News

IT risk management

• August 11, 2020 11 Aug'20

  French data protection authorities to probe TikTok as suitors circle

  France’s CNIL has confirmed a new investigation into TikTok’s data protection practices

• August 11, 2020 11 Aug'20

  Hospitality sector is failing on contact-tracing obligations

  Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices

• August 10, 2020 10 Aug'20

  Retailer Monsoon allegedly exposing data via Pulse Connect server

  A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures

• August 10, 2020 10 Aug'20

  Security teams struggle to keep pace with cloud threats

  Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up

• August 07, 2020 07 Aug'20

  Virgin Media customers targeted in Twitter phish

  Customers seeking help from the ISP are being targeted by a scam Twitter account

• August 07, 2020 07 Aug'20

  TikTok to be banned in US in 45 days

  Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency

• August 06, 2020 06 Aug'20

  Australia updates cyber security strategy but offers little new

  The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas

• August 06, 2020 06 Aug'20

  Qualcomm chip vulnerability puts millions of phones at risk

  Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors

• August 06, 2020 06 Aug'20

  GCHQ seeks researchers to tackle deep fakes and misinformation

  A GCHQ research fellowship based at its Manchester office will explore various national security priorities such as deep fakes, fake news and the impact of AI

• August 05, 2020 05 Aug'20

  Seven questions you need to ask when buying security insurance

  Find out what you need to ask to make an informed decision on cyber security insurance with new help from the UK’s NCSC

• August 05, 2020 05 Aug'20

  Second wave of Covid-19 cyber attacks locked in

  More cyber attacks exploiting the pandemic seem likely, says Interpol

• August 04, 2020 04 Aug'20

  Five signs you’re about to get hit with ransomware

  A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens

• August 04, 2020 04 Aug'20

  Liam Fox hack raises questions over government security

  The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government

• August 04, 2020 04 Aug'20

  New foundation to bolster security of open source software

  The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software

• August 03, 2020 03 Aug'20

  Estonian police and border services need better IT to block criminals from becoming e-residents

  Police and Border Guard Board of Estonia needs to improve its IT systems to stop criminals from becoming e-residents, says report

• August 03, 2020 03 Aug'20

  Microsoft offers way out of TikTok impasse

  Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  EU sanctions China and Russia over cyber attacks

  The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU

• July 30, 2020 30 Jul'20

  Former UC Global staff confirm Embassy surveillance operation against Julian Assange

  Spanish court investigates claims that security company illegally recorded meetings between Julian Assange, politicians, lawyers and celebrities at the Ecuadorian Embassy in London

• July 30, 2020 30 Jul'20

  Diversity in cyber improving but inclusion needs work, says NCSC

  Study into diversity and inclusion in the cyber security sector has found that diversity is off to a good start, but inclusion is lacking

• July 29, 2020 29 Jul'20

  Serious BootHole vulnerability puts millions of systems at risk

  BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise

• July 29, 2020 29 Jul'20

  Majority of organisations at risk of cloud data exposure

  Report casts doubt on the effectiveness of the shared responsibility model of cloud security

• July 29, 2020 29 Jul'20

  Bank of Ireland fined for six-year-old IT breach

  Bank of Ireland fined by regulator for its failings to prevent fraud six years ago

• July 28, 2020 28 Jul'20

  De Montfort, KCL, Newcastle universities join list of Blackbaud victims

  Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities

• July 28, 2020 28 Jul'20

  Digital bank customer data breached through third party

  FBI is investigating digital bank customer data breach that occurred via a former third-party supplier

• July 28, 2020 28 Jul'20

  NCSC names national security expert Lindy Cameron as new CEO

  New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad

• July 28, 2020 28 Jul'20

  Scotland’s security resilience centre concept goes national

  Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK

• July 26, 2020 26 Jul'20

  Australia issues new cloud computing guidelines

  The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience

• July 24, 2020 24 Jul'20

  A question of trust: University and supplier on the hook for data breach

  Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions

• July 23, 2020 23 Jul'20

  Post-Privacy Shield, what chance for a Brexit data adequacy deal?

  The striking down of Privacy Shield has been hailed as a victory for digital rights and privacy campaign groups, but it will have consequences that go beyond transatlantic data transfers

• July 22, 2020 22 Jul'20

  No let-up in cyber attacks as lockdown eases

  Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors

• July 21, 2020 21 Jul'20

  Coronavirus: Government drags its feet on online misinformation

  Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms

• July 21, 2020 21 Jul'20

  Russia Report reveals long-running cyber warfare campaign against UK

  Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report

• July 21, 2020 21 Jul'20

  Australian industry panel calls for ‘clear consequences’ of cyber attacks

  A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy

• July 20, 2020 20 Jul'20

  ICO hails transformative year as average fine trebles

  Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR

• July 20, 2020 20 Jul'20

  Businesses underestimate negative impact of bot traffic

  Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact

• July 20, 2020 20 Jul'20

  Test and Trace programme unlawful, admits government

  The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment

• July 17, 2020 17 Jul'20

  Twitter hack fallout: Investigators on trail of cyber criminals

  Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come

• July 16, 2020 16 Jul'20

  Bazar malware may be new tool in Trickbot arsenal

  Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties

• July 16, 2020 16 Jul'20

  Coronavirus shines spotlight on cyber security

  Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic

• July 15, 2020 15 Jul'20

  Government proposes IoT security enforcement body

  The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals

• July 15, 2020 15 Jul'20

  Warning over security holes in fake Cisco kit

  Two counterfeit Cisco Catalyst 2960-X switches were only found after a software update caused them to stop working

• July 15, 2020 15 Jul'20

  Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update

  The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update

• July 14, 2020 14 Jul'20

  Check Point unearths critical SigRed bug in Windows DNS

  SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update

• July 14, 2020 14 Jul'20

  European court to decide legality of EU-US data sharing in dispute between Schrems and Facebook

  A ruling by the European Court of Justice will have ramifications for hundreds of thousands of companies that share data with the US. The case aims to balance US surveillance laws with the rights of EU citizens to keep their data private

• July 14, 2020 14 Jul'20

  Standard Chartered latest bank to explore quantum computing

  Standard Chartered is working with researchers to establish use cases for quantum computing in the banking sector

• July 14, 2020 14 Jul'20

  CISOs undervalued, overworked, burning out, warns CIISec

  The vast majority of security professionals say they are under immense pressure, according to a report

• July 14, 2020 14 Jul'20

  Recon vulnerability puts thousands of SAP customers at risk

  Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems

• July 14, 2020 14 Jul'20

  ‘Name-and-shame’ ransomware attacks increasing in prevalence

  Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research

• July 14, 2020 14 Jul'20

  Australian enterprises facing more cyber attacks

  The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country