News

Hackers and cybercrime prevention

• June 04, 2024 04 Jun'24

  OAIC files civil penalty action against Medibank

  The OAIC alleges that Medibank failed to take reasonable steps to protect the personal information of 9.7 million Australians in the October 2022 data breach

• June 04, 2024 04 Jun'24

  NHS services at major London hospitals disrupted by cyber attack

  A major cyber attack at NHS services provider Synnovis is disrupting frontline care at hospitals across London

• June 04, 2024 04 Jun'24

  Russia used fake AI Tom Cruise in Olympic disinformation campaign

  Microsoft threat researchers report a surge in Russian disinformation campaigns targeting the 2024 Summer Olympics, including AI-enhanced propaganda

• June 03, 2024 03 Jun'24

  97 FTSE 100 firms exposed to supply chain breaches

  Between March 2023 and March 2024, 97 out of 100 companies on the UK’s FTSE 100 list were put at risk of compromise following supply chain breaches at third-party suppliers

• June 03, 2024 03 Jun'24

  Major breaches allegedly caused by unsecured Snowflake accounts

  Significant data breaches at Ticketmaster and Santander appear to have been orchestrated through careful targeting of the victims’ Snowflake cloud data management accounts

• June 02, 2024 02 Jun'24

  Ticketek Australia hit by data breach

  Customer names, dates of birth and email addresses of Ticketek Australia account holders reportedly impacted in latest data breach affecting event ticketing firm

• May 30, 2024 30 May'24

  Europol sting operation smokes multiple botnets

  Malware droppers including Bumblebee and Smokeloader were among those targeted in one of the largest ever joint operations against cyber criminal botnets

• May 29, 2024 29 May'24

  Proofpoint exposes AFF scammers’ piano gambit

  Ransomware and nation state actors dominate the headlines, but fraud and scams still net career cyber criminals thousands from unsuspecting members of the public. Proofpoint reports on a campaign targeting victims of a musical inclination

• May 24, 2024 24 May'24

  Parliamentarians warn of UK election threat from Russia, China and North Korea

  Joint parliamentary security committee chair Margaret Beckett writes to prime minister urging government to prepare for foreign states interfering with 4 July election

• May 22, 2024 22 May'24

  Rockwell urges users to disconnect ICS equipment

  ICS systems maker Rockwell Automation calls on users to take steps to secure their equipment, and reminds them there is no reason to ever have its hardware connected to the public internet, as it tracks an increase in global threat activity

• May 22, 2024 22 May'24

  ORBs: Hacking groups’ new favourite way of keeping their attacks hidden

  Beware the ORB: why attacks on your network could come from a home router down the street

• May 21, 2024 21 May'24

  The Security Interviews: What is the real cyber threat from China?

  Former NCSC boss Ciaran Martin talks about nation-state attacks, why the UK has become so exercised about cyber espionage, and how our leaders are in danger of misunderstanding their adversaries

• May 20, 2024 20 May'24

  WikiLeaks founder Julian Assange granted appeal

  Two high court judges granted WikiLeaks founder Julian Assange leave to appeal against extradition to the US after defence lawyers argued that the US had failed to give adequate assurances

• May 17, 2024 17 May'24

  Why the UK needs to fix its broken IT security market

  Ollie Whitehouse, CTO of GCHQ’s National Cyber Security Centre, says the market for secure software is broken. Are new laws required to make software companies liable for poor security?

• May 15, 2024 15 May'24

  US authorities crack BreachForums for a second time

  The BreachForums data leak website has been seized by the FBI and international partners again

• May 15, 2024 15 May'24

  GCHQ to protect politicians and election candidates from cyber attacks

  The National Cyber Security Centre, part of GCHQ, to protect election candidates from hostile state cyber attacks

• May 15, 2024 15 May'24

  WikiLeaks founder’s extradition case labelled ‘institutional corruption’

  Call for Julian Assange to be prosecuted in the US has been condemned as ‘institutional corruption on a judicial level’ with the WikiLeaks founder a ‘political prisoner’

• May 14, 2024 14 May'24

  China poses genuine and increasing cyber security risk to UK, says GCHQ director

  GCHQ director Anne Keast-Butler uses her first major public speech to warn that China poses a significant cyber security threat to the UK

• May 14, 2024 14 May'24

  CyberUK 24: UK insurance industry gets tough on ransomware

  Three of the UK’s largest insurance associations have signed on to a new initiative spearheaded by the NCSC to try to bring down the number of ransomware payments being made

• May 10, 2024 10 May'24

  Major breach of customer information developing at Dell

  Almost 50 million data records relating to Dell customers appear to have been compromised in a major cyber breach

• May 09, 2024 09 May'24

  Cyber attack victims need to speak up, says ICO

  The Information Commissioner’s Office is urging organisations to be transparent and learn from each other’s mistakes as it reveals most of the cyber attacks it responds to stem from the same core errors

• May 09, 2024 09 May'24

  Wales gets UK’s first national SOC

  The first national security operations centre of its kind in the UK has opened in the south of Wales to safeguard public sector bodies across the country

• May 08, 2024 08 May'24

  Police accessed phone records of ‘trouble-making journalists’

  The Police Service of Northern Ireland ran a rolling programme to monitor phone records of journalists to identify the source of police leaks, it was claimed today

• May 08, 2024 08 May'24

  Germany: European Court of Justice ruling on EncroChat could lead to new legal challenges

  A ruling by the European Court of Justice could prompt legal challenges in EncroChat prosecutions in Germany and other EU states

• May 07, 2024 07 May'24

  Chinese APT suspected of Ministry of Defence hack

  A cyber attack on the Ministry of Defence is suspected to be the work of threat actors working on behalf of Chinese intelligence

• May 07, 2024 07 May'24

  NCA unmasks LockBitSupp cyber gangster who toyed with pursuers

  The NCA and its partners have named the administrator of the LockBit ransomware gang, LockBitSupp, as Dmitry Khoroshev, who now faces sanctions and criminal charges

• May 06, 2024 06 May'24

  Microsoft beefs up cyber initiative after hard-hitting US report

  Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems

• May 03, 2024 03 May'24

  Adobe expands bug bounty programme to account for GenAI

  Adobe has expanded the scope of its HackerOne-driven bug bounty scheme to incorporate flaws and risks arising from the development of generative artificial intelligence

• May 03, 2024 03 May'24

  Patch GitLab vuln without delay, users warned

  The addition of a serious vulnerability in the GitLab open source platform to CISA’s KEV catalogue prompts a flurry of concern

• May 03, 2024 03 May'24

  EU calls out Fancy Bear over attacks on Czech, German governments

  The European Union, alongside member states Czechia and Germany, have accused Russian government APT Fancy Bear of being behind a series of attacks on political parties and government bodies

• May 02, 2024 02 May'24

  NCSC updates warning over hacktivist threat to CNI

  The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked

• May 02, 2024 02 May'24

  Ukrainian national sentenced over REvil ransomware spree

  A 24-year-old Ukrainian man has been sentenced to more than 13 years in prison after being convicted of his role in the REvil ransomware attacks

• May 02, 2024 02 May'24

  Dropbox Sign user information accessed in data breach

  Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure

• May 02, 2024 02 May'24

  How Okta is fending off identity-based attacks

  Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks

• May 01, 2024 01 May'24

  EMEA CISOs must address human factors behind cyber incidents

  The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching

• April 30, 2024 30 Apr'24

  Keeper to help Williams F1 keep up with cyber challenges

  Keeper Security signs up to support F1 team Williams Racing with credential management ahead of the 2024 Miami Grand Prix

• April 30, 2024 30 Apr'24

  Bad bot traffic in Australia grew 23% in 2023

  Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023

• April 25, 2024 25 Apr'24

  Zero trust is a strategy, not a technology

  Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

• April 23, 2024 23 Apr'24

  GooseEgg proves golden for Fancy Bear, says Microsoft

  Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler

• April 22, 2024 22 Apr'24

  Fujifilm plans to ‘make tape easy’ with Kangaroo SME appliance

  Fujifilm to add 100TB SME-focused Kangaroo tape infrastructure in a box to existing 1PB offer, as energy efficiency and security of tape make it alluring to customers

• April 18, 2024 18 Apr'24

  International police operation infiltrates LabHost phishing website used by thousands of criminals

  The Metropolitan Police working with international police forces have shut down LabHost, a phishing-as-a-service website that has claimed 70,000 victims in the UK

• April 18, 2024 18 Apr'24

  CSA warns of emerging security risks with cloud and AI

  Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh

• April 17, 2024 17 Apr'24

  Mandiant formally pins Sandworm cyber attacks on APT44 group

  Mandiant has formally attributed a long-running campaign of cyber attacks by a Russian state actor known as Sandworm to a newly designated advanced persistent threat group to be called APT44

• April 16, 2024 16 Apr'24

  US provides assurances over extradition of WikiLeaks founder Julian Assange

  Extradition of the WikiLeaks founder moves a step closer after the US government gives diplomatic assurances over his treatment in the US. Assange supporters accuse the US of ‘weasel words’

• April 16, 2024 16 Apr'24

  CISOs not yet convinced to invest in AI

  CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority

• April 16, 2024 16 Apr'24

  CW Innovation Awards: Balancing security and user experience

  The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access

• April 16, 2024 16 Apr'24

  Recognising APAC’s trailblazers in digital transformation

  DBS Bank and NUS were among the top industry innovators that were lauded for various transformational initiatives at the Computer Weekly Innovation Awards APAC 2024

• April 15, 2024 15 Apr'24

  More social engineering attacks on open source projects observed

  In the wake of the recent XZ Utils scare, maintainers of another open source project have come forward to say they may have experienced similar social engineering attacks

• April 12, 2024 12 Apr'24

  Apple iPhone security alert renews spyware concerns

  An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products

• April 10, 2024 10 Apr'24

  Cyber crooks poison GitHub search to fool developers

  Researchers share data on new technique whereby malicious actors are manipulating GitHub’s search function and using cleverly crafted repositories to distribute malware