News
IT security
-
August 19, 2022
19
Aug'22
Cradlepoint unveils networking architecture addressing 5G, SD-WAN, zero-trust intersection
Cloud-delivered LTE and 5G wireless network services provider launches software-based offering to manage remote connections and provide flow-level visibility
-
August 19, 2022
19
Aug'22
Google employees demand end to collection of abortion data
In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police
-
August 19, 2022
19
Aug'22
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments
-
August 19, 2022
19
Aug'22
Apple patches two zero-days in macOs, iOS
Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems
-
August 19, 2022
19
Aug'22
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years
-
August 18, 2022
18
Aug'22
Growing MFA use spurs ‘pass-the-cookie’ attacks
The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools
-
August 18, 2022
18
Aug'22
Amazon Ring vulnerability could have been used to spy on users
A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it
-
August 18, 2022
18
Aug'22
It takes a breach to force boards to take notice of cyber, says UK government
Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims
-
August 18, 2022
18
Aug'22
Ukraine war drives DDoS attack volumes ever higher
There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity
-
August 18, 2022
18
Aug'22
GPS tagging of migrants breaches UK data protection law, says Privacy International complaint
Privacy group files complaints with Information Commissioner’s Office and Forensic Science Regulator over Home Office’s GPS monitoring of migrants
-
August 16, 2022
16
Aug'22
Cyber security accelerator launches in Greater Manchester
Accelerator will add to Manchester’s growing cyber security ecosystem, which already includes several tech unicorns, arms companies and the offices of GCHQ
-
August 16, 2022
16
Aug'22
South Staffs Water is victim of botched Clop attack
South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault
-
August 16, 2022
16
Aug'22
Why organisations need to harmonise their CIO and CISO roles
Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson
-
August 15, 2022
15
Aug'22
Lawyers and journalists sue CIA and Mike Pompeo over Assange surveillance claims
CIA and its former director sued over allegations that they authorised unlawful spying on US citizens when they visited WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London
-
August 15, 2022
15
Aug'22
Report reveals consensus around Computer Misuse Act reform
A study produced by the CyberUp campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakers as they explore its reform
-
August 12, 2022
12
Aug'22
Cyber criminal forum targets only Russia
The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to be one of a kind
-
August 12, 2022
12
Aug'22
Microsoft doles out $13.7m in bug bounties
Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries
-
August 12, 2022
12
Aug'22
How critical infrastructure operators can secure OT data
Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats
-
August 11, 2022
11
Aug'22
Researcher finds 10 vulnerabilities in Cisco firewalls
At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches
-
August 11, 2022
11
Aug'22
Cisco averts cyber disaster after successful phishing attack
A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage
-
August 11, 2022
11
Aug'22
Seacom teams up with BT to deliver enterprise communications services across Africa
Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services
-
August 11, 2022
11
Aug'22
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations
-
August 10, 2022
10
Aug'22
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted
-
August 10, 2022
10
Aug'22
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.
-
August 10, 2022
10
Aug'22
‘Coopetition’ a growing trend among ransomware gangs
Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time
-
August 10, 2022
10
Aug'22
UK to surveil convicted migrants with facial recognition
A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory
-
August 09, 2022
09
Aug'22
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance
-
August 08, 2022
08
Aug'22
NHS recovering key services after attack on supplier
Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service
-
August 05, 2022
05
Aug'22
Reliance on PSN may have exacerbated cyber attack impact
As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks
-
August 04, 2022
04
Aug'22
UK has biggest card fraud problem in Europe
Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe
-
August 04, 2022
04
Aug'22
SBRC to administer NCSC training across Scotland
The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations
-
August 04, 2022
04
Aug'22
Financial services regulator opens digital delivery centre in Leeds
The Financial Conduct Authority is increasing the number of tech experts in its workforce through a new digital delivery centre in Leeds
-
August 04, 2022
04
Aug'22
Spyware activity particularly impactful in July
After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report
-
August 03, 2022
03
Aug'22
New EU due diligence law needs amending to stop tech sector abuse
European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims ...
-
August 03, 2022
03
Aug'22
Shift to remote work sees major rise in cyber crime
Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy
-
August 03, 2022
03
Aug'22
DrayTek patches SOHO router bug that left thousands exposed
Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers
-
August 02, 2022
02
Aug'22
UK safety tech sector sees strong revenue and employment growth
Safety tech is now one of the fastest-growing sectors in the UK tech industry, with jumps in revenue, investment and employment
-
July 29, 2022
29
Jul'22
Austrian data firm accused of selling malware, conducting cyber attacks
Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks
-
July 28, 2022
28
Jul'22
Ex-youth footballers kick-start cyber careers
New programme aims to find fresh careers for former youth footballers in cyber security
-
July 28, 2022
28
Jul'22
H0lyGh0st ransomware gang faces challenges, but still a threat
Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat
-
July 28, 2022
28
Jul'22
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses
-
July 28, 2022
28
Jul'22
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect
-
July 27, 2022
27
Jul'22
Consumers left out of pocket as security costs soar
As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people
-
July 27, 2022
27
Jul'22
US doubles bounty on Lazarus cyber crime group to $10m
US State Department doubles a previously announced reward for information on North Korean cyber criminals, including the notorious Lazarus group
-
July 27, 2022
27
Jul'22
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise
-
July 27, 2022
27
Jul'22
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
-
July 26, 2022
26
Jul'22
Secret court asked to quash a decade of MI5 surveillance warrants following ‘systemic breaches’
The culture at MI5 was to ‘prioritise’ missions ‘over everything else’, including compliance with safeguards designed to protect the public, the UK’s most secret court heard yesterday
-
July 26, 2022
26
Jul'22
No More Ransom initiative helps 1.5 million people in six years
One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project
-
July 26, 2022
26
Jul'22
Visibility and proactive stance needed to secure OT systems
Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says
-
July 26, 2022
26
Jul'22
Ducktail infostealer targets Facebook Business users
Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts