News

Hackers and cybercrime prevention

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 22, 2020 22 May'20

  Covid-19 will leave organisations exposed to higher cyber risks

  Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum

• May 20, 2020 20 May'20

  Responsible Cyber acquires Secucial in S$7m deal

  Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  GDPR wholly inappropriate to govern contact-tracing data

  Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Nine million EasyJet customer details lost in data breach

  Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline

• May 19, 2020 19 May'20

  Sodinokibi cyber criminals plot to ‘auction’ Madonna data

  The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time

• May 19, 2020 19 May'20

  Vast majority of cyber attacks are easy to stop, says Verizon

  Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it

• May 15, 2020 15 May'20

  Questions raised after UK’s electrical grid shrugs off cyber attack

  Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse

• May 15, 2020 15 May'20

  Law firm hackers threaten to release dirt on Trump

  A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts

• May 14, 2020 14 May'20

  China targeting Covid-19 researchers through IT suppliers, claims US

  The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China

• May 14, 2020 14 May'20

  UK’s contact-tracing app targeted by scammers

  Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals

• May 14, 2020 14 May'20

  SK Telecom brings quantum security to the masses

  The South Korean telco is readying the world’s first 5G smartphone equipped with a quantum random number generator chipset

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  Can Lady Gaga and Madonna get people to take security seriously?

  What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers

• May 13, 2020 13 May'20

  Microsoft fixes 16 critical vulnerabilities on Patch Tuesday

  The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities

• May 12, 2020 12 May'20

  Pay the ransom and double your recovery costs, report warns

  Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos

• May 12, 2020 12 May'20

  Maze ransomware attack will cost Cognizant at least $50m to $70m

  Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold

• May 12, 2020 12 May'20

  Banks failing to protect customers from coronavirus fraud

  Just 13 of the 64 banks accredited for the government’s Coronavirus Business Interruption Loan Scheme have implemented Dmarc protection

• May 11, 2020 11 May'20

  Pitney Bowes hit by Maze in second ransomware attack in a year

  Shipping services firm falls victim to Maze ransomware just seven months after a previous major attack

• May 07, 2020 07 May'20

  Zoom buys secure messaging service Keybase

  Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table

• May 07, 2020 07 May'20

  SilverTerrier cyber crime group targets Covid-19 key workers

  Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 07, 2020 07 May'20

  FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange

  FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign

• May 07, 2020 07 May'20

  Next round of Zoom updates targets consumer security

  Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend

• May 07, 2020 07 May'20

  NCSC Covid-19 scam reporting service sees more than 160,000 reports

  The general public has taken to the NCSC’s scam reporting service like ducks to water, with thousands of suspicious emails reported to it in just two weeks

• May 06, 2020 06 May'20

  Criminal justice system is failing cyber crime victims

  Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study

• May 06, 2020 06 May'20

  HMRC tackles almost 300 coronavirus phishing websites

  Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public

• May 06, 2020 06 May'20

  End-users failing to protect themselves online

  Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report

• May 05, 2020 05 May'20

  Coronavirus: NCSC issues urgent alert for healthcare sector

  UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations

• May 05, 2020 05 May'20

  GoDaddy owns up to October 2019 data breach

  Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts

• May 04, 2020 04 May'20

  Xen Orchestra latest victim of Salt cryptojackers

  More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward

• May 04, 2020 04 May'20

  Assange extradition hearing to take place in September following coronavirus lockdown

  An extradition hearing against WikiLeaks founder Julian Assange has been delayed by four months, after defence and prosecution lawyers said the Covid-19 lockdown would make it impractical to hold a fair hearing in May

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• April 30, 2020 30 Apr'20

  Cyber security skills courses go online during pandemic

  The government is turning to online learning to find the next generation of cyber security talent

• April 30, 2020 30 Apr'20

  Critical SaltStack vulnerability affects thousands of datacentres

  Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away

• April 30, 2020 30 Apr'20

  Mobile banking customers at risk from new EventBot trojan

  Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan

• April 29, 2020 29 Apr'20

  IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture

  Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases

• April 29, 2020 29 Apr'20

  Coronavirus: GCHQ gets access to NHS data to beef up security

  Health secretary gave GCHQ emergency powers to obtain information relating to the security of its networks and IT systems at the beginning of April, it has emerged

• April 28, 2020 28 Apr'20

  Almost half of security pros being redeployed during pandemic

  Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic

• April 28, 2020 28 Apr'20

  Black Rose Lucy ransomware now posing as FBI porn warning

  A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point

• April 27, 2020 27 Apr'20

  Julian Assange extradition hearing postponed amid coronavirus lockdown

  Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May

• April 27, 2020 27 Apr'20

  Microsoft patches .gif file vulnerability in Teams

  Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts

• April 27, 2020 27 Apr'20

  UK tech companies launch online safety body

  Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding

• April 24, 2020 24 Apr'20

  The Security Interviews: Can AV go from dodgy scareware to cyber hero?

  Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

• April 23, 2020 23 Apr'20

  Ransomware-stricken Travelex up for sale

  Travelex’s parent Finablr is washing its hands of the ransomware-stricken forex provider as it struggles with the twin shocks of the Covid-19 pandemic and a developing fraud scandal

• April 23, 2020 23 Apr'20

  iOS zero-day leaves iPhone users dangerously exposed

  Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices

• April 23, 2020 23 Apr'20

  Zoom to roll out fresh cyber security updates

  New features include support for advanced AES 256-bit encryption

• April 22, 2020 22 Apr'20

  NCSC overwhelmed by response to coronavirus campaign

  The UK’s NCSC has taken down more than 80 malicious web campaigns and received 5,000 reports of suspicious emails within 24 hours of launching reporting service

• April 22, 2020 22 Apr'20

  Coronavirus: Banking and mobile sectors collaborate to stop text scams

  Initiative aims to protect 50 genuine brands and government organisations from being impersonated by cyber criminals

• April 22, 2020 22 Apr'20

  Coronavirus: Cyber criminals may be changing tactics

  Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition

• April 21, 2020 21 Apr'20

  Revealed: The man behind the first major computer virus pandemic

  After 20 years of silence, Onel de Guzman has admitted unleashing the “Love Bug”, the computer virus that caused havoc by infecting 45 million machines around the world

• April 21, 2020 21 Apr'20

  Coronavirus: HMRC job retention scheme targeted by cyber criminals

  The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals

• April 21, 2020 21 Apr'20

  When data protection is not enough

  Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy

• April 20, 2020 20 Apr'20

  NCSC launches coronavirus cyber security campaign

  The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic

• April 20, 2020 20 Apr'20

  IT services company Cognizant warns customers after ‘Maze’ ransomware attack

  US IT services company Cognizant alerts customers after the Maze ransomware group launches a cyber attack

• April 20, 2020 20 Apr'20

  Zoom and WebEx users targeted by credential stealing attempts

  Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 20, 2020 20 Apr'20

  Australian workers are weakest link in fight against cyber attacks

  About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, new study finds

• April 17, 2020 17 Apr'20

  Coronavirus: How Nominet fights back against malicious domains

  Domain name registry has thwarted hundreds of attempts to register malicious .uk domain names during the coronavirus pandemic

• April 16, 2020 16 Apr'20

  Check Point sounds alarm over double extortion ransomware threat

  Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard

• April 16, 2020 16 Apr'20

  NHS Wales to get free security services during coronavirus pandemic

  NHS Wales Informatics Services enlists Thales to help it face down security threats and let its teams focus on the Covid-19 coronavirus crisis

• April 16, 2020 16 Apr'20

  Coronavirus: Cyber attacks on banks seen spiking, says Carbon Black

  VMware’s Carbon Black observes a spike in cyber attacks on financial services organisations

• April 15, 2020 15 Apr'20

  Coronavirus: Standard Chartered bans employees from Zoom

  Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom

• April 15, 2020 15 Apr'20

  Coronavirus: Researcher finds security vulnerability in Slack

  Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher

• April 15, 2020 15 Apr'20

  Microsoft patches 19 critical bugs in another heavy Patch Tuesday

  The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday

• April 14, 2020 14 Apr'20

  Apple and Netflix most imitated brands in phishing attacks

  A new report highlights the brands which are being most frequently spoofed by cyber criminals in phishing attacks

• April 14, 2020 14 Apr'20

  Coronavirus: Zoom user credentials for sale on dark web

  IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web

• April 10, 2020 10 Apr'20

  Coronavirus: Warning over surge in Zoom security incidents

  Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools

• April 09, 2020 09 Apr'20

  Coronavirus: Zoom restricted or banned at multiple organisations

  Use of videoconferencing tool has been banned at Google and in parts of the German and US governments

• April 08, 2020 08 Apr'20

  Revealed: Estonia targeted by Russia-linked disinformation deluge

  Kremlin-linked threat actors are undermining the government of Estonia and its relationship with the European Union through a concerted disinformation campaign, with wider ramifications

• April 08, 2020 08 Apr'20

  Despite coronavirus, overall cyber crime volumes hold steady

  The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being

• April 08, 2020 08 Apr'20

  Coronavirus: McAfee unearths dark web blood bank

  Cyber criminals are selling fake goods and running scams on online marketplaces during the Covid-19 pandemic. Don’t be taken in

• April 08, 2020 08 Apr'20

  Coronavirus threats ramp up as more hospitals come under attack

  The Covid-19 Cyber Threat Coalition finds the majority of security pros have been targeted by cyber criminals exploiting the coronavirus pandemic, and adds to warnings of increased activity targeting the health sector

• April 07, 2020 07 Apr'20

  Judge refuses to delay Assange's extradition hearing over coronavirus pandemic

  District Judge Vanessa Baraitser says extradition proceedings will go ahead against Julian Assange, after his lawyers argued that the coronavirus lockdown means they cannot prepare their defence

• April 07, 2020 07 Apr'20

  Coronavirus: Criminals using Zoom installer to spread cryptominer

  Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims

• April 06, 2020 06 Apr'20

  Zero-day exploits increasingly commodified, say researchers

  The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills

• April 05, 2020 05 Apr'20

  Interpol warns of more ransomware attacks against healthcare sector

  Purple notice issued to alert police forces around the world of ransomware attacks against hospitals and other healthcare institutions

• April 05, 2020 05 Apr'20

  Google data shows high interest in security and remote working

  An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis

• April 02, 2020 02 Apr'20

  Coronavirus: Magecart attacks on online retailers jump 20%

  RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic

• April 02, 2020 02 Apr'20

  Morrisons appeal success is cold comfort for enterprises

  The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them

• April 01, 2020 01 Apr'20

  What we can learn from Marriott’s new data breach embarrassment

  Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences

• April 01, 2020 01 Apr'20

  Morrisons not liable for 2014 data breach, says Supreme Court

  Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability

• April 01, 2020 01 Apr'20

  Coronavirus: WHO, Rakuten collaborate on anti-disinformation chatbot

  The World Health Organisation and Rakuten Viber have built an interactive, multi-language chatbot to try to get on top of the growing problem of disinformation during the coronavirus pandemic

• March 31, 2020 31 Mar'20

  Nigerian email attacks evolving into credible, dangerous threat

  Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to businesses worldwide

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 31, 2020 31 Mar'20

  Too late to protect online privacy, say Brits

  Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report

• March 31, 2020 31 Mar'20

  Houseparty denies hack as credential stuffing attacks spread

  Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise

• March 30, 2020 30 Mar'20

  Coronavirus: Don’t fall for fake cures, warns UK government

  Government urges people to be more vigilant about what they read and share online as it relaunches its Don’t Feed the Beast campaign to counter coronavirus disinformation

• March 27, 2020 27 Mar'20

  Insurance firm Chubb may be latest Maze ransomware victim

  Maze ransomware group claims to have stolen personal data from the systems of cyber security insurance firm Chubb

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Tupperware fixes hacked site, but questions remain over response

  Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it

• March 26, 2020 26 Mar'20

  Coronavirus: Be alert to rogue mobile apps exploiting outbreak

  Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them

• March 26, 2020 26 Mar'20

  Developed APAC states most exposed to cyber risks

  Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds

• March 25, 2020 25 Mar'20

  Kitchenware brand Tupperware is ignoring hacked website

  Website has been hacked in a targeted cyber attack, and the dangerous vulnerability has not been addressed

• March 25, 2020 25 Mar'20

  Almost half of UK businesses suffered a cyber attack in past year

  Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism

• March 25, 2020 25 Mar'20

  Australia inks digital economy pact with Singapore

  Australia’s digital economy agreement with Singapore will pave the way for data transfers and other digital trade opportunities