News

Hackers and cybercrime prevention

• November 05, 2019 05 Nov'19

  ICO launches data security campaign for UK General Election

  Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes

• November 04, 2019 04 Nov'19

  EU patches 20-year-old open source vulnerability

  Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability

• November 01, 2019 01 Nov'19

  General Election sees UK government defer ‘high-risk’ 5G tech supplier review

  Decision on allowing so-called high-risk suppliers access to the UK’s market for 5G infrastructure delayed due to 12 December poll

• November 01, 2019 01 Nov'19

  Banks let customers down with mixed approaches to security

  Treasury Committee report recommends new measures to tackle financial fraud

• October 30, 2019 30 Oct'19

  What will succeed the National Cyber Security Strategy?

  As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures

• October 29, 2019 29 Oct'19

  NordVPN enlists ethical hackers, launches bug bounty programme

  Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers

• October 29, 2019 29 Oct'19

  Fancy Bear resumes Olympic hacks ahead of Tokyo games

  Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft

• October 28, 2019 28 Oct'19

  Windows 7 upgrade haunts health service tech vision

  Windows 7 issues at the NHS are making headlines, 15 months after the release of the review of how legacy IT was exploited by the WannaCry attack

• October 24, 2019 24 Oct'19

  Know Fraud database became backlog dump

  Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services

• October 24, 2019 24 Oct'19

  Endpoint security is a procurement issue, says HP, IDC study

  Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders

• October 24, 2019 24 Oct'19

  £4,000 bug bounty could have saved BA from record ICO fine

  British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 22, 2019 22 Oct'19

  NordVPN blames datacentre provider for server breach

  VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue

• October 22, 2019 22 Oct'19

  Malware volumes decline, but risks are higher

  More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets

• October 22, 2019 22 Oct'19

  Attacker hit VPN firm Avast through its VPN

  Avast has published details of how attackers attempted to gain access to its network over a five month period

• October 22, 2019 22 Oct'19

  Over-30s tend to do better at cyber security than younger colleagues

  Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security

• October 21, 2019 21 Oct'19

  Alleged state hackers adapting to cover their tracks, says NCSC

  A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence

• October 21, 2019 21 Oct'19

  Sodinokibi emerging as a diverse, multi-vector threat to businesses

  McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots

• October 18, 2019 18 Oct'19

  Huge rise in rogue banking apps driving fraud attacks

  Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA

• October 18, 2019 18 Oct'19

  Amazon consumer devices vulnerable to two-year-old exploit

  Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017

• October 17, 2019 17 Oct'19

  BEIS launches multimillion-pound security investment package

  Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme

• October 17, 2019 17 Oct'19

  NHSX could transform NHS security capabilities

  The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service

• October 17, 2019 17 Oct'19

  Security threat landscape becomes more organised and business-like

  Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape

• October 16, 2019 16 Oct'19

  Pitney Bowes ‘considering options’ after malware attack

  Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack

• October 15, 2019 15 Oct'19

  Attackers hunt iPhone jailbreakers in click fraud campaign

  Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices

• October 14, 2019 14 Oct'19

  Researchers reveal the cyber campaign that built China's new airliner

  CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry

• October 14, 2019 14 Oct'19

  The Security Interviews: Applying AI to Lego, and security

  Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up

• October 04, 2019 04 Oct'19

  UK and US call on Facebook to walk back encryption plans

  The US, Australian and UK governments have asked Facebook to ditch plans to deploy end-to-end encryption across Facebook Messenger, Instagram and WhatsApp

• October 03, 2019 03 Oct'19

  IT contractor charged over cyber attack on property valuation firm

  Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web

• October 03, 2019 03 Oct'19

  LogRhythm touts unlimited data plan for SIEM systems

  SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank

• October 03, 2019 03 Oct'19

  Local authorities hit by 800 cyber attacks every hour

  Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year

• October 03, 2019 03 Oct'19

  New threat group behind Airbus cyber attacks, claim researchers

  Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore

• October 03, 2019 03 Oct'19

  Cyber war as big a threat as nuclear war, says ex-RSA head Coviello

  Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them

• October 01, 2019 01 Oct'19

  A security breach is inevitable, IT leaders warned

  No matter how much IT security tech and training is in place, sophisticated, targeted attacks are going to breach company defences, Carbon Black warns

• October 01, 2019 01 Oct'19

  Singapore outlines initiatives to tackle OT and IoT security

  The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things

• September 27, 2019 27 Sep'19

  Nodersok malware campaign is infecting thousands, Microsoft warns

  Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks

• September 27, 2019 27 Sep'19

  Five million DoorDash customers’ details lost in data breach

  Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen

• September 26, 2019 26 Sep'19

  Attackers breached supplier systems to steal Airbus secrets

  Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs

• September 26, 2019 26 Sep'19

  Overinvestment breeds overconfidence among security pros

  CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach

• September 26, 2019 26 Sep'19

  Teen TalkTalk hacker accused of cryptocurrency fraud in US

  Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges

• September 26, 2019 26 Sep'19

  Instagram and WhatsApp – the new tools of social media propaganda

  Facebook and Twitter have been cast as the villains of the piece, but social media disinformation and propaganda are evolving in new and alarming directions, say Oxford University researchers

• September 24, 2019 24 Sep'19

  Latest Lorca cyber security challenge has IoT focus

  Government-backed cyber security innovation centre Lorca has issued new challenges around connectivity for its next intake of scaleups

• September 24, 2019 24 Sep'19

  Singapore payment card data compromised by JavaScript sniffers

  Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer

• September 24, 2019 24 Sep'19

  GandCrab ransomware writers still active despite ‘retirement’

  Apparent links between an emerging ransomware family known as REvil and GandCrab suggests the GandCrab authors are keeping busy despite having “retired” in June

• September 24, 2019 24 Sep'19

  Enterprises exposed to data loss by cloud configuration errors

  Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee

• September 24, 2019 24 Sep'19

  Google pushes back on scale of YouTube phishing threat

  Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure

• September 18, 2019 18 Sep'19

  Universities tempting targets for cyber criminals, warns NCSC

  As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack

• September 18, 2019 18 Sep'19

  WannaCry variants accidentally protecting against WannaCry

  New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection

• September 18, 2019 18 Sep'19

  Emotet phishing botnet returns from summer vacation

  The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers

• September 17, 2019 17 Sep'19

  Ecuador citizens’ data breach holds lessons for enterprises

  What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?