News

IT risk management

• November 07, 2021 07 Nov'21

  Technology spending reaches record levels, fuelling jobs boom

  Spending on IT has reached its highest levels for a decade but a shortage of skilled IT professionals could dampen growth

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• November 01, 2021 01 Nov'21

  Businesses and governments urged to take action over Trojan Source supply chain attacks

  Businesses and governments have been put on alert to guard against Trojan Source hacking attacks

• October 28, 2021 28 Oct'21

  CIA sought revenge against Julian Assange over hacking tool leaks, court hears

  The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court

• October 28, 2021 28 Oct'21

  How ransomware crews pile on the pressure to get victims to pay

  Sophos researchers share some of the more common tactics ransomware gangs use to pressurise their victims into paying up

• October 27, 2021 27 Oct'21

  ‘No-one extradited from UK to US has committed suicide,’ US tells court in Assange appeal

  US government claims that a district judge has given WikiLeaks founder Julian Assange a ‘trump card’ to avoid extradition  

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 27, 2021 27 Oct'21

  Cyber sector growth exacerbating skills shortage

  Data from security association (ISC)² shows demand for cyber pros is still outpacing supply as the sector continues an upward growth trajectory

• October 26, 2021 26 Oct'21

  DarkMarket takedown results in 150 arrests

  A coordinated operation by law enforcement has seen 150 taken into custody amid allegations of buying or selling illicit goods on the dark web

• October 26, 2021 26 Oct'21

  Cyber experts on how to nobble a Nobelium attack

  A recent spate of attempted Nobelium cyber attacks were mostly unsuccessful, but serve as a reminder to pay attention to some more fundamental aspects of security

• October 26, 2021 26 Oct'21

  Lacework expands into ANZ, eyes APAC market

  DevSecOps supplier Lacework’s expansion into Australia and New Zealand will pave the way for a broader move into the Asia-Pacific region

• October 25, 2021 25 Oct'21

  Attempted hack causes Tesco website outage

  Retailer’s website and app back after attempted hack caused problems over the weekend

• October 21, 2021 21 Oct'21

  Airport operator MAG boosts threat visibility with hybrid SOC

  With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience

• October 21, 2021 21 Oct'21

  APAC organisations warm to zero trust

  Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds

• October 20, 2021 20 Oct'21

  US intelligence agencies issue advisory on BlackMatter gang

  Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers

• October 20, 2021 20 Oct'21

  LightBasin hackers breach 13 telcos in two years

  Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms

• October 18, 2021 18 Oct'21

  How Samlesbury, Lancashire became the home of the National Cyber Force

  The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region

• October 14, 2021 14 Oct'21

  Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

  Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts

• October 14, 2021 14 Oct'21

  NHS Digital enhances in-house cyber awareness drive

  Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk

• October 13, 2021 13 Oct'21

  Google Cybersecurity Action Team springs into life

  Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Microsoft warns of MysterySnail on October Patch Tuesday

  Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 12, 2021 12 Oct'21

  BCS calls on government to retain protections against AI

  BCS, the Chartered Institute for IT, wants the government to retain protections that allow people to have decisions about them made by an AI reviewed by humans if needed

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 11, 2021 11 Oct'21

  Singapore refreshes cyber security strategy

  The city-state updates its national cyber security strategy to shore up the security of critical infrastructure and enterprises while growing its cyber security industry, among other goals

• October 08, 2021 08 Oct'21

  Fast-moving Ryuk campaign targets healthcare organisations

  Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks

• October 08, 2021 08 Oct'21

  NatWest admits to weaknesses in anti-money laundering systems

  Bank pleads guilty to failures concerning the laundering of hundreds of millions of pounds, but says it has since improved its anti-money laundering systems

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Auto-enrolment begins for Google multi-factor authentication

  Google has started to turn on multi-factor authentication on consumer accounts by default, and aims to auto-enrol 150 million users by the end of 2021

• October 05, 2021 05 Oct'21

  New Python-based ransomware attacks unfold in record time

  Sophos researchers detail a new variety of Python-based ransomware attack targeting VMware ESXi-hosted VMs

• October 05, 2021 05 Oct'21

  Australian organisations lack maturity in responsible AI

  Most Australian organisations are still in the early stages of their responsible artificial intelligence efforts despite growing use of AI by businesses and consumers, study finds

• October 04, 2021 04 Oct'21

  One Identity buys OneLogin for access management expertise

  Acquisition of OneLogin adds access management solutions to One Identity’s Unified Identity Security platform

• October 04, 2021 04 Oct'21

  Two arrests made in European ransomware investigation

  Unnamed ransomware operation was disrupted last week in Kiev, Ukraine, following a coordinated investigation

• October 01, 2021 01 Oct'21

  Amnesty International exploited in malware campaign

  According to new intelligence from Cisco Talos, Amnesty International’s branding and profile is being used as part of a new malware campaign that exploits people’s fears of the notorious Pegasus spyware app

• September 29, 2021 29 Sep'21

  FoggyWeb malware latest tool of dangerous Nobelium APT

  Microsoft’s threat intelligence team warns of a new strain of malware being used by the Russia-linked Nobelium APT

• September 29, 2021 29 Sep'21

  Dedicated number for victims of fraud launched amid national security threat

  Consumers that suspect they are being targeted by fraudsters can call 159 to be directly linked to their bank, as part of a 12-month pilot

• September 29, 2021 29 Sep'21

  The Security Interviews: How SolarWinds came through its darkest hour

  In his first major UK press interview, SolarWinds CEO Sudhakar Ramakrishna tells Computer Weekly how a relentless focus on transparency saw the company safely through a nightmare cyber breach scenario

• September 28, 2021 28 Sep'21

  How one red team exercise averted a new SolarWinds-style attack

  Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack

• September 27, 2021 27 Sep'21

  Women and BAME people bear brunt of cyber crime impact

  Cyber crime has a disproportionate impact on women and BAME people, according to a new report

• September 24, 2021 24 Sep'21

  How Australia punches above its weight in cyber security

  Australia is playing to its strengths in niche areas such as governance and deep tech to punch above its weight in the cyber security industry

• September 23, 2021 23 Sep'21

  Fresh alert over Conti ransomware surge

  Conti ransomware crew appears increasingly active, prompting fresh warnings from the US authorities

• September 23, 2021 23 Sep'21

  MoD in second leak of Afghan citizens’ data

  A second breach of data relating to Afghan citizens at risk of Taliban reprisals has been reported by the Ministry of Defence

• September 23, 2021 23 Sep'21

  Threat actors target VMware vCenter Server users

  Users of VMware vCenter Server are advised to patch a series of vulnerabilities post haste

• September 23, 2021 23 Sep'21

  Authorised push payment fraud sees huge increase as criminals switch tactics

  Criminals tricking people into making payments through channels such as fake emails and websites have stolen more money than payment card fraudsters

• September 21, 2021 21 Sep'21

  US sanctions Suex crypto exchange over ransomware links

  US Treasury cracks down on cryptocurrency exchange that supposedly facilitated proceeds from multiple ransomware gangs

• September 21, 2021 21 Sep'21

  Investigation launched after MoD email blunder

  Exposure of PII on Afghan interpreters who worked with the UK may put hundreds at risk of Taliban reprisals