News

IT security

• June 17, 2020 17 Jun'20

  Malaysia’s telco industry on edge amid new developments, appointments

  Spotlight trained on newly appointed key regulatory personnel that could see a change in Malaysia’s telco policy, including a deferment of 5G roll-out

• June 17, 2020 17 Jun'20

  Macquarie eyes government contracts with new Canberra datacentre

  New Macquarie datacentre in the Australian capital designed to achieve Tier 4 datacentre standards will deliver 1.5MW of capacity by December 2020

• June 16, 2020 16 Jun'20

  UK-US data deal puts Brexit data adequacy pact at risk

  European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note

• June 16, 2020 16 Jun'20

  Activists call on Zoom to implement encryption for all

  A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users

• June 16, 2020 16 Jun'20

  Norway’s contact-tracing app suspended over privacy concerns

  Norway has been given until 23 June to justify the location tracking of citizens who download its contract-tracing app

• June 15, 2020 15 Jun'20

  Banking trojans roar back to prominence in May

  Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants

• June 15, 2020 15 Jun'20

  NatWest develops behavioural biometrics as additional authentication

  Bank is working with Visa to develop behavioural biometrics technology as an extra layer of invisible authentication

• June 15, 2020 15 Jun'20

  Accessories store Claire’s hit by Magecart credit card fraudsters

  Attackers gained access to retailer’s website as long ago as March

• June 14, 2020 14 Jun'20

  Coronavirus: Enterprise VPN adoption in India set to rise

  Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData

• June 12, 2020 12 Jun'20

  Hospital uses thermal surveillance cameras to protect patients against second wave of Covid-19

  A North Midlands NHS trust claims to be the first NHS trust to deploy thermal surveillance cameras to protect patients and staff against the coronavirus

• June 12, 2020 12 Jun'20

  NHS email service users ensnared in phishing attack

  More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed

• June 12, 2020 12 Jun'20

  Fake contact-tracing apps delivering banking trojans

  Spoof government coronavirus apps are popping up all over the world, says the Anomali Threat Research team

• June 12, 2020 12 Jun'20

  100,000 cheap wireless cameras vulnerable to hacking

  Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors

• June 12, 2020 12 Jun'20

  UN secretary general calls for global digital cooperation

  Antonio Guterres launches roadmap for digital cooperation and calls for world leaders to come together to “connect, respect and protect people in the digital age”

• June 12, 2020 12 Jun'20

  Twitter kills thousands of misinformation accounts

  The accounts were linked to the governments of China, Russia and Turkey, and engaged in systematic operations against pro-democracy activists, political opponents and dissidents

• June 11, 2020 11 Jun'20

  Coronavirus: Bungled British response leads to rise in security risks

  Covid-19 cyber security threats are evolving over the course of the pandemic, becoming more targeted to virus hotspots such as the UK

• June 11, 2020 11 Jun'20

  CISOs buying into unified security proposition

  The time is right for all-in-one security solutions, according to a report

• June 10, 2020 10 Jun'20

  Government to fund nine advanced security projects

  Nine academic projects have been selected to receive a share of a £10m funding pot as they develop advanced cyber security solutions using prototype chipsets

• June 10, 2020 10 Jun'20

  Decade-old vulnerability among 129 Patch Tuesday fixes

  A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks

• June 10, 2020 10 Jun'20

  Unsecured Elasticsearch server breached in eight hours flat

  Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot

• June 10, 2020 10 Jun'20

  Virtual GP practice accidentally exposes patient video calls

  A small number of users of Babylon’s GP at Hand service were briefly able to view other patients’ video GP consultations thanks to a bug in a new software feature

• June 10, 2020 10 Jun'20

  Nasty surprises lurking in furloughed employees’ inboxes

  Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work

• June 10, 2020 10 Jun'20

  CaixaBank introduces facial recognition ATMs

  Spanish bank broadens its use of facial recognition technology on cash machines

• June 10, 2020 10 Jun'20

  How Australian firms can defend against supply chain attacks

  Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm

• June 09, 2020 09 Jun'20

  Honda investigates suspected Snake ransomware attack

  Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended

• June 09, 2020 09 Jun'20

  Cyber security needs more women role models, says report

  A report compiled by security assurance organisation Crest highlights the progress made on gender diversity in cyber security, and offers pointers for next steps

• June 09, 2020 09 Jun'20

  Bankers say artificial intelligence will separate winners and losers

  The application of artificial intelligence at banks will be the difference between the ones that succeed and the ones that fail in the coming years

• June 09, 2020 09 Jun'20

  Poorly-secured AWS buckets used to launch Magecart attacks

  Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data

• June 08, 2020 08 Jun'20

  What it takes to get DevSecOps right

  DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools

• June 05, 2020 05 Jun'20

  Police chiefs working with Public Health England on contact-tracing security

  Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme

• June 05, 2020 05 Jun'20

  Ministry of Defence forms new cyber security regiment

  The 13th Signal Regiment brings together personnel from across the armed forces to provide specialist security services

• June 04, 2020 04 Jun'20

  Dutch organisations invest heavily in compliance – but in vain

  Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment

• June 04, 2020 04 Jun'20

  Small businesses failing on remote worker protection

  Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up

• June 04, 2020 04 Jun'20

  Data privacy groups pile in on UK contact-tracing app

  UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app

• June 04, 2020 04 Jun'20

  Black Lives Matter activists targeted by cyber attacks

  Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide

• June 04, 2020 04 Jun'20

  The Security Interviews: How the BSI protects the IoT from itself

  David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely

• June 04, 2020 04 Jun'20

  Coronavirus: Cyber criminals target laid-off workers

  Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic

• June 04, 2020 04 Jun'20

  Malaysian minister backtracks on spectrum allocation decision

  Amid reports of a surreptitious decision to allocate spectrum to five Malaysian operators, the communications minister rescinds his own order, calling for a more transparent review of the allocation process

• June 03, 2020 03 Jun'20

  Sodinokibi data auctions highlight changing criminal tactics

  The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic?

• June 03, 2020 03 Jun'20

  Security procurement framework goes live for NHS and public sector

  Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched

• June 03, 2020 03 Jun'20

  Infosec 2020: Covid-19 an opportunity to change security thinking

  The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness

• June 03, 2020 03 Jun'20

  Aston Martin swaps out legacy antivirus for AI-driven service

  Luxury car manufacturer says the advent of artificial intelligence-powered services will revolutionise its security posture

• June 03, 2020 03 Jun'20

  Keeping IT operations running for remote workers

  Measuring employee experience and enabling self-service are some of the ways businesses can manage and empower a remote workforce

• June 02, 2020 02 Jun'20

  VMware vulnerability leaves private clouds open to takeover

  Ethical hackers from Citadelo uncovered a vulnerability in VMware Cloud Director that left private cloud owners open to takeover

• June 02, 2020 02 Jun'20

  NIS security regulations proving effective, but more work to do

  The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report

• June 01, 2020 01 Jun'20

  Privacy campaigners call for radical changes to contact-tracing app

  Liberty, Privacy International and the Open Rights Group join calls for the government to either put in place better data protection policies or abandon its Covid-19 contact-tracing app altogether

• June 01, 2020 01 Jun'20

  WikiLeaks founder Julian Assange misses court hearing due to respiratory problems

  The WikiLeaks founder is expected to call 21 witnesses during a three-week extradition hearing in September

• June 01, 2020 01 Jun'20

  How managed threat hunting helps bust malicious insiders

  Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending

• May 29, 2020 29 May'20

  Government launches IoT security funding round

  A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security

• May 29, 2020 29 May'20

  Test and Trace has not passed data protection impact assessment

  Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme

• May 29, 2020 29 May'20

  How Sega Europe slashed incident response times using cloud SIEM

  Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service

• May 29, 2020 29 May'20

  Singapore’s contact-tracing app tops privacy study

  Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds

• May 28, 2020 28 May'20

  Public Health England to keep contact-tracing data for 20 years

  PHE will retain the data it collects via the NHS Test and Trace programme for 20 years

• May 28, 2020 28 May'20

  TSB Bank digitises banking forms in response to coronavirus lockdown

  As part of its 2022 digital strategy, TSB has begun rolling out electronic forms designed in Adobe XD and processed using Adobe Sign

• May 28, 2020 28 May'20

  IoT buyers eye private network deployments for added security

  Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report

• May 27, 2020 27 May'20

  Revealed: Surveillance camera network that covered Dominic Cummings’ lockdown travel

  A network of automatic number plate recognition and local authority traffic cameras could help police track Downing Street chief of staff Dominic Cummings’ journeys to Durham and Barnard Castle during the Covid-19 lockdown

• May 27, 2020 27 May'20

  Enterprise clouds hammered by cyber attacks during pandemic

  Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee

• May 27, 2020 27 May'20

  PropertyGuru touts 3D virtual viewings with StoryTeller

  Southeast Asian property portal PropertyGuru rolls out new capability in its FastKey platform that lets developers showcase properties to prospective buyers through 3D visualisation

• May 27, 2020 27 May'20

  Fears contact-tracing app will open the floodgates for cyber criminals

  Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government

• May 26, 2020 26 May'20

  Max Schrems accuses Ireland of ‘Kafkaesque’ delay in Facebook GDPR investigation

  Privacy campaigner Max Schrems has urged the European Commission to intervene after the Irish Data Protection Commission allegedly used ‘Kafkaesque’ tactics to delay investigations into Facebook’s compliance with GDPR

• May 26, 2020 26 May'20

  StrandHogg mobile vulnerability has evil twin

  Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device

• May 26, 2020 26 May'20

  Android security vulnerabilities differ by country, say researchers

  Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack

• May 26, 2020 26 May'20

  The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?

  On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 22, 2020 22 May'20

  Covid-19 will leave organisations exposed to higher cyber risks

  Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum

• May 22, 2020 22 May'20

  Hancock to Harman: No contact-tracing privacy law

  Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

• May 22, 2020 22 May'20

  Coronavirus: How MyIX is keeping Malaysians connected

  Malaysia’s MyIX internet exchange has been classed as critical national infrastructure, with member telcos adding more capacity to meet the surge in demand for internet services

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 20, 2020 20 May'20

  Serco exposes contact tracers’ data in email error

  Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message

• May 20, 2020 20 May'20

  Personal devices putting Singapore employers at risk

  More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats

• May 20, 2020 20 May'20

  Responsible Cyber acquires Secucial in S$7m deal

  Singapore startup Responsible Cyber plans to bolster its Immune platform with access control management capabilities, and sets out to expand its global footprint

• May 19, 2020 19 May'20

  Microsoft Build 2020: Focus on protecting data for AI development

  Microsoft Build is always a vital event for developers across the IT industry. This year, Microsoft has expanded its AI emphasis

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  GDPR wholly inappropriate to govern contact-tracing data

  Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Doubts mount over effectiveness of UK contact-tracing app

  Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Nine million EasyJet customer details lost in data breach

  Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline

• May 19, 2020 19 May'20

  Sodinokibi cyber criminals plot to ‘auction’ Madonna data

  The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time

• May 19, 2020 19 May'20

  Huawei: US using technological strengths to ‘crush’ companies outside its own borders

  Chinese tech giant hits back at White House decision to extend technology ban and says it will ultimately be self-harming

• May 19, 2020 19 May'20

  GitLab makes foray into Southeast Asia

  GitLab expands in Southeast Asia with a Singapore presence to shore up its growing footprint across the Asia-Pacific region

• May 19, 2020 19 May'20

  Vast majority of cyber attacks are easy to stop, says Verizon

  Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it

• May 18, 2020 18 May'20

  DevOps improve code quality, but security must happen sooner

  GitLab survey finds developers are adopting DevOps to improve code quality, but more needs to be done on secure coding

• May 18, 2020 18 May'20

  Why a pandemic-specific BCP matters

  Many organisations still do not have scenario-specific business continuity plans, which are helpful when the situation requires a customised response, such as a pandemic, according to Forrester

• May 15, 2020 15 May'20

  Questions raised after UK’s electrical grid shrugs off cyber attack

  Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse

• May 15, 2020 15 May'20

  Law firm hackers threaten to release dirt on Trump

  A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts

• May 14, 2020 14 May'20

  Harman seeks to bring private member’s bill over contact tracing

  Chair of Human Rights Committee aims to put the proposed Contact Tracing (Data Protection) Bill 2020 before parliament as a private member’s bill if necessary

• May 14, 2020 14 May'20

  Venafi buys cloud protection service Jetstack

  Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems

• May 14, 2020 14 May'20

  China targeting Covid-19 researchers through IT suppliers, claims US

  The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China

• May 14, 2020 14 May'20

  UK’s contact-tracing app targeted by scammers

  Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals

• May 14, 2020 14 May'20

  SK Telecom brings quantum security to the masses

  The South Korean telco is readying the world’s first 5G smartphone equipped with a quantum random number generator chipset

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  Can Lady Gaga and Madonna get people to take security seriously?

  What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers

• May 13, 2020 13 May'20

  British public largely distrustful of technology companies, says report

  High levels of distrust in the motivations of technology companies and a lack of meaningful influence over their behaviour has left the British public feeling digitally disempowered, says Doteveryone report

• May 13, 2020 13 May'20

  Microsoft fixes 16 critical vulnerabilities on Patch Tuesday

  The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities

• May 13, 2020 13 May'20

  European comms bodies set up standards group, call for vigilance on contact-tracing apps

  New ETSI group will develop standardisation framework for secure smartphone-based proximity tracing systems, helping to break Covid-19 transmission chains

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 12, 2020 12 May'20

  MPs take part in first live test of remote voting during Covid-19 debate

  MPs will use phones and computers to vote from their homes in a House of Commons debate today in the biggest change in parliamentary procedure for 150 years

• May 12, 2020 12 May'20

  Details released of second UK contact-tracing app development

  Contractual documents show Zuhlke Engineering receiving an official start date of 6 May to supply a managed delivery team to support and run proximity mobile application and services for the UK

• May 12, 2020 12 May'20

  Pay the ransom and double your recovery costs, report warns

  Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos