News

IT security

• April 13, 2021 13 Apr'21

  EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities

  Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications

• April 12, 2021 12 Apr'21

  Vaccine passports and travel plans race up Covid threat charts

  With lockdown restrictions easing in the UK, cyber criminals are tailoring their phishing lures to new areas of interest

• April 11, 2021 11 Apr'21

  Executive interview: Unleashing blockchain’s potential

  Labrys founder and CEO Lachlan Feeney offers his observations about blockchain adoption in Australia, and what his firm is doing to help organisations unleash the full potential of the technology

• April 09, 2021 09 Apr'21

  Egypt, Italy and US most affected in Facebook leak

  Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook

• April 09, 2021 09 Apr'21

  NCSC: Using your pet’s name as a password is very stupid

  If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said

• April 09, 2021 09 Apr'21

  Cring ransomware hits ICS through two-year-old bug

  A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware

• April 08, 2021 08 Apr'21

  Nation-state cyber attacks double in three years

  Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project

• April 07, 2021 07 Apr'21

  Facebook ducks calls to apologise over huge data leak

  Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise

• April 07, 2021 07 Apr'21

  A billion extra contactless payments in year since limit increase

  Visa said there was an extra one billion contactless payments made by its customers last year

• April 07, 2021 07 Apr'21

  Unpatched SAP applications are target-rich ground for hackers

  Report from SAP and cyber threat research company Onapsis warns that hackers are attacking mission-critical SAP business applications that contain unpatched vulnerabilities

• April 06, 2021 06 Apr'21

  Facebook data leak could be outside scope of GDPR

  Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force

• April 01, 2021 01 Apr'21

  EncroChat hearings delayed as lawyers seek disclosure on police hacking

  Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities

• March 31, 2021 31 Mar'21

  NHS is apparently closing security skills gap

  By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before

• March 31, 2021 31 Mar'21

  Cyber Security Council to champion UK security pros

  A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base

• March 31, 2021 31 Mar'21

  Nordics run information sharing on digital vaccination passports

  Nordic countries advance plans for digital Covid-19 vaccination passports in a bid to kick-start their economies

• March 30, 2021 30 Mar'21

  Privacy campaigners hail legal victory over Hancock and Palantir

  Civil liberties organisation OpenDemocracy says it has scored a legal victory over health secretary Matt Hancock regarding the involvement of Palantir in the NHS Covid-19 data store

• March 30, 2021 30 Mar'21

  Ransomware attack on London schools highlights warnings

  Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector

• March 30, 2021 30 Mar'21

  The Security Interviews: How to secure an F1 team in a pandemic

  A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data

• March 29, 2021 29 Mar'21

  UK courts face evidence ‘black hole’ over police EncroChat mass hacking

  French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence

• March 29, 2021 29 Mar'21

  Cyber attack takes Channel Nine off-air

  The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio

• March 29, 2021 29 Mar'21

  CW Innovation Awards: SIA taps blockchain for loyalty app

  Singapore Airlines, winner of the transportation category in this year’s CW Innovation Awards APAC, expands its blockchain-based digital wallet into a broader digital lifestyle platform

• March 26, 2021 26 Mar'21

  Surveillance expert ‘unfairly’ refused job at intelligence regulator after MI5 intervened

  The Home Office unfairly refused Eric Kind, a specialist in criminal justice and UK surveillance law, clearance for a job at an intelligence watchdog after MI5 claimed he was “insufficiently deferential”

• March 26, 2021 26 Mar'21

  Retailer FatFace pays $2m ransom to Conti cyber criminals

  Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate

• March 26, 2021 26 Mar'21

  Leading Israeli IoT firm lands in US as worldwide malware attacks surge

  With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential

• March 26, 2021 26 Mar'21

  Remote working burn-out a factor in security risk

  After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected

• March 26, 2021 26 Mar'21

  ‘Major’ security flaw detected in 5G core network slicing design

  Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments

• March 25, 2021 25 Mar'21

  Cyber security complacency puts UK at risk, says NCSC head

  National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber

• March 25, 2021 25 Mar'21

  TUC warns of gaps in British law over use of AI at work

  The TUC has published a report warning of AI-powered discrimination against working people enabled by gaps in existing British employment law

• March 25, 2021 25 Mar'21

  Warning: AWS IAM behaves differently to directory services

  IT admins use group policies to manage user access via Active Directory, but AWS takes a subtly different approach, which can be exploited

• March 25, 2021 25 Mar'21

  Four in five UK businesses seek new security suppliers

  Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves

• March 25, 2021 25 Mar'21

  Facebook disrupts Chinese espionage operation

  Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority

• March 25, 2021 25 Mar'21

  More than £34.5m stolen in pandemic scams over past year

  City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations

• March 24, 2021 24 Mar'21

  Oil giant Shell hit through Accellion FTA breach

  Energy firm discloses cyber attack through Accellion File Transfer Appliance

• March 24, 2021 24 Mar'21

  Apparent drop in cyber incidents highlights underlying problems

  UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report

• March 24, 2021 24 Mar'21

  UK faces significant cyber talent shortfall

  Cyber security sector is struggling to attract the talented workforce it needs

• March 24, 2021 24 Mar'21

  Cyber criminals forging Covid-19 vaccine certificates

  Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon

• March 23, 2021 23 Mar'21

  NCSC beefs up support for education sector after spate of attacks

  Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks

• March 22, 2021 22 Mar'21

  $50m ransomware demand on Acer is highest ever

  Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer

• March 22, 2021 22 Mar'21

  Unionised drivers call on Microsoft to suspend Uber’s Face API licences

  Unionised private hire drivers in the UK are calling for Microsoft to suspend Uber’s licences to use its Face API technology after claims the ride-hailing firm’s ID-checking system has led to drivers losing their jobs and having licences revoked

• March 18, 2021 18 Mar'21

  Vaccine passports cannot put basic rights at risk, warns BCS

  BCS warns of challenges to come as the government presses on with its plans for Covid-19 vaccine passports

• March 18, 2021 18 Mar'21

  Eastern Health reports ‘cyber incident’, takes systems offline

  Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident

• March 17, 2021 17 Mar'21

  Average ransomware cost triples, says report

  The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report

• March 17, 2021 17 Mar'21

  Digital Green Certificate proposed for travel in Europe

  Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union

• March 17, 2021 17 Mar'21

  Cyber sector welcomes PM’s defence review

  Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet

• March 16, 2021 16 Mar'21

  Uber and Ola ordered to hand over more data to drivers

  A Dutch court has rejected Uber and Ola’s claims that drivers collectively taking action to access their data amounts to an abuse of their individual data access rights, laying the ground for drivers to form their own union-controlled data trust

• March 16, 2021 16 Mar'21

  MoD partners playing fast and loose with confidential data

  Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD

• March 16, 2021 16 Mar'21

  Unusual DearCry ransomware uses ‘rare’ approach to encryption

  Hybrid approach to encryption used by DearCry bears similarities to WannaCry

• March 16, 2021 16 Mar'21

  Microsoft releases one-click ProxyLogon mitigation tool

  Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers

• March 16, 2021 16 Mar'21

  Government calls for input into Covid-19 vaccine passports

  Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme

• March 16, 2021 16 Mar'21

  ST Engineering teams up with Google Cloud

  Singapore’s ST Engineering and Google Cloud will explore offering secure cloud services for organisations in regulated industries