News

IT risk management

• December 07, 2020 07 Dec'20

  Grindr and others patch critical Android bug

  Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability

• December 07, 2020 07 Dec'20

  Singapore government to boost blockchain adoption

  Singapore government unveils S$12m programme to promote development and adoption of blockchain applications beyond financial services

• December 07, 2020 07 Dec'20

  A trillion dollars lost to cyber crime every year

  Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime

• December 04, 2020 04 Dec'20

  Opportunistic Egregor ransomware is an emerging and active threat

  Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it

• December 03, 2020 03 Dec'20

  Cyber Aware campaign to help safeguard Christmas shoppers

  New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas

• December 03, 2020 03 Dec'20

  Covid-19 vaccine supply chain attacked by unknown nation state

  An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines

• December 03, 2020 03 Dec'20

  Lax Android app developers putting millions of users at risk

  Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk

• December 03, 2020 03 Dec'20

  Dangerous Trickbot evolves to target UEFI/BIOS firmware

  Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware

• December 02, 2020 02 Dec'20

  Covid-19: Cyber criminals will target vaccine programmes

  Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use

• December 02, 2020 02 Dec'20

  Double extortion ransomware will be a big theme in 2021

  Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration

• December 02, 2020 02 Dec'20

  Singapore government remains ‘juicy target’ for cyber attackers

  The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats

• December 01, 2020 01 Dec'20

  DHL, Amazon and FedEx are most phished delivery services

  DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020

• December 01, 2020 01 Dec'20

  22,000 malicious .uk domains suspended in past year

  Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected

• December 01, 2020 01 Dec'20

  Government covers its ears as complaint by victims of Post Office abuse heads to ombudsman

  Government denies responsibility for the abuse inflicted on subpostmasters by the Post Office over faulty IT system

• November 30, 2020 30 Nov'20

  MI5 accused of withholding surveillance compliance failures from cabinet minister

  MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week

• November 30, 2020 30 Nov'20

  IT Priorities: APAC enterprises readying recovery budget

  Enterprises in Asia-Pacific are investing in cloud and other key technologies to not only survive but thrive in the post-pandemic world

• November 27, 2020 27 Nov'20

  NI police unable to delete data seized unlawfully from journalists for 10 years

  The Police Service of Northern Ireland is unable to delete terabytes of unlawfully seized data taken from journalists who exposed police failings in the investigation of the Loughinisland sectarian murders

• November 27, 2020 27 Nov'20

  How Grab is using technology to improve trust and safety

  Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay

• November 26, 2020 26 Nov'20

  Data safes will give users control over their data

  Belgian computer scientist tells Computer Weekly how people can regain control of their online personal information

• November 26, 2020 26 Nov'20

  APAC plagued by APT, ransomware attacks

  The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020

• November 25, 2020 25 Nov'20

  Merger of national policing systems over budget and behind schedule

  UK government effort to replace legacy IT systems suffers further delays, and will not be fully completed until 2025 at the earliest

• November 25, 2020 25 Nov'20

  Securing UK’s critical national infrastructure is a 2021 priority

  Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority

• November 24, 2020 24 Nov'20

  Nominet introduces new resources for cyber scam victims

  Domain name registrar is working with law enforcement to provide new information, guidance and resources for potential victims of online scams

• November 23, 2020 23 Nov'20

  Telcos could face huge fines under new security laws

  Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure

• November 23, 2020 23 Nov'20

  NCSC issues retail security alert ahead of Black Friday sales

  National Cyber Security Centre issues refreshed guidance as cyber criminals turn their eyes to the holiday shopping season

• November 23, 2020 23 Nov'20

  MPs subjected to over 22 million malicious email attacks in 2020

  Members of Parliament are targeted by millions of spam and phishing emails every month, according to a Freedom of Information disclosure

• November 20, 2020 20 Nov'20

  Security pros fear prosecution under outdated UK laws

  CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs

• November 19, 2020 19 Nov'20

  Covid-19 shift to remote working adds to Earth’s growing e-waste problem

  The shift to remote working has forced firms to purchase new IT equipment, but many are still lacking sustainable end-of-life processes for their devices

• November 19, 2020 19 Nov'20

  Security sector broadly backs Boris Johnson’s Cyber Force

  Security community says the presence of a robust cyber defence force alongside a robust physical one will be vital to the UK’s national security

• November 18, 2020 18 Nov'20

  2021 the year of commodity ransomware, says Sophos

  Sophos researchers anticipate a trickle-down effect in the cyber criminal underground

• November 18, 2020 18 Nov'20

  US cyber security chief fired for contradicting Trump

  CISA chief Chris Krebs ousted for doing his job fighting disinformation in an apparent purge of officials deemed disloyal to president Donald Trump

• November 18, 2020 18 Nov'20

  How Aarogya Setu is addressing scale and security challenges

  India’s contact-tracing platform leverages microservices, encryption techniques and cloud-based visibility tools to address scale and security requirements

• November 17, 2020 17 Nov'20

  Kaspersky shuts down data-processing activities in Russia

  Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland

• November 17, 2020 17 Nov'20

  HMRC warns over uptick in Self Assessment tax scams

  HMRC issues updated warnings as 2021 Self Assessment deadlines loom

• November 17, 2020 17 Nov'20

  Financial services data volumes heighten risk of insider breach

  Financial services organisations hold so much data that it is becoming virtually impossible to safeguard properly against data breaches caused by malicious or careless employees

• November 16, 2020 16 Nov'20

  How Standard Chartered approaches cyber security

  Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches

• November 13, 2020 13 Nov'20

  Ticketmaster fined £1.25m by ICO for failing to protect customer data

  Ticket website’s customer data was exposed through an attack on a third-party chatbot

• November 12, 2020 12 Nov'20

  IT Priorities 2020: Budgets rejigged to support 2021 recovery

  IT has been essential in helping organisations remain operational. IT chiefs are now considering the IT to drive a sustained business recovery

• November 12, 2020 12 Nov'20

  Company accused of spying on Assange acted for Ecuadorian Intelligence, says ex UC Global manager

  Former operations chief of UC Global told Spanish Court the company accused of spying on Assange at the Ecuadorian Embassy in London was acting on the orders of Ecuadorian Intelligence

• November 11, 2020 11 Nov'20

  Security pros coped admirably with remote working transition

  Despite facing tight timescales at the onset of the pandemic, security professionals have come through the transition to remote working remarkably well, according to a report

• November 11, 2020 11 Nov'20

  Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates

  November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of

• November 11, 2020 11 Nov'20

  EU aid funds used to train ‘unaccountable intelligence agencies’ in high-tech surveillance

  Hundreds of documents obtained by campaign group Privacy International show how the EU is supporting surveillance programmes in the Balkans, the Middle East and Africa

• November 10, 2020 10 Nov'20

  Intel and AMD processors affected by another side-channel exploit

  Two years after Spectre and Meltdown, the x86 processor faces another side-channel exploit – only this time, it is based on sensing temperature

• November 10, 2020 10 Nov'20

  Leaky AWS S3 bucket once again at centre of data breach

  Prestige Software exposed millions of records after failing to pay attention to the security of its cloud instances

• November 10, 2020 10 Nov'20

  IT Priorities 2020: After Covid-19, security goes back to basics

  This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals

• November 09, 2020 09 Nov'20

  EU moves closer to encryption ban after Austria, France attacks

  Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week

• November 06, 2020 06 Nov'20

  NHS warned over Ryuk spreading through Trickbot replacements

  NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders

• November 06, 2020 06 Nov'20

  ICO sued over ‘failure’ to address ad industry practices

  Privacy campaigner the Open Rights Group claims the advertising technology industry is systematically breaching the GDPR, and the ICO is doing nothing about it

• November 05, 2020 05 Nov'20

  Consumer rights organisation warns of computer takeover scams

  Consumers warned to be on guard against criminals pretending to be IT support staff to gain access to personal banking information

• November 05, 2020 05 Nov'20

  Singapore government rolls out digital signature service

  Individuals and businesses will soon be able to sign documents digitally using a new service on the Singapore government’s SingPass digital identity platform