News

IT security

August 11, 2021 11 Aug'21
Hacker makes off with $600m in world’s largest crypto-heist

Despite bagging $600m worth of cryptocurrency in what has been described as the biggest decentralised finance hack, the hacker has already started returning the funds
August 11, 2021 11 Aug'21
Microsoft fixes seven critical bugs on light Patch Tuesday

All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service
August 11, 2021 11 Aug'21
The Netherlands still lacks digital resilience, says report

Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient
August 10, 2021 10 Aug'21
Ransomware demands and payments hit new records

Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021

August 10, 2021 10 Aug'21
Third of finance firms accelerate use of artificial intelligence to detect money laundering

Financial services firms are stepping up their use of artificial intelligence and machine learning technology to fight increasing money laundering activity
August 10, 2021 10 Aug'21
Dutch lead the way in protecting themselves against internet risks

Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent
August 10, 2021 10 Aug'21
Researchers uncover database with 126 million unsecured records

Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns
August 10, 2021 10 Aug'21
How Grab is using Kafka in fraud detection

Grab is using Apache Kafka in its fraud detection and prevention platform to ingest event streams from its mobile software development kits and client backends to pick up fraudulent activities
August 09, 2021 09 Aug'21
Possible ransomware attack hits Italian vaccine booking system

It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor
August 06, 2021 06 Aug'21
Apple unveils plans to scan US iPhones for child sex abuse images

Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content

August 05, 2021 05 Aug'21
11 areas will trial digital identity scheme for residential property sector

MyIdentity scheme will allow estate agents, conveyancers, solicitors and mortgage providers across 11 locations to trial the use of digital identity to speed up and make home buying more secure
August 05, 2021 05 Aug'21
Nine security flaws found in critical hospital infrastructure

The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks
August 05, 2021 05 Aug'21
BlackMatter goes on the record about DarkSide and REvil links

BlackMatter gives details of its ransomware-as-a-service operation and distinguishes itself from now-defunct ransomware gangs in interview with cyber security analysts from Recorded Future
August 05, 2021 05 Aug'21
SAP customers more alert to internal than external threats

SAP customers are more concerned by insider threats than by external attacks, according to a report. And yet the average SAP customer has around 2,500 vulnerabilities within their customised SAP code
August 05, 2021 05 Aug'21
Cloud misconfiguration a growing cause of security incidents

Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks
August 04, 2021 04 Aug'21
Six Isle of Wight schools hit by ransomware attack

Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September
August 04, 2021 04 Aug'21
Leading venture capital firms are failing to protect human rights

Venture capital firms and high-profile tech accelerators are not conducting human rights due diligence on their investments, which means they cannot be sure the companies they invest in are not causing, or contributing to, human rights abuses
August 04, 2021 04 Aug'21
Initial access brokers unaffected by ransomware content bans

Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021
August 04, 2021 04 Aug'21
Fred IT replaces paper prescriptions with QR codes

Fred IT’s eRX Script Exchange is now used by 21,000 doctors and 95% of Australian pharmacies, delivering more than 11 million digital prescriptions by July 2021
August 03, 2021 03 Aug'21
UK MoD turns to hackers to help secure digital assets

Hackers given direct access to internal Ministry of Defence systems to identify and report security vulnerabilities
August 03, 2021 03 Aug'21
New ransomware gang spins out of DarkSide

The emergence of a ransomware gang known as BlackMatter raises questions that it could be a re-brand of REvil or DarkSide
August 03, 2021 03 Aug'21
Destruction and integrity cyber attacks on the rise

Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data
August 03, 2021 03 Aug'21
Ransomware attacks increase dramatically during 2021

Dramatic increase in ransomware attacks globally during first half of 2021 driven by triple extortion technique, and is only set to expand further
August 02, 2021 02 Aug'21
Government publishes second version of digital identity trust framework

The second iteration of the framework, still in alpha version, sets out how organisations can become certified digital identity service providers
July 30, 2021 30 Jul'21
Hospitality firms must accelerate digital transformation to secure long-term recovery

Key retail sector must respond quickly to new post-pandemic digital-first demands and consumer behaviours to regain competitive edge, says study
July 29, 2021 29 Jul'21
Technical hiccups force Babuk ransomware gang to change tactics

The Babuk ransomware operation backed away from encrypting its victims’ files, and technical difficulties may be to blame, reports McAfee
July 29, 2021 29 Jul'21
Investigatory Powers Tribunal finds UK spy agencies unlawfully collected personal data

Campaign groups Privacy International and Liberty are gearing up to bring further legal action after a court found that UK spy agencies unlawfully collected phone and internet records
July 28, 2021 28 Jul'21
Almost half unaware of GP data-sharing plans

Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign
July 28, 2021 28 Jul'21
Top vulnerabilities target perimeter devices

The most frequently exploited CVEs of the year so far are to be found in perimeter and network access devices, according to a joint advisory from the NCSC and partners
July 28, 2021 28 Jul'21
COP26 cyber resource hub launched for Glasgow businesses

New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit
July 27, 2021 27 Jul'21
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower

The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank
July 27, 2021 27 Jul'21
US lawmakers call for probe into ‘arrogant’ spyware firm

US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal
July 27, 2021 27 Jul'21
TikTok sets up cyber security hub in Dublin

Dublin-based cyber centre will oversee the security of TikTok’s users across Europe
July 27, 2021 27 Jul'21
How IBM is solving the data privacy problem

IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy
July 26, 2021 26 Jul'21
Malicious actors turn to obscure programming languages

Using new, lesser-known or otherwise uncommon programming languages to code new malwares can help skirt cyber defences
July 26, 2021 26 Jul'21
No More Ransom initiative saves £850m over five years

Initiative’s free ransomware decryption tools have been used by more than six million people since 2016
July 25, 2021 25 Jul'21
Tokyo 2020 hit by data breach

The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large
July 25, 2021 25 Jul'21
OAIC: Uber failed to protect personal data of Australians

Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog
July 23, 2021 23 Jul'21
Kaseya obtains universal ransomware decryptor

Kaseya says it obtained a ransomware decryptor key from a trusted third party, but there is no word on whether a ransom was paid
July 22, 2021 22 Jul'21
Respect in Security challenges abuse and harassment in cyber

With around a third of cyber pros saying they have personally experienced harassment at work or online, a new initiative is urging organisations to pledge their support to help free the community from the scourge of abuse. We met its founders
July 22, 2021 22 Jul'21
Beeinfotech PH opens telco-neutral datacentre in the Philippines

Datacentre startup is touting carrier neutrality, bespoke services and cyber security capabilities to meet the growing demand for co-location services in the Philippines
July 21, 2021 21 Jul'21
France’s Macron among alleged Pegasus targets

Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware
July 20, 2021 20 Jul'21
NCSC’s Cameron urges deeper cyber alliance-building

Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration
July 20, 2021 20 Jul'21
NHS Digital tightens rules for GPDPR data scrape

The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital
July 19, 2021 19 Jul'21
Government launches consultation on plans for UK digital identity market

DCMS wants stakeholders to offer their views on proposals for a new governance regime and expanding access to government-held datasets for identity verification
July 19, 2021 19 Jul'21
UK, US confirm Chinese state backed MS Exchange Server attacks

UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors
July 19, 2021 19 Jul'21
Pegasus mobile RAT abused to monitor journalists and activists

Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes
July 19, 2021 19 Jul'21
Privacy Shield: One year on and companies are still grappling for answers

Activist lawyer Max Schrems and Eduardo Ustaran, partner at Hogan Lovells, look for common ground in a problem with no easy answers
July 16, 2021 16 Jul'21
Legacy SonicWall kit exploited in ransom campaign

Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign
July 15, 2021 15 Jul'21
Macquarie Data Centres to build Sydney North facility

Macquarie Data Centres’ latest 32MW facility will come with a cyber security centre that monitors and manages cyber security events