News

Hackers and cybercrime prevention

• July 29, 2019 29 Jul'19

  Visa card vulnerabilities enable contactless limit bypass

  Security researchers have discovered vulnerabilities on Visa cards that could be exploited to bypass contactless payment limits and result in huge losses

• July 29, 2019 29 Jul'19

  WannaCry hero Marcus Hutchins spared jail

  British security researcher who helped halt the global WannaCry ransomware attack that hit the NHS in 2017 has avoided jail in the US for creating other malware

• July 29, 2019 29 Jul'19

  Cyber kill chain is outdated, says Carbon Black

  The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles

• July 26, 2019 26 Jul'19

  Email security as important as ever, report shows

  Cyber security professionals need to keep up to date with email-borne threats because they continue to evolve and have a major impact on business, research reveals

• July 26, 2019 26 Jul'19

  86 million reasons to support No More Ransom

  Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world

• July 25, 2019 25 Jul'19

  F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

  Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated

• July 25, 2019 25 Jul'19

  Mobile banking malware surges in 2019

  Mobile banking malware surged in the first half of the year, email scams geared up and attacks on cloud increased, while illicit cryptocurrency miners declined, report reveals

• July 25, 2019 25 Jul'19

  Most SMEs severely underestimate cyber security vulnerabilities

  Small businesses are the primary target for cyber attacks, yet most are unprepared and do not think they will be targeted, a survey reveals

• July 24, 2019 24 Jul'19

  Internet crime costs global economy £2.3m a minute

  Cyber crime cost the global economy £2.3m every minute in 2018, reveals a report aimed at defining the scale of cyber attacks taking place over the internet

• July 24, 2019 24 Jul'19

  Global malware down but ransomware up, with UK hard hit

  Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals

• July 24, 2019 24 Jul'19

  AI to advance Swedish military systems

  Swedish report into use of artificial intelligence in military systems reveals opportunities and concerns

• July 23, 2019 23 Jul'19

  Phishing attack highlights cyber security need at universities

  UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices

• July 23, 2019 23 Jul'19

  Norsk Hydro cyber attack could cost up to $75m

  March 2019 ransomware attack could cost Norwegian aluminium giant up to $75m in the first half of the year, according to latest estimates

• July 23, 2019 23 Jul'19

  Data breach costs on the rise, IBM study shows

  Data breach costs have risen in the past decade, and the financial impact can be felt for years. Breaches posing a growing risk for small businesses, a study shows, underlining the importance of incident response

• July 23, 2019 23 Jul'19

  Government delays final decision on Huawei

  Culture secretary says he cannot yet make specific decisions about Huawei’s involvement in the UK’s telecoms and mobile networks due to a lack of clarity from the US, effectively green-lighting its use

• July 23, 2019 23 Jul'19

  Microsoft talks up benefits and pitfalls of machine learning in security

  Software giant Microsoft uses machine learning models to detect emerging threats while keeping an eye on potential bias in security data points that could derail its analysis

• July 22, 2019 22 Jul'19

  US fines Equifax $700m over 2017 breach

  Global settlement with US authorities follows systems breach that saw more than 140 million customer records stolen

• July 22, 2019 22 Jul'19

  Big tech firms back UK cyber security initiative

  Big technology firms have pledged their support for UK investment in an initiative to “design out” of new tech the most damaging cyber security threats

• July 19, 2019 19 Jul'19

  Latest ICO fine highlights privacy due diligence

  A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices

• July 19, 2019 19 Jul'19

  Second CyberThreat Summit announced by NCSC and SANS Institute

  CyberThreat 2019 aims to bring together a more diverse set of technical professionals in cyber security from the private and public sectors in the UK and abroad to encourage collaboration

• July 19, 2019 19 Jul'19

  Warzone bulletproof hosts protecting Magecart group

  Security researchers have discovered a Magecart group operating with impunity using bulletproof hosting services, including one in battle-scarred Ukraine

• July 18, 2019 18 Jul'19

  UK poor cyber security practice undermining controls

  UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals

• July 18, 2019 18 Jul'19

  Lateral phishing used to attack organisations on global scale

  Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 email accounts

• July 17, 2019 17 Jul'19

  Most security pros still concerned about public cloud security

  Despite accelerated adoption of public cloud services by companies keen to benefit from increased efficiency, scalability and agility, most security professionals have reservations

• July 17, 2019 17 Jul'19

  Suspected malicious MS Office tool maker arrested

  Dutch police have arrested a man suspected of producing and selling toolkits to create malicious Microsoft Office documents

• July 17, 2019 17 Jul'19

  Vulnerable firmware in enterprise server supply chain

  Researchers are warning of vulnerabilities in firmware from a third-party supplier that put some servers from Lenovo, Gigabyte and six other manufacturers at risk

• July 16, 2019 16 Jul'19

  NCSC calls out Microsoft over Dmarc reports

  The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide crucial reports from its email platforms

• July 16, 2019 16 Jul'19

  Digital safety skills initiative launched against cyber crime

  Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to protect themselves and their families from most common cyber attacks

• July 16, 2019 16 Jul'19

  UN resolution ignores special rapporteur’s call for halt to spyware sales

  UN’s Human Rights Council adopts resolution to explore the impact of new and emerging digital technologies on human rights, but the text ignores a damning report by the council’s own expert on freedom of expression

• July 16, 2019 16 Jul'19

  NCSC reports on second year of cyber defence at scale

  The UK’s National Cyber Security Centre releases a report on the second year of its Active Cyber Defence programme to demonstrate its effects in the public sector and wider UK cyber ecosystem

• July 15, 2019 15 Jul'19

  Organisations turn to AI in race against cyber attackers

  Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks

• July 15, 2019 15 Jul'19

  UK public sector needs to prioritise mobile device security

  Only 10% of public service stolen and lost mobile are recovered, underlining the need for mobile-centric, zero-trust model to reduce the risk, says MobileIron

• July 15, 2019 15 Jul'19

  UK boards ignoring £30bn cyber risk

  Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds

• July 12, 2019 12 Jul'19

  New FinSpy versions extend surveillance capabilities

  New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers

• July 12, 2019 12 Jul'19

  Windows 10 to enable passwordless sign-in

  Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security

• July 11, 2019 11 Jul'19

  Attacks against AI systems are a growing concern

  European research group says attacks against AI systems are already occurring, difficult to identify, and could be far more common than currently understood

• July 11, 2019 11 Jul'19

  RiskIQ uncovers new Magecart campaign

  A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers

• July 10, 2019 10 Jul'19

  Agent Smith mobile malware hits millions of devices

  New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered

• July 10, 2019 10 Jul'19

  Demand for ICO help escalates in GDPR's first year

  The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force

• July 09, 2019 09 Jul'19

  Nearly half of firms fear cloud apps make them insecure

  Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments

• July 08, 2019 08 Jul'19

  TfL launches wireless device tracking to gather Tube data

  Transport for London aims to use passenger movement data to make using the London Underground a more pleasant experience

• July 08, 2019 08 Jul'19

  British Airways facing £183m GDPR fine

  British Airways is to appeal against a record fine for infringement of data protection rules for a breach of customer data in 2018

• July 08, 2019 08 Jul'19

  IISP gains Royal Charter status

  The UK finally has its first national professional body for cyber security that will be responsible for setting the standards for skills and knowledge in the industry to reduce the skills gap and increase diversity

• July 05, 2019 05 Jul'19

  St John Ambulance praised for response to ransomware attack

  Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared

• July 04, 2019 04 Jul'19

  Security and privacy key to smart buildings and cities

  Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper

• July 04, 2019 04 Jul'19

  FireEye ties Microsoft Outlook exploit to Iranian hackers

  US Cyber Command has issued a warning that a patched Microsoft Outlook vulnerability is being exploited by unnamed threat actors, and recommended immediate patching

• July 04, 2019 04 Jul'19

  Email still top security vulnerability, survey shows

  Email is still the top security vulnerability, a survey shows, but security researchers caution that switching to instant messaging is not necessarily a solution in the longer term

• July 04, 2019 04 Jul'19

  APAC experts weigh in on cyber security trends

  The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures

• July 03, 2019 03 Jul'19

  Sodin ransomware exploiting Windows zero-day, Kaspersky warns

  Security researchers are warning that a recently discovered type of ransomware is now exploiting a zero-day Windows vulnerability, and does not require user interaction to trigger an infection

• July 03, 2019 03 Jul'19

  Top VPNs secretly owned by Chinese firms

  Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn

• July 02, 2019 02 Jul'19

  Sweden’s Protective Security Act targets cyber risks

  IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies

• July 02, 2019 02 Jul'19

  Orvibo data leak puts security spotlight on IoT back end

  The security of devices that make up the internet of things (IoT) is a top concern for many in the industry, but leaks from an IoT database highlights the importance of back-end security too

• July 02, 2019 02 Jul'19

  Singapore to beef up police tech capabilities

  Singapore government singles out biometrics, data analytics and digital forensics as promising areas to boost crime-fighting efforts

• July 02, 2019 02 Jul'19

  Few UK firms are cyber insured despite financial losses

  More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses

• July 01, 2019 01 Jul'19

  Symantec gearing up for future cyber security

  Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson

• July 01, 2019 01 Jul'19

  Huge jump in cyber incidents reported by finance sector

  The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement

• June 28, 2019 28 Jun'19

  TIN coalition calls for industry action against cyber fraud

  An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud

• June 28, 2019 28 Jun'19

  Cyber crime reporting crucial, say UK police

  UK police are gearing up to make it easier for business to report cyber crime, saying that under-reporting continues to be a challenge

• June 27, 2019 27 Jun'19

  Dutch bank and researchers begin defence against quantum computing’s dark side

  ABN Amro is working with QuTech to ensure that banks can protect data against quantum computers in the future

• June 26, 2019 26 Jun'19

  Fido Alliance announces new standards

  Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security

• June 26, 2019 26 Jun'19

  Commercial interests put customer security at risk, survey shows

  Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows

• June 26, 2019 26 Jun'19

  Wider threat campaign behind Wipro breach

  A sophisticated, far-ranging threat campaign was behind the breach at Indian IT services firm Wipro in April, which was not an isolated incident, RiskIQ report reveals

• June 26, 2019 26 Jun'19

  Six arrested over €24m cryptocurrency theft

  Police have arrested six people in the UK and the Netherlands in connection with the theft of cryptocurrency worth €24m

• June 26, 2019 26 Jun'19

  Singapore government forms digital industry office

  New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy

• June 26, 2019 26 Jun'19

  UK cyber security progress stalled, says report

  UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India

• June 25, 2019 25 Jun'19

  APT attack on telcos highlights need for comprehensive defence

  A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators

• June 25, 2019 25 Jun'19

  Airbus opens cyber innovation hub in Wales

  Newport hub will focus on industrial control systems, artificial intelligence and data analytics

• June 25, 2019 25 Jun'19

  Cyber attackers using wider range of threats

  Businesses need to ensure they are able to defend against a wide range of threats in the face of increased malicious Office documents, Mac malware and web application exploits, report shows

• June 25, 2019 25 Jun'19

  UK firms downloading vulnerable open source software

  Vulnerable open source software components are posing a security threat to UK firms, according to a report that also shows how best practice, including automation, can reduce the risk

• June 24, 2019 24 Jun'19

  Hospitality industry at highest risk of phishing

  Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018

• June 21, 2019 21 Jun'19

  UK takes world lead in surveillance camera security

  Although the UK is sometimes referred to as “the most surveilled country” in the world, it has taken the lead in setting minimum security requirements for surveillance cameras. But how will this make a difference internationally?

• June 21, 2019 21 Jun'19

  Nominations open for UK’s security unsung heroes

  The Security Serious cyber awareness campaign has opened nominations for the fourth annual cyber security Unsung Heroes awards

• June 21, 2019 21 Jun'19

  Parents don’t know enough about cyber careers

  Research by the SANS Institute finds that while parents are aware of cyber security, they don’t know enough to encourage their children into cyber roles

• June 21, 2019 21 Jun'19

  Small business not necessarily weakest security link

  Small businesses may not be the weakest link in the supply chain after all, with a lack of skills and best practices being bigger factors, a study by (ISC)² reveals

• June 20, 2019 20 Jun'19

  Facebook officially unveils cryptocurrency plans

  Facebook has released details about its Libra cryptocurrency, but questions still remain over how, and if, it will work

• June 20, 2019 20 Jun'19

  Enterprises challenged with security basics

  Visibility, security tool overload and manual reporting are cited as top concerns by UK security leaders, a report reveals

• June 20, 2019 20 Jun'19

  UK to launch security standard for surveillance cameras

  The UK is launching the world’s first voluntary cyber security standard and compliance certification mark for the manufacturers of surveillance cameras

• June 20, 2019 20 Jun'19

  Most mobile apps vulnerable to malware

  iOS and Android apps equally vulnerable to being exploited remotely by malware, report reveals

• June 19, 2019 19 Jun'19

  IoT Security Foundation publishes smart building whitepaper

  The IoT Security Foundation has published a guide on security for smart buildings to highlight key issues and gather feedback to inform future guidance for industry stakeholders

• June 19, 2019 19 Jun'19

  Converged security takes centre stage at IFSEC

  The importance and benefits of combining physical and cyber security was underlined in the opening session of the 2019 IFSEC security conference

• June 18, 2019 18 Jun'19

  Singapore faced fewer cyber threats in 2018

  Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns

• June 17, 2019 17 Jun'19

  DevSecOps is key to uniting opposing forces

  Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer

• June 17, 2019 17 Jun'19

  Asco breaks silence on ransomware attack

  A week after reportedly being hit by a ransomware attack, Belgium-based mechanical equipment manufacturer Asco has finally provided some details

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 14, 2019 14 Jun'19

  Innovation drives Nominet to cyber security

  Embracing an innovation strategy for a mature organisation led domain name registry Nominet to found a cyber security business based on its core expertise, its CEO tells London Tech Week

• June 13, 2019 13 Jun'19

  UK firms need to address risky user habits

  McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers

• June 13, 2019 13 Jun'19

  Facebook London hiring spree focuses on tackling online harms

  Facebook is hiring for 500 tech jobs in the capital in the next six months, with a particular focus on seeking out and clamping down on malicious content and fake accounts, and curbing other harmful behaviour on its platforms

• June 13, 2019 13 Jun'19

  AI-enabled cyber attacks a reality soon, warns Mikko Hypponen

  Technology continues to shape human conflict and artificial intelligence will be no exception, so business needs to up its ability to detect attacks and respond, says security expert

• June 12, 2019 12 Jun'19

  Operational technology security improving, but attack surface continues to grow

  Critical national infrastructure providers and others are improving cyber security capabilities around industrial control systems, but the cyber threat remains high and continues to evolve, a study shows

• June 11, 2019 11 Jun'19

  Most code-signing processes insecure, study shows

  The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals

• June 11, 2019 11 Jun'19

  MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

  Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government

• June 11, 2019 11 Jun'19

  Implementing Dmarc a top priority for UK

  Basic email security should be a top priority for UK firms, followed by reducing third-party web exposure and monitoring data flows leaving the enterprise, a Rapid7 study reveals

• June 10, 2019 10 Jun'19

  Large firms look to zero-trust security to reduce cyber risk

  In the face of increasing cyber breach risk as organisations move to hybrid multi-cloud IT environments, just over half of large firms in Europe are planning a zero-trust approach to security

• June 07, 2019 07 Jun'19

  NotPetya offers industry-wide lessons, says Maersk’s tech chief

  There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted

• June 07, 2019 07 Jun'19

  Misconfigured container services are a security risk

  Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack

• June 07, 2019 07 Jun'19

  How ASEAN firms are using AI to combat cyber threats

  Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike

• June 06, 2019 06 Jun'19

  Weak cyber security top challenge, says NCSC chief Ciaran Martin

  UK cyber security agency NCSC is focusing on practical support and making the internet and technology safer to use, but says the area that needs most attention is improving basic cyber security in firms, says agency chief

• June 06, 2019 06 Jun'19

  Firms face targeted bespoke cyber attacks, dark web study reveals

  Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard

• June 06, 2019 06 Jun'19

  Legacy IT systems a significant security challenge

  Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe

• June 06, 2019 06 Jun'19

  Digital transformation an opportunity for security

  Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe