News

IT security

• June 11, 2019 11 Jun'19

  Most code-signing processes insecure, study shows

  The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals

• June 11, 2019 11 Jun'19

  MP brands Huawei exec a ‘moral vacuum’ as operators demand 5G clarity

  Huawei chief security officer John Suffolk faces tough questions from parliament’s Science and Technology Select Committee over the firm’s links to the Chinese government

• June 11, 2019 11 Jun'19

  Implementing Dmarc a top priority for UK

  Basic email security should be a top priority for UK firms, followed by reducing third-party web exposure and monitoring data flows leaving the enterprise, a Rapid7 study reveals

• June 10, 2019 10 Jun'19

  Large firms look to zero-trust security to reduce cyber risk

  In the face of increasing cyber breach risk as organisations move to hybrid multi-cloud IT environments, just over half of large firms in Europe are planning a zero-trust approach to security

• June 07, 2019 07 Jun'19

  NotPetya offers industry-wide lessons, says Maersk’s tech chief

  There are several key industry-wide lessons to be learned from the NotPetya attack in 2017, according to the information chief at one of the companies most heavily impacted

• June 07, 2019 07 Jun'19

  Misconfigured container services are a security risk

  Researchers at Palo Alto Networks have released details of the scale of misconfigured and exposed container services putting organisations at risk of cyber attack

• June 07, 2019 07 Jun'19

  Apple tackles iPad-to-Mac app portability

  Xcode framework enables app developers to use one set of source code to target either iPadOS or MacOS

• June 07, 2019 07 Jun'19

  How ASEAN firms are using AI to combat cyber threats

  Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike

• June 06, 2019 06 Jun'19

  Weak cyber security top challenge, says NCSC chief Ciaran Martin

  UK cyber security agency NCSC is focusing on practical support and making the internet and technology safer to use, but says the area that needs most attention is improving basic cyber security in firms, says agency chief

• June 06, 2019 06 Jun'19

  TNMOC showcases role of Wren Colossus operators in D-Day

  Colossus was used to decypher German Lorenz encrypted messages, one of which appears to have given the Allies the green light

• June 06, 2019 06 Jun'19

  Firms face targeted bespoke cyber attacks, dark web study reveals

  Academic study exposes prolific availability and demand for tailored malware, network access and corporate espionage services, which suggests many firms’ cyber defences are below standard

• June 06, 2019 06 Jun'19

  Legacy IT systems a significant security challenge

  Information security professionals need to work closely with the business to identify critical legacy IT systems to ensure security risks are managed effectively, CISO tells Infosecurity Europe

• June 06, 2019 06 Jun'19

  Digital transformation an opportunity for security

  Digital transformation is an opportunity not only for the business to up its game, but also for security teams to engage with and win over the business, CISO tells Infosecurity Europe

• June 05, 2019 05 Jun'19

  London could be world cyber risk leader, says ex-Lloyd’s chief

  Collaboration across the cyber insurance, technology and security organisations in London could make the capital a leading world centre on these topics, says former Lloyd’s of London boss

• June 05, 2019 05 Jun'19

  DNS – a security opportunity not to be overlooked, says Nominet

  Domain name system data is the best-kept secret for eliminating network cyber threats, Nominet tells Infosecurity Europe attendees

• June 05, 2019 05 Jun'19

  Nearly two-thirds of businesses hit by credential abuse

  Most businesses admit to breaches relating to abuse of user credentials, according to a report that highlights cyber hygiene failings in the UK and the importance of greater visibility and integration to cyber defence capability

• June 04, 2019 04 Jun'19

  Businesses investing blindly in cyber security

  Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker

• June 04, 2019 04 Jun'19

  Deterministic data-based AI key for security

  AI-based cyber security systems have enormous potential, but under specific conditions that are essential for success, AI expert tells Infosecurity Europe

• June 04, 2019 04 Jun'19

  CIO interview: Gary Foote, CIO, Rich Energy Haas F1

  When he was offered the opportunity to set up the technology for a new Formula One team from scratch, CIO Gary Foote couldn’t wait to get on the starting line

• June 04, 2019 04 Jun'19

  Cyber crime widely under-reported, Isaca study shows

  Cyber crime, which is the top cyber threat to business, remains widely under-reported, and only a third of organisations are confident in their ability to detect and respond to threats, a study reveals

• June 04, 2019 04 Jun'19

  Beware of security blind spots in encrypted traffic

  The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• June 03, 2019 03 Jun'19

  Business leaders failing to address cyber threats

  Businesses are failing to address growing cyber threats as business leaders admit to knowledge gaps, a lack of resources and confusion about who is responsible for data breaches, a report reveals

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 31, 2019 31 May'19

  GCHQ urged to abandon plans to access encrypted chats

  Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats

• May 30, 2019 30 May'19

  A lack of skills and ownership are top challenges to OT security

  A lack of skills, visibility and clarity on which business function is responsible for securing operational technology are the biggest challenges to managing the risk, a study shows

• May 30, 2019 30 May'19

  2.3 billion business and consumer data files exposed online

  In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals

• May 30, 2019 30 May'19

  Salesforce completes Pardot fix after 12 days’ disruption

  Plug was pulled on 17 May after a data script went wrong. Most users have had full access since 18 May, but 10 services remained down

• May 29, 2019 29 May'19

  Hackers targeting UK universities a threat to national security

  Poorly defended UK university research that is mainly commissioned by government is a top target for hackers, putting national security at risk, a study reveals, underlining the need for better cyber security

• May 29, 2019 29 May'19

  Turla APT group beefs up cyber attack tool

  An advanced persistent threat cyber espionage group has improved its tools to attack diplomatic targets, making their activities more difficult to detect and block

• May 29, 2019 29 May'19

  Cyber weapons readily available to criminals, researchers warn

  Security researchers have discovered an attack campaign infrastructure designed to scan, brute-force and infect tens of thousands of MS-SQL and PHPMyAdmin servers

• May 29, 2019 29 May'19

  ICO to shortlist Sandbox applicants

  Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant

• May 28, 2019 28 May'19

  Perfect storm for data science in security

  After nearly 20 years of research, the perfect storm of computing technologies is finally enabling data science to realise its potential to make valuable contributions to improving cyber security capabilities

• May 28, 2019 28 May'19

  Many search engine users unaware of personal data collection

  Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed

• May 28, 2019 28 May'19

  Dutch IT security firm dumps corporate structure

  Boss of Netherlands-based Computest turns to self-management model to make company more nimble

• May 26, 2019 26 May'19

  Australian firms coming to grips with AI ethics

  Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds

• May 24, 2019 24 May'19

  Just over half of UK firms don’t have a cyber resilience plan

  Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection

• May 24, 2019 24 May'19

  GDPR: Are we there yet?

  A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made

• May 24, 2019 24 May'19

  Effect of GDPR yet to be felt, says law firm Hogan Lovells

  Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm

• May 24, 2019 24 May'19

  No real change a year into GDPR, says privacy expert

  A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead

• May 24, 2019 24 May'19

  SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

  Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region

• May 23, 2019 23 May'19

  Arm China seeks solutions to US export controls with Huawei

  Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant

• May 23, 2019 23 May'19

  IBM’s investment in automation pays off in GDPR’s first year

  The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data ...

• May 23, 2019 23 May'19

  Lapse in LinkedIn security certificate update

  A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right

• May 23, 2019 23 May'19

  Police shut down Bestmixer bitcoin laundering service

  The Bestmixer cryptocurrency laundering service has been shut down by Dutch anti-fraud police with support from Europol after a tip off by cyber security researchers at McAfee, significantly disrupting cyber criminal money flows

• May 22, 2019 22 May'19

  TalkTalk admits new failings in 2015 data breach notification

  TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR

• May 22, 2019 22 May'19

  Singapore proposes data portability provisions

  The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations

• May 21, 2019 21 May'19

  US grants Huawei stay of execution

  US Commerce Department temporarily restores Huawei’s ability to maintain its existing networks and smartphone user base

• May 21, 2019 21 May'19

  Dutch lecturer researches the person behind the cyber criminal

  Dutch academic is trying to get inside the mind of cyber criminals by understanding what makes them tick

• May 21, 2019 21 May'19

  Planned UK age verification checks risky for internet users

  Proposed controversial online age verification checks could increase the risk of identity theft and other cyber crimes, warn security experts, who advise parents to set technological boundaries and ensure their families are aware of risks