News
Hackers and cybercrime prevention
-
November 14, 2019
14
Nov'19
Cyber criminals tool up for Christmas fraud season
Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques
-
November 13, 2019
13
Nov'19
11 new 5G hacks enable user device tracking and monitoring
Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities
-
November 13, 2019
13
Nov'19
Attack on Labour shows need for DDoS defence but should alarm few
After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t
-
November 13, 2019
13
Nov'19
Cyber risk insurance is more than just insurance
Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks
-
November 12, 2019
12
Nov'19
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country
-
November 12, 2019
12
Nov'19
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked
-
November 12, 2019
12
Nov'19
IBM drums up quantum computing future
IBM’s head honcho, Ginni Rometty, welcomes Australia’s Woodside Energy to the quantum computing fold through a partnership to harness the technology to shore up cyber security and plant operations
-
November 08, 2019
08
Nov'19
Security pros urged to get ahead of incoming BlueKeep exploits
The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft
-
November 08, 2019
08
Nov'19
Morrisons in new appeal over data breach fine
The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data
-
November 07, 2019
07
Nov'19
Amazon Ring video doorbell flaw left users open to attack
A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks
-
November 07, 2019
07
Nov'19
Saudis recruited Twitter employees to spy on critics
Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents
-
November 06, 2019
06
Nov'19
Trend Micro insider breach exposes need for data-centric protection
Simple measures could have saved consumer security product supplier from insider breach
-
November 06, 2019
06
Nov'19
Global security workforce must more than double to meet demand
There are about 2.8 million cyber security professionals working today, and the world needs four million more
-
November 06, 2019
06
Nov'19
Professional cyber criminals command $75k per annum
An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers
-
November 05, 2019
05
Nov'19
Ransomware authors seeking new ways to avoid being spotted
Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls
-
November 05, 2019
05
Nov'19
ICO launches data security campaign for UK General Election
Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes
-
November 04, 2019
04
Nov'19
EU patches 20-year-old open source vulnerability
Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability
-
November 01, 2019
01
Nov'19
General Election sees UK government defer ‘high-risk’ 5G tech supplier review
Decision on allowing so-called high-risk suppliers access to the UK’s market for 5G infrastructure delayed due to 12 December poll
-
November 01, 2019
01
Nov'19
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud
-
October 30, 2019
30
Oct'19
What will succeed the National Cyber Security Strategy?
As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures
-
October 29, 2019
29
Oct'19
NordVPN enlists ethical hackers, launches bug bounty programme
Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers
-
October 29, 2019
29
Oct'19
Fancy Bear resumes Olympic hacks ahead of Tokyo games
Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft
-
October 28, 2019
28
Oct'19
Windows 7 upgrade haunts health service tech vision
Windows 7 issues at the NHS are making headlines, 15 months after the release of the review of how legacy IT was exploited by the WannaCry attack
-
October 24, 2019
24
Oct'19
Know Fraud database became backlog dump
Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services
-
October 24, 2019
24
Oct'19
Endpoint security is a procurement issue, says HP, IDC study
Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders
-
October 24, 2019
24
Oct'19
£4,000 bug bounty could have saved BA from record ICO fine
British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities
-
October 23, 2019
23
Oct'19
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load
-
October 22, 2019
22
Oct'19
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue
-
October 22, 2019
22
Oct'19
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets
-
October 22, 2019
22
Oct'19
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period
-
October 22, 2019
22
Oct'19
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security
-
October 21, 2019
21
Oct'19
Alleged state hackers adapting to cover their tracks, says NCSC
A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence
-
October 21, 2019
21
Oct'19
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots
-
October 18, 2019
18
Oct'19
Huge rise in rogue banking apps driving fraud attacks
Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA
-
October 18, 2019
18
Oct'19
Amazon consumer devices vulnerable to two-year-old exploit
Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017
-
October 17, 2019
17
Oct'19
BEIS launches multimillion-pound security investment package
Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme
-
October 17, 2019
17
Oct'19
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service
-
October 17, 2019
17
Oct'19
Security threat landscape becomes more organised and business-like
Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape
-
October 16, 2019
16
Oct'19
Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack
-
October 15, 2019
15
Oct'19
Attackers hunt iPhone jailbreakers in click fraud campaign
Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices
-
October 14, 2019
14
Oct'19
Researchers reveal the cyber campaign that built China's new airliner
CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry
-
October 14, 2019
14
Oct'19
The Security Interviews: Applying AI to Lego, and security
Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up
-
October 04, 2019
04
Oct'19
UK and US call on Facebook to walk back encryption plans
The US, Australian and UK governments have asked Facebook to ditch plans to deploy end-to-end encryption across Facebook Messenger, Instagram and WhatsApp
-
October 03, 2019
03
Oct'19
IT contractor charged over cyber attack on property valuation firm
Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web
-
October 03, 2019
03
Oct'19
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank
-
October 03, 2019
03
Oct'19
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year
-
October 03, 2019
03
Oct'19
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore
-
October 03, 2019
03
Oct'19
Cyber war as big a threat as nuclear war, says ex-RSA head Coviello
Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them
-
October 01, 2019
01
Oct'19
A security breach is inevitable, IT leaders warned
No matter how much IT security tech and training is in place, sophisticated, targeted attacks are going to breach company defences, Carbon Black warns
-
October 01, 2019
01
Oct'19
Singapore outlines initiatives to tackle OT and IoT security
The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things
-
September 27, 2019
27
Sep'19
Nodersok malware campaign is infecting thousands, Microsoft warns
Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks
-
September 27, 2019
27
Sep'19
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen
-
September 26, 2019
26
Sep'19
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs
-
September 26, 2019
26
Sep'19
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach
-
September 26, 2019
26
Sep'19
Teen TalkTalk hacker accused of cryptocurrency fraud in US
Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges
-
September 26, 2019
26
Sep'19
Instagram and WhatsApp – the new tools of social media propaganda
Facebook and Twitter have been cast as the villains of the piece, but social media disinformation and propaganda are evolving in new and alarming directions, say Oxford University researchers
-
September 24, 2019
24
Sep'19
Latest Lorca cyber security challenge has IoT focus
Government-backed cyber security innovation centre Lorca has issued new challenges around connectivity for its next intake of scaleups
-
September 24, 2019
24
Sep'19
Singapore payment card data compromised by JavaScript sniffers
Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer
-
September 24, 2019
24
Sep'19
GandCrab ransomware writers still active despite ‘retirement’
Apparent links between an emerging ransomware family known as REvil and GandCrab suggests the GandCrab authors are keeping busy despite having “retired” in June
-
September 24, 2019
24
Sep'19
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure
-
September 24, 2019
24
Sep'19
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee
-
September 18, 2019
18
Sep'19
Universities tempting targets for cyber criminals, warns NCSC
As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack
-
September 18, 2019
18
Sep'19
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection
-
September 18, 2019
18
Sep'19
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers
-
September 17, 2019
17
Sep'19
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?
-
September 16, 2019
16
Sep'19
Ensign InfoSecurity opens global headquarters in Singapore
The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence
-
September 13, 2019
13
Sep'19
Ditch hoodies and hackers to encourage diverse security recruitment
The cyber security industry needs to address a systemic image problem if it is to succeed in recruiting more diverse teams
-
September 13, 2019
13
Sep'19
When AIs go to war: Autonomous cyber weapons ‘inevitable’
CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson
-
September 12, 2019
12
Sep'19
Government seeks views on post-Brexit security alignment
The government has called for views on its proposals to align the UK’s post-Brexit cyber security policy to that of the European Union
-
September 12, 2019
12
Sep'19
Mirai descendants dominate IoT threat environment
Attacks leveraging compromised IoT devices are growing in size, scale and frequency, report security experts at F-Secure and Trend Micro, with Mirai-related botnets a major source of trouble
-
September 11, 2019
11
Sep'19
Equifax and Heartbleed are most-Googled cyber security terms
Analysis of 15 years’ worth of Google search data has revealed some insight into what cyber security trends are capturing the imagination
-
September 11, 2019
11
Sep'19
Nordic countries deepen collaboration with Estonia-based cyber security operation
Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security
-
September 10, 2019
10
Sep'19
UK calls for cyber capacity-building at UN security group
The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security
-
September 09, 2019
09
Sep'19
Social engineering a factor in virtually all cyber attacks, report claims
Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint
-
September 06, 2019
06
Sep'19
Australia government to chart 2020 cyber security strategy
Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint
-
September 05, 2019
05
Sep'19
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan
-
September 05, 2019
05
Sep'19
Security pros doubt officials can enact effective security laws
Elected officials cannot be trusted to enact effective cyber security legislation and social media firms should be subject to strict privacy regulation, according to most information security professionals in a survey
-
September 05, 2019
05
Sep'19
Latest Facebook security lapse exposes millions to account hijack
18 million UK users are among the more than 400 million at risk of account hijacking after phone numbers linked to their Facebook accounts were found in an open online database
-
September 04, 2019
04
Sep'19
Check Point warns of Android phishing attacks
Researchers at Check Point have identified a security flaw in Android-based smartphones that exposes vulnerable users to phishing attacks
-
September 04, 2019
04
Sep'19
TrickBot Trojan switches to stealthy Ostap downloader
Operators of the TrickBot banking Trojan have switched to a new downloader to evade detection and analysis for a high-volume malicious spam campaign targeting business, researchers warn
-
September 03, 2019
03
Sep'19
Cyber criminals tap into web social engineering toolkit
Security researchers have discovered a web social engineering toolkit that enables cyber criminals to create fake update notification campaigns
-
September 03, 2019
03
Sep'19
CISOs think cloud safer, but security fears remain
The majority of information security leaders think cloud is now safer than on-premise, but security fears remain, with recently breached and highly regulated organisations most concerned, poll reveals
-
September 03, 2019
03
Sep'19
At least 47,000 servers vulnerable to remote attack
All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers
-
September 02, 2019
02
Sep'19
UK organisations join quantum comms pilot
Four UK companies are taking part in a pilot project to build the most secure communication infrastructure in Europe
-
September 02, 2019
02
Sep'19
CISOs turn to AI, detection, response and education
Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows
-
August 30, 2019
30
Aug'19
Social media and enterprise apps pose big security risks
The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals
-
August 29, 2019
29
Aug'19
UK gets first millionaire ethical hacker
Six months after the first millionaire ethical hacker was announced, five more have been recognised, including a Briton, who have collectively discovered nearly 5,000 vulnerabilities
-
August 29, 2019
29
Aug'19
Finland’s security agencies collaborate after cyber attacks
National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure
-
August 28, 2019
28
Aug'19
Targeted cyber attacks, including ransomware, on the rise
Governments and healthcare institutions are prime targets of ransomware operators, a report shows
-
August 28, 2019
28
Aug'19
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals
-
August 28, 2019
28
Aug'19
Ransomware has evolved into a serious enterprise threat
Ransomware has seen a resurgence since the start of 2019, with cyber criminals changing code and tactics to target enterprises and local authorities for higher ransom payments, McAfee researchers warn
-
August 27, 2019
27
Aug'19
Employees, MSPs and developers top third-party risks
Employees, managed service providers and developers are the top sources of third-party risks in terms of data security, a survey reveals, highlighting the value of workplace monitoring
-
August 26, 2019
26
Aug'19
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal
-
August 23, 2019
23
Aug'19
Majority of organisations struggling with cloud security
The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility model is unclear, according to a survey of information security professionals
-
August 23, 2019
23
Aug'19
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials
-
August 22, 2019
22
Aug'19
Security pros reiterate warning against encryption backdoors
The majority of security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state cyber attacks
-
August 22, 2019
22
Aug'19
A helping hand from the Nordics in the eye of the GDPR storm
Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them
-
August 22, 2019
22
Aug'19
Tech firms join forces to boost cloud security
Top tech firms are to collaborate on open source technologies, tools, frameworks and standards that accelerate the adoption of confidential computing to boost security in cloud and edge computing
-
August 22, 2019
22
Aug'19
Cyber attackers exploiting poor cloud security
More than a third of organisations report a cyber attack on the cloud environment due to a lack of basic cloud security hygiene
-
August 21, 2019
21
Aug'19
Healthcare faces triple cyber threat, says FireEye
Criminal and nation-state cyber attackers are increasingly targeting the healthcare industry to steal data, carry out espionage and cause disruption, a report reveals