News

IT security

• February 23, 2022 23 Feb'22

  Microsoft extends Defender umbrella to Google Cloud Platform

  Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 23, 2022 23 Feb'22

  Attempted burglary exposes risk of NatWest customer data in former worker’s home

  Former Royal Bank of Scotland employee offers bank a compromise in her dispute over the return of confidential customer information

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 23, 2022 23 Feb'22

  Tech acquisition to be major priority for UK police

  Policing minister cites technology as major focus for future of UK police, in comments made ahead of the publication of the Strategic Review of Policing in England and Wales

• February 22, 2022 22 Feb'22

  UK organisations swift to chide phishing victims

  While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 21, 2022 21 Feb'22

  UK joins US in pinning Ukraine DDoS attacks on Russia

  A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action

• February 18, 2022 18 Feb'22

  Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

  Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them

• February 18, 2022 18 Feb'22

  UK organisations untroubled by Trickbot surge

  A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  DDoS attacks hit Ukrainian defence ministry and banks

  A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region

• February 16, 2022 16 Feb'22

  BlackCat ransomware gang claims responsibility for Swissport attack

  Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm

• February 16, 2022 16 Feb'22

  Cloud Security Alliance publishes guidelines to bridge compliance and DevOps

  The Cloud Security Alliance has published a report detailing practices that organisations can adopt to bridge the gap between compliance and software development and operations

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 15, 2022 15 Feb'22

  Botched third-party configuration exposes Internet Society data to web

  Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage

• February 15, 2022 15 Feb'22

  Parasol data breach: Frustrated IT contractors dig into the dark web in search of their data

  The emergence on the dark web of passports, payslips and other personal documents belonging to contractors affected by the cyber attack and subsequent data breach at Parasol is prompting group actions and forcing some IT contractors to find out for ...

• February 15, 2022 15 Feb'22

  TA2451 targets aviation and transport sector with tailored lures

  Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors

• February 15, 2022 15 Feb'22

  China emerges as leader in vulnerability exploitation

  Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs

• February 11, 2022 11 Feb'22

  CMA secures final Privacy Sandbox guarantees from Google

  The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 11, 2022 11 Feb'22

  Why security professionals should pay attention to what Russia is doing

  Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to

• February 11, 2022 11 Feb'22

  Hackney Council could be forced to answer questions about IT security training after Psya ransomware

  Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic

• February 10, 2022 10 Feb'22

  How diplomatic immunity silenced the prosecutor who coordinated Sweden’s EncroChat probe

  Defence lawyers claim Swedish court decision not to hear evidence from a Swedish prosecutor leaves important legal questions unanswered over international police operation to hack EncroChat cryptophone network

• February 10, 2022 10 Feb'22

  UK second in money laundering hall of shame

  Banks need to step up their anti-money laundering processes if billions of pounds’ worth of criminal activity is to be prevented

• February 09, 2022 09 Feb'22

  Minister defends digital economy legislation before Lords

  A digital minister has said that the UK’s forthcoming digital markets legislation is ‘superior’ to similar efforts in the EU, but could not commit to a specific time frame for when it will be introduced to Parliament

• February 09, 2022 09 Feb'22

  Linux-based clouds an open door for attackers, says VMware

  Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware

• February 09, 2022 09 Feb'22

  Ransomware ever more sophisticated and impactful, warns NCSC

  UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs

• February 09, 2022 09 Feb'22

  Microsoft stomps on 48 bugs in February Patch Tuesday update

  It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day

• February 09, 2022 09 Feb'22

  Tech companies risk being compelled by law to protect children, says online safety expert

  John Carr, a child safety campaigner backing a government-funded campaign on the dangers of end-to-end encryption to children, says tech companies have no choice but to act

• February 08, 2022 08 Feb'22

  DPD delivers swift fix for serious API flaw

  API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure

• February 08, 2022 08 Feb'22

  Microsoft to start blocking macros to thwart malware

  Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 08, 2022 08 Feb'22

  Parasol data breach: Contractors rage as fallout from umbrella cyber attack continues

  Contractors working for the Parasol umbrella company are querying why it has taken so long for news of the firm's data breach, which is linked to a cyber attack on its systems five weeks ago, to come to light

• February 08, 2022 08 Feb'22

  Porn sites will be legally required to verify users’ ages

  Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online

• February 08, 2022 08 Feb'22

  Right to disconnect and less monitoring key to better remote work

  The World Health Organisation and International Labour Organisation warn against invasive workplace surveillance and promote right to disconnect in joint briefing on how to promote healthy and safe remote working

• February 07, 2022 07 Feb'22

  Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago

  In an email to contractors sent out earlier today, umbrella company confirmed some data had been accessed and shared online in the wake of last month’s suspected ransomware attack on its systems

• February 07, 2022 07 Feb'22

  Airport services firm thwarts attempted ransomware heist

  Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack

• February 04, 2022 04 Feb'22

  Cyber attacks on European oil facilities spreading

  Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them

• February 04, 2022 04 Feb'22

  Check Point looks to plug ASEAN’s cyber security gap

  Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors

• February 03, 2022 03 Feb'22

  EC proposes new directive to improve gig economy work conditions

  Gig economy workers in Europe could be entitled to more rights and better workplace protections under a directive proposed by the European Commission

• February 03, 2022 03 Feb'22

  BlackCat crew supposedly behind OilTanking ransomware heist

  Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group

• February 03, 2022 03 Feb'22

  Brookson and Parasol cyber attacks: Contractor complaints about delayed payments continue

  Several weeks on from the suspected ransomware attack that blighted two of the umbrella industry’s biggest players, contractors are still chasing their missing money

• February 03, 2022 03 Feb'22

  Crisp supply shortage looms after KP Snacks hit by ransomware

  Supplies of Hula Hoops and many other snack brands are under threat after a ransomware attack on the systems of KP Snacks

• February 03, 2022 03 Feb'22

  French Supreme Court raises constitutional questions over EncroChat hacking secrecy

  Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution

• February 02, 2022 02 Feb'22

  Mechanism underlying cookie popups found in breach of GDPR

  A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation

• February 02, 2022 02 Feb'22

  Zero-trust to soar in 2022, but dogged by implementation challenges

  IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite

• February 02, 2022 02 Feb'22

  Reforms needed to tackle economic crime, says Treasury Committee

  The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action

• February 02, 2022 02 Feb'22

  Nationwide Building Society streamlines digital onboarding through API

  Building society is improving its digital onboarding process through application programming interface-based technology from a US startup