News
IT for telecoms and internet organisations
-
December 03, 2024
03
Dec'24
US updates telco security guidance after mass Chinese hack
Following the widespread Salt Typhoon hacks of US telecoms operators including AT&T and Verizon, CISA and partner agencies have launched refreshed security guidance for network engineers and defenders alike
-
December 02, 2024
02
Dec'24
NCSC boss calls for ‘sustained vigilance’ in an aggressive world
NCSC CEO Richard Horne is to echo wider warnings about the growing number and severity of cyber threats facing the UK as he launches the security body’s eighth annual report
-
November 26, 2024
26
Nov'24
Russian threat actors poised to cripple power grid, UK warns
UK government escalates cyber rhetoric in a speech at a Nato event, saying Russian advanced persistent threats stand ready to conduct cyber attacks that could ‘turn off the lights for millions’
-
November 25, 2024
25
Nov'24
Microsoft calls on Trump to ‘push harder’ on cyber threats
Microsoft’s Brad Smith urges president-elect Donald Trump to keep the faith when it comes to fighting back against hostile cyber actors from China, Iran and Russia
-
November 25, 2024
25
Nov'24
Geopolitical strife drives increased ransomware activity
The lines between financially motivated cyber criminals and nation state APTs are rapidly blurring, as geopolitical influences weigh heavily on the threat landscape, according to data from NCC
-
November 21, 2024
21
Nov'24
BianLian cyber gang drops encryption-based ransomware
The Australian and American cyber authorities have published updated intelligence on the BianLian ransomware gang, which has undergone a rapid evolution in tactics
-
November 21, 2024
21
Nov'24
Microsoft slaps down Egyptian-run rent-a-phish operation
Microsoft’s Digital Crimes Unit has conducted a successful takedown of almost 250 malicious websites used in the cyber criminal ONNX phishing-as-a-service operation
-
November 20, 2024
20
Nov'24
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks
-
November 20, 2024
20
Nov'24
Government issues strategic priorities for online safety regulator Ofcom
Technology secretary Peter Kyle sets out the government’s strategic priorities for how Ofcom should approach regulating online safety, including embedding safety by design and supporting innovation in technologies to help protect people online
-
November 18, 2024
18
Nov'24
AWS widening scope of MFA programme after early success
AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025
-
November 18, 2024
18
Nov'24
UK consumers losing more than ever to holiday scams
Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign
-
November 12, 2024
12
Nov'24
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update
-
November 12, 2024
12
Nov'24
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023
-
November 12, 2024
12
Nov'24
Police cloud project raises data protection concerns despite legal reforms
Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud
-
November 07, 2024
07
Nov'24
Google Cloud MFA enforcement meets with approval
Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals
-
November 07, 2024
07
Nov'24
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders
-
November 01, 2024
01
Nov'24
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats
-
October 29, 2024
29
Oct'24
EMEA businesses siphoning budgets to hit NIS2 goals
With NIS2 now in effect, European business leaders are having to divert budget from elsewhere to achieve compliance
-
October 28, 2024
28
Oct'24
UK launches cyber guidance package for tech startups
The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage
-
October 22, 2024
22
Oct'24
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large
-
October 10, 2024
10
Oct'24
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them
-
October 10, 2024
10
Oct'24
UK and US pledge closer working on children’s online safety
In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation
-
October 09, 2024
09
Oct'24
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform
-
October 08, 2024
08
Oct'24
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks
-
October 08, 2024
08
Oct'24
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses
-
October 04, 2024
04
Oct'24
UK telcos including BT at risk from DrayTek router vulnerabilities
A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis
-
October 04, 2024
04
Oct'24
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne
-
October 04, 2024
04
Oct'24
Cups Linux printing bugs open door to DDoS attacks, says Akamai
The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai
-
October 03, 2024
03
Oct'24
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report
-
October 02, 2024
02
Oct'24
Amazon Mechanical Turk workers suspended without explanation
A likely glitch in Amazon Payments resulted in hundreds of Mechanical Turk workers being suspended from the platform without proper explanation or pay
-
October 01, 2024
01
Oct'24
Cyber teams say they can’t keep up with attack volumes
Over 60% of European security pros say their teams are understaffed, and over 50% don’t have enough budget, according to data from ISACA
-
September 26, 2024
26
Sep'24
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers
-
September 24, 2024
24
Sep'24
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks
-
September 18, 2024
18
Sep'24
M1 ditches 70% of legacy systems in cloud transformation drive
Singapore telco M1 is switching off 70% of its legacy systems by the end of 2024 and leveraging Salesforce to offer more personalised services
-
September 18, 2024
18
Sep'24
Dreamforce 24: Salesforce taps Nvidia to power Agentforce
At Dreamforce in San Francisco, Salesforce and Nvidia detail some of the tech that will power the software giant's newly launched Agentforce service
-
September 18, 2024
18
Sep'24
Europol provides detail on Ghost encrypted comms platform takedown
Law enforcement bodies from across the world have revealed how they collaborated to bring down encrypted network Ghost and the new ways of working that have been established with Europol at the centre
-
September 18, 2024
18
Sep'24
Dreamforce 2024: Salesforce calls on customers to flesh out AI vision
A stream of customers helped Salesforce make the case for its Agentforce artificial intelligence offering on the opening day of the annual Dreamforce conference in San Francisco
-
September 13, 2024
13
Sep'24
Vodafone/Three merger likely to increase mobile prices, warns competition watchdog
A Competition and Markets Authority investigation finds the proposed merger of the two mobile operators would be bad for competition – but offers companies the chance to suggest remedies
-
September 05, 2024
05
Sep'24
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155
-
September 05, 2024
05
Sep'24
Canadian arrested by France after cooperating with US on Sky ECC cryptophone investigation
Thomas Herdman, who faces charges in France over his involvement in distributing Sky ECC encrypted phones, was arrested by French police despite agreeing to cooperate with US law enforcement
-
September 02, 2024
02
Sep'24
UK and Ukraine digital trade deal comes into force
The UK eases access to the deep tech startup community in Ukraine through digital-only agreement
-
August 29, 2024
29
Aug'24
Telegram CEO Pavel Durov under formal investigation, released on bail
European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act
-
August 29, 2024
29
Aug'24
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits
-
August 28, 2024
28
Aug'24
Global cyber spend to rise 15% in 2025, pushed along by AI
Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner
-
August 22, 2024
22
Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
-
August 20, 2024
20
Aug'24
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report
-
August 14, 2024
14
Aug'24
August Patch Tuesday proves busy with six zero-days to fix
Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
-
August 13, 2024
13
Aug'24
NIST debuts three quantum-safe encryption algorithms
NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can
-
August 08, 2024
08
Aug'24
Royal ransomware crew puts on a BlackSuit in rebrand
The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA
-
August 08, 2024
08
Aug'24
Ofcom issues online safety warning to firms in wake of UK riots
Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK