News
IT security
-
May 21, 2021
21
May'21
Lack of developer attention to cloud security prompts alerts
The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations
-
May 20, 2021
20
May'21
Pandemic tech use heightens consumer privacy fears
Report on consumer attitudes to privacy finds evidence of a “heightened sense of fear” as digital footprints expand inexorably
-
May 20, 2021
20
May'21
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes
-
May 20, 2021
20
May'21
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained
-
May 20, 2021
20
May'21
UK government publishes framework on automated decision-making
The framework focuses on making the use of algorithms and automated decision-making systems within the public sector more ethical, transparent and accountable
-
May 19, 2021
19
May'21
Reports of stolen Irish health service data being leaked online
Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang
-
May 19, 2021
19
May'21
Barclays first bank to publish online scam refund details
All banks must be transparent about the proportion of victims of authorised push payment fraud they refund, says consumer rights organisation Which?
-
May 19, 2021
19
May'21
Flexxon bakes AI into SSDs to fight unknown threats
Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats
-
May 18, 2021
18
May'21
Microsoft EU Data Boundary dubbed ‘smoke and mirrors’
Data protection experts claim Microsoft’s decision to create an EU Data Boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc
-
May 18, 2021
18
May'21
Government response to National Data Strategy consultation depicts data as ‘asset, not threat’
Government responds to consultation with a promise of delivery, putting an emphasis on data as an asset, not a threat, and finding respondents keen on levelling up
-
May 18, 2021
18
May'21
Cisco acquires Kenna Security amid security expansion
Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers
-
May 18, 2021
18
May'21
Irish High Court dismisses legal bid by Facebook over EU-US data transfers
Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US
-
May 18, 2021
18
May'21
Australian budget lends support to digital economy
Australia’s A$1.2bn Digital Economy Strategy ticks most of the right boxes, but some industry experts say areas such as broadband infrastructure and artificial intelligence are still underfunded
-
May 17, 2021
17
May'21
Conti ransomware syndicate behind attack on Irish health service
More details continue to emerge of the significant ransomware attack on Ireland’s HSE
-
May 17, 2021
17
May'21
NCSC study to probe disability and neurodiversity in cyber
National Cyber Security Centre and KPMG have launched a new diversity study aiming to capture benchmarks on disability and neurodiversity in cyber
-
May 17, 2021
17
May'21
Government seeks input on supply chain security
Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security
-
May 14, 2021
14
May'21
Colonial Pipeline paid $5m ransom, reports say
Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here
-
May 14, 2021
14
May'21
Irish health service hit by major ransomware attack
IT systems in hospitals across Ireland have been switched off following a significant ransomware attack
-
May 14, 2021
14
May'21
Dutch police used deep learning model to predict threats to life
Dutch police developed a deep learning model in their EncroChat investigation to predict which messages contain serious threats to life
-
May 14, 2021
14
May'21
Okta and Auth0 to expand APAC coverage
Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic
-
May 13, 2021
13
May'21
NHSX data strategy due in ‘a few weeks’
NHSX director of policy and strategy Simon Madden says the long-awaited strategy is expected to “trigger huge debates” on issues such as access, choice and transparency, and will be published in draft form shortly to allow for consultation
-
May 13, 2021
13
May'21
Publishing exploit code does more harm than good, says report
Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security
-
May 13, 2021
13
May'21
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing
-
May 13, 2021
13
May'21
Refuge launches tech safety site for domestic abuse victims
Created with the help of survivors, Refuge’s resource site offers guidance on protecting yourself from tech-enabled domestic abuse
-
May 13, 2021
13
May'21
CISOs weathered the pandemic well, but at personal cost
Over 80% of CISOs think their existing security capabilities stayed strong during the worst of the Covid-19 pandemic, but now face stress and burnout on an unheard-of scale
-
May 13, 2021
13
May'21
Verizon DBIR underscores year of unprecedented cyber challenge
Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt
-
May 12, 2021
12
May'21
UK government publishes Online Safety Bill draft
Bill builds on previous commitments by the government, which has added new measures to uphold democracy and freedom of speech while making tech giants more accountable
-
May 12, 2021
12
May'21
Inside DarkSide: Researchers share intel on break-out cyber gang
Security researchers swap information on the newly famous DarkSide ransomware gang, the group that doesn’t appear to understand what ‘being a criminal’ actually means
-
May 12, 2021
12
May'21
CyberUK 2021: NCSC encourages startups to invest in cyber
National Cyber Security Centre is launching bespoke cyber security guidance aimed at the UK’s valuable startup community
-
May 12, 2021
12
May'21
UK to fund national cyber teams in Global South
Government will commit millions of pounds to supporting vulnerable countries in establishing cyber capacity
-
May 12, 2021
12
May'21
Microsoft fixes four critical bugs on lighter Patch Tuesday
Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away
-
May 12, 2021
12
May'21
The Security Interviews: Why helpful bots could hurt vaccine roll-outs
Earlier this year, spikes in traffic to websites containing information about Covid-19 vaccines were attributed by Imperva to automated bots scraping data. Why is that a problem?
-
May 11, 2021
11
May'21
UK Plc invited to sign up for Early Warning of cyber incidents
The launch of the Early Warning incident notification service is among the enhancements being made by the NCSC to its service packages
-
May 11, 2021
11
May'21
NCSC cyber guidance targets cloud and home working
The NCSC’s refreshed cyber security guidance for larger organisations places particular emphasis on cloud, home working and ransomware
-
May 11, 2021
11
May'21
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event
-
May 11, 2021
11
May'21
Government to reform Computer Misuse Act
Home secretary Priti Patel will explore reforming the Computer Misuse Act as calls mount for the 31-year-old law to be updated to reflect the changed online world
-
May 11, 2021
11
May'21
SolarWinds CEO calls for collective action against state attacks
SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states
-
May 11, 2021
11
May'21
Swedish court finds ambiguities in hacked EncroChat cryptophone evidence
Defence lawyer claims evidence obtained by hacking the EncroChat encrypted phone network has ‘no legal’ value following Swedish appeal court ruling
-
May 11, 2021
11
May'21
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide
-
May 10, 2021
10
May'21
NCSC Active Cyber Defence blocks surge of pandemic scams
The NCSC responded to a surge in online scams last year as it moved to protect both the general public and critical national services during the pandemic
-
May 07, 2021
07
May'21
NCSC, CISA publish new information on Russia’s Cozy Bear
New intelligence from UK and US cyber agencies suggests that APT29, or Cozy Bear, has been switching up its tactics
-
May 07, 2021
07
May'21
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects
-
May 07, 2021
07
May'21
Cyber accreditation to improve legal standing of security pros
Institute of Cyber Digital Investigations Professionals will help incident responders and cyber investigators get the professional recognition they deserve
-
May 07, 2021
07
May'21
Reddit enlists HackerOne to run public bug bounty programme
Online community platform is opening up its HackerOne bug bounty programme to any ethical hacker who cares to have a look under the bonnet
-
May 07, 2021
07
May'21
Ransomware, supply chain attacks show no sign of abating
Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors
-
May 06, 2021
06
May'21
Government urged to add scam protections to Online Safety Bill
Group of organisations calls for the government to use the Online Safety Bill to protect people from cyber scams
-
May 06, 2021
06
May'21
Scammers accidentally reveal fake Amazon review data
More than 13 million records relating to an organised fake review scam have been found on an unsecured ElasticSearch database, implicating hundreds of thousands of people in unethical behaviour
-
May 06, 2021
06
May'21
Google to introduce mandatory MFA for users
In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services
-
May 06, 2021
06
May'21
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases
-
May 05, 2021
05
May'21
Why ITAM can aid IT-fuelled business recovery
As a sense of normality returns, we look at why IT asset management is the stealth tool for clearing a path towards greater digitisation