News
IT risk management
-
October 31, 2022
31
Oct'22
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
-
October 31, 2022
31
Oct'22
Cyber crime officer says French legal challenges to EncroChat are ‘hype’
Matthieu Audibert, officer of the French Gendarmerie’s cyber space command, gets into a spat with defence lawyers on Twitter over the lawfulness of evidence from the hacked phone network EncroChat
-
October 27, 2022
27
Oct'22
NCSC’s Levy steps down after 20-year intelligence career
NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’
-
October 27, 2022
27
Oct'22
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
-
October 27, 2022
27
Oct'22
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia
-
October 27, 2022
27
Oct'22
Santander calls for cooperation to tackle APP fraud
New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud
-
October 26, 2022
26
Oct'22
Cuba ransomware cartel spoofs Ukraine armed forces
Ukrainian cyber experts issue a warning over the activities of the Cuba ransomware cartel
-
October 26, 2022
26
Oct'22
Australia budget closes in on digital divide, cyber resilience
Australia’s latest budget is geared towards providing better broadband connectivity in regional and rural areas, shoring up the cyber security posture of its businesses and plugging tech talent shortages, among other areas
-
October 25, 2022
25
Oct'22
Global digital trust market to double by 2027
The global market for digital trust technology is expected to double to $537bn by 2027, up from $270bn today as demand for cyber security and other capabilities continues to grow
-
October 25, 2022
25
Oct'22
Digital-first businesses more willing to accept some fraud
Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report
-
October 21, 2022
21
Oct'22
Microsoft slams external researchers over its own data leak
Microsoft inadvertently leaked customer data after misconfiguring an Azure Blob, but has hit out at the organisation that discovered its error, claiming it is exaggerating the scope of the issue
-
October 20, 2022
20
Oct'22
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network ...
-
October 20, 2022
20
Oct'22
Cyber professional shortfall hits 3.4 million
Shortage of cyber security professionals continues to grow and shows no signs of abating, says report
-
October 20, 2022
20
Oct'22
Singapore extends cyber security labelling scheme to medical devices
The Cyber Security Agency of Singapore is extending its cyber security labelling scheme to medical devices to encourage medical device manufacturers to adopt a security-by-design approach to product development
-
October 19, 2022
19
Oct'22
Ransomware crews regrouping as LockBit rise continues
Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead
-
October 19, 2022
19
Oct'22
Treat cyber crime as a ‘strategic threat’, UK businesses told
The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community
-
October 18, 2022
18
Oct'22
Apache vulnerability a risk, but not as widespread as Log4Shell
A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell
-
October 18, 2022
18
Oct'22
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report
-
October 14, 2022
14
Oct'22
Malicious WhatsApp add-on highlights risks of third-party mods
Kaspersky researchers discovered a malicious version of a widely used WhatsApp messenger mod, highlighting the risks of using so-called mods
-
October 14, 2022
14
Oct'22
Office 365 email encryption flaw could pose risk to user privacy
A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are
-
October 14, 2022
14
Oct'22
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency
-
October 13, 2022
13
Oct'22
Dutch influence standards for post-quantum cryptography
Cryptology group at Dutch research institute is involved in the two primary algorithms of the next NIST portfolio comprising four new standards
-
October 13, 2022
13
Oct'22
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud
-
October 12, 2022
12
Oct'22
NCSC urges organisations to secure supply chains
NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers
-
October 12, 2022
12
Oct'22
French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation
France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation
-
October 12, 2022
12
Oct'22
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen
-
October 11, 2022
11
Oct'22
Contractor left Toyota source code exposed for five years
Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor
-
October 10, 2022
10
Oct'22
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape
-
October 10, 2022
10
Oct'22
Ukraine and EU explore deeper cyber collaboration
A Ukrainian delegation has met with officials from the EU’s ENISA cyber agency to explore deeper cooperation on cyber security issues
-
October 07, 2022
07
Oct'22
Australia to amend telecoms regulations following Optus breach
Amendments to Australia’s telecoms regulations are in the works to temporarily allow sharing of individuals’ identifier information between telcos and financial institutions
-
October 06, 2022
06
Oct'22
EU rolling out measures for online safety and AI liability
The European Council has approved the passage of the Digital Services Act to protect people’s rights online, while the European Commission has announced proposals to help those negatively affected by artificial intelligence to claim compensation
-
October 06, 2022
06
Oct'22
Proposals for scanning encrypted messages should be cut from Online Safety Bill, say researchers
Automatic scanning of messaging services for illegal content could lead to one billion false alarms each day in Europe
-
October 05, 2022
05
Oct'22
Italian Supreme Court calls for prosecutors to disclose information on Sky ECC hacking operation
Italy’s Supreme Court says Italian prosecutors and police should disclose information on how they obtained intercepted messages from the Sky ECC cryptophone network
-
October 05, 2022
05
Oct'22
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure
-
October 04, 2022
04
Oct'22
Tories to replace GDPR
IT industry reacts to the government’s plan to replace the pan-European data protection regulation
-
October 04, 2022
04
Oct'22
France extradites Spanish EncroChat cryptophone distributors for complicity with organised crime
Three phone sellers have been extradited from Spain to France to face charges that they were complicit in the activities of criminal EncroChat phone users
-
September 29, 2022
29
Sep'22
Five startups to join NCSC for Startups initiative
The NCSC has invited five startups to join its NCSC for Startups programme to help the government with pressing cyber challenges facing the UK
-
September 29, 2022
29
Sep'22
Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC
Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts
-
September 29, 2022
29
Sep'22
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia
-
September 28, 2022
28
Sep'22
Data protection in Finland, four years after GDPR came into force
Data privacy has always been a big concern in Finland, so the country naturally has a lot to say about the General Data Protection Regulation four years on
-
September 28, 2022
28
Sep'22
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access
-
September 27, 2022
27
Sep'22
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic
-
September 26, 2022
26
Sep'22
Bank warns of spike in online cost-of-living scams
Fraudsters are exploiting the cost-of-living crisis by tricking people into sending money to help friends and relatives pay bills, TSB has warned
-
September 26, 2022
26
Sep'22
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials
-
September 23, 2022
23
Sep'22
How Great Eastern is transforming its IT organisation
Singapore-based insurer Great Eastern made painstaking efforts to rid itself of legacy systems and transformed its IT organisation to become nimbler by building up its cloud and DevOps capabilities
-
September 22, 2022
22
Sep'22
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets
-
September 22, 2022
22
Sep'22
Inside SolarWinds’ observability playbook
SolarWinds’ CEO Sudhakar Ramakrishna talks up the company’s observability playbook and offers a glimpse into its technology roadmap
-
September 21, 2022
21
Sep'22
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix
-
September 21, 2022
21
Sep'22
ANZ organisations using antiquated backup and recovery systems
Nearly half of ANZ organisations are still using backup and recovery systems from over a decade ago, hampering their ability to protect their data assets and recover from ransomware attacks
-
September 20, 2022
20
Sep'22
Thousands of customers affected in Revolut data breach
Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack