News

IT risk management

• May 26, 2020 26 May'20

  StrandHogg mobile vulnerability has evil twin

  Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device

• May 26, 2020 26 May'20

  The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?

  On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 22, 2020 22 May'20

  Covid-19 will leave organisations exposed to higher cyber risks

  Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum

• May 22, 2020 22 May'20

  Hancock to Harman: No contact-tracing privacy law

  Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

• May 22, 2020 22 May'20

  Coronavirus: How MyIX is keeping Malaysians connected

  Malaysia’s MyIX internet exchange has been classed as critical national infrastructure, with member telcos adding more capacity to meet the surge in demand for internet services

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 20, 2020 20 May'20

  Serco exposes contact tracers’ data in email error

  Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message

• May 20, 2020 20 May'20

  Personal devices putting Singapore employers at risk

  More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats

• May 20, 2020 20 May'20

  Responsible Cyber acquires Secucial in S$7m deal

  Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  Nine million EasyJet customer details lost in data breach

  Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline

• May 19, 2020 19 May'20

  Vast majority of cyber attacks are easy to stop, says Verizon

  Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it

• May 18, 2020 18 May'20

  Why a pandemic-specific BCP matters

  Many organisations still do not have scenario-specific business continuity plans, which are helpful when the situation requires a customised response, such as a pandemic, according to Forrester

• May 14, 2020 14 May'20

  China targeting Covid-19 researchers through IT suppliers, claims US

  The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  Microsoft fixes 16 critical vulnerabilities on Patch Tuesday

  The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 12, 2020 12 May'20

  Pay the ransom and double your recovery costs, report warns

  Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos

• May 12, 2020 12 May'20

  Maze ransomware attack will cost Cognizant at least $50m to $70m

  Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold

• May 12, 2020 12 May'20

  How Australian firms can plug data protection gaps

  Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene

• May 11, 2020 11 May'20

  Micro Focus sees growth in mainframe migration business

  Lifting and shifting Cobol code from mainframes to public cloud has been a growth driver for Micro Focus in the Asia-Pacific region, even as the software supplier continues to diversify its business

• May 07, 2020 07 May'20

  Zoom buys secure messaging service Keybase

  Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table

• May 07, 2020 07 May'20

  SilverTerrier cyber crime group targets Covid-19 key workers

  Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 07, 2020 07 May'20

  FBI search warrants reveal Trump aide’s messages to WikiLeaks founder Julian Assange

  FBI search warrants reveal Trump campaigner Roger Stone sent private messages to WikiLeaks founder Julian Assange after the site published thousands of documents that damaged Hillary Clinton’s election campaign

• May 06, 2020 06 May'20

  Criminal justice system is failing cyber crime victims

  Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study

• May 06, 2020 06 May'20

  HMRC tackles almost 300 coronavirus phishing websites

  Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public

• May 06, 2020 06 May'20

  End-users failing to protect themselves online

  Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report

• May 05, 2020 05 May'20

  Coronavirus: NCSC issues urgent alert for healthcare sector

  UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations

• May 05, 2020 05 May'20

  Building security and privacy into contact-tracing apps

  Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA

• May 04, 2020 04 May'20

  NHSX contact-tracing app needs legislative oversight

  Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app

• May 04, 2020 04 May'20

  Assange extradition hearing to take place in September following coronavirus lockdown

  An extradition hearing against WikiLeaks founder Julian Assange has been delayed by four months, after defence and prosecution lawyers said the Covid-19 lockdown would make it impractical to hold a fair hearing in May

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• April 30, 2020 30 Apr'20

  Critical SaltStack vulnerability affects thousands of datacentres

  Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away

• April 29, 2020 29 Apr'20

  Coronavirus: GCHQ gets access to NHS data to beef up security

  Health secretary gave GCHQ emergency powers to obtain information relating to the security of its networks and IT systems at the beginning of April, it has emerged

• April 28, 2020 28 Apr'20

  Almost half of security pros being redeployed during pandemic

  Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic

• April 27, 2020 27 Apr'20

  Julian Assange extradition hearing postponed amid coronavirus lockdown

  Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May

• April 27, 2020 27 Apr'20

  Microsoft patches .gif file vulnerability in Teams

  Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts

• April 27, 2020 27 Apr'20

  UK tech companies launch online safety body

  Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding

• April 24, 2020 24 Apr'20

  The Security Interviews: Can AV go from dodgy scareware to cyber hero?

  Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

• April 23, 2020 23 Apr'20

  iOS zero-day leaves iPhone users dangerously exposed

  Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices

• April 22, 2020 22 Apr'20

  NCSC overwhelmed by response to coronavirus campaign

  The UK’s NCSC has taken down more than 80 malicious web campaigns and received 5,000 reports of suspicious emails within 24 hours of launching reporting service

• April 22, 2020 22 Apr'20

  Coronavirus: Cyber criminals may be changing tactics

  Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition

• April 21, 2020 21 Apr'20

  Revealed: The man behind the first major computer virus pandemic

  After 20 years of silence, Onel de Guzman has admitted unleashing the “Love Bug”, the computer virus that caused havoc by infecting 45 million machines around the world

• April 21, 2020 21 Apr'20

  Coronavirus: HMRC job retention scheme targeted by cyber criminals

  The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals

• April 21, 2020 21 Apr'20

  When data protection is not enough

  Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy