News

Hackers and cybercrime prevention

• April 02, 2020 02 Apr'20

  Morrisons appeal success is cold comfort for enterprises

  The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them

• April 01, 2020 01 Apr'20

  What we can learn from Marriott’s new data breach embarrassment

  Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences

• April 01, 2020 01 Apr'20

  Morrisons not liable for 2014 data breach, says Supreme Court

  Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability

• April 01, 2020 01 Apr'20

  Coronavirus: WHO, Rakuten collaborate on anti-disinformation chatbot

  The World Health Organisation and Rakuten Viber have built an interactive, multi-language chatbot to try to get on top of the growing problem of disinformation during the coronavirus pandemic

• March 31, 2020 31 Mar'20

  Nigerian email attacks evolving into credible, dangerous threat

  Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to businesses worldwide

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 31, 2020 31 Mar'20

  Too late to protect online privacy, say Brits

  Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report

• March 31, 2020 31 Mar'20

  Houseparty denies hack as credential stuffing attacks spread

  Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise

• March 30, 2020 30 Mar'20

  Coronavirus: Don’t fall for fake cures, warns UK government

  Government urges people to be more vigilant about what they read and share online as it relaunches its Don’t Feed the Beast campaign to counter coronavirus disinformation

• March 27, 2020 27 Mar'20

  Insurance firm Chubb may be latest Maze ransomware victim

  Maze ransomware group claims to have stolen personal data from the systems of cyber security insurance firm Chubb

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges

• March 26, 2020 26 Mar'20

  Coronavirus: What are the latest free cyber security offers?

  We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis

• March 26, 2020 26 Mar'20

  Tupperware fixes hacked site, but questions remain over response

  Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it

• March 26, 2020 26 Mar'20

  Coronavirus: Be alert to rogue mobile apps exploiting outbreak

  Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them

• March 26, 2020 26 Mar'20

  Developed APAC states most exposed to cyber risks

  Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds

• March 25, 2020 25 Mar'20

  Kitchenware brand Tupperware is ignoring hacked website

  Website has been hacked in a targeted cyber attack, and the dangerous vulnerability has not been addressed

• March 25, 2020 25 Mar'20

  Almost half of UK businesses suffered a cyber attack in past year

  Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism

• March 25, 2020 25 Mar'20

  Australia inks digital economy pact with Singapore

  Australia’s digital economy agreement with Singapore will pave the way for data transfers and other digital trade opportunities

• March 24, 2020 24 Mar'20

  Fake antivirus site promises coronavirus protection, delivers trojan

  Researchers at Malwarebytes have warned of an increasing volume of scam sites exploiting the Covid-19 coronavirus

• March 24, 2020 24 Mar'20

  Tekya auto-clicker malware exploits kids’ Android apps

  Google has removed multiple apps for children that were found to contain Tekya auto-clicker malware

• March 24, 2020 24 Mar'20

  Legacy AV defenceless against onslaught of evasive malware

  More than two-thirds of malware detected by WatchGuard in the last three months of 2019 was able to evade signature-based antivirus products, rendering them effectively useless in most instances

• March 23, 2020 23 Mar'20

  Coronavirus: Kaspersky, Bitdefender make products free to NHS

  Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies

• March 23, 2020 23 Mar'20

  Thousands of Netflix, Disney+ streaming accounts being stolen

  Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts

• March 23, 2020 23 Mar'20

  Interview: Jamil Farshchi, CISO, Equifax

  Equifax CISO Jamil Farshchi discusses public cloud and why it’s not something IT security professionals should be afraid of

• March 22, 2020 22 Mar'20

  Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack

  The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems

• March 20, 2020 20 Mar'20

  Coronavirus: Sans Institute issues cyber security advice for parents

  With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms

• March 20, 2020 20 Mar'20

  Unpatched Zyxel storage devices co-opted into IoT botnet

  Owners of Zyxel network-attached storage devices are in danger of being hijacked by Mukashi, a descendant of the infamous Mirai botnet, if they don’t patch a critical vulnerability

• March 19, 2020 19 Mar'20

  IT Priorities 2020: ANZ firms to spend more on cyber security

  Over half of respondents in Australia and New Zealand plan to invest more in cyber security, especially in key areas such as data loss prevention

• March 19, 2020 19 Mar'20

  Volume of computer misuse incidents falling, says ONS

  Downward trend comes despite an overall increase in fraud, according to new statistics

• March 18, 2020 18 Mar'20

  Coronavirus now possibly largest-ever cyber security threat

  The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever

• March 18, 2020 18 Mar'20

  Prudential turns to AI to secure computer networks against cyber attacks

  Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats

• March 17, 2020 17 Mar'20

  Covid-19: NCSC issues secure remote working guidance

  With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them

• March 17, 2020 17 Mar'20

  Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll

  Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency

• March 17, 2020 17 Mar'20

  SentinelOne makes security platform free to support remote workers

  Endpoint protection platform service will be made free until 16 May 2020 to help protect remote workers during the Covid-19 coronavirus crisis

• March 16, 2020 16 Mar'20

  NCSC issues coronavirus cyber security alert

  The UK’s National Cyber Security Centre has issued a public alert and fresh guidance as more cyber criminals get wise to the lucrative potential of Covid-19

• March 13, 2020 13 Mar'20

  Coronavirus-linked hacks likely as Czech hospital comes under attack

  The world of cyber security is on high alert to heightened vulnerabilities as the spread of the Covid-19 coronavirus changes daily life across Europe

• March 13, 2020 13 Mar'20

  UK’s security sector failing on most diversity measures

  A DCMS report on the state of the UK’s cyber security workforce highlights a huge lack of diversity and a substantial skills gap

• March 12, 2020 12 Mar'20

  Turla’s use of Iranian infrastructure probably opportunistic

  Turla, the Kremlin-linked APT group that last year hijacked an Iranian group’s infrastructure, was likely to have been operating opportunistically, according to researchers

• March 12, 2020 12 Mar'20

  Security pros just want to be loved, report finds

  Being valued by the business for their role in keeping the organisation safe and upholding ethical standards is a primary motivator for CISOs and other security professionals

• March 12, 2020 12 Mar'20

  Cookie-stealing trojans found lurking on Android phones

  Kaspersky discovers two new Android malware modifications that could give hackers control of their victims’ social media accounts

• March 11, 2020 11 Mar'20

  Microsoft locks down new vulnerability with EternalBlue echoes

  Microsoft has moved to get ahead of a serious remote code execution vulnerability in Microsoft Server Message Block 3.1.1, which was accidentally disclosed then missed in its March Patch Tuesday update

• March 11, 2020 11 Mar'20

  Microsoft fixes 26 critical vulnerabilities in another heavy Patch Tuesday

  March’s Patch Tuesday is another big one for Microsoft, addressing 115 vulnerabilities, 26 of them critical

• March 10, 2020 10 Mar'20

  Schoolgirl security experts prepare to do battle

  The finals of the CyberFirst Girls contest will take place on 16 March as the culmination of the NCSC’s annual competition to unearth future security talent

• March 10, 2020 10 Mar'20

  Hacking community targeted by cyber criminals in new trojan campaign

  Cybereason’s Nocturnus threat research team has uncovered a cyber criminal campaign that weaponises popular hacking tools

• March 10, 2020 10 Mar'20

  VAT software supplier exposed data of millions

  Eight million sales records belonging to UK and EU consumers left exposed due to misconfigured server

• March 09, 2020 09 Mar'20

  Bill Gates backs Crest fintech security scheme for Africa and Asia

  UK-based cyber security accreditation and certification non-profit Crest has been awarded a $1.4m grant from the Bill and Melinda Gates Foundation to expand cyber security capacity for fintechs in Africa and Asia

• March 09, 2020 09 Mar'20

  DCMS to oversee coronavirus disinformation unit

  A cross-departmental counter-disinformation unit will seek to protect and secure UK citizens from disinformation, scams and cyber security threats related to the Covid-19 outbreak

• March 05, 2020 05 Mar'20

  Boots and Tesco loyalty card schemes plagued by security issues

  High-street retailers deal with fraudulent attempts to access the accounts of thousands of customers

• March 05, 2020 05 Mar'20

  Cathay Pacific hit with £500,000 data protection fine from ICO over 2018 breach

  Airline receives maximum financial penalty under Data Protection Act for data breach that led to nine million customers having their personal data accessed by hackers

• March 04, 2020 04 Mar'20

  Australian government pulls plug on cloud certification programme

  The Australian Signals Directorate is closing its cloud services certification programme to allow for more home-grown suppliers

• March 04, 2020 04 Mar'20

  F-Secure reports a steep rise in hacking attempts

  An increase in distributed denial of service attacks pushes up the volume of identified rogue internet traffic to almost three billion

• March 03, 2020 03 Mar'20

  Horangi and Tokio Marine team up on cyber security services

  Singapore-based Horangi will provide penetration testing, among other cyber security services, to Tokio Marine Insurance Singapore’s cyber risk insurance clients

• March 03, 2020 03 Mar'20

  Singapore among world’s top sources of online threats

  Singapore remained a hotspot for originating cyber attacks in 2019, with 11 million attacks launched from servers in the city-state

• March 02, 2020 02 Mar'20

  The Security Interviews: Inside the world of bug bounties

  You may not make a million as a bug bounty hunter, but you might help remove some of the stigma that persists around cyber security, says HackerOne’s Shlomie Liberow

• March 01, 2020 01 Mar'20

  Data breaches in Australia showing no signs of abating

  Compromised login credentials and human error were the most common causes of data breaches reported under Australia’s notifiable data breach regime from July to December 2019

• February 28, 2020 28 Feb'20

  NCSC makes ransomware attack guidance more accessible

  Following a swathe of high-profile ransomware attacks, the UK’s National Cyber Security Centre has made changes to its guidance, emphasising the importance of offline backups

• February 27, 2020 27 Feb'20

  WikiLeaks founder Assange is well enough to participate in extradition proceedings, says judge

  A judge dismissed claims that Julian Assange’s vulnerable psychological state would prevent him from taking part in his extradition hearing to face espionage and computer misuse charges in the US

• February 27, 2020 27 Feb'20

  Clearview hack fuels debate over facial recognition

  Customers of Clearview AI, a controversial startup that scrapes and sells billions of photos of people from social media to police forces, have found themselves at the centre of a major data breach

• February 27, 2020 27 Feb'20

  Redcar & Cleveland Council confirms ransomware attack

  Local authority’s systems are still offline nearly three weeks after being attacked

• February 27, 2020 27 Feb'20

  Kr00k vulnerability compromises billions of Wi-Fi devices

  Billions of Wi-Fi chips used in IoT devices, laptops, smartphones and tablets are vulnerable to a serious vulnerability

• February 27, 2020 27 Feb'20

  IT Priorities 2020: ASEAN firms on the frontline of digital transformation

  Southeast Asian companies plan to spend more on infrastructure and cyber security, but the growth in IT budgets appears to be slowing down

• February 26, 2020 26 Feb'20

  Fake CDNs obscuring credit card fraudsters

  Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities

• February 26, 2020 26 Feb'20

  Cloud Snooper firewall bypass may be work of nation state

  Cloud Snooper deploys a combination of specialised techniques to sneak past enterprise firewalls, warns Sophos

• February 26, 2020 26 Feb'20

  WikiLeaks founder Julian Assange cannot be legally extradited for ‘political offences’, say lawyers

  Lawyers for WikiLeaks founder Julian Assange argue that he has been charged with political offences and cannot be legally extradited to the US under the US-UK extradition treaty

• February 26, 2020 26 Feb'20

  FCA data breach could happen to anybody, but easy to avoid

  Minor data breach at the Financial Conduct Authority was the result of simple human error, and highlights the need for organisations to consider a wide range of potential threats

• February 25, 2020 25 Feb'20

  Julian Assange phoned White House to warn of risk to lives

  Julian Assange phoned the White House to warn officials that unredacted cables published on the web posed a risk to lives, a court heard yesterday

• February 25, 2020 25 Feb'20

  Sports retailer Decathlon left employee data exposed

  More than 123 million records were accidentally exposed on an unsecured ElasticSearch server

• February 25, 2020 25 Feb'20

  The Security Interviews: Gil Shwed’s 10-year vision for security

  Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years

• February 25, 2020 25 Feb'20

  Mastercard creates 1,500 tech jobs in Ireland

  New roles at tech hub in Dublin will include professionals with expertise in artificial intelligence, cyber security, blockchain and user experience

• February 25, 2020 25 Feb'20

  Cyber criminals targeting UK motorists, warns DVLA

  Cyber criminals are offering various services and tax refunds that purport to be from the DVLA

• February 24, 2020 24 Feb'20

  Assange extradition is a politically motivated ‘abuse of power’, court hears

  US government’s attempt to extradite WikiLeaks founder Julian Assange to face espionage charges in the US is politically motivated and an abuse of process, court told

• February 24, 2020 24 Feb'20

  WikiLeaks founder Assange ‘put lives at risk’ by disclosing names in leaked documents, court hears

  WikiLeaks founder Julian Assange ‘put lives of US informants at risk’ by publishing unredacted documents, lawyers for the US argued at the first day of a week-long extradition hearing

• February 21, 2020 21 Feb'20

  Malicious apps still getting past Google controls

  Check Point researchers have found multiple malware-infected apps in the Google Play store, including a clicker called Haken, which has been downloaded more than 50,000 times

• February 21, 2020 21 Feb'20

  F-Secure’s AI reads mean tweets to fight abuse and trolls

  Researchers working on F-Secure’s Project Blackfin have developed a model for clustering tweets to help pinpoint abuse and harassment

• February 20, 2020 20 Feb'20

  UK and US accuse Russian spooks of Georgia cyber attacks

  Foreign secretary describes 2019 campaign of cyber attacks as reckless, brazen and unacceptable

• February 20, 2020 20 Feb'20

  Facilities firm ISS World crippled by ransomware attack

  An apparent ransomware attack has compromised some IT and email systems at Danish facilities firm ISS World

• February 19, 2020 19 Feb'20

  Blasé directors put business data at risk

  The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress

• February 18, 2020 18 Feb'20

  US ‘breached due process’ in spying operation against Julian Assange’s lawyers

  Surveillance footage of Julian Assange’s meetings with lawyers and doctors in the Ecuadorian Embassy in London was an “abuse of process”

• February 18, 2020 18 Feb'20

  Girlguiding hosts interactive cyber security workshop

  100 Guides from South West England took part in an NCSC event to learn more about security fundamentals

• February 18, 2020 18 Feb'20

  Untrusted security teams being left out of business decisions

  Only a third of organisations are involving their cyber security function at the planning stage of business initiatives

• February 17, 2020 17 Feb'20

  Australians more savvy about cyber security

  More Australians look out for signs of security features such as SSL encryption even as they remain sceptical of the data protection capabilities of small businesses

• February 17, 2020 17 Feb'20

  Mastercard opens European security resilience unit

  Mastercard’s European Cyber Resilience Centre will bring together its partners and other industry bodies to support enterprise resilience

• February 17, 2020 17 Feb'20

  Ex-soldiers to become ethical hackers

  A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking

• February 13, 2020 13 Feb'20

  Cyber criminals spread coronavirus conspiracy theories

  The latest email campaigns identified by Proofpoint are spreading conspiracy theories about the coronavirus outbreak

• February 12, 2020 12 Feb'20

  Emotet evolving to exploit coronavirus fear

  With coronavirus cases now reported across the world, Emotet campaigns are exploiting legitimate fears to compromise their targets

• February 12, 2020 12 Feb'20

  Internet Explorer zero day among 99 Patch Tuesday problems

  After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities

• February 11, 2020 11 Feb'20

  Mac-based security threats outpacing Windows

  Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes

• February 11, 2020 11 Feb'20

  Chinese military personnel accused of Equifax hack

  A US federal grand jury has indicted four Chinese army personnel over the 2017 Equifax breach

• February 10, 2020 10 Feb'20

  What should be in Australia’s next cyber security strategy

  The Australian government is reviewing the nation’s cyber security strategy, but is it looking at the right issues?

• February 07, 2020 07 Feb'20

  RobbinHood ransomware tricks Windows into deleting defences

  By subverting kernel memory settings in Windows 7, Windows 8 and Windows 10, the RobbinHood ransomware can now delete cyber security defences from target systems

• February 07, 2020 07 Feb'20

  Joaquin Phoenix’s Joker is ‘most dangerous’ movie

  Ahead of the 2020 Oscars, Kaspersky researchers say they found more than 300 files masquerading as the Joker movie

• February 06, 2020 06 Feb'20

  Maastricht University pays €200,000 to Russian hackers

  A Dutch university has taken the difficult decision to pay hundreds of thousands of Euros to Russian hackers that compromised its systems through a ransomware attack

• February 06, 2020 06 Feb'20

  Stressed, overworked CISOs losing £23k a year in unpaid overtime

  Nominet’s latest CISO Stress Report has revealed the extent to which organisations are taking advantage of their security staff, and the deleterious effects of overwork and stress on mental health

• February 05, 2020 05 Feb'20

  Darktrace signs to McLaren for 2020 F1 season

  McLaren Racing has enlisted Darktrace to become its official artificial intelligence cyber security partner

• February 05, 2020 05 Feb'20

  Scammers using fake PayPal emails stole over £1m in the UK in last quarter

  Fraudsters tricked Brits into sending over £1m worth of goods to them that they hadn't paid for

• February 05, 2020 05 Feb'20

  Web app ubiquity gives cyber criminals new opportunities

  The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals

• February 05, 2020 05 Feb'20

  Check Point pledges end to security updates

  Check Point’s Gil Shwed expands on a vision for the next 10 years of cyber security, which he calls Infinity Next

• February 05, 2020 05 Feb'20

  IoT network flaw left Philips Hue bulbs open to attack

  Vulnerabilities in the ZigBee internet of things networking protocol have left market-leading smart devices, including Philips Hue lightbulbs, open to exploitation

• February 03, 2020 03 Feb'20

  NHS adds supplier security audits to procurement platform

  A new feature in the NHS’s Edge4Health procurement platform will help NHS suppliers improve their cyber security posture and NHS organisations make better buying decisions

• January 31, 2020 31 Jan'20

  Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks

  Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum