News

Hackers and cybercrime prevention

• January 27, 2020 27 Jan'20

  SANS Institute calls on Manchester security pros

  Manchester will play host to a week-long cyber security training event during February

• January 24, 2020 24 Jan'20

  Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia

  Sodinokibi hacking group steps up pressure on German automotive manufacturer by publishing information, including the CEO’s computer password and sensitive details of its IT systems, on the internet

• January 24, 2020 24 Jan'20

  NHS alerted to severe vulnerabilities in GE health equipment

  A series of vulnerabilities in patient monitoring equipment manufactured by General Electric could have left patient data exposed in hospitals around the world, including the UK

• January 24, 2020 24 Jan'20

  Milan hosts Cisco’s first European security innovation unit

  Cisco has cut the ribbon on its first Cyber Security Co-Innovation Centre in Europe, at Milan’s Leonardo da Vinci Science and Technology Museum

• January 23, 2020 23 Jan'20

  Travelex hackers shut down German car parts company Gedia in massive ‘cyber attack’

  Car parts manufacturer says cyber attack will have far-reaching consequences for its business, and it has put emergency plans in place to continue deliveries

• January 23, 2020 23 Jan'20

  CISOs fear becoming the next Travelex

  Poll of security professionals by the organisers of the Infosecurity Europe trade fair highlights huge gaps in incident response capabilities

• January 23, 2020 23 Jan'20

  Seven projects funded to explore CAV security

  The winners of the Cyber Securities Feasibility Studies contest, exploring cyber security for self-driving cars, have been revealed

• January 22, 2020 22 Jan'20

  Citrix releases IoC scanner for ADC and Gateway vulnerabilities

  As patches for its compromised NetScaler ADC and Gateway products begin to roll out, Citrix enlists FireEye Mandiant to develop an indicator of compromise scanner for end-users

• January 22, 2020 22 Jan'20

  Internal error left Microsoft customer service data exposed

  Customer service and support records of nearly 250 million Microsoft customers left exposed after database misconfiguration

• January 22, 2020 22 Jan'20

  Computer Misuse Act ‘crying out for reform’

  Group of campaigners says the Computer Misuse Act of 1990 risks criminalising cyber security professionals and needs reforming

• January 22, 2020 22 Jan'20

  ICO code sets out digital privacy standards for children

  The Information Commissioner’s Office has published its Age Appropriate Design Code, a set of 15 standards that online platforms must meet to protect the privacy of younger users

• January 21, 2020 21 Jan'20

  5G builders test vulnerabilities in Finnish hackathon

  University hackathon puts 5G security to the test as new wireless technology’s roll-out nears

• January 21, 2020 21 Jan'20

  High-street banks face disruption three weeks after Travelex hack

  Foreign exchange services still disrupted, three weeks after Travelex received a $6m ransom demand from cyber gangsters

• January 17, 2020 17 Jan'20

  App developers sue Facebook over ‘anti-competitive conduct’

  Lawsuit is based on leaked internal Facebook documents obtained and published by Computer Weekly and NBC last year

• January 17, 2020 17 Jan'20

  NCSC makes final call for entries to CyberFirst Girls contest

  Entry to the National Cyber Security Centre’s CyberFirst Girls 2020 competition is about to close

• January 17, 2020 17 Jan'20

  Emotet reinvigorated after Christmas break

  The high-volume Emotet campaign is back in action after the Christmas holidays, and is just as dangerous as ever

• January 17, 2020 17 Jan'20

  Cops take down data wholesale operation

  The Police Service of Northern Ireland and the Dutch cyber crime unit have made two arrests in an operation targeting a website that provided criminals with access to billions of personal credentials

• January 16, 2020 16 Jan'20

  A quarter of users will fall for basic phishing attacks

  Phishing emails that appear to be security alerts are the most effective method of compromise, says KnowBe4

• January 15, 2020 15 Jan'20

  Lorca announces new cohort of 20 security scaleups

  20 scaleups will focus their attention on automation, zero trust and supply chain security

• January 15, 2020 15 Jan'20

  Travelex warns customers to be alert to phone scams

  Under-fire forex provider warns that criminals may try to take advantage of its predicament to scam customers

• January 15, 2020 15 Jan'20

  LGBTQ+ social app Grindr accused of breaching GDPR

  Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation

• January 15, 2020 15 Jan'20

  NSA Windows 10 security disclosure raises questions

  In an unprecedented move, the NSA has got out in front of a critical cryptographic flaw in Windows 10, but in doing so has raised multiple questions

• January 15, 2020 15 Jan'20

  Threat landscape grew in complexity in 2019, no respite in sight

  Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020

• January 14, 2020 14 Jan'20

  Two-thirds of UK healthcare organisations breached last year

  The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices

• January 14, 2020 14 Jan'20

  Researchers find cryptojacker hiding in Wav audio file

  Victim network was compromised by obfuscated malware hiding a Monero cryptominer, lurking inside a Wav audio file

• January 14, 2020 14 Jan'20

  Cyber criminals spend three months lurking in target networks

  Cyber criminals are spending longer hiding in target networks before launching their attacks, as more organised groups turn to business disruption to achieve their objectives

• January 14, 2020 14 Jan'20

  Turn the end of Windows 7 support into a security advantage

  CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security

• January 14, 2020 14 Jan'20

  Citrix NetScaler vulnerabilities won’t be patched until end of January

  Some vulnerabilities identified in Citrix products will not be fully patched until the end of January 2020

• January 13, 2020 13 Jan'20

  Sextortion campaign hits Nest home security cameras

  Owners of Google’s Nest home security cameras are being targeted in a sextortion scam by criminals playing on fears over IoT security

• January 13, 2020 13 Jan'20

  Travelex to begin restoring foreign exchange services two weeks after ‘Sodinokibi’ attack

  Travelex says it is making “good progress” in its recovery and is to begin restoring electronic foreign exchange services, but is silent about whether it has agreed to pay hackers a $6m ransom to decrypt computer files

• January 10, 2020 10 Jan'20

  National Lottery hacker jailed for nine months

  Small-time cyber criminal jailed for his role in a cyber attack on lottery operator Camelot that netted him just £5

• January 09, 2020 09 Jan'20

  Travelex hackers threaten to sell credit card data on dark web

  Sodinokibi cyber gangsters have threatened to sell Travelex customers’ private data on a Russian underground cyber crime forum if it fails to pay a $6m ransom

• January 09, 2020 09 Jan'20

  Retail group Dixons Carphone fined £500,000 over data breach

  Dixons Carphone receives maximum possible pre-GDPR fine from the ICO following a 2018 data breach

• January 09, 2020 09 Jan'20

  Don’t become the next Travelex: Get ready for ransomware

  With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident

• January 09, 2020 09 Jan'20

  PowerTrick backdoor used to target high-value businesses

  Threat actors are exploiting a PowerShell-based backdoor called PowerTrick to go after high-value targets, warns SentinelLabs

• January 08, 2020 08 Jan'20

  TikTok video-sharing app left user data exposed

  Check Point uncovered serious vulnerabilities in the TikTok video-sharing app that left users exposed

• January 07, 2020 07 Jan'20

  Facebook to ban deepfake videos

  New policy closes some loopholes around misinformation, but seems to leave others wide open

• January 07, 2020 07 Jan'20

  Broadcom flogs Symantec enterprise security unit to Accenture

  Acquisition is set to make Accenture a global leader in managed cyber security services

• January 06, 2020 06 Jan'20

  Cyber gangsters demand payment from Travelex after ‘Sodinokibi’ attack

  Cyber criminals are demanding payment to decrypt Travelex’s computer files after a devastating malware attack. New questions have been raised about the security of Travelex’s computer network after it emerged the company waited eight months to patch...

• January 06, 2020 06 Jan'20

  Iran likely to hit back with cyber attacks, security experts warn

  The possibility of cyber attack by threat groups acting on behalf of the Iranian government has dramatically increased following US actions in Iraq

• January 06, 2020 06 Jan'20

  UK cyber security boss Ciaran Martin to step down

  NCSC chief Ciaran Martin will leave his post in the summer of 2020

• January 03, 2020 03 Jan'20

  Suspected ransomware attack causes worldwide disruption for Travelex

  Travelex switches off computer systems and resorts to cash-only currency sales after malware attack. Insiders claim the currency exchange chain has been hit by ransomware which has left critical files containing customer data encrypted

• January 03, 2020 03 Jan'20

  How Darktrace is riding the AI boom

  Cyber security firm known for its artificial intelligence smarts doubled its headcount across Asia-Pacific last year in key markets including Australia and South Korea

• January 02, 2020 02 Jan'20

  California’s CCPA an opportunity for security industry to do better

  California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners

• December 31, 2019 31 Dec'19

  Top 10 ASEAN IT stories of 2019

  Here are Computer Weekly’s top 10 ASEAN IT stories of 2019

• December 30, 2019 30 Dec'19

  Top 10 enterprise IT in the Benelux region stories of 2019

  Here are Computer Weekly’s top enterprise IT stories from the Benelux region over the past year

• December 24, 2019 24 Dec'19

  Top 10 cyber crime stories of 2019

  Here are Computer Weekly’s top 10 cyber crime stories of 2019

• December 23, 2019 23 Dec'19

  Top 10 cyber security stories of 2019

  Here are Computer Weekly’s top 10 cyber security stories of 2019

• December 20, 2019 20 Dec'19

  Finnish government supports local authorities in cyber security initiative

  The Finnish government has committed resources to a cyber security project aimed at local authorities

• December 17, 2019 17 Dec'19

  Group-IB CEO talks up global threat landscape

  Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB

• December 16, 2019 16 Dec'19

  Barco fixes ClickShare wireless flaw, but users still at risk

  Supplier patches a major vulnerability in its popular ClickShare wireless presentation system with a firmware upgrade, but experts warn that users are not out of the woods yet

• December 13, 2019 13 Dec'19

  Alarm bells ring, the IoT is listening

  With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts

• December 09, 2019 09 Dec'19

  Jailed hacker ordered to pay back £270k

  An Essex man jailed in April over malware offences dating back years has been ordered to pay back the profits of his crime spree, and sell valuable assets

• December 06, 2019 06 Dec'19

  How commodities firm ED&F Man solved its threat detection challenges

  After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations

• December 06, 2019 06 Dec'19

  Dutch government must facilitate and coordinate a broad eID system

  The Dutch government should push for an electronic ID system for its citizens that works across the public and private sectors, according to a report

• December 06, 2019 06 Dec'19

  Cyber security takes its place alongside UK’s armed services

  Head of armed services says cyber security will take its place alongside the army, navy and air force as a key pillar of the UK’s defence strategy

• December 06, 2019 06 Dec'19

  Great Cannon DDoS operation fires on Hong Kong protesters

  AT&T’s security unit has evidence that China is pressing its Great Cannon DDoS tool into service once again, specifically to target pro-democracy protests in Hong Kong

• December 05, 2019 05 Dec'19

  Two Russians indicted over Dridex and Zeus malware

  The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans

• December 05, 2019 05 Dec'19

  Cyber Girls First volunteers encourage girls to think high-tech

  More than 80 schoolgirls spent a day learning about computer hackers and rocket science – Cyber Girls First hopes they will become the next generation of technologists

• December 05, 2019 05 Dec'19

  Aviatrix VPN vulnerability left user endpoints wide open

  Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets

• December 05, 2019 05 Dec'19

  Hackers primed to exploit 5G to Wi-Fi handover flaws

  Warning that attackers will find new vulnerabilities to access voice and data on 5G mobile phones as carriers hand off calls and data to Wi-Fi networks to save bandwidth

• December 04, 2019 04 Dec'19

  RMIT to tackle cyber security challenges

  Australia’s Royal Melbourne Institute of Technology has teamed up with Amazon Web Services to launch a Cloud Innovation Centre to solve cyber security challenges

• December 04, 2019 04 Dec'19

  Black Hat Europe: Red teams and blue teams must evolve in the 2020s

  The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau

• December 03, 2019 03 Dec'19

  Tenable buys Indegy to integrate IT and OT security

  Acquisition of industrial security specialist Indegy will create a unified, risk-based platform spanning both IT and OT security for Tenable

• December 03, 2019 03 Dec'19

  Chinese web users take more risks than Brits or Americans

  A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation

• December 02, 2019 02 Dec'19

  Top Android apps at risk from StrandHogg vulnerability

  Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability

• November 29, 2019 29 Nov'19

  Cyber criminal RAT busted by cops

  Police forces around the UK have arrested nine people as part of an international operation targeting users of a remote access trojan

• November 29, 2019 29 Nov'19

  TfL locks down Oyster accounts to ward off credential stuffing

  Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019

• November 29, 2019 29 Nov'19

  Hack Friday: This Christmas, fight back against cyber criminals

  It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene?

• November 28, 2019 28 Nov'19

  The Security Interviews: Do cyber weapons need a Geneva Convention?

  On a cold afternoon in Finland, F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats

• November 28, 2019 28 Nov'19

  Top APAC security predictions for 2020

  More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year

• November 27, 2019 27 Nov'19

  Security skills gap will take a decade to fill

  The British education systems cannot move fast enough to address the security skills crisis, and in the absence of government action increased reliance on automation may be the least worst solution

• November 25, 2019 25 Nov'19

  General Election 2019: The Conservatives’ technology policies and digital plans

  With the UK gearing up for its third general election in four years, Computer Weekly outlines the Conservative and Unionist Party’s main technology policies and digital plans, as laid out in its manifesto

• November 25, 2019 25 Nov'19

  AI may open dangerous new frontiers in geopolitics

  Truly artificial intelligence has the potential to provoke an international geopolitical crisis, warns F-Secure’s Mikko Hypponen

• November 25, 2019 25 Nov'19

  Conservatives propose national cyber crime force

  Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework”

• November 22, 2019 22 Nov'19

  Mystery surrounds leak of four billion user records

  Threat researchers uncover four billion user records on a wide-open Elasticsearch server but who left them there is a mystery

• November 22, 2019 22 Nov'19

  Some 29,000 UK web domains suspended for criminal activity

  Domain suspensions for criminal activity over the past year has dropped for the first time since 2014

• November 21, 2019 21 Nov'19

  Labour pledges review of NCSC in UK security overhaul

  The UK's National Cyber Security Centre may get expanded powers under a Labour government

• November 21, 2019 21 Nov'19

  F-Secure’s Blackfin challenges perceptions of how AIs think

  New research project aims to develop adaptive, autonomous and collaborative AI agents, and challenges the notion that machine intelligence should merely mimic human intelligence

• November 20, 2019 20 Nov'19

  Mimecast blocked 99 billion suspicious emails in third quarter

  Latest threat intelligence report reveals the scale of the threat posed by malicious emails, with the transport, legal and financial sectors hit hardest

• November 20, 2019 20 Nov'19

  Massive increase in fraud attacks on TSB customers during IT meltdown

  There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018

• November 20, 2019 20 Nov'19

  Carbon Black to open Australia datacentre in 2020

  Australia datacentre comes on the heels of VMware’s acquisition of Carbon Black and will serve organisations with data sovereignty requirements

• November 19, 2019 19 Nov'19

  Public sector risks downplayed by senior IT leaders

  Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams

• November 19, 2019 19 Nov'19

  Macy’s Magecart breach presages Christmas fraud spike

  US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack

• November 19, 2019 19 Nov'19

  Anti-stalkerware coalition calls time on intrusive abusers

  New coalition plans to tackle the scourge of stalkerware as a tool of domestic and other forms of abuse

• November 19, 2019 19 Nov'19

  Businesses failing to wipe data from old endpoints

  Organisations are not taking adequate precautions to sanitise data held on endpoints when refreshing their PC or mobile device estates

• November 19, 2019 19 Nov'19

  Managed services fuelling APAC security market

  Spending on managed security services will account for almost half of Asia-Pacific’s cyber security market by 2023, as global and local providers shore up their offerings in the region

• November 15, 2019 15 Nov'19

  Notorious hackers claim responsibility for Labour DDoS

  Hackers claiming to represent Lizard Squad say they were behind a distributed denial of service attack on the UK’s Labour Party

• November 14, 2019 14 Nov'19

  Home Office Brexit app contains multiple security flaws

  The Home Office’s Brexit app may be putting EU citizens’ personal data at risk

• November 14, 2019 14 Nov'19

  Cyber criminals tool up for Christmas fraud season

  Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques

• November 13, 2019 13 Nov'19

  11 new 5G hacks enable user device tracking and monitoring

  Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities

• November 13, 2019 13 Nov'19

  Attack on Labour shows need for DDoS defence but should alarm few

  After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t

• November 13, 2019 13 Nov'19

  Cyber risk insurance is more than just insurance

  Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 12, 2019 12 Nov'19

  ‘Robust’ security foils cyber attack on Labour Party

  Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked

• November 12, 2019 12 Nov'19

  IBM drums up quantum computing future

  IBM’s head honcho, Ginni Rometty, welcomes Australia’s Woodside Energy to the quantum computing fold through a partnership to harness the technology to shore up cyber security and plant operations

• November 08, 2019 08 Nov'19

  Security pros urged to get ahead of incoming BlueKeep exploits

  The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft

• November 08, 2019 08 Nov'19

  Morrisons in new appeal over data breach fine

  The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data

• November 07, 2019 07 Nov'19

  Amazon Ring video doorbell flaw left users open to attack

  A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks

• November 07, 2019 07 Nov'19

  Saudis recruited Twitter employees to spy on critics

  Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents