News

Hackers and cybercrime prevention

• June 30, 2020 30 Jun'20

  Complex security estates hinder incident response

  The more disparate security tools in use in an organisation, the harder it becomes to mount an effective incident response

• June 29, 2020 29 Jun'20

  Lawyers learn of fresh US allegations against WikiLeaks founder Julian Assange from press reports

  The US has filed an updated indictment against Julian Assange alleging that he conspired with hacking groups to obtain information for WikiLeaks. Defence and prosecution lawyers learned about it from press reports

• June 29, 2020 29 Jun'20

  Phishing back in vogue as ransomware vector

  Researchers have observed an increase in phishing as a means to deliver ransomware payloads – and organisations don’t appear to be prepared

• June 29, 2020 29 Jun'20

  Evil Corp’s latest ransomware project spreading fast

  A new ransomware strain dubbed WastedLocker is spreading rapidly and targeting major corporations

• June 29, 2020 29 Jun'20

  GCHQ launches Manchester accelerator programme to help firms leverage tech for citizen well-being

  Innovation Co-Lab will mentor companies to grow, prevent crime and improve online safety

• June 29, 2020 29 Jun'20

  Making the case for cloud-based security

  Cloud-based security tools can hasten threat detection and response, but adoption will depend on where an enterprise is on the cloud readiness scale

• June 29, 2020 29 Jun'20

  Out of date security laws leave UK plc at risk during pandemic

  The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws

• June 26, 2020 26 Jun'20

  Coronavirus: Cyber crime landscape evolving as lockdown eases

  As some countries begin to gradually ease Covid-19 lockdown measures, cyber criminals’ tactics are changing, but the pandemic remains a tempting lure

• June 24, 2020 24 Jun'20

  NCSC catches a million phishes in its nets

  The NCSC has racked up a million suspicious email reports from the public just two months after launching a reporting service, but the lucky sender won’t be receiving a grand prize

• June 23, 2020 23 Jun'20

  Neurodiversity on the rise among career hackers

  More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd

• June 23, 2020 23 Jun'20

  Twitter contacts business users over data exposure

  Issue relates to how web browsers cached confidential data entered in Twitter’s ads and analytics services, but is unlikely to have resulted in compromise

• June 23, 2020 23 Jun'20

  Flash-based MacOS malware hides in plain sight

  By masquerading as a legitimate Adobe web application, the new malware strains can trick Mac users into bypassing their on-board defences

• June 23, 2020 23 Jun'20

  Concern over digital risk falls dramatically during pandemic

  Brits are understandably more worried about the NHS than personal cyber security

• June 21, 2020 21 Jun'20

  APAC still hotbed for cyber attacks

  Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds

• June 19, 2020 19 Jun'20

  Online shopping fraud hits £16m during lockdown

  A quarter of victims were aged between 18 and 26, says Action Fraud

• June 19, 2020 19 Jun'20

  Australian prime minister confirms country is suffering repeated nation-state cyber attacks

  Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors

• June 18, 2020 18 Jun'20

  Cisco patches dangerous Webex vulnerability

  CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service

• June 18, 2020 18 Jun'20

  Check Point uncovers targeted Microsoft Office 365 phishing campaign

  Organised criminal campaign exploited Adobe, Oxford University and Samsung web domains to trick users into giving up their passwords

• June 18, 2020 18 Jun'20

  Zoom U-turns on end-to-end encryption

  Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users

• June 17, 2020 17 Jun'20

  Cosmetics company Avon offline after cyber attack

  Representatives left unable to place orders after company’s back-end systems went offline over a week ago

• June 16, 2020 16 Jun'20

  Activists call on Zoom to implement encryption for all

  A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users

• June 15, 2020 15 Jun'20

  Banking trojans roar back to prominence in May

  Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants

• June 15, 2020 15 Jun'20

  NatWest develops behavioural biometrics as additional authentication

  Bank is working with Visa to develop behavioural biometrics technology as an extra layer of invisible authentication

• June 15, 2020 15 Jun'20

  Accessories store Claire’s hit by Magecart credit card fraudsters

  Attackers gained access to retailer’s website as long ago as March

• June 12, 2020 12 Jun'20

  NHS email service users ensnared in phishing attack

  More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed

• June 12, 2020 12 Jun'20

  Fake contact-tracing apps delivering banking trojans

  Spoof government coronavirus apps are popping up all over the world, says the Anomali Threat Research team

• June 12, 2020 12 Jun'20

  100,000 cheap wireless cameras vulnerable to hacking

  Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors

• June 12, 2020 12 Jun'20

  UN secretary general calls for global digital cooperation

  Antonio Guterres launches roadmap for digital cooperation and calls for world leaders to come together to “connect, respect and protect people in the digital age”

• June 12, 2020 12 Jun'20

  Twitter kills thousands of misinformation accounts

  The accounts were linked to the governments of China, Russia and Turkey, and engaged in systematic operations against pro-democracy activists, political opponents and dissidents

• June 11, 2020 11 Jun'20

  Coronavirus: Bungled British response leads to rise in security risks

  Covid-19 cyber security threats are evolving over the course of the pandemic, becoming more targeted to virus hotspots such as the UK

• June 10, 2020 10 Jun'20

  Decade-old vulnerability among 129 Patch Tuesday fixes

  A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks

• June 10, 2020 10 Jun'20

  Unsecured Elasticsearch server breached in eight hours flat

  Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot

• June 10, 2020 10 Jun'20

  Nasty surprises lurking in furloughed employees’ inboxes

  Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work

• June 10, 2020 10 Jun'20

  How Australian firms can defend against supply chain attacks

  Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm

• June 09, 2020 09 Jun'20

  Honda investigates suspected Snake ransomware attack

  Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended

• June 09, 2020 09 Jun'20

  Poorly-secured AWS buckets used to launch Magecart attacks

  Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data

• June 08, 2020 08 Jun'20

  What it takes to get DevSecOps right

  DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools

• June 05, 2020 05 Jun'20

  Police chiefs working with Public Health England on contact-tracing security

  Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme

• June 05, 2020 05 Jun'20

  Ministry of Defence forms new cyber security regiment

  The 13th Signal Regiment brings together personnel from across the armed forces to provide specialist security services

• June 04, 2020 04 Jun'20

  Black Lives Matter activists targeted by cyber attacks

  Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide

• June 04, 2020 04 Jun'20

  Coronavirus: Cyber criminals target laid-off workers

  Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic

• June 03, 2020 03 Jun'20

  Sodinokibi data auctions highlight changing criminal tactics

  The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic?

• June 03, 2020 03 Jun'20

  Security procurement framework goes live for NHS and public sector

  Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched

• June 03, 2020 03 Jun'20

  Infosec 2020: Covid-19 an opportunity to change security thinking

  The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness

• June 02, 2020 02 Jun'20

  VMware vulnerability leaves private clouds open to takeover

  Ethical hackers from Citadelo uncovered a vulnerability in VMware Cloud Director that left private cloud owners open to takeover

• June 01, 2020 01 Jun'20

  Privacy campaigners call for radical changes to contact-tracing app

  Liberty, Privacy International and the Open Rights Group join calls for the government to either put in place better data protection policies or abandon its Covid-19 contact-tracing app altogether

• June 01, 2020 01 Jun'20

  WikiLeaks founder Julian Assange misses court hearing due to respiratory problems

  The WikiLeaks founder is expected to call 21 witnesses during a three-week extradition hearing in September

• June 01, 2020 01 Jun'20

  How managed threat hunting helps bust malicious insiders

  Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending

• May 29, 2020 29 May'20

  Government launches IoT security funding round

  A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security

• May 29, 2020 29 May'20

  Test and Trace has not passed data protection impact assessment

  Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme