News
IT security
-
January 23, 2023
23
Jan'23
Trellix automates patching for 62,000 vulnerable open source projects
Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months
-
January 23, 2023
23
Jan'23
Royal Society calls on public sector to pilot privacy tech
The Royal Society says public sector bodies should lead the way in piloting privacy-enhancing technologies to unlock the value of data without compromising privacy and data rights, but lack of standards and incentives mean adoption is slow
-
January 23, 2023
23
Jan'23
NCSC warning over cyber risk to charity sector
Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC
-
January 22, 2023
22
Jan'23
Royal Mail making limited progress on ransomware recovery
Royal Mail asks customers to hold back from sending post overseas as some services get back on track, while a report warns that disruptive attacks on critical infrastructure are set to become more common
-
January 20, 2023
20
Jan'23
Veeam survey finds ransomware blocks digital transformation
Annual report shows secular trend to the cloud and increased use of containers, but prevalence of ransomware attacks means digital transformation is hindered
-
January 20, 2023
20
Jan'23
WhatsApp’s £4.8m fine raises questions for organisations using behavioural advertising
The Irish Data Protection Commissioner has fined WhatsApp, owned by Meta, in a case that will raise questions for organisations that rely on contracts rather than consent to comply with GDPR when offering behavioural advertising
-
January 19, 2023
19
Jan'23
International post resumes thanks to Royal Mail ‘workarounds’
Royal Mail has resumed limited international services after putting in place operational workarounds to bypass the impact of a ransomware attack
-
January 19, 2023
19
Jan'23
KFC, Pizza Hut parent shuts UK restaurants after cyber attack
A ransomware attack on Yum! Brands, the parent organisation of restaurants including KFC and Pizza Hut, was forced to shut approximately 300 outlets in the UK following a ransomware attack by an unspecified group
-
January 19, 2023
19
Jan'23
Fraudsters and cyber criminals stole more than £4bn in the UK through 2022
The amount of money stolen by fraudsters and cybercriminals in the UK saw a huge increase in 2022
-
January 19, 2023
19
Jan'23
Mailchimp suffers third breach in 12 months
Email marketing service Mailchimp has suffered its third data breach in a year, but has been praised for being open about its latest attack
-
January 19, 2023
19
Jan'23
Newham Council rejects use of live facial-recognition tech by police
Live facial-recognition technology should not be used by police in Newham until biometric and anti-discrimination safeguards are in place, according to a motion passed unanimously by the council, but the Met Police and the Home Office have indicated...
-
January 19, 2023
19
Jan'23
Outdated IT infrastructure poses growing risk to UK Security Vetting
Delays to UKSV’s important work in safeguarding the country’s national security are in part down to a legacy IT estate in dire need of modernisation, says the NAO
-
January 18, 2023
18
Jan'23
Ukraine CERT leaders touch down in London for talks
The UK’s NCSC has been hosting Ukrainian cyber security leaders for a round of bilateral talks on improving resilience
-
January 18, 2023
18
Jan'23
David Anderson KC to review UK surveillance laws
Home Office commissions independent review of the Investigatory Powers Act, known as the snoopers’ charter. It will include a review of bulk datasets and government access to internet connection records held by phone and internet companies
-
January 18, 2023
18
Jan'23
Oracle and CBI: companies cautious, selective in 2023 IT, business investment
Oracle and the CBI are seeing much the same picture of cautious technology investment of UK businesses in 2023, in the context of long Covid and the energy price inflation crisis
-
January 18, 2023
18
Jan'23
Ukraine cyber teams responded to more than 2,000 attacks in 2022
The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day
-
January 17, 2023
17
Jan'23
Cloudflare urged to clamp down on pirates, counterfeiters
A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods
-
January 17, 2023
17
Jan'23
Crest throws support behind CyberUp CMA reform campaign
Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990
-
January 17, 2023
17
Jan'23
Royal Mail promises ‘workarounds’ to restore services after ransomware attack
Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future
-
January 16, 2023
16
Jan'23
The Security Interviews: Protecting your digital self
Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?
-
January 15, 2023
15
Jan'23
Thai enterprises spend more on software amid growing digitalisation
The majority of software spending in Thailand during the first half of 2022 went into applications followed by infrastructure software and development tools, according to IDC
-
January 14, 2023
14
Jan'23
Experts concerned over silence around government obligation to review UK surveillance laws
The government is required to review the UK’s surveillance law, the Investigatory Powers Act, but experts say they are in the dark about its plans. The National Crime Agency’s operation Venetic has highlighted the need for urgent reforms
-
January 13, 2023
13
Jan'23
Cabinet Office looks to expand public data sharing for digital ID
Cabinet Office seeks feedback on proposed legislation to enhance data sharing across the public sector, in support of the UK government’s ambition to have a single sign-on identity-check system for all public services
-
January 13, 2023
13
Jan'23
LockBit cartel suspected of Royal Mail cyber attack
The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation
-
January 12, 2023
12
Jan'23
Companies warned to step up cyber security to become ‘insurable’
Investing in better IT security to protect against cyber crime will make businesses more resilient against other risks
-
January 12, 2023
12
Jan'23
UK government completes trials of age estimation technology
Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to ...
-
January 12, 2023
12
Jan'23
Chrome vulnerability could have led to widespread data theft
A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen
-
January 12, 2023
12
Jan'23
Cloudflare completes SASE offer with Magic WAN Connector
Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering
-
January 12, 2023
12
Jan'23
Guardian confirms Christmas 2022 cyber attack was ransomware
Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack
-
January 11, 2023
11
Jan'23
Royal Mail services hit by major cyber attack
UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack
-
January 11, 2023
11
Jan'23
Should we be worried about malicious use of AI language models?
WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned?
-
January 11, 2023
11
Jan'23
Internet shutdowns cost global economy $24bn in 2022
Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors
-
January 11, 2023
11
Jan'23
NHS data platform costing £480m to supersede Covid-19 data store underway
NHS England has invited suppliers to tender for a data platform that will supersede the Covid-19 data store controversial for the involvement of data analytics firm Palantir
-
January 11, 2023
11
Jan'23
Microsoft fixes EoP zero-day on January Patch Tuesday
On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns
-
January 11, 2023
11
Jan'23
Davos 2023: Pervasive cyber crime and cyber security gaps pose severe risk to organisations
Governments and organisations face tough trade-offs as they balance immediate problems caused by economic recession, energy shortages and rising interest rates with longer-term risks, including the impact of global warming
-
January 11, 2023
11
Jan'23
What’s happening with quantum-safe cryptography?
Chinese researchers claim quantum technology is reaching a point where a quantum device will soon be able to crack RSA 2048 public key encryption
-
January 10, 2023
10
Jan'23
New APT group targets ASEAN governments and militaries
The Dark Pink advanced persistent threat group used custom malware to exfiltrate data from high-profile targets through spear-phishing emails last year, according to Group-IB
-
January 10, 2023
10
Jan'23
Insurer Beazley introduces catastrophe bond to ease cyber risk
Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover
-
January 09, 2023
09
Jan'23
JPMorgan ordered to face lawsuit over cyber attack on Ray-Ban maker
US banking giant JPMorgan forced to respond to accusations that it failed to inform a business customer about suspicious transactions
-
January 08, 2023
08
Jan'23
Vulnerable organisations to get free Cyber Essentials support
Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre
-
January 06, 2023
06
Jan'23
Proposed digital fraud refund rules risk excluding many victims
Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned
-
January 06, 2023
06
Jan'23
Russia’s Turla falls back on old malware C2 domains to avoid detection
Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals
-
January 06, 2023
06
Jan'23
Vice Society cyber gang targeted multiple UK schools
The Vice Society ransomware gang has made a habit of attacking educational institutions, and now appears to have struck multiple schools, colleges and universities in the UK
-
January 06, 2023
06
Jan'23
Meta to appeal £345m fine for Facebook and Instagram privacy breaches
Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR
-
January 05, 2023
05
Jan'23
Cyber gang abused free trials to exploit public cloud CPU resources
A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying
-
January 05, 2023
05
Jan'23
Warning over ransomware attacks spreading via Fortinet kit
Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web
-
January 05, 2023
05
Jan'23
Fallout from Guardian cyber attack to last at least a month
The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time
-
January 05, 2023
05
Jan'23
Cashless Denmark has no bank robberies in a year for first time
Denmark saw no bank robberies in a single year for the first time ever, but online fraud continues to increase
-
January 03, 2023
03
Jan'23
Test of digital ID tech at Surrey nightclub proclaimed success
The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID
-
January 02, 2023
02
Jan'23
China and India governments among top targets for cyber attackers
Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures