News

IT security

• March 12, 2018 12 Mar'18

  Eight new cyber threats a second in Q4 2017, McAfee report reveals

  There was an increase in cyber attacks on healthcare organisations, the use of fileless malware and cryptocurrency mining in the last three months of 2017, with eight new threats a second

• March 12, 2018 12 Mar'18

  Fileless attacks surge as hackers exploit PowerShell scripts

  Malicious scripting through Microsoft’s PowerShell IT admin tool is being used to take control of Windows machines and Apple Macs

• March 12, 2018 12 Mar'18

  Regulator takes tougher line than expected on surveillance warrants

  The Investigatory Powers Commissioner’s Office has signalled to government that it will take a tough line when scrutinising surveillance warrants under the controversial Investigatory Powers Act

• March 12, 2018 12 Mar'18

  UK leads global upward trend in SOC maturity

  The UK is leading the way towards more efficient security operations centres, but many still continue to operate with serious gaps in security, a report reveals

• March 09, 2018 09 Mar'18

  UK government criticised over lack of GDPR explanation

  Most IT decision makers in the UK are critical of the government for failing to educate organisations about the GDPR and its implications, and few have a clear understanding of it, a survey shows

• March 09, 2018 09 Mar'18

  Universal Credit project warned over Gov.uk Verify performance in 2015

  Government project management experts warned as long ago as 2015 that a problem with GDS's Verify online identity system could undermine the Universal Credit business plan

• March 09, 2018 09 Mar'18

  Cooperation and exercises key to cyber defence, says Nato centre

  International cooperation and regular tabletop exercises are essential to ensure effective cyber defence, according to the Nato cyber defence centre

• March 09, 2018 09 Mar'18

  Security researchers demonstrate ransomware attack on robots

  Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against

• March 09, 2018 09 Mar'18

  Cryptojacking cyber criminals up their game

  Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found

• March 08, 2018 08 Mar'18

  Mac malware more than doubled in 2017

  Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes

• March 08, 2018 08 Mar'18

  UK cyber security certification pilot launched

  UK businesses now have the opportunity to improve their cyber security and prove they have taken steps to protect data they hold, thanks to a police-backed certification scheme

• March 08, 2018 08 Mar'18

  Businesses warned not to ignore cryptojacking threat

  Businesses should not ignore the threat of malware designed to carry out illicit cryptocurrency mining, warns NTT Security

• March 07, 2018 07 Mar'18

  Only half of ransomware payments honoured

  Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks

• March 07, 2018 07 Mar'18

  Businesses under pressure to allow easier access to cloud

  Businesses are under pressure from employees to use consumer-focused authentication methods for cloud applications, but that could have both positive and negative security implications, warns Gemalto

• March 07, 2018 07 Mar'18

  Cyber attacks up nearly 20% in 2017

  Research by SonicWall shows there were 9.32 billion malware attacks globally last year, but ransomware attacks fell by 71%

• March 07, 2018 07 Mar'18

  Cyber security is a team sport, says NCSC

  The UK’s national cyber security agency aims to help organisations understand the need to act collaboratively and collectively against the cyber threat, urging them to raise the bar

• March 07, 2018 07 Mar'18

  World Economic Forum creates fintech focus group for cyber security

  WEF consortium of companies will focus on protecting financial technology firms from cyber threats

• March 07, 2018 07 Mar'18

  Developed APAC countries well-poised for the cloud

  With strong policies in data protection and cyber security, Japan, Australia and Singapore are among countries that are most prepared to reap the benefits of the cloud

• March 06, 2018 06 Mar'18

  Government sets out tighter security measures for IoT devices

  The government has announced plans to develop a new code of practice to improve the security of connected internet of things devices

• March 06, 2018 06 Mar'18

  Local councils call for government funding for GDPR compliance

  National Association of Local Councils is concerned complying with GDPR puts financial strain on local authorities and calls on government to help with funding

• March 06, 2018 06 Mar'18

  EC to boost cyber security support and collaboration

  The European Commission is focused on boosting cyber security support and collaboration throughout the European Union

• March 06, 2018 06 Mar'18

  Most Britons concerned about personal data sharing

  Most UK consumers are concerned about personal data they have shared online, but few know the extent of that data or their rights, a survey shows, indicating a need for education and transparency

• March 06, 2018 06 Mar'18

  Security remains an afterthought in DevOps

  Enterprises in Asia are lapping up DevOps but less than one-third have baked security processes into their developments

• March 05, 2018 05 Mar'18

  CIO interview: Helena Theakstone, head of digital, Oasis Fashion

  Oasis Fashion’s head of digital talks about GDPR preparation, collaboration between digital and IT, and the importance of listening to customers

• March 05, 2018 05 Mar'18

  Most healthcare organisations have been breached, report shows

   Less than a third of global healthcare organisations remain untouched, as data breaches rise across the industry, a report reveals

• March 05, 2018 05 Mar'18

  Spring Break flaw shows cross-industry collaboration

  A flaw that was discovered in Pivotal’s Spring Framework in September 2017 has only come to light now that users have had a chance to update

• March 02, 2018 02 Mar'18

  UK will need data protection agreement with EU as part of Brexit deal, says PM

  Prime minister Theresa May's Brexit speech highlights need for data protection deal with EU, “advanced” border IT systems, and re-confirms UK won’t be part of the EU digital single market

• March 02, 2018 02 Mar'18

  Cyber crime is a top threat to UK charities, says NCSC

  Cyber crime poses the most serious threats to UK charities, the National Cyber Security Centre has warned

• March 02, 2018 02 Mar'18

  Cyber threat to industrial control systems highest yet

  The cyber threat to industrial control systems has never been greater, according to a report analysing malicious activity aimed at such systems

• March 02, 2018 02 Mar'18

  Equifax ups breach figure by a further 2.5 million

  Credit rating agency Equifax has increased the number of US records believed to have been compromised in 2017

• March 02, 2018 02 Mar'18

  Memcached servers irresistible to DDoS attackers, expert warns

  In the light of the biggest distributed denial of service attack to date against GitHub, organisations should ditch memcached servers or risk a blizzard of blistering attacks, says security researcher

• March 02, 2018 02 Mar'18

  New privacy fears as IT challenges delay surveillance oversight body by a year

  IT challenges have delayed government plans for an independent body to authorise requests to access the public’s internet and phone records by nearly a year, raising new legal and privacy concerns

• March 01, 2018 01 Mar'18

  Imaging systems biggest security risk in healthcare

  Imaging systems have been identified as the biggest cyber security risk in the healthcare sector, a report on internet of things security has revealed

• March 01, 2018 01 Mar'18

  Trust underpins innovation, says UK information commissioner

  Underlining the relevance of data protection legislation to business, the UK information commissioner says consumer trust is key to innovation

• March 01, 2018 01 Mar'18

  NHS to pilot ID verification platform this spring

  NHS roadmap for digital services sets out plans for launching a joined-up NHS app, piloting its citizen ID platform and moving across to the new NHS.uk website

• March 01, 2018 01 Mar'18

  ICO head tops DataIQ data leader list

  The UK’s information commissioner has been named at the top data leader for 2018 in the DataIQ 100 list of most influential data leaders

• March 01, 2018 01 Mar'18

  Security fears delay roll-out of national e-voting system in Finland

  Project enters problem-solving phase to identify advanced, effective and best practice solutions to develop a secure internet-based voting system

• March 01, 2018 01 Mar'18

  ANZ organisations grappling with cloud outages

  A majority of organisations from Australia and New Zealand admitted in a survey that they had not fully evaluated the impact of cloud outages which were longer than they had expected

• February 28, 2018 28 Feb'18

  Affiliate marketing industry failing on privacy compliance

  The affiliate marketing industry needs to clean up its act in terms of privacy law compliance, a review of more than 900 websites has revealed

• February 28, 2018 28 Feb'18

  Salary is not top way to attract cybersec pros, report reveals

  Salary is not the highest priority for cyber security professionals, a report on hiring and retaining top cyber security talent shows

• February 28, 2018 28 Feb'18

  Firms failing to learn from cyber attacks

  Organisations are failing to learn from cyber attacks, and lax security practices are leaving organisations worldwide open to damaging cyber attacks, a report reveals

• February 28, 2018 28 Feb'18

  Government must rewrite illegal sections of Snoopers’ Charter, court told

  A court has been asked to give ministers until July 2018 to rewrite powers to require phone and internet companies to retain data on the population. The government acknowledges parts of surveillance regime are unlawful

• February 28, 2018 28 Feb'18

  Businesses urged to patch Oracle WebLogic flaw

  Security researchers are again urging businesses to patch an Oracle WebLogic flaw that continues to be exploited by cyber criminals to mine cryptocurrencies

• February 27, 2018 27 Feb'18

  Understanding the cyber threat key to UK defence, says NCSC

  Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre

• February 27, 2018 27 Feb'18

  GDPR will have positive ripple effect, says US consumer group

  New EU data protection laws will have a positive ripple effect around the world, according to a US consumer group

• February 26, 2018 26 Feb'18

  Singapore firms unprepared for GDPR

  An EY study reveals that only 10% of organisations in Singapore are ready to comply with Europe’s new data protection regime

• February 26, 2018 26 Feb'18

  London councils set aside more than £1.2m for GDPR

  London councils have spent over £1.2m in preparation for new EU data protection laws, a think tank report has revealed

• February 26, 2018 26 Feb'18

  Cryptomining is top attack type, says Malwarebytes

  Malicious cryptomining has been the top cyber criminal activity detected since September 2017, a report reveals

• February 26, 2018 26 Feb'18

  Surveillance watchdog investigates security risks of GCHQ IT contractors

  The investigatory powers commissioner is reviewing the security arrangements for IT contractors that have access to live computer systems at GCHQ holding highly sensitive records on the UK population

• February 26, 2018 26 Feb'18

  Cyber criminals catching up with nation state attacks

  The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities

• February 26, 2018 26 Feb'18

  2018 could be year of mobile malware, says McAfee 

  Security firm announces several mobile industry partnerships as its latest mobile threat report shows mobile malware is becoming increasingly popular with cyber attackers

• February 26, 2018 26 Feb'18

  Most UK small firms still not prepared for GDPR, FSB survey shows

  Most small businesses are not prepared for new data regulations, according to research by the Federation of Small Businesses

• February 23, 2018 23 Feb'18

  GDPR is having positive impact on privacy profession, says IAPP

  The EU’s new data protection rules are driving greater interest in the privacy profession, and provide an opportunity to develop new business plans, says privacy association

• February 23, 2018 23 Feb'18

  Public education important in new data protection era, says ICO

  UK information commissioner Elizabeth Denham tells Data Protection 2018 event of the tough requirements ahead in a new age of data regulation

• February 23, 2018 23 Feb'18

  Avast discovers Tempting Cedar Android spyware campaign

  Security researchers have uncovered a three-year-old Android spyware campaign spread through social media and targeting people in the Middle East

• February 22, 2018 22 Feb'18

  Unprotected Kubernetes consoles expose firms to cryptojacking

  A number of big companies have been targeted by crytojacking attacks, where cyber criminals hijack computing power to mine cryptocurrencies, but some have unprotected Kubernetes consoles in common

• February 22, 2018 22 Feb'18

  Developers urged to submit apps to NHS Apps Library

  NHS Digital and NHS England have further opened up the newly updated NHS Apps Library, and are asking developers to submit their apps for assessment

• February 22, 2018 22 Feb'18

  Hitachi Vantara ups ante on industrial IoT

  Potential internet of things powerhouse believes its deep expertise in operational technology will give it a leg up over traditional IT rivals

• February 22, 2018 22 Feb'18

  UK plans laws to protect company directors from ID theft

  Legislation will make it easier for directors to remove their personal addresses from the company register

• February 22, 2018 22 Feb'18

  Google calls out Microsoft for failing to fix reported flaw

  Google’s Project Zero has gone public with a Windows 10 flaw that Microsoft claimed to have fixed in its February security update

• February 22, 2018 22 Feb'18

  Email attacks and incident detection top security challenges

  Email inboxes are the weakest link in security perimeters, and companies struggle with detecting security incidents quickly and accurately, a report finds

• February 21, 2018 21 Feb'18

  UK organisations failing to take action against fraud

  UK organisations are facing increasingly complex and costly incidents of fraud partly due to increasing cyber fraud, yet few are making use of the anti-fraud technologies available, a survey has revealed

• February 21, 2018 21 Feb'18

  People worried about data security in public sector, survey finds

  Majority of people are concerned with the security of the data they share with public sector organisations, according to a report

• February 21, 2018 21 Feb'18

  Security leaders investing in automation and AI, study shows

  Automation and artificial Intelligence are being used to defend against cyber threats, says report, but experts warn that these tools and technologies can be exploited by attackers

• February 21, 2018 21 Feb'18

  Economic impact of cyber crime is significant and rising

  Cyber attacks are becoming easier to carry out while defences remain inadequate, study shows

• February 21, 2018 21 Feb'18

  AI a threat to cyber security, warns report

  Artificial intelligence is being incorporated into a range of cyber security products, but the technology may also introduce new threats, a report warns

• February 21, 2018 21 Feb'18

  Demand for cyber security skills outstrips internal supply, research finds

  Businesses are increasingly looking for cyber security skills, but the gap between demand and supply is still prominent

• February 20, 2018 20 Feb'18

  Businesses face unprecedented volume of cyber attacks

  Organisations are facing the highest levels of cyber attacks in both number and sophistication as automated swarm attacks increase, a cyber threat report reveals

• February 20, 2018 20 Feb'18

  Strategic cyber criminals likely to capitalise on GDPR

  As cyber criminals concentrate on targeted, strategic, money-making attacks, they are likely to use GDPR fines as leverage to extort money from organisations, a report warns

• February 20, 2018 20 Feb'18

  UK local councils under huge cyber attack pressure

  Investigation underlines importance of security automation and employee awareness training

• February 20, 2018 20 Feb'18

  University of Cambridge to host ethical hacking challenge

  Cambridge is hosting its 2018 hacking challenge, aiming to captivate students and address the cyber security skills shortage

• February 19, 2018 19 Feb'18

  Botnets shift focus to credential abuse

  Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns

• February 19, 2018 19 Feb'18

  Prepare for Y2K style Meltdown strategy

  The days of fixing the date bug in legacy systems may be long gone, but IT now has as much of an effort mitigating the Spectre/Meltdown processor flaw

• February 19, 2018 19 Feb'18

  Lauri Love can stay in UK: prosecutors will not appeal extradition ruling

  Crown Prosecution Service gives undertaking to Lauri Love that it will not appeal against a court decision not to extradite him to the US – but prosecutors are seeking leave to appeal over part of the court ruling on extradition procedure

• February 19, 2018 19 Feb'18

  Google reveals Edge flaw after Microsoft fails to meet deadline

  Google’s Project Zero has gone public with another Microsoft security vulnerability after the software giant failed to issue a fix within allotted time

• February 16, 2018 16 Feb'18

  Tech industry signs cyber security charter

  Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally

• February 16, 2018 16 Feb'18

  A third of Brits plan to exercise right to be forgotten

  After the General Data Protection Regulation compliance deadline, a third of Britons polled say they plan to exercise their right to be forgotten, but few fully understand the GDPR and how it will affect them

• February 16, 2018 16 Feb'18

  US sentences two Russians for huge data breaches

  The US has sentenced two Russian cyber criminals who targeted major payment processors, retailers and financial institutions around the world, as the US joins the UK in condemning Russia for the 2017 NotPetya attacks

• February 16, 2018 16 Feb'18

  Few organisations managing cyber risk, survey shows

  Cyber risk management practices are not keeping up with rising cyber security concerns among senior executives around the world, a study shows

• February 15, 2018 15 Feb'18

  Briton jailed for two years for product testing for hackers

  A Briton has been jailed for two years for running a product-testing service for hackers

• February 15, 2018 15 Feb'18

  F-Secure warns against ‘evil maid’ attacks

  Business people are being urged not to underestimate the importance of physical security for their laptops, which can be used as entry points by attackers if not adequately protected

• February 15, 2018 15 Feb'18

  Atos investigates breach linked to Winter Olympics cyber attack

  IT services firm Atos is investigating a potential security breach in response to reports that employee credentials were found in malware used to target the Winter Olympics

• February 15, 2018 15 Feb'18

  UK Foreign Office minister condemns Russia for NotPetya attacks

  The UK has attributed to Russia the NotPetya malware that caused significant disruption globally, based on an assessment by the NCSC

• February 14, 2018 14 Feb'18

  100 days to GDPR compliance deadline

  As the clock ticks down to the deadline to comply with the EU’s new data protection regulations, some surveys indicate there is still some confusion, but the focus has shifted from the sanctions to the benefits

• February 14, 2018 14 Feb'18

  Cyberthreat 2018 aimed at UK cyber security techies

  Cyberthreat 2018 is aimed at growing the UK’s network of cyber defenders, filling a key gap in the UK cyber security conference calendar and bridging the public-private sector divide

• February 14, 2018 14 Feb'18

  Blockchain to give global LGBT community a louder economic voice

  Blockchain will underpin a global platform that aims to give the LGBT community a more powerful economic voice

• February 14, 2018 14 Feb'18

  Telegram zero-day exploit is a warning

  The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned

• February 13, 2018 13 Feb'18

  Home Office fights terrorist content online with detection tool

  The Home Office has partnered ASI Data Science to create a tool which automatically detects terrorist content on online platforms

• February 13, 2018 13 Feb'18

  Industrial cyber security improving, but needs work

  Cyber attacks on industrial and critical infrastructure systems are increasing in number and sophistication, but more attention is being paid to security, says Honeywell at it opens new Dubai facility

• February 13, 2018 13 Feb'18

  The National Museum of Computing launches crowd-funding effort for Turing Bombe gallery

  The National Museum of Computing is looking for funding to support its efforts to develop a gallery for a working model of the Turing-Welchman Bombe

• February 13, 2018 13 Feb'18

  Cyber security awareness top priority in financial sector

  Information security chiefs in the financial sector say cyber security awareness needs to be a top priority

• February 12, 2018 12 Feb'18

  FS-ISAC enables safer financial data sharing with API

  The global financial industry's body for cyber and physical threat intelligence analysis and sharing has published an API to facilitate safer sharing of consumer financial information

• February 12, 2018 12 Feb'18

  Moscow puts municipal vehicles online to save fuel

  The city of Moscow has deployed a unified IoT platform to monitor and control all of its municipal vehicles

• February 12, 2018 12 Feb'18

  Criminals hijack government sites to mine cryptocurrency used to hide wealth

  Europol says criminals are hiding billions in cryptocurrencies, as thousands of government and other websites have reportedly been used to hijack computers to mine more

• February 12, 2018 12 Feb'18

  PyeongChang Winter Games hit by cyber attack

  Although critical operations were not affected by the incident, event organisers at the PyeongChang Winter Olympics had to shut down servers and the official games website to prevent further damage

• February 09, 2018 09 Feb'18

  Belgian police share Cryakl ransomware keys

  The Belgian police have released free decryption keys for the Cryakl ransomware through the No More Ransom project

• February 09, 2018 09 Feb'18

  Can we trust Intel Inside to mean secure computing?

  Intel has just released an updated patch after its previous update failed spectacularly. Now its CEO is promising security assurance

• February 09, 2018 09 Feb'18

  Europe in the firing line of evolving DDoS attacks

  The Europe, Middle East and Africa region accounts for more than half the world’s distributed denial of service attacks, a report from F5 Labs reveals

• February 09, 2018 09 Feb'18

  Malaysian regulator and firm sued over data breach

  The Malaysian Communications and Multimedia Commission and a local company have been caught in a civil lawsuit over a massive data breach reported last year

• February 08, 2018 08 Feb'18

  DMA Group working to reduce fear around GDPR

  The DMA Group is focused on the GDPR for customer communications and marketing, but says the key aim is to reduce fear in the market