News

IT risk management

August 26, 2021 26 Aug'21
Government unveils post-Brexit data flow proposals

The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law
August 26, 2021 26 Aug'21
NZ privacy lead John Edwards named new information commissioner

DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner
August 25, 2021 25 Aug'21
Calling the cops for ransomware attacks doesn’t help, say cyber pros

A new study for the #Ransomaware campaign reveals some insight into why so few victims report ransomware attacks
August 25, 2021 25 Aug'21
UK loses £1.3bn to fraud and cyber crime so far this year

New figures from the National Fraud Intelligence Bureau show a threefold spike in reported financial losses to fraud and cyber crime in the first six months of 2021

August 24, 2021 24 Aug'21
Half of MS Exchange servers at risk in ProxyShell debacle

Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited
August 24, 2021 24 Aug'21
Over a million opt out of NHS data-sharing

Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme
August 23, 2021 23 Aug'21
Flexxon and Lenovo tie up on AI-infused SSDs

Singapore-based Flexxon teams up with Lenovo to make its solid-state drive that uses artificial intelligence to fend off cyber threats available on ThinkPad-based laptops
August 19, 2021 19 Aug'21
Pub apps harvesting swathes of customer data unnecessarily

Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners
August 19, 2021 19 Aug'21
IT leaders fear ‘trickle-down’ of nation-state cyber attacks

Three-quarters of IT decision-makers are concerned that the tactics, techniques and procedures used by nation-state attackers could be used against them
August 18, 2021 18 Aug'21
MoD seeks security tech to harden military systems

The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks

August 17, 2021 17 Aug'21
Educational publisher Pearson fined for data breach cover-up

Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach
August 17, 2021 17 Aug'21
Security Think Tank: Building privacy-preserving apps and platforms

ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture
August 16, 2021 16 Aug'21
Nearly half of retailers hit by ransomware in 2020

In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases
August 13, 2021 13 Aug'21
Cyber Runway programme supports new security businesses

The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses
August 12, 2021 12 Aug'21
ICO consults on new international data transfer agreement

Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers
August 11, 2021 11 Aug'21
Microsoft fixes seven critical bugs on light Patch Tuesday

All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service
August 11, 2021 11 Aug'21
The Netherlands still lacks digital resilience, says report

Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient
August 10, 2021 10 Aug'21
Ransomware demands and payments hit new records

Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021
August 10, 2021 10 Aug'21
Dutch lead the way in protecting themselves against internet risks

Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent
August 10, 2021 10 Aug'21
Researchers uncover database with 126 million unsecured records

Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns
August 10, 2021 10 Aug'21
How Grab is using Kafka in fraud detection

Grab is using Apache Kafka in its fraud detection and prevention platform to ingest event streams from its mobile software development kits and client backends to pick up fraudulent activities
August 05, 2021 05 Aug'21
Nine security flaws found in critical hospital infrastructure

The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks
August 05, 2021 05 Aug'21
SAP customers more alert to internal than external threats

SAP customers are more concerned by insider threats than by external attacks, according to a report. And yet the average SAP customer has around 2,500 vulnerabilities within their customised SAP code
August 05, 2021 05 Aug'21
Cloud misconfiguration a growing cause of security incidents

Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks
August 04, 2021 04 Aug'21
Initial access brokers unaffected by ransomware content bans

Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021
August 03, 2021 03 Aug'21
Ransomware attacks increase dramatically during 2021

Dramatic increase in ransomware attacks globally during first half of 2021 driven by triple extortion technique, and is only set to expand further
July 28, 2021 28 Jul'21
Almost half unaware of GP data-sharing plans

Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign
July 28, 2021 28 Jul'21
Top vulnerabilities target perimeter devices

The most frequently exploited CVEs of the year so far are to be found in perimeter and network access devices, according to a joint advisory from the NCSC and partners
July 28, 2021 28 Jul'21
COP26 cyber resource hub launched for Glasgow businesses

New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit
July 27, 2021 27 Jul'21
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower

The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank
July 27, 2021 27 Jul'21
How IBM is solving the data privacy problem

IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy
July 25, 2021 25 Jul'21
Tokyo 2020 hit by data breach

The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large
July 25, 2021 25 Jul'21
OAIC: Uber failed to protect personal data of Australians

Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog
July 21, 2021 21 Jul'21
France’s Macron among alleged Pegasus targets

Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware
July 20, 2021 20 Jul'21
NCSC’s Cameron urges deeper cyber alliance-building

Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration
July 20, 2021 20 Jul'21
NHS Digital tightens rules for GPDPR data scrape

The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital
July 15, 2021 15 Jul'21
Macquarie Data Centres to build Sydney North facility

Macquarie Data Centres’ latest 32MW facility will come with a cyber security centre that monitors and manages cyber security events
July 15, 2021 15 Jul'21
Lawyers take EncroChat hacking operation to French supreme court

Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law
July 15, 2021 15 Jul'21
Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study

EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield
July 15, 2021 15 Jul'21
Singapore to invest S$50m in ‘digital trust’ capabilities

The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management
July 14, 2021 14 Jul'21
Multiple Microsoft bugs being actively exploited

Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited
July 13, 2021 13 Jul'21
Modipwn vulnerability puts millions of building systems at risk

Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover
July 13, 2021 13 Jul'21
Met Police seize £180m worth of Bitcoin

The largest ever seizure of cryptocurrency in the UK comes just weeks after a previous multi-million pound confiscation, as law enforcement clamps down on money laundering
July 13, 2021 13 Jul'21
Dutch prosecutor ordered to give evidence on EncroChat hack

Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide
July 12, 2021 12 Jul'21
NSW department of education hit by cyber attack

Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday
July 11, 2021 11 Jul'21
Ransomware and botnets among top cyber threats in Singapore

The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic
July 08, 2021 08 Jul'21
PrintNightmare haunts Microsoft as patch may miss mark

Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied
July 07, 2021 07 Jul'21
US government given permission to appeal UK’s decision to not extradite Julian Assange

US offers assurances that Assange could serve time in his home country of Australia if convicted
July 07, 2021 07 Jul'21
ICO to probe Hancock over private email use

Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business
July 07, 2021 07 Jul'21
How the UK Cyber Security Council plans to professionalise security

As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is