News
IT risk management
-
August 18, 2021
18
Aug'21
MoD seeks security tech to harden military systems
The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks
-
August 17, 2021
17
Aug'21
Educational publisher Pearson fined for data breach cover-up
Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach
-
August 17, 2021
17
Aug'21
Security Think Tank: Building privacy-preserving apps and platforms
ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture
-
August 16, 2021
16
Aug'21
Nearly half of retailers hit by ransomware in 2020
In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases
-
August 13, 2021
13
Aug'21
Cyber Runway programme supports new security businesses
The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses
-
August 12, 2021
12
Aug'21
ICO consults on new international data transfer agreement
Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers
-
August 11, 2021
11
Aug'21
Microsoft fixes seven critical bugs on light Patch Tuesday
All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service
-
August 11, 2021
11
Aug'21
The Netherlands still lacks digital resilience, says report
Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient
-
August 10, 2021
10
Aug'21
Ransomware demands and payments hit new records
Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021
-
August 10, 2021
10
Aug'21
Dutch lead the way in protecting themselves against internet risks
Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent
-
August 10, 2021
10
Aug'21
Researchers uncover database with 126 million unsecured records
Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns
-
August 10, 2021
10
Aug'21
How Grab is using Kafka in fraud detection
Grab is using Apache Kafka in its fraud detection and prevention platform to ingest event streams from its mobile software development kits and client backends to pick up fraudulent activities
-
August 05, 2021
05
Aug'21
Nine security flaws found in critical hospital infrastructure
The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks
-
August 05, 2021
05
Aug'21
SAP customers more alert to internal than external threats
SAP customers are more concerned by insider threats than by external attacks, according to a report. And yet the average SAP customer has around 2,500 vulnerabilities within their customised SAP code
-
August 05, 2021
05
Aug'21
Cloud misconfiguration a growing cause of security incidents
Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks
-
August 04, 2021
04
Aug'21
Initial access brokers unaffected by ransomware content bans
Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021
-
August 03, 2021
03
Aug'21
Ransomware attacks increase dramatically during 2021
Dramatic increase in ransomware attacks globally during first half of 2021 driven by triple extortion technique, and is only set to expand further
-
July 28, 2021
28
Jul'21
Almost half unaware of GP data-sharing plans
Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign
-
July 28, 2021
28
Jul'21
Top vulnerabilities target perimeter devices
The most frequently exploited CVEs of the year so far are to be found in perimeter and network access devices, according to a joint advisory from the NCSC and partners
-
July 28, 2021
28
Jul'21
COP26 cyber resource hub launched for Glasgow businesses
New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit
-
July 27, 2021
27
Jul'21
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower
The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank
-
July 27, 2021
27
Jul'21
How IBM is solving the data privacy problem
IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy
-
July 25, 2021
25
Jul'21
Tokyo 2020 hit by data breach
The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large
-
July 25, 2021
25
Jul'21
OAIC: Uber failed to protect personal data of Australians
Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog
-
July 21, 2021
21
Jul'21
France’s Macron among alleged Pegasus targets
Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware
-
July 20, 2021
20
Jul'21
NCSC’s Cameron urges deeper cyber alliance-building
Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration
-
July 20, 2021
20
Jul'21
NHS Digital tightens rules for GPDPR data scrape
The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital
-
July 15, 2021
15
Jul'21
Macquarie Data Centres to build Sydney North facility
Macquarie Data Centres’ latest 32MW facility will come with a cyber security centre that monitors and manages cyber security events
-
July 15, 2021
15
Jul'21
Lawyers take EncroChat hacking operation to French supreme court
Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law
-
July 15, 2021
15
Jul'21
Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield
-
July 15, 2021
15
Jul'21
Singapore to invest S$50m in ‘digital trust’ capabilities
The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management
-
July 14, 2021
14
Jul'21
Multiple Microsoft bugs being actively exploited
Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited
-
July 13, 2021
13
Jul'21
Modipwn vulnerability puts millions of building systems at risk
Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover
-
July 13, 2021
13
Jul'21
Met Police seize £180m worth of Bitcoin
The largest ever seizure of cryptocurrency in the UK comes just weeks after a previous multi-million pound confiscation, as law enforcement clamps down on money laundering
-
July 13, 2021
13
Jul'21
Dutch prosecutor ordered to give evidence on EncroChat hack
Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide
-
July 12, 2021
12
Jul'21
NSW department of education hit by cyber attack
Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday
-
July 11, 2021
11
Jul'21
Ransomware and botnets among top cyber threats in Singapore
The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic
-
July 08, 2021
08
Jul'21
PrintNightmare haunts Microsoft as patch may miss mark
Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied
-
July 07, 2021
07
Jul'21
US government given permission to appeal UK’s decision to not extradite Julian Assange
US offers assurances that Assange could serve time in his home country of Australia if convicted
-
July 07, 2021
07
Jul'21
ICO to probe Hancock over private email use
Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business
-
July 07, 2021
07
Jul'21
How the UK Cyber Security Council plans to professionalise security
As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is
-
July 06, 2021
06
Jul'21
Klarna under investigation by Swedish finance watchdog
Swedish fintech is being investigated by financial services regulator after customer information was visible to others
-
July 06, 2021
06
Jul'21
Cyber insurance costs up by a third
The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance
-
July 03, 2021
03
Jul'21
Berlin court finds EncroChat intercept evidence cannot be used in criminal trials
In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions
-
July 02, 2021
02
Jul'21
Should I be worried about PrintNightmare?
The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be?
-
July 02, 2021
02
Jul'21
Cyber attackers up the ante on embattled IT teams
Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements
-
July 01, 2021
01
Jul'21
NCSC joins US authorities to expose Russian brute force campaign
A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments
-
July 01, 2021
01
Jul'21
US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool
Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack
-
July 01, 2021
01
Jul'21
NHS IT fraudster Barry Stannard sentenced to five years in prison
Stannard used his position as head of unified communications at an Essex NHS Trust to cheat the taxpayer of more than £800,000
-
July 01, 2021
01
Jul'21
Nominations open for 2021 Security Serious Unsung Heroes Awards
Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators