News
Hackers and cybercrime prevention
-
June 12, 2020
12
Jun'20
Twitter kills thousands of misinformation accounts
The accounts were linked to the governments of China, Russia and Turkey, and engaged in systematic operations against pro-democracy activists, political opponents and dissidents
-
June 11, 2020
11
Jun'20
Coronavirus: Bungled British response leads to rise in security risks
Covid-19 cyber security threats are evolving over the course of the pandemic, becoming more targeted to virus hotspots such as the UK
-
June 10, 2020
10
Jun'20
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks
-
June 10, 2020
10
Jun'20
Unsecured Elasticsearch server breached in eight hours flat
Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot
-
June 10, 2020
10
Jun'20
Nasty surprises lurking in furloughed employees’ inboxes
Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work
-
June 10, 2020
10
Jun'20
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm
-
June 09, 2020
09
Jun'20
Honda investigates suspected Snake ransomware attack
Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended
-
June 09, 2020
09
Jun'20
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data
-
June 08, 2020
08
Jun'20
What it takes to get DevSecOps right
DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools
-
June 05, 2020
05
Jun'20
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme
-
June 05, 2020
05
Jun'20
Ministry of Defence forms new cyber security regiment
The 13th Signal Regiment brings together personnel from across the armed forces to provide specialist security services
-
June 04, 2020
04
Jun'20
Black Lives Matter activists targeted by cyber attacks
Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide
-
June 04, 2020
04
Jun'20
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic
-
June 03, 2020
03
Jun'20
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic?
-
June 03, 2020
03
Jun'20
Security procurement framework goes live for NHS and public sector
Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched
-
June 03, 2020
03
Jun'20
Infosec 2020: Covid-19 an opportunity to change security thinking
The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness
-
June 02, 2020
02
Jun'20
VMware vulnerability leaves private clouds open to takeover
Ethical hackers from Citadelo uncovered a vulnerability in VMware Cloud Director that left private cloud owners open to takeover
-
June 01, 2020
01
Jun'20
Privacy campaigners call for radical changes to contact-tracing app
Liberty, Privacy International and the Open Rights Group join calls for the government to either put in place better data protection policies or abandon its Covid-19 contact-tracing app altogether
-
June 01, 2020
01
Jun'20
WikiLeaks founder Julian Assange misses court hearing due to respiratory problems
The WikiLeaks founder is expected to call 21 witnesses during a three-week extradition hearing in September
-
June 01, 2020
01
Jun'20
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending
-
May 29, 2020
29
May'20
Government launches IoT security funding round
A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security
-
May 29, 2020
29
May'20
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme
-
May 29, 2020
29
May'20
How Sega Europe slashed incident response times using cloud SIEM
Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service
-
May 29, 2020
29
May'20
Singapore’s contact-tracing app tops privacy study
Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds
-
May 28, 2020
28
May'20
IoT buyers eye private network deployments for added security
Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report
-
May 27, 2020
27
May'20
Enterprise clouds hammered by cyber attacks during pandemic
Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee
-
May 27, 2020
27
May'20
Fears contact-tracing app will open the floodgates for cyber criminals
Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government
-
May 26, 2020
26
May'20
StrandHogg mobile vulnerability has evil twin
Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device
-
May 26, 2020
26
May'20
Android security vulnerabilities differ by country, say researchers
Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack
-
May 25, 2020
25
May'20
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector
-
May 22, 2020
22
May'20
EasyJet to be sued over customer data breach
If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn
-
May 22, 2020
22
May'20
Covid-19 will leave organisations exposed to higher cyber risks
Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum
-
May 20, 2020
20
May'20
Responsible Cyber acquires Secucial in S$7m deal
Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint
-
May 19, 2020
19
May'20
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales
-
May 19, 2020
19
May'20
GDPR wholly inappropriate to govern contact-tracing data
Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app
-
May 19, 2020
19
May'20
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline
-
May 19, 2020
19
May'20
Sodinokibi cyber criminals plot to ‘auction’ Madonna data
The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time
-
May 19, 2020
19
May'20
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it
-
May 15, 2020
15
May'20
Questions raised after UK’s electrical grid shrugs off cyber attack
Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse
-
May 15, 2020
15
May'20
Law firm hackers threaten to release dirt on Trump
A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts
-
May 14, 2020
14
May'20
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China
-
May 14, 2020
14
May'20
UK’s contact-tracing app targeted by scammers
Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals
-
May 14, 2020
14
May'20
SK Telecom brings quantum security to the masses
The South Korean telco is readying the world’s first 5G smartphone equipped with a quantum random number generator chipset
-
May 13, 2020
13
May'20
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport
-
May 13, 2020
13
May'20
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list
-
May 13, 2020
13
May'20
Can Lady Gaga and Madonna get people to take security seriously?
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers
-
May 13, 2020
13
May'20
Microsoft fixes 16 critical vulnerabilities on Patch Tuesday
The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities
-
May 12, 2020
12
May'20
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos
-
May 12, 2020
12
May'20
Maze ransomware attack will cost Cognizant at least $50m to $70m
Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold
-
May 12, 2020
12
May'20
Banks failing to protect customers from coronavirus fraud
Just 13 of the 64 banks accredited for the government’s Coronavirus Business Interruption Loan Scheme have implemented Dmarc protection