News
Hackers and cybercrime prevention
-
November 14, 2024
14
Nov'24
Williams Racing F1 team supports kids cyber campaign
A multi-region campaign will teach pre-teen children cyber security basics – with a little help from Formula 1 star Alex Albon
-
November 14, 2024
14
Nov'24
Ping CEO on ForgeRock integration and future of identity
Ping Identity CEO Andre Durand discusses the company’s unified roadmap, commitment to customer stability and growth plans in the evolving identity landscape following the merger with ForgeRock
-
November 13, 2024
13
Nov'24
China’s Volt Typhoon rebuilds botnet in wake of takedown
Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever
-
November 13, 2024
13
Nov'24
Ex-boxer fights US government over legality of Sky ECC cryptophone intercepts
Lawyers for former heavyweight boxer Goran Gogic argue that US prosecutors’ reliance on messages obtained by a European police hacking operation into the SKY ECC encrypted phone network breaches the US constitution
-
November 12, 2024
12
Nov'24
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update
-
November 12, 2024
12
Nov'24
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023
-
November 12, 2024
12
Nov'24
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web
-
November 12, 2024
12
Nov'24
Police cloud project raises data protection concerns despite legal reforms
Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud
-
November 12, 2024
12
Nov'24
How quantum computing could reshape financial services
Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security
-
November 08, 2024
08
Nov'24
ESET shines light on cyber criminal RedLine empire
ESET publishes fresh data on the inner workings of the RedLine Stealer malware empire, which was taken down at the end of October
-
November 07, 2024
07
Nov'24
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders
-
November 01, 2024
01
Nov'24
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats
-
October 30, 2024
30
Oct'24
RedLine, Meta malwares meet their demise at hands of Dutch cops
A multinational action led by authorities in the Netherlands has resulted in the takedown of the notorious RedLine and Meta infostealer malwares
-
October 25, 2024
25
Oct'24
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise
-
October 23, 2024
23
Oct'24
Government hails Cyber Essentials success
Scheme to help keep organisations’ IT safe and secure has given businesses more confidence they won’t fall victim to a cyber attack
-
October 23, 2024
23
Oct'24
Democracy campaigner to sue Saudi Arabia over Pegasus and QuaDream spyware in UK court
Pro-democracy campaigner Yahya Assiri given permission to file legal action in London court against Saudi Arabia over its use of Israeli spyware
-
October 22, 2024
22
Oct'24
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large
-
October 21, 2024
21
Oct'24
Can AI be secure? Experts discuss emerging threats and AI safety
International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence
-
October 17, 2024
17
Oct'24
NCSC chief warns of gap in cyber threats and defence capabilities
The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief
-
October 17, 2024
17
Oct'24
EU cyber security bill NIS2 hits compliance deadline
The EU’s NIS2 bill will harmonise how companies and member states approach cyber security, but its success will depend on how well it is implemented and enforced
-
October 15, 2024
15
Oct'24
NCSC expands school cyber service to academies and private schools
The National Cyber Security Centre is expanding its PDNS for Schools service to encompass a wider variety of institutions up and down the UK
-
October 10, 2024
10
Oct'24
NCSC issues fresh alert over wave of Cozy Bear activity
The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks
-
October 10, 2024
10
Oct'24
Government launches cyber standard for local authorities
Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks
-
October 10, 2024
10
Oct'24
Internet Archive web historians target of hacktivist cyber attack
The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists
-
October 10, 2024
10
Oct'24
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them
-
October 10, 2024
10
Oct'24
Australia bolsters cyber defences with security bill
Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience
-
October 09, 2024
09
Oct'24
MoneyGram customer data breached in attack
MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff
-
October 09, 2024
09
Oct'24
UK Cyber Team seeks future security professionals
Young people from across the UK have a chance to represent the country in international competitions and advance their future careers in cyber security
-
October 08, 2024
08
Oct'24
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks
-
October 08, 2024
08
Oct'24
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses
-
October 07, 2024
07
Oct'24
IBM: Data breach cost in ASEAN hits new high
The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems
-
October 04, 2024
04
Oct'24
UK telcos including BT at risk from DrayTek router vulnerabilities
A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis
-
October 04, 2024
04
Oct'24
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne
-
October 04, 2024
04
Oct'24
Cups Linux printing bugs open door to DDoS attacks, says Akamai
The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai
-
October 03, 2024
03
Oct'24
Microsoft files lawsuit to seize domains used by Russian spooks
Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections
-
October 03, 2024
03
Oct'24
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report
-
October 02, 2024
02
Oct'24
UK and Singapore to collaborate on supporting ransomware victims
At the fourth Counter Ransomware Initiative Summit in the US, both the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models
-
October 01, 2024
01
Oct'24
Unmasked: The Evil Corp cyber gangster who worked for LockBit
The NCA has named and shamed a prominent member of the Evil Corp cyber crime collective who also worked as an affiliate of the LockBit ransomware gang as the UK unveils new sanctions against 16 Russian cyber criminals
-
October 01, 2024
01
Oct'24
Post Office ditches MoneyGram after cyber attack
The Post Office offered a short extension to enable it to asses the impact of the MoneyGram cyber incident, but the contract has now expired and MoneyGram services are no longer available in Post Office branches
-
September 27, 2024
27
Sep'24
UK on high alert over Iranian spear phishing attacks, says NCSC
The NCSC and counterpart agencies in the US have issued a warning over enhanced Iranian spear phishing activity targeting politicians, journalists, activists and others with an interest in Middle Eastern affairs
-
September 27, 2024
27
Sep'24
Printing vulnerability affecting Linux distros raises alarm
Security pros need to get in front of a series of vulnerabilities affecting the Cups Linux printing service after an apparently botched disclosure process saw technical details published in advance of a patch
-
September 26, 2024
26
Sep'24
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers
-
September 26, 2024
26
Sep'24
Islamophobic cyber attack downs Wi-Fi at UK transport hubs
An apparent hacktivist attack disrupted public-facing Wi-Fi networks at UK rail stations to display Islamophobic content
-
September 25, 2024
25
Sep'24
Splunk and Cisco integration moving apace
Splunk is rapidly integrating with Cisco’s technology to enable seamless transitions between their platforms while delivering advanced threat detection capabilities
-
September 24, 2024
24
Sep'24
Money transfer firm MoneyGram rushes to contain cyber attack
Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident
-
September 24, 2024
24
Sep'24
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks
-
September 23, 2024
23
Sep'24
UK, US and Canada to collaborate on AI and cyber security
International collaboration agreement will see the governments of Canada, the UK and the US work together to research, evaluate and test new defence technologies
-
September 19, 2024
19
Sep'24
HSBC tests post-quantum VPN tunnel for digital ledgers
Encryption required for post-quantum cryptography will have a material impact on the performance of distributed ledgers
-
September 18, 2024
18
Sep'24
NCSC exposes Chinese company running malicious Mirai botnet
The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions
-
September 18, 2024
18
Sep'24
Europol provides detail on Ghost encrypted comms platform takedown
Law enforcement bodies from across the world have revealed how they collaborated to bring down encrypted network Ghost and the new ways of working that have been established with Europol at the centre