapore could get 20% pay rise

  E-commerce and cyber security professionals in Singapore could gain 10 to 20% pay rises if they move companies, due to increased demand of niche IT skills

• March 01, 2016 01 Mar'16

  RSAC16: Cyber attackers still after low-hanging fruit, dark web study shows

  Tracking a cyber adversary that is recruiting and the skills they desire can improve the overall maturity of an organisation’s security programme, according to Digital Shadows

• March 01, 2016 01 Mar'16

  New York judge blocks FBI iPhone warrant

  Judge rules that Apple does not have to help the FBI unlock the iPhone of a suspected drug trafficker

• February 26, 2016 26 Feb'16

  CEO training critical to cyber resilience, says APMG

  CEOs staying informed on current cyber security risks has a positive impact in the boardroom and beyond, according to certification and accreditation organisation APMG

• February 26, 2016 26 Feb'16

  Majority of Britons support government surveillance for national security

  A survey reveals that a majority of UK citizens support government surveillance for national security as Apple attempts to rally public support in its row with the FBI over encryption

• February 26, 2016 26 Feb'16

  Nissan acts on Leaf car app security flaw after researcher goes public

  Nissan suspends its electric car app after a researcher went public about a security flaw that could enable attackers to take control of heating systems

• February 26, 2016 26 Feb'16

  Israeli high-tech startups seek UK funding

  Israeli high-tech startup companies visit London in search of venture capital and angel investors

• February 25, 2016 25 Feb'16

  Nissan breaks basic security rules with Leaf electric car app

  Security researcher shows how hackers can hijack a vehicle’s heating and air-conditioning systems, identify owners and spy on journeys

• February 25, 2016 25 Feb'16

  Police forces failing to keep technology up to date, says chief inspector's report

  Police technology is “weak and aging”, says Her Majesty’s chief inspector of constabulary Thomas Windsor, calling on forces to improve their IT

• February 25, 2016 25 Feb'16

  Risk management key to cyber security, says Bank of England CISO

  An essential part of information security is identifying and managing the risks, experts tell the European Information Security Summit 2016

• February 25, 2016 25 Feb'16

  Cyber crime is fastest growing economic crime, says PwC report

  More than half of UK organisations say they expect to be the victim of cyber crime in the next two years, suggesting it will become the UK’s largest economic crime, says a PwC report

• February 24, 2016 24 Feb'16

  CIOs admit they are blind to cyber threats despite security spend

  Many of the security defences that companies invest in are blind to encrypted traffic and untrustworthy digital certificates, a study reveals

• February 24, 2016 24 Feb'16

  UK businesses and police growing cyber capabilities, summit told

  UK businesses and police are getting better at building cyber capabilities, but there is still work to be done, according to the deputy head of the Met Police's Falcon unit

• February 24, 2016 24 Feb'16

  Safeguarding firm uKnowKids comes under fire for handling of child data breach

  Child social media monitoring service uKnowKids has run into criticism for its response to a report of a vulnerability in one of its databases

• February 23, 2016 23 Feb'16

  Social engineering confirmed as top information security threat

  Cyber attackers shifted away from automated exploits in 2015 and instead tricked people into doing the dirty work, Proofpoint researchers found

• February 23, 2016 23 Feb'16

  MWC16: Facebook’s Mark Zuckerberg voices support for Apple over FBI probe

  Facebook CEO Mark Zuckerberg told Mobile World Congress he sympathised with Apple's battle with the FBI over unlocking a terrorist’s iPhone

• February 22, 2016 22 Feb'16

  Encrypted traffic security analysis a top priority for 2016, says Dell Security

  Decryption and inspection strategies are necessities, with nearly 65% of all internet traffic encrypted, says the latest threat report from Dell Security

• February 22, 2016 22 Feb'16

  UK CIOs over-confident about cyber security, study shows

  UK firms are operating from a reactive security posture and tending to symptoms, rather than causes, and yet still believe they can detect threats faster than the industry average

• February 19, 2016 19 Feb'16

  Tech firms rally around Apple over encryption row with FBI

  Apple CEO Tim Cook is getting support from technology and information security firms in his refusal to help the FBI to hack into an iPhone used by San Bernardino gunman Syed Rizwan Farook

• February 19, 2016 19 Feb'16

  Australian C-suite executives fail to take security seriously

  Australia’s executives need to get their heads out of the sand when it comes to cyber security and realise they are part of the solution

• February 19, 2016 19 Feb'16

  HSBC launches biometric security for mobile banking in the UK

  Bank claims UK’s largest planned roll-out of voice biometric security technology, with more than 15 million customers in line for voice and fingerprint authentication services

• February 18, 2016 18 Feb'16

  C-suite executives confused about cyber attacks, survey shows

  Key executives need to be more engaged with CISOs beyond planning for security, and take a more active role, according to an IBM study

• February 18, 2016 18 Feb'16

  US hospital pays £12,000 to ransomware attackers

  A US hospital reveals that, after a week of being offline, it caved into ransomware demands to restore access to its computer systems

• February 17, 2016 17 Feb'16

  Patch now to eliminate glibc remote access security risk

  Google engineers who discovered the glibc vulnerability say exploiting it is difficult, but they have also proved it can be done, and security experts say it is best not to take the risk

• February 17, 2016 17 Feb'16

  Application security a key priority for 2016, says Hewlett Packard Enterprise study

  Businesses should focus on application security, changes in threats and regulations, and vulnerabilities in emerging technologies, says Hewlett Packard Enterprise

• February 16, 2016 16 Feb'16

  UK police reports good progress on fighting cyber crime globally

  International law enforcement collaboration around cyber crime is making progress, says National Cyber Crime Unit deputy director Sarah Goodall

