News
Hackers and cybercrime prevention
-
July 29, 2024
29
Jul'24
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out
-
July 25, 2024
25
Jul'24
North Korean cyber APT targeting nuclear secrets
Mandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, including nuclear secrets
-
July 24, 2024
24
Jul'24
Mimecast to buy insider threat specialist Code42
Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms
-
July 23, 2024
23
Jul'24
NCA seizes thousands of social media accounts used by people smugglers
A three-year campaign has seen thousands of social media posts and accounts used to advertise the services of illegal people smugglers taken down
-
July 22, 2024
22
Jul'24
NCA cracks digitalstress DDoS-for-hire operation
The UK authorities have taken down a major component of the multinational DDoS cyber attack-for-hire ecosystem, hacking into the digitalstress.su service and exfiltrating data on its users, who now face arrest
-
July 22, 2024
22
Jul'24
NCSC: Beware of criminal CrowdStrike opportunists
Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow
-
July 18, 2024
18
Jul'24
Growth in nude image sharing heightens cyber abuse risk
The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky
-
July 17, 2024
17
Jul'24
UK Cyber Bill teases mandatory ransomware reporting
In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting
-
July 17, 2024
17
Jul'24
Hackney Council reprimanded over 2020 ransomware attack
The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating cyber attack, but at the same time, the regulator praised the local authority for its response and commitment to making improvements
-
July 17, 2024
17
Jul'24
Labour government plans new laws around cyber security, data sharing and skills
The King's Speech outlined the legislative agenda for the new Parliament, including several bills that will impact the tech community
-
July 17, 2024
17
Jul'24
How iProov is fending off deepfake fraud
Facial biometrics and controlled illumination can detect liveness, verify identities and help prevent deepfake attacks
-
July 16, 2024
16
Jul'24
Strategic Defence Review must emphasise cyber security, says industry
Cyber security leaders say the new government's Strategic Defence Review needs to put digital security front and centre
-
July 15, 2024
15
Jul'24
NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack
The two NHS Trusts most heavily impacted by the Qilin ransomware attack on pathology services provider Synnovis have cancelled over 6,000 appointments and procedures in the past five weeks
-
July 12, 2024
12
Jul'24
AT&T loses ‘nearly all’ phone records in Snowflake breach
Hackers have stolen records of virtually every call made by AT&T's customers during a six-month period in 2022, after compromising the US telco's Snowflake data environment
-
July 12, 2024
12
Jul'24
Public awareness of ID security grows, but big obstacles remain
Consumers are improving their awareness of the issues around digital identity security, but there are still some big issues preventing many from doing better, according to an Okta report
-
July 11, 2024
11
Jul'24
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain
-
July 11, 2024
11
Jul'24
Inside Israel’s cyber security operations
An emergency phone line allows cyber security analysts at the Israel Computer Emergency Response Team to map threats against national infrastructure
-
July 09, 2024
09
Jul'24
Chinese spies target vulnerable home office kit to run cyber attacks
China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert
-
July 09, 2024
09
Jul'24
Lessons from war: How Israel is fighting Iranian state-backed hacking
The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties
-
July 09, 2024
09
Jul'24
Atos jumps on ‘moving train’ for Euro 2024
Atos provides the IT supporting major recurring sporting events including Uefa’s European Football Championship
-
July 08, 2024
08
Jul'24
Synnovis attack highlights degraded, outdated state of NHS IT
More cyber attacks against the health service are likely, and will succeed if something isn’t done to address the increasingly elderly NHS IT estate, experts are warning
-
July 03, 2024
03
Jul'24
NCA’s Operation Morpheus targets illicit Cobalt Strike use
International law enforcement operation targets cyber criminals using the Cobalt Strike penetration testing framework for dodgy purposes
-
June 28, 2024
28
Jun'24
How FWD is driving its digital strategy
FWD’s group chief technology and operations officer talks up how the pan-Asian insurer is driving change faster and putting technology at the heart of its services
-
June 28, 2024
28
Jun'24
How Recorded Future is operationalising threat intelligence
Recorded Future is investing in APIs to enable automated security workflows, among other measures, to help organisations overcome the hurdles of operationalising threat intelligence
-
June 26, 2024
26
Jun'24
Israel’s cyber chief calls for international front against Iranian hackers
Israel’s cyber chief has called for international action against Iran over state-backed hacking
-
June 25, 2024
25
Jun'24
WikiLeaks founder Julian Assange freed from prison
A deal reached with US authorities will end the WikiLeaks founder’s years-long legal saga, setting him free if he pleads guilty to a criminal conspiracy charge
-
June 25, 2024
25
Jun'24
NHS experts raise warning over patient data breach risk in registries project
Clinicians warn that the NHS England Outcome Registries Platform has poor security and is vulnerable to cyber attack, putting critical patient data at risk of being exposed
-
June 24, 2024
24
Jun'24
Sellafield pleads guilty to criminal charges over cyber security
Nuclear Decommissioning Authority-backed organisation Sellafield Ltd pleads guilty to criminal charges brought over significant cyber security failings that could have compromised sensitive nuclear information
-
June 21, 2024
21
Jun'24
Qilin ransomware gang publishes stolen NHS data online
The ransomware gang behind a major cyber attack on NHS supplier Synnovis has published a 400GB trove of private healthcare data online
-
June 13, 2024
13
Jun'24
Black Basta ransomware crew may be exploiting Microsoft zero-day
A Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ransomware gang, threat hunters warn
-
June 12, 2024
12
Jun'24
RCE flaw and DNS zero-day top list of Patch Tuesday bugs
An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday
-
June 11, 2024
11
Jun'24
Pure Storage hit by Snowflake credential hackers
Pure Storage emerges as the latest victim of a fast-spreading breach of Snowflake customers targeting users with lax credential security measures in place
-
June 11, 2024
11
Jun'24
More than 160 Snowflake customers hit in targeted data theft spree
Mandiant reports that more than 160 Snowflake customers have been hit in a broad data theft and extortion campaign targeting organisations that have failed to pay proper attention to securing valuable credentials
-
June 10, 2024
10
Jun'24
General election 2024: Liberal Democrats thread digital commitments throughout manifesto
The Lib Dems have promised a new industrial strategy and emphasised the importance of the digital sector, skills and regulating AI, as they lay out plans for the UK general election
-
June 10, 2024
10
Jun'24
NHS blood stocks running low after ransomware attack
The NHS is appealing for people with O Positive and O Negative blood types to come forward to donate as hospitals in London struggle to keep critical services running after ransomware attack
-
June 07, 2024
07
Jun'24
DDoS gang threatens to disrupt European elections
Russian hacktivists are threatening to disrupt the European Parliament elections, while the BBC reports on new deepfake threats to the UK’s electoral process
-
June 07, 2024
07
Jun'24
Bitdefender makes MDR services free to NHS bodies hit by Qilin
Bitdefender offers NHS bodies affected by a major cyber incident free access to its product suite, as the health service continues to deal with the impact of the Qilin ransomware attack on partner Synnovis
-
June 07, 2024
07
Jun'24
Sophos uncovers Chinese state-sponsored campaign in Southeast Asia
Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea
-
June 06, 2024
06
Jun'24
FBI finds 7,000 LockBit decryption keys in blow to criminal gang
The US authorities say they now have more than 7,000 LockBit decryption keys in their possession and are urging victims of the prolific ransomware gang to come forward
-
June 05, 2024
05
Jun'24
Qilin ransomware gang likely behind crippling NHS attack
Security experts investigating a major cyber attack on an NHS partner that has caused frontline services across South London to grind to a halt say the Qilin ransomware gang appears to be the culprit
-
June 04, 2024
04
Jun'24
OAIC files civil penalty action against Medibank
The OAIC alleges that Medibank failed to take reasonable steps to protect the personal information of 9.7 million Australians in the October 2022 data breach
-
June 04, 2024
04
Jun'24
NHS services at major London hospitals disrupted by cyber attack
A major cyber attack at NHS services provider Synnovis is disrupting frontline care at hospitals across London
-
June 04, 2024
04
Jun'24
Russia used fake AI Tom Cruise in Olympic disinformation campaign
Microsoft threat researchers report a surge in Russian disinformation campaigns targeting the 2024 Summer Olympics, including AI-enhanced propaganda
-
June 03, 2024
03
Jun'24
97 FTSE 100 firms exposed to supply chain breaches
Between March 2023 and March 2024, 97 out of 100 companies on the UK’s FTSE 100 list were put at risk of compromise following supply chain breaches at third-party suppliers
-
June 03, 2024
03
Jun'24
Major breaches allegedly caused by unsecured Snowflake accounts
Significant data breaches at Ticketmaster and Santander appear to have been orchestrated through careful targeting of the victims’ Snowflake cloud data management accounts
-
June 02, 2024
02
Jun'24
Ticketek Australia hit by data breach
Customer names, dates of birth and email addresses of Ticketek Australia account holders reportedly impacted in latest data breach affecting event ticketing firm
-
May 30, 2024
30
May'24
Europol sting operation smokes multiple botnets
Malware droppers including Bumblebee and Smokeloader were among those targeted in one of the largest ever joint operations against cyber criminal botnets
-
May 29, 2024
29
May'24
Proofpoint exposes AFF scammers’ piano gambit
Ransomware and nation state actors dominate the headlines, but fraud and scams still net career cyber criminals thousands from unsuspecting members of the public. Proofpoint reports on a campaign targeting victims of a musical inclination
-
May 24, 2024
24
May'24
Parliamentarians warn of UK election threat from Russia, China and North Korea
Joint parliamentary security committee chair Margaret Beckett writes to prime minister urging government to prepare for foreign states interfering with 4 July election
-
May 22, 2024
22
May'24
Rockwell urges users to disconnect ICS equipment
ICS systems maker Rockwell Automation calls on users to take steps to secure their equipment, and reminds them there is no reason to ever have its hardware connected to the public internet, as it tracks an increase in global threat activity