News

IT risk management

October 15, 2018 15 Oct'18
IoT firms sign up to UK security code of practice

Internet of things technology firms have begun signing up to a UK code of practice to strengthen the security of internet-connected devices. The code is expected to form the basis of an international standard
October 12, 2018 12 Oct'18
Some 10% of user-reported emails malicious

On average, 1 in 10 user-reported emails is identified as malicious, and more than half can be tied to credential phishing, a Cofense report reveals
October 12, 2018 12 Oct'18
AI is no silver bullet for cyber security

A security expert has called for businesses to manage the risks of adopting new technologies and improve their cyber hygiene, rather than see artificial intelligence as a panacea for their security woes
October 11, 2018 11 Oct'18
Crypto-mining malware poses as Flash updates

Cryptocurrency mining malware is posing as Flash updates that appear to be legitimate, Palo Alto Networks security researchers warn

October 11, 2018 11 Oct'18
RATs and Mimikatz among top publicly available hacking tools

Remote access Trojans (RATs), web shells and Mimikatz among the top publicly available tools that are used in cyber attacks around the world, a five-nation cyber intelligence report reveals
October 11, 2018 11 Oct'18
Optus to acquire Hivint in cyber security deal

The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents
October 10, 2018 10 Oct'18
Detail of Dutch reaction to Russian cyber attack made public deliberately

Four Russian intelligence officials were expelled from the Netherlands after an attempted hack on the global chemical weapons watchdog. The Dutch government has been open about the detail
October 10, 2018 10 Oct'18
Bug bounties not a silver bullet, Katie Moussouris warns

Targeted bug bounties have a role to play in cyber security, but they are not a "silver bullet", and run the risk of wiping out talent pipelines if poorly implemented, warns bug bounty pioneer
October 10, 2018 10 Oct'18
NCSC head says attribution of GRU attacks important

The head of the UK’s National Cyber Security Centre has described the attribution of a wave of cyber attacks to Russia’s military intelligence service as “historically important” at a conference in Poland
October 09, 2018 09 Oct'18
Cooperation vital in cyber security, says former Estonian minister

States acting alone cannot be efficient in cyber security and need to cooperate with others to build trust, says a former foreign minister of Estonia

October 08, 2018 08 Oct'18
NCSC head calls for technocratic partnership to fix cyber risks

The UK’s National Cyber Security Centre is appealing for collaboration with the technology industry to remedy key vulnerabilities in current IT
October 04, 2018 04 Oct'18
Business email compromise made easy for cyber criminals

Poor security practices and access to hacking services are making it easy for cyber criminals to compromise business email, research reveals
October 04, 2018 04 Oct'18
Apps are gateway to business data for cyber attackers

Application security is becoming increasingly important because apps are often the main way cyber attackers are getting into corporate networks, a threat researcher warns
October 04, 2018 04 Oct'18
UK and allies accuse Russia of cyber attack campaign

The UK National Cyber Security Centre has identified a campaign by the Russian military intelligence service of “indiscriminate and reckless” cyber attacks
October 03, 2018 03 Oct'18
Companies failing to recognise the internal cyber threat

The focus at many companies is on external cyber threats, and internal threats are being overlooked as a consequence, a researcher warns
October 03, 2018 03 Oct'18
Majority of businesses believe they are open to cyber attack

More than two-thirds of businesses believe their network is open to attack, a report on the state of web application security reveals
October 03, 2018 03 Oct'18
Rise in data-stealing Betabot malware

Researchers are warning about an increase in Betabot malware after detecting multiple infections in recent weeks, underlining the importance of software patching
October 03, 2018 03 Oct'18
AI full of possibilities with the right tools and understanding

Artificial intelligence has the potential to assist in the analysis of data in a range of topics, but businesses need to understand its limitations and have the right tools to get the most benefit, says a Swiss entrepreneur
October 01, 2018 01 Oct'18
UK firms’ password security score ‘average’

While businesses are making strides in strengthening password security, there is more work to be done, with the UK password score lagging behind the frontrunners, a survey shows
October 01, 2018 01 Oct'18
Tesco Bank gets first cyber-related FCA fine

UK’s financial watchdog issues its first cyber-related fine to Tesco Bank in connection with a multimillion-pound cyber fraud in 2016
September 28, 2018 28 Sep'18
Cyber attackers are increasingly exploiting RDP, warns FBI

Businesses should to act to reduce the likelihood of compromise from cyber attackers exploiting the remote desktop protocol, warns the FBI
September 27, 2018 27 Sep'18
Blockchain is no ‘magic wand’ for cyber security

The decentralised nature of blockchain networks may deter some cyber crooks, but ASEAN organisations still need to pay heed to the security of their blockchain infrastructure
September 27, 2018 27 Sep'18
Business is at inflection point for proactive cyber security

The time is ripe for proactive cyber security, but many organisations must first overcome four key obstacles to achieve effective protection, according to a research report
September 27, 2018 27 Sep'18
Explosion in fake data-stealing shopping sites

Cyber attackers are ramping up efforts to steal personal data by setting up look-alike domains that pose a phishing risk to online shoppers, researchers warn
September 27, 2018 27 Sep'18
Norwegian state discusses vulnerabilities with IT sector

Government is collaborating with the country’s IT industry to improve the availability of security expertise
September 27, 2018 27 Sep'18
Replication won’t protect VMs against ransomware

Seamless replication is among the benefits of virtualisation, but many organisations fail to back up virtual machines properly
September 26, 2018 26 Sep'18
Financial services firms face potential security bombshell

UK financial services are facing a security crisis over outdated services and applications, a survey shows
September 25, 2018 25 Sep'18
PCI DSS compliance falls despite security benefit

Despite the benefits of the payment card industry security standard, there is a concerning downward trend in compliance, a report reveals
September 25, 2018 25 Sep'18
MI5 admits to ‘unlawful’ spying on Privacy International

The UK's intelligence agencies acted unlawfully by intercepting communications data on NGO, Privacy International, the UK's most secret court ruled.
September 25, 2018 25 Sep'18
WannaCry and NotPetya inspiring new attacks

Designs and techniques used in 2017’s global cyber attacks have inspired a new breed of malware that exploits software vulnerabilities, according to a McAfee report
September 25, 2018 25 Sep'18
Mac OS Mojave zero-day warning

The latest version of Apple’s Mac operating system contains a vulnerability that could be exploited by attackers to access protected files, a researcher warns
September 24, 2018 24 Sep'18
NHS Digital hires chief information security officer

Robert Coles will lead the health and care sector’s response to cyber attacks and help local organisations meet the government’s cyber security standards
September 24, 2018 24 Sep'18
Business leaders expect suppliers to ensure they are cyber secure

Most UK business leaders expect suppliers to be cyber secure and nearly a third of businesses would terminate contracts because of suppliers’ security failings, a survey has revealed
September 21, 2018 21 Sep'18
Foreshadow mitigation obscures licensing impact

Performance of virtual machines could be severely affected by the workaround for Intel’s latest processor flaw. To compensate, more processors will be needed
September 19, 2018 19 Sep'18
Equifax fined by ICO for security failings

The Information Commissioners Office has fined Equifax UK in relation to a data breach at its UK parent last year
September 19, 2018 19 Sep'18
Europol cyber crime report highlights emerging threats to enterprise security

Research highlights increase in sophistication of ransomware attacks, while revealing details of new and emerging threats to enterprises
September 19, 2018 19 Sep'18
IT sector advises Swedish government on elections and voting system

Swedish IT secure is helping the government make election systems more secure and reduce external influence
September 17, 2018 17 Sep'18
Singapore government to start bug bounty programme

Singapore’s bug bounty programme will help the authorities identify cyber blind spots and benchmark its defences against skilled hackers
September 17, 2018 17 Sep'18
Danske Bank invests in anti-money laundering systems following Estonian problems

Danske bank improves its anti money laundering software, utilising artificial intelligence and machine learning
September 13, 2018 13 Sep'18
GCHQ mass surveillance regime was in breach of human rights law, European court rules

The European Court of Human Rights in Strasbourg has ruled that the UK’s collection of bulk interception of communications data lacked adequate oversight and safeguards and was in breach of human rights law
September 12, 2018 12 Sep'18
NCSC issues core questions to help boards assess cyber risk

The National Cyber Security Centre has published its first in a series of guidance for board members which highlights what businesses should be asking security teams
September 12, 2018 12 Sep'18
FCA warns it cannot manage financial crime risks without sharing data with EU

FCA admits it will be unable to manage financial crime effectively if it cannot share data with EU authorities.
September 12, 2018 12 Sep'18
Two-thirds of emails not clean, says research

Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research
September 11, 2018 11 Sep'18
Higher education sector's poor response to cyber threats laid bare in EfficientIP report

The 2018 EfficientIP Global DNS Report shines a light on how ill-prepared the higher education sector is for handling cyber threats
September 11, 2018 11 Sep'18
British Airways data breach: Security researchers name suspects and query attack timeline

Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought
September 11, 2018 11 Sep'18
UK security vetting IT system failing, says NAO

The National Audit Office is critical of the government’s project to centralise its security vetting process, as the IT system has been plagued by failures from the start and has led to serious delays
September 10, 2018 10 Sep'18
Cyber criminals outspend businesses in cyber security battle

Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result
September 07, 2018 07 Sep'18
North Korean programmer charged for WannaCry attacks

The US has charged a member of a group of North Korean hackers linked to the WannaCry, Sony Pictures and other cyber attacks around the world
September 07, 2018 07 Sep'18
Ransomware down, but not out, report reveals

Cryptojacking has taken over from ransomware as the top money spinner for cyber criminals, but the threat is not over and spam is also seeing a resurgence as an attack method, a report reveals
September 06, 2018 06 Sep'18
Chrome 69 security improvements welcomed

The cyber security community has welcomed the improvements in the latest version of the Chrome browser, especially when it comes to generating strong, unique passwords