News

IT risk management

September 25, 2018 25 Sep'18
Mac OS Mojave zero-day warning

The latest version of Apple’s Mac operating system contains a vulnerability that could be exploited by attackers to access protected files, a researcher warns
September 24, 2018 24 Sep'18
NHS Digital hires chief information security officer

Robert Coles will lead the health and care sector’s response to cyber attacks and help local organisations meet the government’s cyber security standards
September 24, 2018 24 Sep'18
Business leaders expect suppliers to ensure they are cyber secure

Most UK business leaders expect suppliers to be cyber secure and nearly a third of businesses would terminate contracts because of suppliers’ security failings, a survey has revealed
September 21, 2018 21 Sep'18
Foreshadow mitigation obscures licensing impact

Performance of virtual machines could be severely affected by the workaround for Intel’s latest processor flaw. To compensate, more processors will be needed

September 19, 2018 19 Sep'18
Equifax fined by ICO for security failings

The Information Commissioners Office has fined Equifax UK in relation to a data breach at its UK parent last year
September 19, 2018 19 Sep'18
Europol cyber crime report highlights emerging threats to enterprise security

Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises
September 19, 2018 19 Sep'18
IT sector advises Swedish government on elections and voting system

Swedish IT secure is helping the government make election systems more secure and reduce external influence
September 17, 2018 17 Sep'18
Singapore government to start bug bounty programme

Singapore’s bug bounty programme will help the authorities identify cyber blind spots and benchmark its defences against skilled hackers
September 17, 2018 17 Sep'18
Danske Bank invests in anti-money laundering systems following Estonian problems

Danske bank improves its anti money laundering software, utilising artificial intelligence and machine learning
September 13, 2018 13 Sep'18
GCHQ mass surveillance regime was in breach of human rights law, European court rules

The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law

September 12, 2018 12 Sep'18
NCSC issues core questions to help boards assess cyber risk

The National Cyber Security Centre has published its first in a series of guidance for board members which highlights what businesses should be asking security teams
September 12, 2018 12 Sep'18
FCA warns it cannot manage financial crime risks without sharing data with EU

FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities.
September 12, 2018 12 Sep'18
Two-thirds of emails not clean, says research

Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research
September 11, 2018 11 Sep'18
Higher education sector's poor response to cyber threats laid bare in EfficientIP report

The 2018 EfficientIP Global DNS Report shines a light on how ill-prepared the higher education sector is for handling cyber threats
September 11, 2018 11 Sep'18
British Airways data breach: Security researchers name suspects and query attack timeline

Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought
September 11, 2018 11 Sep'18
UK security vetting IT system failing, says NAO

The National Audit Office is critical of the government’s project to centralise its security vetting process, as the IT system has been plagued by failures from the start and has led to serious delays
September 10, 2018 10 Sep'18
Cyber criminals outspend businesses in cyber security battle

Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result
September 07, 2018 07 Sep'18
North Korean programmer charged for WannaCry attacks

The US has charged a member of a group of North Korean hackers linked to the WannaCry, Sony Pictures and other cyber attacks around the world
September 07, 2018 07 Sep'18
Ransomware down, but not out, report reveals

Cryptojacking has taken over from ransomware as the top money spinner for cyber criminals, but the threat is not over and spam is also seeing a resurgence as an attack method, a report reveals
September 06, 2018 06 Sep'18
Chrome 69 security improvements welcomed

The cyber security community has welcomed the improvements in the latest version of the Chrome browser, especially when it comes to generating strong, unique passwords
September 05, 2018 05 Sep'18
Half a million UK firms hit by CEO fraud, Lloyds Bank estimates

Nearly 500,000 UK businesses are being hit by impersonation fraud, according to estimations by Lloyds Bank, with the legal sector most at risk
September 05, 2018 05 Sep'18
People top target for cyber attackers, report confirms

As security controls have improved, cyber attackers are increasingly focusing their efforts on people within organisations as a way into corporate IT systems, a report confirms
September 04, 2018 04 Sep'18
UK and allies call for backdoors in encryption products

The Five Eyes intelligence alliance is calling on tech firms to include backdoors in their encrypted products to give access to law enforcement authorities or face various measures
September 03, 2018 03 Sep'18
Majority of UK firms not insured for data breaches

Many UK firms are not insured against information security breaches and data loss, and would have to spend £1m on average to recover from a breach, a report reveals
August 31, 2018 31 Aug'18
Security Serious Week to feature flash mob event

“Flash mob” event will create a human collage, highlighting cyber security advice
August 31, 2018 31 Aug'18
Fraudulent money transfers are top aim of business email compromise

Business email compromise is increasingly popular with cyber criminals to steal money and information as well as spread malware, security researchers find
August 30, 2018 30 Aug'18
Cobalt cyber heist group mounts new campaign

Security researchers discover new campaign using two malicious links to double the chances of infection, which is believed to be linked to a notorious cyber crime group
August 30, 2018 30 Aug'18
Machine identity management crisis looming

Managing machine identities is looming as the next big security challenge, a study reveals, with few organisations capable of protecting them as they increasingly form the basis of online communications
August 29, 2018 29 Aug'18
Improving security is top driver for ISO 27001

Organisations are implementing the ISO 27001 standard in recognition of the fact that cyber attacks are increasingly inevitable and that it is best to be well-prepared to fend off attacks and mitigate their effect
August 29, 2018 29 Aug'18
Security teams and C-suite exec views not aligned

There are key differences and potential challenges when it comes to security teams and C-suite executives communicating and aligning about cyber threats, a study shows
August 29, 2018 29 Aug'18
IT leaders at a crossroads as they grapple with digital technology

CIOs have the opportunity to influence their company strategy as digital technology reshapes business. A survey of CIOs across 70 countries charts a path for IT leaders through emerging technologies
August 28, 2018 28 Aug'18
Cyber attackers switching to covert tactics

Cyber criminals are moving away from mass, high-profile attacks to ones that are stealthy and more subtle – as well as attacks targeting systems typically used in critical infrastructure, researchers say
August 28, 2018 28 Aug'18
Sharp rise in business email compromise

Cyber attackers are expanding their attack methods to steal money and to gain access to corporate and employee data, a report reveals
August 24, 2018 24 Aug'18
UK universities targeted by Iranian hackers

UK universities are among those targeted by a cyber threat group associated with the Iranian government
August 24, 2018 24 Aug'18
North Koreans add Mac OS to cryptocurrency-stealing malware attacks

A North Korean hacking group is targeting cryptocurrency exchanges using Trojanised cryptocurrency trading software designed for both Microsoft’s Windows and Apple’s Mac OS, say researchers
August 23, 2018 23 Aug'18
Apache Struts users urged to update due to new security flaw

Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017
August 23, 2018 23 Aug'18
Councils at risk from unsupported Windows Server and SQL Server

Some local authorities are using unsupported server software, while others are not paying for extended support
August 22, 2018 22 Aug'18
European cloud adopters still lack basic security

Despite outpacing the rest of the world, the majority of organisations adopting cloud in Europe, the Middle East and Africa lack basic security, a report reveals
August 22, 2018 22 Aug'18
Superdrug denies data breach

Superdrug has warned online customers it believes may have had personal details exposed, but claims its systems were not compromised, in what could be the first GDPR-related extortion attempt
August 21, 2018 21 Aug'18
New Zealand to run national cyber security exercise

The island-nation will test the resilience of its critical infrastructure in November 2018, bringing together multiple agencies to protect assets of national significance
August 21, 2018 21 Aug'18
Online crime costs more than $1m a minute

More than $1m is lost to cyber crime every minute, a report reveals, underlining the increasing and significant threats businesses face online
August 21, 2018 21 Aug'18
Retail and finance top cyber targets

Retail and finance remain the top cyber attack targets, but the second quarter also saw a spike in attacks against the manufacturing industry and an increase in remote desktop attacks, a report reveals
August 21, 2018 21 Aug'18
Malaysia’s financial sector warms up to cloud, but lacks security leadership

Almost two-thirds of Malaysia’s financial services firms are developing a cloud strategy, but not all have a security plan in place
August 17, 2018 17 Aug'18
ASEAN firms need to overcome DevOps hurdles

Southeast Asia has had pockets of success with DevOps, but most organisations across the region will need to overcome cultural and legacy challenges to succeed
August 16, 2018 16 Aug'18
Global infosec spending to top $114bn in 2018, says Gartner

The need for improved detection, response and privacy is driving the demand for security products and services in response to security risks, business needs and industry changes, Gartner reveals
August 16, 2018 16 Aug'18
Google Chrome flaw puts privacy at risk

Imperva security researcher urges Google Chrome users to update to the latest version after discovering a vulnerability that could be exploited to uncover private data
August 15, 2018 15 Aug'18
The National Archives deploys Egress to support FoI requests

Egress Secure Workspace is being used by the Advisory Council for The National Archives, who require a collaboration environment to assess FoI requests
August 15, 2018 15 Aug'18
ICS security at risk in key verticals, report shows

The security of industrial control systems (ICS) is at risk in key verticals due to under staffing, under investment and human error, a report reveals
August 15, 2018 15 Aug'18
Intel releases fix for latest chip security flaws

Businesses and consumers are advised to download security updates from Intel for new security flaws that could allow attackers to access protected data, but some cloud providers could see a performance impact
August 14, 2018 14 Aug'18
Businesses urged to patch Microsoft flaw allowing MFA bypass

Security researchers are urging enterprises to update their software after the discovery of a vulnerability that could undermine the security provided by multifactor authentication