• February 16, 2016 16 Feb'16

  EU managers need to up cyber security collaboration, study finds

  There is still much work to be done in the area of collaboration and sharing responsibility when it comes to preventing data breaches, a study has found

• February 16, 2016 16 Feb'16

  Cyber criminals hit US hospital in ransomware attack

  Hollywood hospital forced to shut down all its computer systems while the FBI and others investigate

• February 16, 2016 16 Feb'16

  UK government invites comment on porn site age check plans

  Public consultation launched on how best to enforce age restrictions on pornographic web content

• February 12, 2016 12 Feb'16

  NCA dials up UK business engagement on cyber crime

  Rapidly ramping up law enforcement engagement with business on cyber crime is a top priority for National Cyber Crime Unit deputy director Sarah Goodall

• February 12, 2016 12 Feb'16

  US IT professionals overconfident in cyber attack detection, study finds

  Most US IT professionals are confident in key security controls to detect cyber attacks – but unsure how long it would take automated tools to discover a breach

• February 12, 2016 12 Feb'16

  Ukraine cyber attacks extend beyond power companies, says Trend Micro

  As half the homes in the Ivano-Frankivsk region plunge into darkness, Trend Micro finds evidence of cyber attack on a mining and a railway company

• February 11, 2016 11 Feb'16

  Social engineering is top hacking method, survey shows

  Social engineering tops the list of popular hacking methods, underlining the need for continuous monitoring, according to security firm Balabit

• February 11, 2016 11 Feb'16

  Financial institutions on high alert for major cyber attack

  The financial sector is facing the highest number of organised cyber attacks and multi-channel threats, a ThreatMetrix report reveals

• February 10, 2016 10 Feb'16

  UK businesses expect cyber attack recovery to cost at least £1.2m

  Most UK firms are implementing a cyber security policy and disaster recovery plan as they realise poor information security is the greatest risk to business

• February 10, 2016 10 Feb'16

  London Mayoral candidates go head-to-head on technology policy

  From abolishing tuition fees for STEM subjects to recognising broadband as a “core utility” and using the tech sector to prevent terrorist attacks, the five London mayoral candidates set out their policies for the tech industry

• February 10, 2016 10 Feb'16

  Obama's cyber security budget increase not enough, say critics

  US president proposes increasing the country’s cyber security budget by 35% to $19bn, but security experts suggest more is needed

• February 09, 2016 09 Feb'16

  Survey confirms cyber criminal activity by UK teens

  UK survey highlights the importance of understanding the online behaviour of young people to prevent them being drawn into cyber crime

• February 09, 2016 09 Feb'16

  US downplays claims of government database hacker

  US official have downplayed a claim that a government database has been hacked, saying none of the data exposed so far is sensitive

• February 08, 2016 08 Feb'16

  Bulk data collection unnecessary for surveillance, says cyber expert

  Opting for bulk data collection and other intrusive surveillance overlooks other means available that do not involve collateral damage to businesses and innocent people, says cyber expert

• February 08, 2016 08 Feb'16

  Hunt promises £4bn investment in NHS IT

  Government has announced a £4.2bn investment in a ‘paperless NHS’, with money to be spent on electronic patient records, cyber security, apps and Wi-Fi

• February 05, 2016 05 Feb'16

  Vaizey launches cyber security learning tool for HR professionals

  The government and the CIPD have launched a free e-learning module to help HR professionals protect sensitive HR data and educate the wider workforce about cyber security

• February 05, 2016 05 Feb'16

  Threat intelligence vital to cyber defence, claims CrowdStrike

  Companies that ignore the global events that are the drivers behind cyber threats will pay for it in the loss of revenue, jobs, intellectual property, and shareholder value, says CrowdStrike

• February 05, 2016 05 Feb'16

  Mobile apps are big threat to business security, researcher warns

  Attackers could already be exploiting the fact that most mobile apps are ‘leaving the door wide open’ through poor and insecure coding practices, says security researcher James Lyne

• February 04, 2016 04 Feb'16

  IoT risks raise concerns among IT specialists in central and eastern Europe

  The internet of things is gaining momentum in central and eastern Europe, but IT professionals have worries over security

• February 04, 2016 04 Feb'16

  Energy sector lacks visibility of damaging cyber attacks

  While 82% of energy sector IT professionals say a cyber attack could cause physical damage, 65% cannot track all threats to their networks

• February 04, 2016 04 Feb'16

  Google’s Chrome to flag deceptive embedded content

  Browser will warn of any embedded content such as ads that pretend to act like, and look and feel like, a trusted entity

• February 03, 2016 03 Feb'16

  Most UK firms lack cyber resilience, Ponemon study shows

  Despite understanding the severity of cyber threats, most UK companies are not resilient to attacks and lack confidence in their ability to recover

• February 01, 2016 01 Feb'16

  DDoS is most common cyber attack on financial institutions

  January’s attack on HSBC is typical for the financial sector, but no business should consider itself unlikely to be targeted in this way, say security experts

• February 01, 2016 01 Feb'16

  Australia offers easy targets for cyber criminals

  Security experts criticise organisations for paying up too easily when hit by ransomware

• February 01, 2016 01 Feb'16

  Cyber extortion is a growing, but largely hidden threat

  Security industry warns of increasing cyber extortion attacks as Lincolnshire County Council is hit by a ransomware demand

• February 01, 2016 01 Feb'16

  UK surveillance bill could hurt tech sector, warn MPs

  Parliament’s Science and Technology Committee says government's planned surveillance bill is too vague and needs to be redrafted to avoid economic damage