News

IT security

• October 14, 2019 14 Oct'19

  Researchers reveal the cyber campaign that built China's new airliner

  CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry

• October 14, 2019 14 Oct'19

  The Security Interviews: Applying AI to Lego, and security

  Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up

• October 11, 2019 11 Oct'19

  Zuckerberg’s mentor condemns Facebook’s business practices

  Long-time Silicon Valley investor speaks out against surveillance capitalism and the lack of rules and regulations governing big tech’s behaviour

• October 09, 2019 09 Oct'19

  US likely to concede on Huawei export ban

  The US government may make some concessions over the future of Huawei before the end of the year

• October 08, 2019 08 Oct'19

  CIO interview: Matt Harris, head of IT, Mercedes-AMG Petronas Motorsport

  The IT chief at the world-leading Formula 1 team is focused on using technology to support and deliver marginal gains in performance for the team’s drivers

• October 08, 2019 08 Oct'19

  How APAC enterprises can keep pace with container security

  For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities

• October 08, 2019 08 Oct'19

  IBM, McAfee among founders of open source security alliance

  A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance

• October 07, 2019 07 Oct'19

  Government departments sign up to web data-sharing plan

  All but four Whitehall departments have so far agreed to share web analytics data to allow the government to monitor user behaviour across the Gov.uk domain

• October 04, 2019 04 Oct'19

  UK and US call on Facebook to walk back encryption plans

  The US, Australian and UK governments have asked Facebook to ditch plans to deploy end-to-end encryption across Facebook Messenger, Instagram and WhatsApp

• October 03, 2019 03 Oct'19

  IT contractor charged over cyber attack on property valuation firm

  Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web

• October 03, 2019 03 Oct'19

  Why data-driven applications need a governance framework

  Data is the new oil – but without tight control, how can business determine that the data is valid? Data catalogues are back in vogue

• October 03, 2019 03 Oct'19

  LogRhythm touts unlimited data plan for SIEM systems

  SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank

• October 03, 2019 03 Oct'19

  Local authorities hit by 800 cyber attacks every hour

  Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year

• October 03, 2019 03 Oct'19

  New threat group behind Airbus cyber attacks, claim researchers

  Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore

• October 03, 2019 03 Oct'19

  Cyber war as big a threat as nuclear war, says ex-RSA head Coviello

  Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them

• October 01, 2019 01 Oct'19

  A security breach is inevitable, IT leaders warned

  No matter how much IT security tech and training is in place, sophisticated, targeted attacks are going to breach company defences, Carbon Black warns

• October 01, 2019 01 Oct'19

  Singapore outlines initiatives to tackle OT and IoT security

  The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things

• September 30, 2019 30 Sep'19

  CIO interview: Michael Ibbitson, executive VP for technology and infrastructure, Dubai Airports

  Former CIO at Gatwick Airport took flight to the Middle East three years ago, and is using data to transform the technology and infrastructure at Dubai Airports

• September 27, 2019 27 Sep'19

  ABN Amro investigation lends weight to anti-money laundering collaboration by Dutch banks

  Dutch authorities are investigating ABN Amro for possible failures to monitor and report potential money laundering activity

• September 27, 2019 27 Sep'19

  Nodersok malware campaign is infecting thousands, Microsoft warns

  Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks

• September 27, 2019 27 Sep'19

  Five million DoorDash customers’ details lost in data breach

  Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen

• September 27, 2019 27 Sep'19

  GDPR compliance: Whose job is it and is it really possible?

  Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to

• September 26, 2019 26 Sep'19

  Attackers breached supplier systems to steal Airbus secrets

  Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs

• September 26, 2019 26 Sep'19

  Overinvestment breeds overconfidence among security pros

  CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach

• September 26, 2019 26 Sep'19

  Teen TalkTalk hacker accused of cryptocurrency fraud in US

  Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges

• September 26, 2019 26 Sep'19

  Instagram and WhatsApp – the new tools of social media propaganda

  Facebook and Twitter have been cast as the villains of the piece, but social media disinformation and propaganda are evolving in new and alarming directions, say Oxford University researchers

• September 24, 2019 24 Sep'19

  Latest Lorca cyber security challenge has IoT focus

  Government-backed cyber security innovation centre Lorca has issued new challenges around connectivity for its next intake of scaleups

• September 24, 2019 24 Sep'19

  Singapore payment card data compromised by JavaScript sniffers

  Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer

• September 24, 2019 24 Sep'19

  GandCrab ransomware writers still active despite ‘retirement’

  Apparent links between an emerging ransomware family known as REvil and GandCrab suggests the GandCrab authors are keeping busy despite having “retired” in June

• September 24, 2019 24 Sep'19

  Enterprises exposed to data loss by cloud configuration errors

  Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee

• September 24, 2019 24 Sep'19

  Google pushes back on scale of YouTube phishing threat

  Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure

• September 19, 2019 19 Sep'19

  Government insists 'nothing sinister' about web user data gathering

  Government Digital Service responds to allegations that personal data gathered through Gov.uk portal could be used to target political messaging to citizens

• September 18, 2019 18 Sep'19

  Facebook automatically generates pages for Islamic State and Al-Qaeda

  Facebook algorithms have auto-generated hundreds of Facebook pages for the Islamic State, Al-Qaeda and Ansar al-Sharia, according to a whistleblower

• September 18, 2019 18 Sep'19

  Universities tempting targets for cyber criminals, warns NCSC

  As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack

• September 18, 2019 18 Sep'19

  WannaCry variants accidentally protecting against WannaCry

  New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection

• September 18, 2019 18 Sep'19

  Emotet phishing botnet returns from summer vacation

  The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers

• September 17, 2019 17 Sep'19

  Ecuador citizens’ data breach holds lessons for enterprises

  What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?

• September 17, 2019 17 Sep'19

  US lawmakers demand internal Facebook, Google, Apple and Amazon documents in antitrust probe

  US lawmakers have given big tech companies a deadline to disclose a wide range of documents as the House Judiciary Committee’s bipartisan investigation into competition gathers pace

• September 16, 2019 16 Sep'19

  Ensign InfoSecurity opens global headquarters in Singapore

  The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence

• September 16, 2019 16 Sep'19

  Police use of algorithms needs stronger safeguards to prevent bias, report says

  A study by the Royal United Services Institute calls for new code of practice to guide use of algorithmic tools in policing

• September 13, 2019 13 Sep'19

  European court to decide on legality of bulk phone and internet surveillance

  The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week

• September 13, 2019 13 Sep'19

  Ditch hoodies and hackers to encourage diverse security recruitment

  The cyber security industry needs to address a systemic image problem if it is to succeed in recruiting more diverse teams

• September 13, 2019 13 Sep'19

  When AIs go to war: Autonomous cyber weapons ‘inevitable’

  CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson

• September 13, 2019 13 Sep'19

  Dutch banks to work together in fight against money laundering

  Dutch banks are sharing expertise and resources to help reduce money laundering through their accounts

• September 12, 2019 12 Sep'19

  Government seeks views on post-Brexit security alignment

  The government has called for views on its proposals to align the UK’s post-Brexit cyber security policy to that of the European Union

• September 12, 2019 12 Sep'19

  ICO to probe government over Gov.uk data collection plan

  The ICO is to look into the government’s leaked data collection plans over fears they may breach the law

• September 12, 2019 12 Sep'19

  UN agency Unicef praised for response to accidental data leak

  The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora

• September 12, 2019 12 Sep'19

  IBM introduces z15 mainframe with security data passport

  In the new z15 enterprise server, IBM has focused on making data secure and auditable wherever it resides.

• September 12, 2019 12 Sep'19

  Mirai descendants dominate IoT threat environment

  Attacks leveraging compromised IoT devices are growing in size, scale and frequency, report security experts at F-Secure and Trend Micro, with Mirai-related botnets a major source of trouble

• September 11, 2019 11 Sep'19

  Equifax and Heartbleed are most-Googled cyber security terms

  Analysis of 15 years’ worth of Google search data has revealed some insight into what cyber security trends are capturing the imagination

• September 11, 2019 11 Sep'19

  Nordic countries deepen collaboration with Estonia-based cyber security operation

  Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security

• September 11, 2019 11 Sep'19

  GDPR non-compliance worse than feared

  Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts

• September 10, 2019 10 Sep'19

  UK calls for cyber capacity-building at UN security group

  The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security

• September 10, 2019 10 Sep'19

  BT gears up to take on rogue drones

  BT’s Enterprise unit is offering customers an anti-drone security solution to protect their physical sites from intrusion

• September 10, 2019 10 Sep'19

  How Zuellig Pharma is fighting fake drugs with blockchain

  The Asia-Pacific pharmaceutical giant is using a blockchain platform from SAP to help consumers identify the provenance of medicine

• September 09, 2019 09 Sep'19

  Terror watchlist faces reform after court rules it violates rights of people entering US

  A secret US terrorist database containing information on more than 1.2 million people – who face repeated interrogations, detentions and electronic searches – violates constitutional rights, a US judge said last week

• September 09, 2019 09 Sep'19

  Social engineering a factor in virtually all cyber attacks, report claims

  Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint

• September 06, 2019 06 Sep'19

  Data-driven marketing, the real risk boards are missing

  Boards need to act to break the cycle of privacy compliance failures, and shift focus to aligning business purpose with privacy and dealing with the real risk of data driven marketing, warns PwC’s GDPR and data protection lead

• September 06, 2019 06 Sep'19

  Australia government to chart 2020 cyber security strategy

  Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint

• September 05, 2019 05 Sep'19

  Singapore’s SecureAge eyes US market

  The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan

• September 05, 2019 05 Sep'19

  Police use of controversial facial recognition technology deemed lawful

  In a landmark hearing, the High Court has ruled that police use of automatic facial recognition technology is lawful, but that it still infringes on privacy rights

• September 05, 2019 05 Sep'19

  Security pros doubt officials can enact effective security laws

  Elected officials cannot be trusted to enact effective cyber security legislation and social media firms should be subject to strict privacy regulation, according to most information security professionals in a survey

• September 05, 2019 05 Sep'19

  Tide Foundation aims to boost password security

  While passwordless security remains just out of reach, a non-profit organisation has developed a mechanism that it says makes passwords exponentially more difficult to crack

• September 05, 2019 05 Sep'19

  Latest Facebook security lapse exposes millions to account hijack

  18 million UK users are among the more than 400 million at risk of account hijacking after phone numbers linked to their Facebook accounts were found in an open online database

• September 04, 2019 04 Sep'19

  Check Point warns of Android phishing attacks

  Researchers at Check Point have identified a security flaw in Android-based smartphones that exposes vulnerable users to phishing attacks

• September 04, 2019 04 Sep'19

  TrickBot Trojan switches to stealthy Ostap downloader

  Operators of the TrickBot banking Trojan have switched to a new downloader to evade detection and analysis for a high-volume malicious spam campaign targeting business, researchers warn

• September 03, 2019 03 Sep'19

  Cyber criminals tap into web social engineering toolkit 

  Security researchers have discovered a web social engineering toolkit that enables cyber criminals to create fake update notification campaigns 

• September 03, 2019 03 Sep'19

  CISOs think cloud safer, but security fears remain

  The majority of information security leaders think cloud is now safer than on-premise, but security fears remain, with recently breached and highly regulated organisations most concerned, poll reveals

• September 03, 2019 03 Sep'19

  At least 47,000 servers vulnerable to remote attack

  All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers

• September 02, 2019 02 Sep'19

  UK organisations join quantum comms pilot

  Four UK companies are taking part in a pilot project to build the most secure communication infrastructure in Europe

• September 02, 2019 02 Sep'19

  CISOs turn to AI, detection, response and education

  Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows

• August 30, 2019 30 Aug'19

  Social media and enterprise apps pose big security risks

  The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals

• August 29, 2019 29 Aug'19

  UK gets first millionaire ethical hacker

  Six months after the first millionaire ethical hacker was announced, five more have been recognised, including a Briton, who have collectively discovered nearly 5,000 vulnerabilities

• August 29, 2019 29 Aug'19

  Finland’s security agencies collaborate after cyber attacks

  National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure

• August 29, 2019 29 Aug'19

  UK firms getting on top of IT downtime costs

  Despite data breach headlines, UK firms are generally improving in their data protection, business continuity, cyber preparedness and understanding of downtime costs, study shows

• August 29, 2019 29 Aug'19

  Dutch regulator reveals potential Microsoft privacy breach

  Netherlands privacy watchdog has revealed potential breaches while testing Microsoft software changes

• August 28, 2019 28 Aug'19

  Targeted cyber attacks, including ransomware, on the rise

  Governments and healthcare institutions are prime targets of ransomware operators, a report shows

• August 28, 2019 28 Aug'19

  Most UK firms ignore security in tech investments

  Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals

• August 28, 2019 28 Aug'19

  Ransomware has evolved into a serious enterprise threat

  Ransomware has seen a resurgence since the start of 2019, with cyber criminals changing code and tactics to target enterprises and local authorities for higher ransom payments, McAfee researchers warn

• August 27, 2019 27 Aug'19

  Employees, MSPs and developers top third-party risks

  Employees, managed service providers and developers are the top sources of third-party risks in terms of data security, a survey reveals, highlighting the value of workplace monitoring

• August 26, 2019 26 Aug'19

  VMware’s latest acquisitions point to emerging platform war

  VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal

• August 23, 2019 23 Aug'19

  Three more identity providers to withdraw from troubled Gov.uk Verify programme

  Three of the five companies supporting the government's troubled digital identity scheme are pulling out, raising further questions over the viability of the £175m programme

• August 23, 2019 23 Aug'19

  Majority of organisations struggling with cloud security

  The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility model is unclear, according to a survey of information security professionals

• August 23, 2019 23 Aug'19

  Kaspersky eyes enterprise business, opens APAC transparency hub

  The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials

• August 23, 2019 23 Aug'19

  Human rights group challenges police over counter-terrorism powers

  Bringing into question the effectiveness of terror laws, a report by human rights group Cage highlights poor conviction rates and the discriminatory application of police powers at the border

• August 22, 2019 22 Aug'19

  Security pros reiterate warning against encryption backdoors

  The majority of security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state cyber attacks

• August 22, 2019 22 Aug'19

  A helping hand from the Nordics in the eye of the GDPR storm

  Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them

• August 22, 2019 22 Aug'19

  Tech firms join forces to boost cloud security

  Top tech firms are to collaborate on open source technologies, tools, frameworks and standards that accelerate the adoption of confidential computing to boost security in cloud and edge computing

• August 22, 2019 22 Aug'19

  Cyber attackers exploiting poor cloud security

  More than a third of organisations report a cyber attack on the cloud environment due to a lack of basic cloud security hygiene

• August 21, 2019 21 Aug'19

  Box aims to shield businesses from data loss threat

  Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders

• August 21, 2019 21 Aug'19

  Healthcare faces triple cyber threat, says FireEye

  Criminal and nation-state cyber attackers are increasingly targeting the healthcare industry to steal data, carry out espionage and cause disruption, a report reveals

• August 21, 2019 21 Aug'19

  Security concerns blocking UK digital transformation

  The majority of UK firms are holding off adopting new, more efficient and cost effective technology because they are failing to see cyber security as a driver of strategic value, report reveals

• August 21, 2019 21 Aug'19

  Silence APT group eyes APAC banks

  Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks

• August 20, 2019 20 Aug'19

  Human error a big risk to ICS cyber security, study shows

  Despite the rise in automation, industrial processes are at risk due to human error, a report on industrial cyber security reveals

• August 20, 2019 20 Aug'19

  Malware still top security threat, say infosec pros

  Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows

• August 20, 2019 20 Aug'19

  Huawei to US: Ban violates free market principles

  Huawei has hit back at the US government’s latest moves to restrict its activities

• August 20, 2019 20 Aug'19

  Even fintech startups battling to meet cyber security challenges

  A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge

• August 19, 2019 19 Aug'19

  UK financial account takeovers up, report warns

  Commercial cyber criminal services are helping to drive up the number of account takeovers, a fraud report for the first half of the year shows

• August 19, 2019 19 Aug'19

  Q2 shows ransomware proliferation, Kaspersky warns

  Ransomware modifications have more than doubled in the past year, the number of ransomware families has grown, and the number of attempted infections is up nearly 50%

• August 19, 2019 19 Aug'19

  US extends temporary stay on Huawei ban

  American network operators given extra wiggle room to wean themselves off Huawei’s hardware