News

IT security

• July 25, 2021 25 Jul'21

  Tokyo 2020 hit by data breach

  The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large

• July 25, 2021 25 Jul'21

  OAIC: Uber failed to protect personal data of Australians

  Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog

• July 23, 2021 23 Jul'21

  Kaseya obtains universal ransomware decryptor

  Kaseya says it obtained a ransomware decryptor key from a trusted third party, but there is no word on whether a ransom was paid

• July 22, 2021 22 Jul'21

  Respect in Security challenges abuse and harassment in cyber

  With around a third of cyber pros saying they have personally experienced harassment at work or online, a new initiative is urging organisations to pledge their support to help free the community from the scourge of abuse. We met its founders

• July 22, 2021 22 Jul'21

  Beeinfotech PH opens telco-neutral datacentre in the Philippines

  Datacentre startup is touting carrier neutrality, bespoke services and cyber security capabilities to meet the growing demand for co-location services in the Philippines

• July 21, 2021 21 Jul'21

  France’s Macron among alleged Pegasus targets

  Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware

• July 20, 2021 20 Jul'21

  NCSC’s Cameron urges deeper cyber alliance-building

  Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration

• July 20, 2021 20 Jul'21

  NHS Digital tightens rules for GPDPR data scrape

  The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital

• July 19, 2021 19 Jul'21

  Government launches consultation on plans for UK digital identity market

  DCMS wants stakeholders to offer their views on proposals for a new governance regime and expanding access to government-held datasets for identity verification

• July 19, 2021 19 Jul'21

  UK, US confirm Chinese state backed MS Exchange Server attacks

  UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors

• July 19, 2021 19 Jul'21

  Pegasus mobile RAT abused to monitor journalists and activists

  Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes

• July 19, 2021 19 Jul'21

  Privacy Shield: One year on and companies are still grappling for answers

  Activist lawyer Max Schrems and Eduardo Ustaran, partner at Hogan Lovells, look for common ground in a problem with no easy answers

• July 16, 2021 16 Jul'21

  Legacy SonicWall kit exploited in ransom campaign

  Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign

• July 15, 2021 15 Jul'21

  Macquarie Data Centres to build Sydney North facility

  Macquarie Data Centres’ latest 32MW facility will come with a cyber security centre that monitors and manages cyber security events

• July 15, 2021 15 Jul'21

  Lawyers take EncroChat hacking operation to French supreme court

  Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law

• July 15, 2021 15 Jul'21

  Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study

  EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield

• July 15, 2021 15 Jul'21

  Singapore to invest S$50m in ‘digital trust’ capabilities

  The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management

• July 14, 2021 14 Jul'21

  REvil ransomware crew drops offline, reasons murky

  The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated

• July 14, 2021 14 Jul'21

  Multiple Microsoft bugs being actively exploited

  Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited

• July 13, 2021 13 Jul'21

  Regional cyber clusters score £700k of funding

  DCMS has awarded £700,000 of funding to a network of 20 regional cyber clusters

• July 13, 2021 13 Jul'21

  Modipwn vulnerability puts millions of building systems at risk

  Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover

• July 13, 2021 13 Jul'21

  Secureworks sets up in EU datacentre for XDR services

  New datacentre location helps Secureworks’ customers meet EU data residency requirements

• July 13, 2021 13 Jul'21

  UK Cyber Security Council calls for new push on training

  Too many companies have cut back on security training and development during the pandemic, says UK Cyber Security Council

• July 13, 2021 13 Jul'21

  Met Police seize £180m worth of Bitcoin

  The largest ever seizure of cryptocurrency in the UK comes just weeks after a previous multi-million pound confiscation, as law enforcement clamps down on money laundering

• July 13, 2021 13 Jul'21

  Dutch prosecutor ordered to give evidence on EncroChat hack

  Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide

• July 12, 2021 12 Jul'21

  Kaseya VSA services coming online after week-long outage

  Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online

• July 12, 2021 12 Jul'21

  NSW department of education hit by cyber attack

  Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday

• July 11, 2021 11 Jul'21

  Ransomware and botnets among top cyber threats in Singapore

  The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic

• July 09, 2021 09 Jul'21

  Ransomware gangs seek people skills for negotiations

  The process of negotiating a ransomware payment is delicate, hence cyber criminal organisations are prepared to offer good terms to those with the right skillsets

• July 09, 2021 09 Jul'21

  Met Police should release information on British WikiLeaks journalists passed to US, tribunal told

  The Metropolitan Police should release correspondence with the US Department of Justice about three UK based WikiLeaks journalists, despite national security claims, a tribunal heard

• July 08, 2021 08 Jul'21

  Kaseya apologises for extended downtime after ransom attack

  CEO of Kaseya apologises after pushing back the restoration of the firm’s VSA service following a REvil ransomware attack

• July 08, 2021 08 Jul'21

  PrintNightmare haunts Microsoft as patch may miss mark

  Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied

• July 07, 2021 07 Jul'21

  US government given permission to appeal UK’s decision to not extradite Julian Assange

  US offers assurances that Assange could serve time in his home country of Australia if convicted

• July 07, 2021 07 Jul'21

  ICO to probe Hancock over private email use

  Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business

• July 07, 2021 07 Jul'21

  How the UK Cyber Security Council plans to professionalise security

  As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is

• July 07, 2021 07 Jul'21

  Opportunists seen targeting Kaseya REvil victims

  Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident

• July 06, 2021 06 Jul'21

  About 60 Kaseya customers hit by REvil

  Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend

• July 06, 2021 06 Jul'21

  Klarna under investigation by Swedish finance watchdog

  Swedish fintech is being investigated by financial services regulator after customer information was visible to others

• July 06, 2021 06 Jul'21

  Cyber insurance costs up by a third

  The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance

• July 06, 2021 06 Jul'21

  BA reaches settlement in data breach group action

  A group action against BA following its 2018 data breach has been successfully settled

• July 05, 2021 05 Jul'21

  REvil crew wants $70m in Kaseya ransomware heist

  Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo

• July 03, 2021 03 Jul'21

  Berlin court finds EncroChat intercept evidence cannot be used in criminal trials

  In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions

• July 02, 2021 02 Jul'21

  Should I be worried about PrintNightmare?

  The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be?

• July 02, 2021 02 Jul'21

  Cyber attackers up the ante on embattled IT teams

  Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements

• July 01, 2021 01 Jul'21

  NCSC joins US authorities to expose Russian brute force campaign

  A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments

• July 01, 2021 01 Jul'21

  US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool

  Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack

• July 01, 2021 01 Jul'21

  Cyber espionage campaign targeted central Asian states

  The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT

• July 01, 2021 01 Jul'21

  NHS IT fraudster Barry Stannard sentenced to five years in prison

  Stannard used his position as head of unified communications at an Essex NHS Trust to cheat the taxpayer of more than £800,000

• July 01, 2021 01 Jul'21

  Nominations open for 2021 Security Serious Unsung Heroes Awards

  Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators

• June 30, 2021 30 Jun'21

  Half of mobile phones sold in the UK at risk of security issues

  Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates