News

IT risk management

• October 18, 2016 18 Oct'16

  Most businesses vulnerable to cyber attacks through firmware, study shows

  Company culture and overall attitude to security is a major contribution to vulnerability to cyber attack through firmware, a study by Isaca has revealed

• October 13, 2016 13 Oct'16

  Almost two-thirds of US office workers unaware of ransomware threat

  Nearly half of ransomware attacks are aimed at office workers, but almost two-thirds of those polled in the US are unaware of the threat

• October 10, 2016 10 Oct'16

  Smartwatches banned from UK Cabinet as EC plans IoT security standards

  The EC is planning a security certification scheme for internet of things devices as the UK Cabinet bans smartwatches amid heightened fears of cyber espionage

• October 04, 2016 04 Oct'16

  DDoS attacks consistent, relentless and costly, report shows

  The latest global DDoS report from Neustar underlines the importance of investing in appropriate defences as the high volume of attacks looks set to increase

• September 29, 2016 29 Sep'16

  NGOs challenge UK and US mass surveillance in human rights court

  Privacy International, Liberty and the American Civil Liberties Union are among 10 human rights groups backing a landmark challenge to mass surveillance in the European Court of Human Rights

• September 22, 2016 22 Sep'16

  Cyber attack aimed at destruction, says TV5Monde

  TV5Monde counting the cost of not being adequately prepared for a cyber attacked that downed the network in 2015

• September 20, 2016 20 Sep'16

  Business warned not to be complacent about cyber security

  Lloyds of London survey reveals just how badly some European firms are failing in terms of cyber security and low levels of awareness about the role of cyber insurance

• September 19, 2016 19 Sep'16

  Consumers trust banks more than government for biometric security

  UK citizens think banks are the best organisations to provide biometric authentication for payments

• September 16, 2016 16 Sep'16

  Alleged hacker Lauri Love can be extradited to the US, court rules

  Westminster Magistrates’ Court has ruled that alleged hacker, Lauri Love, can be extradited to the US, where he could face a 99-year prison sentence

• September 07, 2016 07 Sep'16

  Basic security could have prevented OPM breach, says report

  Basic security controls and malware-detection tools could have prevented the breach of more than 21 million records at the US Office of Personnel Management in 2015, claims a congressional report

• September 06, 2016 06 Sep'16

  Use ransomware to get security buy-in, says Trend Micro CTO

  Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes

• September 01, 2016 01 Sep'16

  Lessons from the Dropbox breach

  Dropbox is the latest major company to confirm a data breach, albeit four years old, but – as with all recent data breaches by cloud-based services – it highlights some key security lessons

• August 31, 2016 31 Aug'16

  Evidence of DNS tunnelling in two-fifths of business networks

  Cyber criminals are capitalising on the failure of many businesses to examine their DNS traffic for malware insertion and data exfiltration, according to Infoblox

• August 30, 2016 30 Aug'16

  Encryption hiding malware in half of cyber attacks

  Cyber attackers are using encryption to hide malicious activity, making it increasingly difficult to find as more organisations turn to encryption to protect data, a study has revealed

• August 26, 2016 26 Aug'16

  Law firms planning litigation market for GDPR

  Businesses should be preparing for the storm of litigation that is likely to be unleashed when the GDPR goes into force, warns Stewart Room of PwC Legal

• August 19, 2016 19 Aug'16

  Expect ransomware arrests soon, says bitcoin tracking firm Chainalysis

  Law enforcement organisations are set to ramp up arrests of cyber criminals behind ransomware attacks, according to financial technology startup Chainalysis

• August 19, 2016 19 Aug'16

  Police arrest woman in connection with Sage data breach

  A woman has been arrested on suspicion of fraud in connection with a data breach at accounting software firm Sage

• August 16, 2016 16 Aug'16

  Cerber ransomware service reaps $195,000 profit in a month

  Franchises such as Cerber are making highly profitable ransomware available to a broader range of cyber criminals, according to a report by security firm Check Point

• August 15, 2016 15 Aug'16

  Financial sector faces era of cyber mega heists

  Banks and other financial institutions are threatened by a new breed of elite cyber criminals running professional operations that will use any means to achieve their goals, says Barclays security chief

• August 15, 2016 15 Aug'16

  Sage data breach underlines insider threat

  Organisations need to take insider threats more seriously say security experts, as Sage warns that a data breach using an internal log-in may have compromised employee data at nearly 300 UK firms

• August 10, 2016 10 Aug'16

  MI5 staff repeatedly overrode data surveillance rules

  Security service MI5 is responsible for 210 “clear contraventions” over five years for the way it accessed private internet and telephone data

• August 08, 2016 08 Aug'16

  IT failure grounds Delta flights worldwide

  US airline Delta has temporarily grounded flights worldwide after a power failure took key IT systems offline in its home base of Atlanta, Georgia

• August 08, 2016 08 Aug'16

  Strider cyber attack group deploying malware for espionage

  Symantec security researchers have uncovered a spying campaign by a previously unknown group using modular malware as stealthware

• August 05, 2016 05 Aug'16

  Banner Health cyber breach underlines need for faster intrusion detection

  A data breach at Banner Health has highlighted the importance of intrusion detection and prompted calls for greater cyber security investment in the increasingly targeted healthcare industry

• August 05, 2016 05 Aug'16

  Artificial intelligence takes centre stage in cyber security

  Artificial intelligence-led cyber security technology has been in the spotlight at two major industry conferences in Las Vegas, signalling a firm trend in cyber defence research

• August 03, 2016 03 Aug'16

  One in five businesses hit by ransomware are forced to close, study shows

  More than half of UK companies have been hit by ransomware in the past year, a study on the impacts of this popular attack method has revealed

• July 28, 2016 28 Jul'16

  UK’s top security judges struggle to assess privacy threats

  Technological advancements make it difficult for the Investigatory Powers Tribunal to assess privacy threats, say the tribunal’s own judges

• July 26, 2016 26 Jul'16

  Date set for landmark hearing into EU-US data transfers

  Irish court hearing triggered by Austrian law student Max Schrems could have huge implications for EU-US trade and the data privacy rights of millions of EU citizens

• July 19, 2016 19 Jul'16

  Carbon Black bets on next-generation antivirus

  Carbon Black is betting on next-generation antivirus technology by acquiring Confer to extend the capability and appeal of its endpoint protection offerings

• July 19, 2016 19 Jul'16

  Case study: Rémy Cointreau boosts security and productivity

  Drinks firm Rémy Cointreau uses Centrify’s identity and mobile management to simplify security, improve business agility and reduce IT costs

• July 14, 2016 14 Jul'16

  Cyber attacks cost UK business more than £34bn a year, study shows

  Nearly half of UK firms lack advanced cyber defences, despite the high level of concern about cyber attacks and associated costs

• July 12, 2016 12 Jul'16

  IBM sets up security centre in Canberra

  IBM leads the charge as large private businesses invest heavily in security resources across Australia in an attempt to close the security gap

• July 06, 2016 06 Jul'16

  UK's Darktrace aims to lead the way to automatic cyber security

  Darktrace hopes to be a leader in the move to automated cyber security to free up security professionals to focus on business risk and innovation

• June 30, 2016 30 Jun'16

  LizardStresser IoT botnet launches 400Gbps DDoS attack

  Attack groups using the LizardStresser botnet are exploiting IoT devices to mount massive DDoS attacks without using amplification techniques, say researchers

• June 29, 2016 29 Jun'16

  Lauri Love using illness as a shield against extradition, claims prosecution

  Prosecution lawyer questions whether activist Lauri Love is not fit enough to stand trial in the US over hacking charges,as expert witnesses warn that US prisons are ill-equipped for people with mental health problems.

• June 28, 2016 28 Jun'16

  Lauri Love suicide risk if extradited to US over hacking allegations

  Westminster Magistrates’ Court hears evidence from medical experts that alleged hacker Lauri Love is at risk of suicide if extradited to the US

• June 21, 2016 21 Jun'16

  Cyber security industry mostly welcomes report on TalkTalk breach

  Most of the recommendations of a government committee inquiry into the TalkTalk breach have been welcomed, but pundits have expressed reservations about some, particularly proposed new fines

• June 20, 2016 20 Jun'16

  Lower average cost of Australian data breaches is not a sign of comfort

  The average cost of a data breach to Australian organisations dropped in 2015, according to research

• June 13, 2016 13 Jun'16

  EU firms slow in detecting cyber attacks, study shows

  European firms take an average of 469 days to discover a compromise, compared with an average of 146 days globally, according to Mandiant

• June 12, 2016 12 Jun'16

  Philippines government data breach is a warning to Asean region

  Security is a rising concern in the Asean region, with fears fuelled by incidents such as the recent hacking incident in Manila

• June 10, 2016 10 Jun'16

  IoT security: Lack of expertise will hurt, says Bruce Schneier

  Government action at national and international levels is essential for addressing IoT security issues, but the relevant expertise is lacking, according to security expert Bruce Schneier

• June 07, 2016 07 Jun'16

  Millions of sensitive IT services exposed to the internet, study finds

  Encryption should become the default as study reveals millions of sensitive services are exposed to the internet, says Rapid7

• June 01, 2016 01 Jun'16

  MPs’ private emails are routinely accessed by GCHQ

  Computer Weekly investigation reveals the extent of interception of MPs’ and peers’ email communications and data

• May 20, 2016 20 May'16

  NHS data security standards to be designed around technology, people and processes

  The Care Quality Commission’s delayed review of NHS data security standards will encourage NHS organisations to have senior information risk owners and Caldicott Guardians at board level

• May 19, 2016 19 May'16

  Lessons from LinkedIn data breach revelations

  There are several important lessons to be learned from revelations about LinkedIn's 2012 data breach, say security experts

• May 13, 2016 13 May'16

  Time to shift information security focus away from prevention, says Swiss bank CISO

  Organisations need a new approach which recognises security is “breakable”, according to Michael Meli

• May 09, 2016 09 May'16

  Australian health sector an easy target for cyber criminals, says IBM

  A push to encourage greater adoption of electronic health records has raised the spectre of online record theft

• May 06, 2016 06 May'16

  Ransomware emerges as a top cyber threat to business

  Security researchers at Kasperky Lab and FireEye confirm that the upward trend of ransomware is continuing and has emerged as a top threat to business

• April 29, 2016 29 Apr'16

  Cyber security in Belgium will gain prominence after terror attacks

  Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?

• April 28, 2016 28 Apr'16

  Payment card industry issues data security standard update

  PCI DSS version 3.2 introduces six new requirements for compliance, some additional guidance and a raft of clarifications