News

IT security

December 18, 2020 18 Dec'20
Utility supplier People’s Energy has entire customer list stolen

All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident
December 18, 2020 18 Dec'20
SolarWinds cyber attack is ‘grave risk’ to global security

More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear
December 17, 2020 17 Dec'20
Dodgy browser extensions put social media users at risk

More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast
December 17, 2020 17 Dec'20
EU security strategy a ‘step up’ on cyber leadership, says Brussels

The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy

December 17, 2020 17 Dec'20
NHS Scotland taps Check Point to secure Covid-19 data

NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus
December 17, 2020 17 Dec'20
FireEye and partners release SolarWinds kill-switch

A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue
December 17, 2020 17 Dec'20
UK police unlawfully processing over a million people’s data on Microsoft 365

The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts
December 17, 2020 17 Dec'20
Danske Bank fights money laundering with AI

Danske Bank is using artificial intelligence to help it prevent a repeat of the huge money laundering scandal that hit one of its operations in Estonia
December 17, 2020 17 Dec'20
AWS brings disaster recovery programme to Australia

Project Resilience will offer up to $5,000 worth of credits to public sector and community organisations to offset the cost of storing data on Amazon Web Services
December 16, 2020 16 Dec'20
Lancashire police integrate body-worn video into digital policing app

Body-worn video integration will transform Lancashire police’s time-consuming and manual procedures into an efficient digital workflow, but claims that BMV will increase transparency and accountability are not backed by the evidence

December 15, 2020 15 Dec'20
SolarWinds cyber attack: How worried should I be, and what do I do now?

Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next?
December 15, 2020 15 Dec'20
Cyber crime victims in the Netherlands not reporting offences

Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied
December 14, 2020 14 Dec'20
FireEye identifies flaw in networking monitoring software as US agencies attacked

Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software
December 13, 2020 13 Dec'20
Singapore trials beacons to bolster police operations

Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial
December 11, 2020 11 Dec'20
The week in ransomware: Foxconn and Randstad are high-profile victims

Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months
December 11, 2020 11 Dec'20
Disputed PostgreSQL bug exploited in cryptomining botnet

PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL
December 11, 2020 11 Dec'20
Surge in Covid-19 vaccine phishing scams reported

Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure
December 10, 2020 10 Dec'20
French regulators fine Google and Amazon over cookie policies

Google and Amazon rapped over their use of advertising cookies by the French data protection authorities
December 10, 2020 10 Dec'20
Cyber Helpline awarded lottery funding to support victims

The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery
December 10, 2020 10 Dec'20
After critical year, Vodafone trains security sights on CNI market

Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets
December 10, 2020 10 Dec'20
Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack

The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen
December 10, 2020 10 Dec'20
Alan Turing Institute appoints global advisory board to aid digital identity schemes project

The Alan Turing Institute announces an international advisory board for a project investigating digital identity schemes, with a view to building the technology and organisational infrastructure to sustain them as trustworthy
December 09, 2020 09 Dec'20
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts

The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users
December 09, 2020 09 Dec'20
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas

The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance
December 09, 2020 09 Dec'20
FireEye’s ethical hacking tools stolen in state-backed attack

Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye
December 09, 2020 09 Dec'20
There’s no going back to pre-pandemic security approaches

The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021
December 09, 2020 09 Dec'20
Top IT predictions in APAC in 2021

The Asia-Pacific region will continue to be a cradle for technology innovation in the new year, whether it is 5G services, artificial intelligence, cloud computing or cyber security
December 08, 2020 08 Dec'20
Multiple D-Link routers found vulnerable to attack

Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices
December 08, 2020 08 Dec'20
Russian state actors exploiting VMware bug to hijack data, users warned

Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings
December 07, 2020 07 Dec'20
Met Police failed to clear backlog of subject access requests

Metropolitan Police failed to comply fully with an enforcement notice issued by the Information Commissioner, and despite hundreds of overdue subject access requests the regulator did not take further action
December 07, 2020 07 Dec'20
HMRC referred 11 data security incidents to ICO in 2019-20

HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report
December 07, 2020 07 Dec'20
Grindr and others patch critical Android bug

Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability
December 07, 2020 07 Dec'20
Singapore government to boost blockchain adoption

Singapore government unveils S$12m programme to promote development and adoption of blockchain applications beyond financial services
December 07, 2020 07 Dec'20
A trillion dollars lost to cyber crime every year

Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime
December 06, 2020 06 Dec'20
China lags US in computer vision

China trails the US in the field of computer vision despite making inroads in computing and research, new report finds
December 04, 2020 04 Dec'20
Opportunistic Egregor ransomware is an emerging and active threat

Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it
December 04, 2020 04 Dec'20
Avast and Borsetta to support Intel’s AI security project

Security firm Avast and AI security specialist Borsetta have signed up to support an Intel-led artificial intelligence security research project
December 03, 2020 03 Dec'20
Cyber Aware campaign to help safeguard Christmas shoppers

New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas
December 03, 2020 03 Dec'20
Covid-19 vaccine supply chain attacked by unknown nation state

An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines
December 03, 2020 03 Dec'20
Lax Android app developers putting millions of users at risk

Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk
December 03, 2020 03 Dec'20
Dangerous Trickbot evolves to target UEFI/BIOS firmware

Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware
December 02, 2020 02 Dec'20
Re:Invent 2020: AWS CEO Andy Jassy on redefining hybrid cloud

Amazon Web Services’ Re:Invent user conference has moved online this year, with the firm’s CEO using the opening keynote to explain how AWS’s take on hybrid cloud has changed over time
December 02, 2020 02 Dec'20
Covid-19: Cyber criminals will target vaccine programmes

Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use
December 02, 2020 02 Dec'20
Double extortion ransomware will be a big theme in 2021

Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration
December 02, 2020 02 Dec'20
Singapore government remains ‘juicy target’ for cyber attackers

The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats
December 01, 2020 01 Dec'20
DHL, Amazon and FedEx are most phished delivery services

DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020
December 01, 2020 01 Dec'20
22,000 malicious .uk domains suspended in past year

Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected
December 01, 2020 01 Dec'20
Government covers its ears as complaint by victims of Post Office abuse heads to ombudsman

Government denies responsibility for the abuse inflicted on subpostmasters by the Post Office over faulty IT system
December 01, 2020 01 Dec'20
What it takes for APAC firms to ride out the pandemic

Whether businesses will recover from the Covid-19 pandemic will depend on how they leverage technology to innovate, create new business models and build digital trust
November 30, 2020 30 Nov'20
MI5 accused of withholding surveillance compliance failures from cabinet minister

MI5 withheld high-risk concerns about its ability to comply with legislation from the home secretary when it submitted applications for surveillance warrants, NGOs Privacy International and Liberty claimed last week