News

Hackers and cybercrime prevention

• July 11, 2019 11 Jul'19

  RiskIQ uncovers new Magecart campaign

  A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers

• July 10, 2019 10 Jul'19

  Agent Smith mobile malware hits millions of devices

  New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered

• July 10, 2019 10 Jul'19

  Demand for ICO help escalates in GDPR's first year

  The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force

• July 09, 2019 09 Jul'19

  Nearly half of firms fear cloud apps make them insecure

  Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments

• July 08, 2019 08 Jul'19

  TfL launches wireless device tracking to gather Tube data

  Transport for London aims to use passenger movement data to make using the London Underground a more pleasant experience

• July 08, 2019 08 Jul'19

  British Airways facing £183m GDPR fine

  British Airways is to appeal against a record fine for infringement of data protection rules for a breach of customer data in 2018

• July 08, 2019 08 Jul'19

  IISP gains Royal Charter status

  The UK finally has its first national professional body for cyber security that will be responsible for setting the standards for skills and knowledge in the industry to reduce the skills gap and increase diversity

• July 05, 2019 05 Jul'19

  St John Ambulance praised for response to ransomware attack

  Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared

• July 04, 2019 04 Jul'19

  Security and privacy key to smart buildings and cities

  Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper

• July 04, 2019 04 Jul'19

  FireEye ties Microsoft Outlook exploit to Iranian hackers

  US Cyber Command has issued a warning that a patched Microsoft Outlook vulnerability is being exploited by unnamed threat actors, and recommended immediate patching

• July 04, 2019 04 Jul'19

  Email still top security vulnerability, survey shows

  Email is still the top security vulnerability, a survey shows, but security researchers caution that switching to instant messaging is not necessarily a solution in the longer term

• July 04, 2019 04 Jul'19

  APAC experts weigh in on cyber security trends

  The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures

• July 03, 2019 03 Jul'19

  Sodin ransomware exploiting Windows zero-day, Kaspersky warns

  Security researchers are warning that a recently discovered type of ransomware is now exploiting a zero-day Windows vulnerability, and does not require user interaction to trigger an infection

• July 03, 2019 03 Jul'19

  Top VPNs secretly owned by Chinese firms

  Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn

• July 02, 2019 02 Jul'19

  Sweden’s Protective Security Act targets cyber risks

  IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies

• July 02, 2019 02 Jul'19

  Orvibo data leak puts security spotlight on IoT back end

  The security of devices that make up the internet of things (IoT) is a top concern for many in the industry, but leaks from an IoT database highlights the importance of back-end security too

• July 02, 2019 02 Jul'19

  Singapore to beef up police tech capabilities

  Singapore government singles out biometrics, data analytics and digital forensics as promising areas to boost crime-fighting efforts

• July 02, 2019 02 Jul'19

  Few UK firms are cyber insured despite financial losses

  More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses

• July 01, 2019 01 Jul'19

  Symantec gearing up for future cyber security

  Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson

• July 01, 2019 01 Jul'19

  Huge jump in cyber incidents reported by finance sector

  The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement

• June 28, 2019 28 Jun'19

  TIN coalition calls for industry action against cyber fraud

  An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud

• June 28, 2019 28 Jun'19

  Cyber crime reporting crucial, say UK police

  UK police are gearing up to make it easier for business to report cyber crime, saying that under-reporting continues to be a challenge

• June 27, 2019 27 Jun'19

  Dutch bank and researchers begin defence against quantum computing’s dark side

  ABN Amro is working with QuTech to ensure that banks can protect data against quantum computers in the future

• June 26, 2019 26 Jun'19

  Fido Alliance announces new standards

  Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security

• June 26, 2019 26 Jun'19

  Commercial interests put customer security at risk, survey shows

  Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows

• June 26, 2019 26 Jun'19

  Wider threat campaign behind Wipro breach

  A sophisticated, far-ranging threat campaign was behind the breach at Indian IT services firm Wipro in April, which was not an isolated incident, RiskIQ report reveals

• June 26, 2019 26 Jun'19

  Six arrested over €24m cryptocurrency theft

  Police have arrested six people in the UK and the Netherlands in connection with the theft of cryptocurrency worth €24m

• June 26, 2019 26 Jun'19

  Singapore government forms digital industry office

  New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy

• June 26, 2019 26 Jun'19

  UK cyber security progress stalled, says report

  UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India

• June 25, 2019 25 Jun'19

  APT attack on telcos highlights need for comprehensive defence

  A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators

• June 25, 2019 25 Jun'19

  Airbus opens cyber innovation hub in Wales

  Newport hub will focus on industrial control systems, artificial intelligence and data analytics

• June 25, 2019 25 Jun'19

  Cyber attackers using wider range of threats

  Businesses need to ensure they are able to defend against a wide range of threats in the face of increased malicious Office documents, Mac malware and web application exploits, report shows

• June 25, 2019 25 Jun'19

  UK firms downloading vulnerable open source software

  Vulnerable open source software components are posing a security threat to UK firms, according to a report that also shows how best practice, including automation, can reduce the risk

• June 24, 2019 24 Jun'19

  Hospitality industry at highest risk of phishing

  Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018

• June 21, 2019 21 Jun'19

  UK takes world lead in surveillance camera security

  Although the UK is sometimes referred to as “the most surveilled country” in the world, it has taken the lead in setting minimum security requirements for surveillance cameras. But how will this make a difference internationally?

• June 21, 2019 21 Jun'19

  Nominations open for UK’s security unsung heroes

  The Security Serious cyber awareness campaign has opened nominations for the fourth annual cyber security Unsung Heroes awards

• June 21, 2019 21 Jun'19

  Parents don’t know enough about cyber careers

  Research by the SANS Institute finds that while parents are aware of cyber security, they don’t know enough to encourage their children into cyber roles

• June 21, 2019 21 Jun'19

  Small business not necessarily weakest security link

  Small businesses may not be the weakest link in the supply chain after all, with a lack of skills and best practices being bigger factors, a study by (ISC)² reveals

• June 20, 2019 20 Jun'19

  Facebook officially unveils cryptocurrency plans

  Facebook has released details about its Libra cryptocurrency, but questions still remain over how, and if, it will work

• June 20, 2019 20 Jun'19

  Enterprises challenged with security basics

  Visibility, security tool overload and manual reporting are cited as top concerns by UK security leaders, a report reveals

• June 20, 2019 20 Jun'19

  UK to launch security standard for surveillance cameras

  The UK is launching the world’s first voluntary cyber security standard and compliance certification mark for the manufacturers of surveillance cameras

• June 20, 2019 20 Jun'19

  Most mobile apps vulnerable to malware

  iOS and Android apps equally vulnerable to being exploited remotely by malware, report reveals

• June 19, 2019 19 Jun'19

  IoT Security Foundation publishes smart building whitepaper

  The IoT Security Foundation has published a guide on security for smart buildings to highlight key issues and gather feedback to inform future guidance for industry stakeholders

• June 19, 2019 19 Jun'19

  Converged security takes centre stage at IFSEC

  The importance and benefits of combining physical and cyber security was underlined in the opening session of the 2019 IFSEC security conference

• June 18, 2019 18 Jun'19

  Singapore faced fewer cyber threats in 2018

  Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns

• June 17, 2019 17 Jun'19

  DevSecOps is key to uniting opposing forces

  Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer

• June 17, 2019 17 Jun'19

  Asco breaks silence on ransomware attack

  A week after reportedly being hit by a ransomware attack, Belgium-based mechanical equipment manufacturer Asco has finally provided some details

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 14, 2019 14 Jun'19

  Innovation drives Nominet to cyber security

  Embracing an innovation strategy for a mature organisation led domain name registry Nominet to found a cyber security business based on its core expertise, its CEO tells London Tech Week

• June 13, 2019 13 Jun'19

  UK firms need to address risky user habits

  McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers

• June 13, 2019 13 Jun'19

  Facebook London hiring spree focuses on tackling online harms

  Facebook is hiring for 500 tech jobs in the capital in the next six months, with a particular focus on seeking out and clamping down on malicious content and fake accounts, and curbing other harmful behaviour on its platforms

• June 13, 2019 13 Jun'19

  AI-enabled cyber attacks a reality soon, warns Mikko Hypponen

  Technology continues to shape human conflict and artificial intelligence will be no exception, so business needs to up its ability to detect attacks and respond, says security expert

• June 12, 2019 12 Jun'19

  Operational technology security improving, but attack surface continues to grow

  Critical national infrastructure providers and others are improving cyber security capabilities around industrial control systems, but the cyber threat remains high and continues to evolve, a study shows

• June 11, 2019 11 Jun'19

  Most code-signing processes insecure, study shows

  The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals

• June 11, 2019 11 Jun'19

  MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

  Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government

• June 11, 2019 11 Jun'19

  Implementing Dmarc a top priority for UK

  Basic email security should be a top priority for UK firms, followed by reducing third-party web exposure and monitoring data flows leaving the enterprise, a Rapid7 study reveals

• June 10, 2019 10 Jun'19

  Large firms look to zero-trust security to reduce cyber risk

  In the face of increasing cyber breach risk as organisations move to hybrid multi-cloud IT environments, just over half of large firms in Europe are planning a zero-trust approach to security

• June 07, 2019 07 Jun'19

  NotPetya offers industry-wide lessons, says Maersk’s tech chief

  There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted

• June 07, 2019 07 Jun'19

  Misconfigured container services are a security risk

  Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack

• June 07, 2019 07 Jun'19

  How ASEAN firms are using AI to combat cyber threats

  Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike

• June 06, 2019 06 Jun'19

  Weak cyber security top challenge, says NCSC chief Ciaran Martin

  UK cyber security agency NCSC is focusing on practical support and making the internet and technology safer to use, but says the area that needs most attention is improving basic cyber security in firms, says agency chief

• June 06, 2019 06 Jun'19

  Firms face targeted bespoke cyber attacks, dark web study reveals

  Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard

• June 06, 2019 06 Jun'19

  Legacy IT systems a significant security challenge

  Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe

• June 06, 2019 06 Jun'19

  Digital transformation an opportunity for security

  Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe

• June 05, 2019 05 Jun'19

  London could be world cyber risk leader, says ex-Lloyd’s chief

  Collaboration across the cyber insurance, technology and security organisations in London could make the capital a leading world centre on these topics, says former Lloyd’s of London boss

• June 05, 2019 05 Jun'19

  DNS – a security opportunity not to be overlooked, says Nominet

  Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees

• June 05, 2019 05 Jun'19

  Nearly two-thirds of businesses hit by credential abuse

  Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability

• June 04, 2019 04 Jun'19

  Businesses investing blindly in cyber security

  Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker

• June 04, 2019 04 Jun'19

  Deterministic data-based AI key for security

  AI-based cyber security systems have enormous potential, but under specific conditions that are essential for success, AI expert tells Infosecurity Europe

• June 04, 2019 04 Jun'19

  Cyber crime widely under-reported, Isaca study shows

  Cyber crime, which is the top cyber threat to business, remains widely under-reported, and only a third of organisations are confident in their ability to detect and respond to threats, a study reveals

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• June 03, 2019 03 Jun'19

  Business leaders failing to address cyber threats

  Businesses are failing to address growing cyber threats as business leaders admit to knowledge gaps, a lack of resources and confusion about who is responsible for data breaches, a report reveals

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 30, 2019 30 May'19

  A lack of skills and ownership are top challenges to OT security

  A lack of skills, visibility and clarity on which business function is responsible for securing operational technology are the biggest challenges to managing the risk, a study shows

• May 30, 2019 30 May'19

  2.3 billion business and consumer data files exposed online

  In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals

• May 29, 2019 29 May'19

  Hackers targeting UK universities a threat to national security

  Poorly defended UK university research that is mainly commissioned by government is a top target for hackers, putting national security at risk, a study reveals, underlining the need for better cyber security

• May 29, 2019 29 May'19

  Cyber weapons readily available to criminals, researchers warn

  Security researchers have discovered an attack campaign infrastructure designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers

• May 29, 2019 29 May'19

  Turla APT group beefs up cyber attack tool

  An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block

• May 28, 2019 28 May'19

  Perfect storm for data science in security

  After nearly 20 years of research, the perfect storm of computing technologies is finally enabling data science to realise its potential to make valuable contributions to improving cyber security capabilities

• May 28, 2019 28 May'19

  Dutch IT security firm dumps corporate structure

  Boss of Netherlands-based Computest turns to self-management model to make company more nimble

• May 24, 2019 24 May'19

  Just over half of UK firms don’t have a cyber resilience plan

  Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection

• May 23, 2019 23 May'19

  IBM’s investment in automation pays off in GDPR’s first year

  The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data ...

• May 23, 2019 23 May'19

  Lapse in LinkedIn security certificate update

  A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right

• May 23, 2019 23 May'19

  Police shut down Bestmixer bitcoin laundering service

  The Bestmixer cryptocurrency laundering service has been shut down by Dutch anti-fraud police with support from Europol after a tip off by cyber security researchers at McAfee, significantly disrupting cyber criminal money flows

• May 22, 2019 22 May'19

  TalkTalk admits new failings in 2015 data breach notification

  TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR

• May 21, 2019 21 May'19

  US grants Huawei stay of execution

  US Commerce Department temporarily restores Huawei’s ability to maintain its existing networks and smartphone user base

• May 21, 2019 21 May'19

  Dutch lecturer researches the person behind the cyber criminal

  Dutch academic is trying to get inside the mind of cyber criminals by understanding what makes them tick

• May 21, 2019 21 May'19

  Planned UK age verification checks risky for internet users

  Proposed controversial online age verification checks could increase the risk of identity theft and other cyber crimes, warn security experts, who advise parents to set technological boundaries and ensure their families are aware of risks

• May 21, 2019 21 May'19

  Cyber security scholarships on offer in Belfast

  Queen’s University Belfast is backing the cyber security sector with funding for master of science scholarships

• May 20, 2019 20 May'19

  Danske Bank launches initiative to help SME customers with cyber security

  Danske Bank launches initiative to support the cyber security efforts of its SME customers

• May 20, 2019 20 May'19

  GDPR an opportunity to improve data systems and processes

  A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants

• May 17, 2019 17 May'19

  Identity custodians needed in digital era

  Digital identity systems will fail if they do not take humans into account, warns identity innovator, suggesting that a ‘digital guardian’ could help overcome most of these challenges

• May 17, 2019 17 May'19

  GozNym bust underlines cyber crime threat

  A criminal network using GozNym malware has been shut down in an international law enforcement operation, but others are still operating, underlining the need for vigilance, warns a security expert

• May 16, 2019 16 May'19

  Norwegian industry and state must combine to counter cyber threats

  Norway has been targeted by two large ransomware attacks in recent months – and public and private organisations must react in a coordinated way

• May 16, 2019 16 May'19

  Fujitsu sets out to restore trust in technology

  Trust in technology, how to recapture it, and how to ensure AI doesn’t overstep its bounds were the big messages on the opening day of Fujitsu Forum in Tokyo

• May 15, 2019 15 May'19

  Microsoft working to support decentralised identity

  Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk

• May 15, 2019 15 May'19

  Implement multifactor authentication, urges expert panel

  Multifactor authentication should be a top priority for organisations to defend users from cyber attacks, coupled with zero-trust architecture and artificial intelligence-based technologies, says expert panel

• May 14, 2019 14 May'19

  APAC firms on the back foot in cyber security

  Most Asia-Pacific organisations did not consider cyber security until after their digital transformation projects had begun, new survey finds

• May 14, 2019 14 May'19

  Spyware targets WhatsApp users

  Social media platform issues update after it discovered a flaw being exploited by commercial spyware

• May 13, 2019 13 May'19

  National Crime Agency calls for additional funding to tackle 21st century crime

  Organised criminal gangs represent the biggest cyber threat to the UK, and law enforcement has identified rogue servers hosted in the UK