News

IT risk management

July 23, 2019 23 Jul'19
Phishing attack highlights cyber security need at universities

UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices
July 23, 2019 23 Jul'19
Norsk Hydro cyber attack could cost up to $75m

March 2019 ransomware attack could cost Norwegian aluminium giant up to $75m in the first half of the year, according to latest estimates
July 23, 2019 23 Jul'19
Data breach costs on the rise, IBM study shows

Data breach costs have risen in the past decade, and the financial impact can be felt for years. Breaches posing a growing risk for small businesses, a study shows, underlining the importance of incident response
July 23, 2019 23 Jul'19
Microsoft talks up benefits and pitfalls of machine learning in security

Software giant Microsoft uses machine learning models to detect emerging threats while keeping an eye on potential bias in security data points that could derail its analysis

July 22, 2019 22 Jul'19
Big tech firms back UK cyber security initiative

Big technology firms have pledged their support for UK investment in an initiative to “design out” of new tech the most damaging cyber security threats
July 19, 2019 19 Jul'19
Latest ICO fine highlights privacy due diligence

A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices
July 19, 2019 19 Jul'19
Second CyberThreat Summit announced by NCSC and SANS Institute

CyberThreat 2019 aims to bring together a more diverse set of technical professionals in cyber security from the private and public sectors in the UK and abroad to encourage collaboration
July 19, 2019 19 Jul'19
MPs warn of data adequacy hole in no-deal Brexit

Transferring data to and from the EU will only be possible if an agreement is in place before the UK leaves. No deal means no data agreement
July 19, 2019 19 Jul'19
Warzone bulletproof hosts protecting Magecart group

Security researchers have discovered a Magecart group operating with impunity using bulletproof hosting services, including one in battle-scarred Ukraine
July 19, 2019 19 Jul'19
HID weighs in the glacial move towards digital ID

There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert

July 18, 2019 18 Jul'19
UK poor cyber security practice undermining controls

UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals
July 18, 2019 18 Jul'19
Lateral phishing used to attack organisations on global scale

Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 email accounts
July 17, 2019 17 Jul'19
Most security pros still concerned about public cloud security

Despite accelerated adoption of public cloud services by companies keen to benefit from increased efficiency, scalability and agility, most security professionals have reservations
July 17, 2019 17 Jul'19
Vulnerable firmware in enterprise server supply chain

Researchers are warning of vulnerabilities in firmware from a third-party supplier that put some servers from Lenovo, Gigabyte and six other manufacturers at risk
July 16, 2019 16 Jul'19
NCSC calls out Microsoft over Dmarc reports

The UK’s cyber security agency has called out Microsoft for seriously undermining global email security by failing to provide crucial reports from its email platforms
July 16, 2019 16 Jul'19
NCSC reports on second year of cyber defence at scale

The UK’s National Cyber Security Centre releases a report on the second year of its Active Cyber Defence programme to demonstrate its effects in the public sector and wider UK cyber ecosystem
July 15, 2019 15 Jul'19
No technical grounds to ban Huawei, DCMS told

Science and Technology Committee tells Department for Digital, Culture, Media and Sport that there are no technical grounds for it to exclude Huawei
July 15, 2019 15 Jul'19
Organisations turn to AI in race against cyber attackers

Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks
July 15, 2019 15 Jul'19
UK public sector needs to prioritise mobile device security

Only 10% of public service stolen and lost mobile are recovered, underlining the need for mobile-centric, zero-trust model to reduce the risk, says MobileIron
July 15, 2019 15 Jul'19
UK boards ignoring £30bn cyber risk

Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds
July 15, 2019 15 Jul'19
How Apollo 11 influenced modern computer software and hardware

On 16 July 1969, Apollo 11 began its historic journey to send man to the Moon. We look at the pioneering computer technology developed by Nasa
July 12, 2019 12 Jul'19
New FinSpy versions extend surveillance capabilities

New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers
July 12, 2019 12 Jul'19
Windows 10 to enable passwordless sign-in

Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security
July 11, 2019 11 Jul'19
Attacks against AI systems are a growing concern

European research group says attacks against AI systems are already occurring, difficult to identify, and could be far more common than currently understood
July 11, 2019 11 Jul'19
RiskIQ uncovers new Magecart campaign

A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers
July 10, 2019 10 Jul'19
Agent Smith mobile malware hits millions of devices

New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered
July 09, 2019 09 Jul'19
Nearly half of firms fear cloud apps make them insecure

Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments
July 08, 2019 08 Jul'19
IISP gains Royal Charter status

The UK finally has its first national professional body for cyber security that will be responsible for setting the standards for skills and knowledge in the industry to reduce the skills gap and increase diversity
July 05, 2019 05 Jul'19
St John Ambulance praised for response to ransomware attack

Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared
July 04, 2019 04 Jul'19
Security and privacy key to smart buildings and cities

Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper
July 04, 2019 04 Jul'19
FireEye ties Microsoft Outlook exploit to Iranian hackers

US Cyber Command has issued a warning that a patched Microsoft Outlook vulnerability is being exploited by unnamed threat actors, and recommended immediate patching
July 04, 2019 04 Jul'19
Email still top security vulnerability, survey shows

Email is still the top security vulnerability, a survey shows, but security researchers caution that switching to instant messaging is not necessarily a solution in the longer term
July 04, 2019 04 Jul'19
APAC experts weigh in on cyber security trends

The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures
July 03, 2019 03 Jul'19
Sodin ransomware exploiting Windows zero-day, Kaspersky warns

Security researchers are warning that a recently discovered type of ransomware is now exploiting a zero-day Windows vulnerability, and does not require user interaction to trigger an infection
July 03, 2019 03 Jul'19
Top VPNs secretly owned by Chinese firms

Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn
July 02, 2019 02 Jul'19
Sweden’s Protective Security Act targets cyber risks

IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies
July 02, 2019 02 Jul'19
Orvibo data leak puts security spotlight on IoT back end

The security of devices that make up the internet of things (IoT) is a top concern for many in the industry, but leaks from an IoT database highlights the importance of back-end security too
July 02, 2019 02 Jul'19
Singapore to beef up police tech capabilities

Singapore government singles out biometrics, data analytics and digital forensics as promising areas to boost crime-fighting efforts
July 02, 2019 02 Jul'19
Few UK firms are cyber insured despite financial losses

More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses
July 01, 2019 01 Jul'19
Huge jump in cyber incidents reported by finance sector

The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement
June 28, 2019 28 Jun'19
TIN coalition calls for industry action against cyber fraud

An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud
June 28, 2019 28 Jun'19
Cyber crime reporting crucial, say UK police

UK police are gearing up to make it easier for business to report cyber crime, saying that under-reporting continues to be a challenge
June 26, 2019 26 Jun'19
Fido Alliance announces new standards

Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security
June 26, 2019 26 Jun'19
Commercial interests put customer security at risk, survey shows

Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows
June 26, 2019 26 Jun'19
Wider threat campaign behind Wipro breach

A sophisticated, far-ranging threat campaign was behind the breach at Indian IT services firm Wipro in April, which was not an isolated incident, RiskIQ report reveals
June 26, 2019 26 Jun'19
Singapore government forms digital industry office

New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy
June 26, 2019 26 Jun'19
UK cyber security progress stalled, says report

UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India
June 25, 2019 25 Jun'19
AI will drive reskilling in problem solving, creativity and collaboration

A study from the Economist Intelligence Unit has found that executives do not believe that artificial intelligence will lead to job losses, but staff will need retraining
June 25, 2019 25 Jun'19
APT attack on telcos highlights need for comprehensive defence

A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators
June 25, 2019 25 Jun'19
Cyber attackers using wider range of threats

Businesses need to ensure they are able to defend against a wide range of threats in the face of increased malicious Office documents, Mac malware and web application exploits, report shows