News

IT risk management

September 13, 2018 13 Sep'18
GCHQ mass surveillance regime was in breach of human rights law, European court rules

The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law
September 12, 2018 12 Sep'18
NCSC issues core questions to help boards assess cyber risk

The National Cyber Security Centre has published its first in a series of guidance for board members which highlights what businesses should be asking security teams
September 12, 2018 12 Sep'18
FCA warns it cannot manage financial crime risks without sharing data with EU

FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities.
September 12, 2018 12 Sep'18
Two-thirds of emails not clean, says research

Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research

September 11, 2018 11 Sep'18
Higher education sector's poor response to cyber threats laid bare in EfficientIP report

The 2018 EfficientIP Global DNS Report shines a light on how ill-prepared the higher education sector is for handling cyber threats
September 11, 2018 11 Sep'18
British Airways data breach: Security researchers name suspects and query attack timeline

Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought
September 11, 2018 11 Sep'18
UK security vetting IT system failing, says NAO

The National Audit Office is critical of the government’s project to centralise its security vetting process, as the IT system has been plagued by failures from the start and has led to serious delays
September 10, 2018 10 Sep'18
Cyber criminals outspend businesses in cyber security battle

Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result
September 07, 2018 07 Sep'18
North Korean programmer charged for WannaCry attacks

The US has charged a member of a group of North Korean hackers linked to the WannaCry, Sony Pictures and other cyber attacks around the world
September 07, 2018 07 Sep'18
Ransomware down, but not out, report reveals

Cryptojacking has taken over from ransomware as the top money spinner for cyber criminals, but the threat is not over and spam is also seeing a resurgence as an attack method, a report reveals

September 06, 2018 06 Sep'18
Chrome 69 security improvements welcomed

The cyber security community has welcomed the improvements in the latest version of the Chrome browser, especially when it comes to generating strong, unique passwords
September 05, 2018 05 Sep'18
Half a million UK firms hit by CEO fraud, Lloyds Bank estimates

Nearly 500,000 UK businesses are being hit by impersonation fraud, according to estimations by Lloyds Bank, with the legal sector most at risk
September 05, 2018 05 Sep'18
People top target for cyber attackers, report confirms

As security controls have improved, cyber attackers are increasingly focusing their efforts on people within organisations as a way into corporate IT systems, a report confirms
September 04, 2018 04 Sep'18
UK and allies call for backdoors in encryption products

The Five Eyes intelligence alliance is calling on tech firms to include backdoors in their encrypted products to give access to law enforcement authorities or face various measures
September 03, 2018 03 Sep'18
Majority of UK firms not insured for data breaches

Many UK firms are not insured against information security breaches and data loss, and would have to spend £1m on average to recover from a breach, a report reveals
August 31, 2018 31 Aug'18
Security Serious Week to feature flash mob event

“Flash mob” event will create a human collage, highlighting cyber security advice
August 31, 2018 31 Aug'18
Fraudulent money transfers are top aim of business email compromise

Business email compromise is increasingly popular with cyber criminals to steal money and information as well as spread malware, security researchers find
August 30, 2018 30 Aug'18
Cobalt cyber heist group mounts new campaign

Security researchers discover new campaign using two malicious links to double the chances of infection, which is believed to be linked to a notorious cyber crime group
August 30, 2018 30 Aug'18
Machine identity management crisis looming

Managing machine identities is looming as the next big security challenge, a study reveals, with few organisations capable of protecting them as they increasingly form the basis of online communications
August 29, 2018 29 Aug'18
Improving security is top driver for ISO 27001

Organisations are implementing the ISO 27001 standard in recognition of the fact that cyber attacks are increasingly inevitable and that it is best to be well-prepared to fend off attacks and mitigate their effect
August 29, 2018 29 Aug'18
Security teams and C-suite exec views not aligned

There are key differences and potential challenges when it comes to security teams and C-suite executives communicating and aligning about cyber threats, a study shows
August 29, 2018 29 Aug'18
IT leaders at a crossroads as they grapple with digital technology

CIOs have the opportunity to influence their company strategy as digital technology reshapes business. A survey of CIOs across 70 countries charts a path for IT leaders through emerging technologies
August 28, 2018 28 Aug'18
Cyber attackers switching to covert tactics

Cyber criminals are moving away from mass, high-profile attacks to ones that are stealthy and more subtle – as well as attacks targeting systems typically used in critical infrastructure, researchers say
August 28, 2018 28 Aug'18
Sharp rise in business email compromise

Cyber attackers are expanding their attack methods to steal money and to gain access to corporate and employee data, a report reveals
August 24, 2018 24 Aug'18
UK universities targeted by Iranian hackers

UK universities are among those targeted by a cyber threat group associated with the Iranian government
August 24, 2018 24 Aug'18
North Koreans add Mac OS to cryptocurrency-stealing malware attacks

A North Korean hacking group is targeting cryptocurrency exchanges using Trojanised cryptocurrency trading software designed for both Microsoft’s Windows and Apple’s Mac OS, say researchers
August 23, 2018 23 Aug'18
Apache Struts users urged to update due to new security flaw

Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017
August 23, 2018 23 Aug'18
Councils at risk from unsupported Windows Server and SQL Server

Some local authorities are using unsupported server software, while others are not paying for extended support
August 22, 2018 22 Aug'18
European cloud adopters still lack basic security

Despite outpacing the rest of the world, the majority of organisations adopting cloud in Europe, the Middle East and Africa lack basic security, a report reveals
August 22, 2018 22 Aug'18
Superdrug denies data breach

Superdrug has warned online customers it believes may have had personal details exposed, but claims its systems were not compromised, in what could be the first GDPR-related extortion attempt
August 21, 2018 21 Aug'18
New Zealand to run national cyber security exercise

The island-nation will test the resilience of its critical infrastructure in November 2018, bringing together multiple agencies to protect assets of national significance
August 21, 2018 21 Aug'18
Online crime costs more than $1m a minute

More than $1m is lost to cyber crime every minute, a report reveals, underlining the increasing and significant threats businesses face online
August 21, 2018 21 Aug'18
Retail and finance top cyber targets

Retail and finance remain the top cyber attack targets, but the second quarter also saw a spike in attacks against the manufacturing industry and an increase in remote desktop attacks, a report reveals
August 21, 2018 21 Aug'18
Malaysia’s financial sector warms up to cloud, but lacks security leadership

Almost two-thirds of Malaysia’s financial services firms are developing a cloud strategy, but not all have a security plan in place
August 17, 2018 17 Aug'18
ASEAN firms need to overcome DevOps hurdles

Southeast Asia has had pockets of success with DevOps, but most organisations across the region will need to overcome cultural and legacy challenges to succeed
August 16, 2018 16 Aug'18
Global infosec spending to top $114bn in 2018, says Gartner

The need for improved detection, response and privacy is driving the demand for security products and services in response to security risks, business needs and industry changes, Gartner reveals
August 16, 2018 16 Aug'18
Google Chrome flaw puts privacy at risk

Imperva security researcher urges Google Chrome users to update to the latest version after discovering a vulnerability that could be exploited to uncover private data
August 15, 2018 15 Aug'18
The National Archives deploys Egress to support FoI requests

Egress Secure Workspace is being used by the Advisory Council for The National Archives, who require a collaboration environment to assess FoI requests
August 15, 2018 15 Aug'18
ICS security at risk in key verticals, report shows

The security of industrial control systems (ICS) is at risk in key verticals due to under staffing, under investment and human error, a report reveals
August 15, 2018 15 Aug'18
Intel releases fix for latest chip security flaws

Businesses and consumers are advised to download security updates from Intel for new security flaws that could allow attackers to access protected data, but some cloud providers could see a performance impact
August 14, 2018 14 Aug'18
Businesses urged to patch Microsoft flaw allowing MFA bypass

Security researchers are urging enterprises to update their software after the discovery of a vulnerability that could undermine the security provided by multifactor authentication
August 14, 2018 14 Aug'18
FBI warns of global ATM cyber crime spree

The FBI has issued a warning to banks that cyber criminals are planning to steal millions in a coordinated worldwide attack on cash machines
August 13, 2018 13 Aug'18
Banks lead in digital era fraud detection

All e-commerce businesses should follow the banks’ lead in how to detect fraud in the digital era, says RSA fraud and risk expert
August 13, 2018 13 Aug'18
Most security pros concerned about election infrastructure

A majority of information security professionals believe that election infrastructure is vulnerable to cyber attack, a survey shows
August 13, 2018 13 Aug'18
UK firms concerned about cyber arms race

Continuous investment and activity are key in the cyber arms race, according to Databarracks, as research shows UK firms are worried about keeping up with security challenges
August 13, 2018 13 Aug'18
Millions of businesses vulnerable to fax-based cyber attack

Hackers could exploit security vulnerabilities in fax machines to launch cyber attacks in millions of organisations around the world, researchers warn, underlining the need for cyber resilience
August 12, 2018 12 Aug'18
Over 146 billion records to be stolen over next five years

The US will bear the brunt of data exfiltration efforts by cyber criminals, though Asia-Pacific nations such as Singapore will not be spared
August 10, 2018 10 Aug'18
Mimecast extends core email security to enable cyber resilience

Mimecast continues to widen its cyber security capability through in-house development and strategic acquisition, as well as extend its core email security technologies to all other areas it applies
August 10, 2018 10 Aug'18
NCR patches ATM vulnerabilities

NCR has patched ATM vulnerabilities discovered by Positive Technologies
August 09, 2018 09 Aug'18
Under half of firms use vulnerability assessments

Less than half of organisations base their cyber defences on strategic vulnerability assessments, and a third of these do the bare minimum to meet compliance requirements, a study shows