News

IT security

• April 17, 2018 17 Apr'18

  China’s ZTE a national security risk, UK telcos warned

  UK national cyber security authority has warned telecommunications companies against using equipment and services from Chinese network equipment supplier ZTE, citing national security risks

• April 17, 2018 17 Apr'18

  Targeted cyber attacks doubled in past year, study shows

  The number of targeted attacks has doubled in the past year compared with the previous 12 months, despite improvements in detecting and blocking them, a cyber resilience study shows

• April 17, 2018 17 Apr'18

  Judge in Max Schrems v Facebook action raises red flag on EU-US data transfers

  The Irish High Court (Commercial Division) has once again cast a long shadow, with a very short deadline, over the arrangements for the safe and legal transfer of data between the EU and the US

• April 17, 2018 17 Apr'18

  Why AI skills, broadband and machine liability must be addressed

  The House of Lords select committee on artificial intelligence has urged the government to adapt policies to bolster AI and protect the public

• April 16, 2018 16 Apr'18

  Flashpoint researchers warn of new VBS Loader

  Researchers have issued warnings about a new VBScript downloader that behaves like a remote access Trojan, is designed to run undetected and can update and delete itself

• April 16, 2018 16 Apr'18

  UK and US accuse Russia of targeting network infrastructure

  The UK and US have accused the Russian government of targeting network infrastructure, calling on network operators to take the necessary protective measures

• April 16, 2018 16 Apr'18

  UK businesses urged to ensure they do cyber security basics

  The cyber threat to business has never been greater, so the National Cyber Security Centre is urging UK companies to ensure they have implemented all the basic, best-practice cyber security controls and processes

• April 15, 2018 15 Apr'18

  Australian healthcare services most hit by data breaches

  Nearly a quarter of data breaches reported under Australia’s new mandatory data breach regime took place in the healthcare sector

• April 13, 2018 13 Apr'18

  EU-US data sharing under threat as Irish court refers Facebook case to Europe

  The Irish High Court is seeking answers from the European Court of Justice in a case that could have huge implications for EU-US data sharing and raises questions about US government surveillance of EU citizens. The move could bring a five-year ...

• April 13, 2018 13 Apr'18

  Cyber attackers can breach targets in hours, report reveals

  The majority of hackers claim they can breach an organisation within hours, while most security professionals admit they do not know what to look for

• April 13, 2018 13 Apr'18

  Companies must take a share of cloud security responsibility

  The cloud is seen as highly secure and more and more critical data is being held in public clouds, but organisations need to adapt their internal security processes

• April 13, 2018 13 Apr'18

  UK playing central role in Facebook data misuse probe

  Data protection is a hot issue and all about increasing confidence in the way data is handled, says UK privacy watchdog

• April 12, 2018 12 Apr'18

  Cyber security a shared responsibility, says Amber Rudd

  The UK home secretary has emphasised that cyber security is a shared responsibility and committed to promote EU cyber cooperation post-Brexit at the National Cyber Security Centre’s conference in Manchester

• April 12, 2018 12 Apr'18

  GCHQ growing cyber capability to match threat

  GCHQ continues to grow and develop its cyber capability to match the rapidly expanding and evolving threat landscape, says agency director

• April 12, 2018 12 Apr'18

  UK cyber attack reporting set to be more streamlined

  Government funding has been allocated to help streamline cyber attack reporting, according to the National Cyber Security Centre

• April 11, 2018 11 Apr'18

  New cyber incident classification to boost UK response

  A new cyber attack categorisation system has been unveiled to improve UK response to incidents

• April 11, 2018 11 Apr'18

  Government to set up £13.5m cyber security centre

  Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security

• April 11, 2018 11 Apr'18

  Diversity key to more effective cyber security, says NCSC

  Diversity in defence teams is key to improved cyber security, according to the UK’s National Cyber Security Centre (NCSC)

• April 11, 2018 11 Apr'18

  GCHQ to set up shop in Manchester

  UK intelligence, security and cyber agency GCHQ is expanding its network of UK sites to north west England

• April 11, 2018 11 Apr'18

  NSA calls for cyber security community collaboration

  A US National Security Agency (NSA) representative has called for cyber security community collaboration at the National Cyber Security Centre’s conference in Manchester

• April 11, 2018 11 Apr'18

  UK to launch crackdown on dark web

  The UK is to enhance its specialist law enforcement response to crack down on criminals operating on the dark web

• April 10, 2018 10 Apr'18

  Mobile phishing a growing threat, warns report

  Phishing on mobile devices is a growing threat to business as attacks move beyond email to text messages and apps

• April 10, 2018 10 Apr'18

  Cyber criminals earn up to $2m a year, study shows

  Academic study reveals just how lucrative cyber crime can be, with top-level cyber criminals out-earning government leaders and university graduates

• April 10, 2018 10 Apr'18

  Ransomware top cyber threat, DBIR shows

  Ransomware remains the top cyber security threat to organisations, humans continue to be significant weakness and HR departments are a top target, according to the latest Verizon Data breach investigations report

• April 09, 2018 09 Apr'18

  Cyber threat to UK business greater than ever, report reveals

  The cyber threat to UK business is “bigger than ever” and the best way to defend against it is collaboration between government, law enforcement and business, a report shows

• April 09, 2018 09 Apr'18

  Security professionals admit patching is getting harder

  Vulnerable systems need patching to avoid being attacked by security exploits, yet many businesses find it hard to apply patches quick enough

• April 09, 2018 09 Apr'18

  More than one in 10 employees fall for social engineering attacks

  Employees download malicious files, click phishing links, correspond with hackers, and even share contact information for their colleagues, a report reveals

• April 09, 2018 09 Apr'18

  Facebook data scandal a game changer, says ICO

  Facebook’s controversial data sharing with London-based data mining firm Cambridge Analytica is a game changer, according to the UK’s privacy watchdog

• April 06, 2018 06 Apr'18

  Business increases use of encryption in the cloud

  The use of encryption has seen double-digit growth in the past year due to a number of security-related drivers, a study has revealed

• April 06, 2018 06 Apr'18

  HSBC IT whistleblower faces extradition to Switzerland

  Hervé Falciani, who stole data from thousands of private banking customers, is apprehended in Spain following the issuing of an international arrest warrant

• April 06, 2018 06 Apr'18

  Facebook among 30 organisations under investigation by the ICO

  Facebook is among 30 organisations under investigation by the UK’s privacy watchdog for misusing personal data for political and other purposes

• April 05, 2018 05 Apr'18

  Retail sector top cyber attack target

  The retail sector was the top cyber attack target in 2017, as cyber attacks evolved to become more organised and structured, a report reveals

• April 05, 2018 05 Apr'18

  Business should note Facebook data sharing, say security advisers

  Businesses that use Facebook and have employees that use it should take note that data is shared with potential cyber attackers, security advisers warn, as Facebook reveals the Cambridge Analytica data exploitation scandal may affect 87 million users

• April 05, 2018 05 Apr'18

  More than 1.5 billion business and consumer files exposed online

  With just over a month to go before the GDPR compliance deadline, more than 1.5 billion data files are exposed online without adequate protections, a report reveals

• April 05, 2018 05 Apr'18

  Only newer systems will get Intel firmware updates for Spectre chip flaw

  Intel will not issue patches for legacy processors, so older systems and legacy embedded applications will remain vulnerable to Spectre exploits

• April 05, 2018 05 Apr'18

  Interview: GDPR will give Dutch privacy watchdog its teeth

  The Netherlands’ privacy watchdog has not handed out fines so far because there has been no reason to, says the organisation’s chairman, Aleid Wolfsen

• April 04, 2018 04 Apr'18

  Ransomware puts pressure on incident response

  Cyber attackers switched focus to ransomware attacks in 2017 putting pressure on incident response, while human error was responsible for two-thirds of compromised records, a study shows

• April 04, 2018 04 Apr'18

  Average attacker dwell time nearly six months for EMEA, study shows

  Firms in Europe, the Middle East and Africa take nearly six months to detect cyber attacks on average, a report reveals

• April 04, 2018 04 Apr'18

  InfiniSync backup ‘bunker’ gives zero RPO for critical apps

  Infinidat launches InfiniSync “black box” as off-site storage on-site, plus new Infinibox PB-scale array, cloud storage service Neutrix Cloud and InfiniGuard backup appliance

• April 04, 2018 04 Apr'18

  IT decision-makers trust Facebook less and are changing policies

  As Facebook scrambles to contain the damage from the Cambridge Analytica data exploitation scandal, a survey reveals that a majority of IT decision-makers have lost trust in the social networking firm

• April 03, 2018 03 Apr'18

  UK firms failing to make financial plans for cyber attacks

  Most UK firms are failing to plan for the financial impact of cyber attacks, a survey by Lloyds Bank has revealed

• April 03, 2018 03 Apr'18

  Data breaches revealed at four US retail chains

  The Easter weekend has seen another round of data breaches, further underlining that many companies are still failing to take the necessary steps to protect customer data

• April 03, 2018 03 Apr'18

  Future of internet regulation is focus of Lords inquiry

  Inquiry will seek evidence on whether or not the law is up to the job of regulating online platforms such as Facebook, and what improvements can be made

• April 03, 2018 03 Apr'18

   Automation and gamification key to cyber security

  The use of automation and gamification are key to winning the fight against cyber criminals in the face of the skills’ shortage, a study investigating challenges facing IT security teams reveals

• April 02, 2018 02 Apr'18

  Lawyers more influential than IT staff in cloud deployments

  Traditionally considered risk-adverse, lawyers are twice as more influential than in-house technology staff about cloud, research finds

• March 29, 2018 29 Mar'18

  Europol operation nabs another 20 cyber criminals

  Police have arrested 20 cyber criminals in connection with a €1m fraud operation across Italy and Romania

• March 29, 2018 29 Mar'18

  Business unaware of scale of cyber threat

  Many businesses, especially board members, do not understand the scale of the cyber threat, but international efforts to combat cyber crime are being hampered by political barriers

• March 29, 2018 29 Mar'18

  Cryptocurrency mining rampant in higher education

  Higher education institutions are the biggest target for illicit cryptocurrency mining, data shows

• March 29, 2018 29 Mar'18

  Most airports not protected from cyber threats

  The chairman of the Israel Airports Authority paints a dismal picture of the state of cyber security in aviation, and offers advice on what can be done to avert the next disaster

• March 28, 2018 28 Mar'18

  Consumer group calls for Zuckerberg to step down after data misuse

  A social media firm's value is in the size of the network of users it can offer advertisers. But this model is now under the spotlight

• March 28, 2018 28 Mar'18

  Organisations can use GDPR ambiguity to contest fines in court, experts say

  Businesses can use the vagueness of the regulation to argue against fines in court, say experts

• March 28, 2018 28 Mar'18

  Majority of European firms unprepared for phishing attacks

  Most cyber attacks can be traced back to a phishing email, but more than half of European firms are unprepared to deal with email-based attacks, research has revealed

• March 28, 2018 28 Mar'18

  Home Office issues guidance on tech to prevent identity fraud

  Advice highlights the benefits of using identity document validation to audit and share data on fraudulent documents

• March 28, 2018 28 Mar'18

  Facebook announces more privacy control updates

  Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns

• March 28, 2018 28 Mar'18

  Microsoft Word document and zero-day attacks on the rise

  Macro-less Microsoft Word document attacks and zero-day malware are on the rise, according to data from WatchGuard

• March 28, 2018 28 Mar'18

  AWS ups ante on cloud services for Australian government

  Cloud supplier AWS says government agencies can now assess the prospect of running protected workloads, following an independent cloud security assessment

• March 28, 2018 28 Mar'18

  Majority of firms fear mobile workers have been hacked

  More than half of organisations fear that their mobile workers have been hacked and most are concerned that a growing mobile workforce means increased cyber security risk, a survey reveals

• March 27, 2018 27 Mar'18

  UK organisations urged to develop cyber security skills

  Managed cloud computing firm Rackspace is calling on UK organisations to do more to develop cyber security skills in the light of research into expertise in cloud security

• March 27, 2018 27 Mar'18

  Most top UK firms fail to disclose cyber risk testing details

  Most of the largest UK companies do not reveal their testing of cyber protection plans and do not share security updates with the board regularly, a Deloitte report reveals

• March 27, 2018 27 Mar'18

  Facebook could be hit with $2tn fine after FTC inquiry

  Facebook could face huge fines as the result of a federal inquiry into the data exploitation scandal, further underlining the importance of personal data protection for all enterprises

• March 27, 2018 27 Mar'18

  Case study: Berkshire NHS trust provides mental health support through social network

  Berkshire NHS is using its Support Hope and Recovery Online Network to provide 24/7 support and advice to service users struggling with mental health issues

• March 26, 2018 26 Mar'18

  Police arrest €1bn cyber heist mastermind

  Police have arrested a key member of the Carbanak gang believed to be responsible for more than 100 cyber heists worldwide

• March 26, 2018 26 Mar'18

  ShopDirect set to use AI to detect fraud on phone calls

  The online retailer has signed a contract to use voice authentication technology from Pindrop to tackle fraud and improve customer experience

• March 26, 2018 26 Mar'18

  Blockchain not ready for cross-border bank payments

  The use of blockchain in certain parts of the financial services industry is limited at present due to the additional IT work required around its use

• March 26, 2018 26 Mar'18

  UK government publishes export strategy for UK cyber security

  The government has published a guide for UK cyber security firms on how it plans to support their efforts to find and secure opportunities to export their products and services

• March 26, 2018 26 Mar'18

  Ransomware publicity heightened awareness but other threats remain, experts say

  Due to several high profile attacks over the past year, ransomware is now well known across organisations, but there are other threats to be aware of, say cyber security experts

• March 26, 2018 26 Mar'18

  Dutch SMEs’ cyber security is insufficient

  Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security

• March 26, 2018 26 Mar'18

  Apple CEO calls for better privacy regulations

  Apple’s CEO is calling for better data privacy regulations as Elon Musk joins Brian Acton in supporting the #DeleteFacebook campaign

• March 23, 2018 23 Mar'18

  Cloud key to cyber defence, says Palo Alto Networks

  Organisations need to make sense of security intelligence and act on it faster to get ahead of attackers, and cloud-based security is one way of making that possible, according to Palo Alto Networks

• March 23, 2018 23 Mar'18

  Facebook braces for new regulation for Cambridge Analytica deal

  Facebook's COO has joined the social network’s CEO in apologising for betraying users’ trust by giving Cambridge Analytica unfettered access to personal data, saying the firm will work with regulators

• March 23, 2018 23 Mar'18

  Private sector over-investing against nation-state attacks

  The creator of a routing technique that protects the domain name system says the money spent on guarding against nation-state actors could have been better used for other purposes

• March 22, 2018 22 Mar'18

  Privacy group calls for UK response to data exploitation

  Policy-makers need to respond swiftly to the Cambridge Analytica and Facebook data exploitation scandal, according to privacy rights group

• March 22, 2018 22 Mar'18

  Colt pioneers blockchain in telco voice wholesaling

  Colt Technology Services and Hong Kong Telecom’s international unit PCCW Global teamed up to trial the use of blockchain in wholesale voice settlements

• March 22, 2018 22 Mar'18

  Pressure grows on government to clarify post-Brexit position on UK-EU data flows

  TechUK says clear guidance is needed on whether the UK will need a data adequacy agreement in place during the 21-month Brexit transition period

• March 22, 2018 22 Mar'18

  Application layer DDoS attacks increasing, Imperva data shows

  Distributed denial of service attacks targeting applications almost doubled in the last three months of 2017, according to Imperva Incapsula data

• March 22, 2018 22 Mar'18

  Legacy IT hampers digital strategy at banks and insurers

  A highly regulated environment, a risk-averse culture and a reliance on core legacy technology are holding back banks and insurance companies from modernisation

• March 22, 2018 22 Mar'18

  Businesses lack cyber security confidence after majority were breached in past year

  Most businesses were hit by a data breach in the past year, yet less than half are confident they would detect a breach, a survey shows

• March 21, 2018 21 Mar'18

  MoD to focus on SMEs to raise supply chain cyber security

  The Ministry of Defence continues to develop a joint initiative with industry aimed at raising the security posture throughout the UK’s defence supply chain, with increasing focus on SMEs

• March 21, 2018 21 Mar'18

  SD-WAN still too complex, survey shows

  Despite SD-WAN adoption, WAN complexity remains a major challenge, a survey has revealed, driving firms to managed services, mainly because of security concerns

• March 21, 2018 21 Mar'18

  Popular culture key to giving cyber security much-needed boost

  The cyber security industry should turn to popular culture to raise awareness of the cyber threat to businesses and consumers and attract new blood to the field, says McMafia author

• March 21, 2018 21 Mar'18

  WhatsApp co-founder calls time on Facebook

  Brian Acton has called time on Facebook following reports of the firm’s dealings with data mining firm Cambridge Analytica linked to the EU referendum and Donald Trump’s US election campaign

• March 21, 2018 21 Mar'18

  Singapore government outlines its approach to IoT

  Avoiding supplier lock-in, driving open standards and tapping modular platforms are part of the approach that the Singapore government has taken in implementing the internet of things in the city-state

• March 20, 2018 20 Mar'18

  Think tank reports lifts lid on police cyber crime training

  UK think tank Parliament Street has lifted the lid on spending by police forces on training staff to deal with cyber crime and recommended greater collaboration in this regard

• March 20, 2018 20 Mar'18

  Firms need to move from DevOps to DevSecOps, says expert

  In the face of competition, organisations are turning to DevOps to improve efficiency and accelerate innovation, but this is creating new security risks, an industry expert warns

• March 19, 2018 19 Mar'18

  C-suite a cyber attack risk, say security chiefs

  Those tasked with running organisations are the most likely group to expose them to a major cyber attack, a poll of UK information security executives shows

• March 19, 2018 19 Mar'18

  Wigan data breaches underline need to share threat intelligence

  Ongoing data breaches experienced by local authorities underline the need for greater sharing of threat intelligence, say security experts

• March 19, 2018 19 Mar'18

  Heartbleed and Shellshock thriving in Docker community

  DevOps has revolutionised IT, but security best practices are being skimmed over, which means old vulnerabilities are finding a new lease of life in Docker

• March 19, 2018 19 Mar'18

  Russia compromised core router in US energy attacks

  Russian cyber attackers used a compromised core router in a series of attacks on the US energy sector, security researchers have revealed as the UK energy sector is placed on alert

• March 16, 2018 16 Mar'18

  IT contractors not a risk despite Snowden leaks, GCHQ tells court

  The government argues in the Investigatory Powers Tribunal that contractors with systems administration rights to computers holding GCHQ’s most sensitive intelligence pose no more of a security risk than the agency’s employees

• March 16, 2018 16 Mar'18

  Cyber criminals using complex financial system, study shows

  Cyber criminals are using a combination of new cryptocurrencies, gaming currencies and micro-payments to launder up to $200bn in ill-gotten gains, research has revealed

• March 16, 2018 16 Mar'18

  Defence industry urges government to relax controls on crypto exports

  Trade body representing defence, aerospace and security companies calls on government to make it easier to export “non-contentious” cryptography to secure organisations against cyber crime

• March 16, 2018 16 Mar'18

  US blames Russia for cyber attacks on energy firms

  The US has blamed Russia for a series of attacks on energy sector firms, underlining the need to ensure critical infrastructure IT systems are up to date and secure

• March 15, 2018 15 Mar'18

  DocuTrac medical software is a breach risk, warns Rapid7

  Security researchers have issued a security warning about medical billing and documentation software they say puts patients at risk of data breach

• March 14, 2018 14 Mar'18

  WhatsApp to suspend data sharing with Facebook

  WhatsApp has agreed to stop sharing personal data with Facebook until data protection concerns are addressed

• March 14, 2018 14 Mar'18

  Researchers accused of irresponsible disclosure of AMD chip flaws

  Israel-based researchers have been accused of irresponsible disclosure for going public with more than a dozen security flaws discovered in AMD processors

• March 14, 2018 14 Mar'18

  Most people think cryptocurrency will be accepted on buses by 2025

  Cryptocurrency is a mystery to many people, yet 55% of respondents to a survey expect shops and buses to accept digital money in seven years’ time

• March 14, 2018 14 Mar'18

  APAC security chiefs expect imminent attack on critical systems

  Nearly 70% of cyber security leaders in the APAC region believe a major attack affecting critical infrastructure across multiple countries will happen in the next two years, a survey reveals

• March 13, 2018 13 Mar'18

  Government ‘unlawfully delegated’ bulk data powers to GCHQ, court hears

  Privacy International urges Britain’s most secret court, the Investigatory Powers Tribunal, to rule that the government illegally collected surveillance data from internet and phone companies until at least September 2017

• March 13, 2018 13 Mar'18

  Public sector organisations ill-prepared for GDPR

  Public sector organisations in the UK need to do much more to comply with the General Data Protection Regulation rule on providing information to citizens about details held about them

• March 13, 2018 13 Mar'18

  Slingshot router malware: a warning for businesses

  A stealthy malware that has been used to carry out cyber espionage undetected for six years should raise a red flag to businesses, say security commentators