News
IT risk management
-
March 02, 2022
02
Mar'22
Cyber companies step up support for Ukraine
Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine
-
March 02, 2022
02
Mar'22
SunSeed malware hits those involved in Ukraine refugee relief
European governments involved in managing the logistics of hundreds of thousands of people fleeing Ukraine have been targeted by a suspected state-backed actor
-
March 02, 2022
02
Mar'22
Ban predictive policing systems in EU AI Act, says civil society
A coalition of civil society groups has called on European lawmakers to use the upcoming Artificial Intelligence Act as an opportunity to ban predictive policing systems
-
March 01, 2022
01
Mar'22
DCMS opens consultation on telecoms cyber standards
Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act
-
February 28, 2022
28
Feb'22
Cloudflare: Our network is our product
Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats
-
February 24, 2022
24
Feb'22
KnowBe4 cyber drama tackles Colonial Pipeline in fourth season
KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021
-
February 24, 2022
24
Feb'22
Security organisations form Nonprofit Cyber coalition
Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world
-
February 24, 2022
24
Feb'22
New cyber guidelines to safeguard construction sector
NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building
-
February 24, 2022
24
Feb'22
Russia behind dangerous Cyclops Blink malware
Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk
-
February 23, 2022
23
Feb'22
Backups ‘no longer effective’ for stopping ransomware attacks
Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques
-
February 23, 2022
23
Feb'22
No imminent cyber threat to UK from Russia
Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain
-
February 23, 2022
23
Feb'22
IBM opens cyber security hub in India
Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region
-
February 22, 2022
22
Feb'22
UK organisations swift to chide phishing victims
While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated
-
February 21, 2022
21
Feb'22
Zoom gains NCSC Cyber Essentials Plus and NHS security badges
Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats
-
February 17, 2022
17
Feb'22
Red Cross cyber attack the work of nation-state actors
The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state
-
February 16, 2022
16
Feb'22
2021 another record year for UK cyber investment
Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment
-
February 16, 2022
16
Feb'22
DDoS attacks hit Ukrainian defence ministry and banks
A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region
-
February 16, 2022
16
Feb'22
Cloud Security Alliance publishes guidelines to bridge compliance and DevOps
The Cloud Security Alliance has published a report detailing practices that organisations can adopt to bridge the gap between compliance and software development and operations
-
February 15, 2022
15
Feb'22
TA2451 targets aviation and transport sector with tailored lures
Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors
-
February 15, 2022
15
Feb'22
China emerges as leader in vulnerability exploitation
Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs
-
February 11, 2022
11
Feb'22
Lack of knowledge disastrous for effective security strategy within Dutch companies
Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy
-
February 11, 2022
11
Feb'22
Why security professionals should pay attention to what Russia is doing
Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to
-
February 11, 2022
11
Feb'22
Hackney Council could be forced to answer questions about IT security training after Psya ransomware
Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic
-
February 10, 2022
10
Feb'22
How diplomatic immunity silenced the prosecutor who coordinated Sweden’s EncroChat probe
Defence lawyers claim Swedish court decision not to hear evidence from a Swedish prosecutor leaves important legal questions unanswered over international police operation to hack EncroChat cryptophone network
-
February 09, 2022
09
Feb'22
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
-
February 09, 2022
09
Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
-
February 09, 2022
09
Feb'22
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day
-
February 09, 2022
09
Feb'22
Tech companies risk being compelled by law to protect children, says online safety expert
John Carr, a child safety campaigner backing a government-funded campaign on the dangers of end-to-end encryption to children, says tech companies have no choice but to act
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 04, 2022
04
Feb'22
Check Point looks to plug ASEAN’s cyber security gap
Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors
-
February 03, 2022
03
Feb'22
BlackCat crew supposedly behind OilTanking ransomware heist
Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group
-
February 03, 2022
03
Feb'22
Crisp supply shortage looms after KP Snacks hit by ransomware
Supplies of Hula Hoops and many other snack brands are under threat after a ransomware attack on the systems of KP Snacks
-
February 03, 2022
03
Feb'22
French Supreme Court raises constitutional questions over EncroChat hacking secrecy
Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution
-
February 02, 2022
02
Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges
IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
-
February 02, 2022
02
Feb'22
Reforms needed to tackle economic crime, says Treasury Committee
The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action
-
February 02, 2022
02
Feb'22
British Council data exposed by third-party cyber failure
The British Council entrusted confidential data on its students to a third-party and was let down
-
February 01, 2022
01
Feb'22
Over one-fifth of ransomware attacks target financial sector
Newly published data reveals a significant uptick in cyber attacks against the financial services sector during the third quarter of 2021
-
January 28, 2022
28
Jan'22
Cyber skills gap affecting data privacy practice, finds ISACA
Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report
-
January 28, 2022
28
Jan'22
Korean researchers invent silk-based security device
Experts from the Gwangju Institute of Science have built a digital security device based on natural silk fibres that they claim is practically unbreachable
-
January 27, 2022
27
Jan'22
CISOs must get out in front of Ukraine cyber crisis, says NCSC
The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis
-
January 26, 2022
26
Jan'22
More intel emerges on WhisperGate malware that hit Ukraine
Security experts have been poring over the WhisperGate malware with which alleged Russia-backed entities targeted Ukrainian government websites
-
January 26, 2022
26
Jan'22
MPs to debate landmark IoT security law
Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain
-
January 25, 2022
25
Jan'22
Prepare, but don’t panic, over supposed Russian cyber threat
A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors
-
January 25, 2022
25
Jan'22
Cyber Essentials programme gets biggest update since launch
NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
-
January 25, 2022
25
Jan'22
UK government launches internal cyber strategy
Multi-pronged government security strategy is designed to protect both core systems and public services
-
January 24, 2022
24
Jan'22
India’s cyber security industry doubles in size amid pandemic
Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy
-
January 21, 2022
21
Jan'22
Mandiant analysts: Russia-backed APTs likely to ramp up attacks
More cyber attacks like those perpetrated against targets in Ukraine are to be expected, and they may become more destructive
-
January 21, 2022
21
Jan'22
Cyber pros: Don’t revel in REvil’s downfall just yet
The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely
-
January 21, 2022
21
Jan'22
Scam losses in Australia hit record high
Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses
-
January 20, 2022
20
Jan'22
Updated cyber security regulations proposed for managed services sector
The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks