News

IT security

• August 29, 2024 29 Aug'24

  Check Point secured for annual Security Serious cyber awards

  The annual Security Serious Unsung Heroes awards, recognising the champions of the UK cyber security industry, are back once again, with a new headline sponsor joining the party

• August 29, 2024 29 Aug'24

  Telegram CEO Pavel Durov under formal investigation, released on bail

  European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act

• August 29, 2024 29 Aug'24

  Iranian APT caught acting as access broker for ransomware crews

  Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits

• August 29, 2024 29 Aug'24

  Study highlights secure software supply chain best practices

  Security trends report from open source firm shows the approaches IT leaders take to secure their software supply chain

• August 29, 2024 29 Aug'24

  US offers $2.5m bounty for on-the-run malware dev

  US State Department puts a $2.5m bounty on the head of Angler exploit kit developer and ransomware crew member Volodymyr Kadariya as part of a major developing case

• August 29, 2024 29 Aug'24

  Met Police deploy LFR in Lewisham without community input

  The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology

• August 28, 2024 28 Aug'24

  Iranian APT Peach Sandstorm teases new Tickler malware

  Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence

• August 28, 2024 28 Aug'24

  Global cyber spend to rise 15% in 2025, pushed along by AI

  Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner

• August 28, 2024 28 Aug'24

  Cambridge Enterprise saves big with Keepit SaaS backup

  University innovation body avoids hardware spend and saves management time as it switches from tape to cloud-to-cloud backup, instant recovery and decades-long retention from Keepit

• August 28, 2024 28 Aug'24

  Telegram founder Pavel Durov questioned over cyber crime charges

  Billionaire founder of Telegram accused of failing to co-operate with law enforcement requests for lawful interception

• August 28, 2024 28 Aug'24

  How Kaspersky is driving growth in APAC

  Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region

• August 27, 2024 27 Aug'24

  Palo Alto Networks bets on ‘precision AI’

  Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’

• August 22, 2024 22 Aug'24

  New Qilin tactics a ‘bonus multiplier’ for ransomware chaos

  Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.

• August 21, 2024 21 Aug'24

  Pakistani national arrested over Southport ‘cyber terrorism’

  Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack

• August 20, 2024 20 Aug'24

  ICO launches privacy notice tool for SMEs

  ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes

• August 20, 2024 20 Aug'24

  Phishing links becoming bigger threat than email attachments

  Phishing techniques are evolving away from malicious email attachments, according to a report

• August 20, 2024 20 Aug'24

  Helsinki braced for elevated cyber attacks

  The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems

• August 19, 2024 19 Aug'24

  Challenges of deploying PQC globally

  Quantum computers will eventually be powerful and reliable enough to crack strong encryption. PQC is the answer, but it could take years to deploy

• August 19, 2024 19 Aug'24

  Popular Microsoft apps for Mac at risk of code injection attacks

  Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem

• August 16, 2024 16 Aug'24

  New Relic CEO on APAC growth and future of observability

  New Relic CEO Ashan Willy talks up growth trajectory in APAC, the company’s long-term vision, and how going private has enabled it to make strategic investments

• August 16, 2024 16 Aug'24

  Thousands of NetSuite customers accidentally exposing their data

  Misconfigured permissions across live websites are leaving thousands of NetSuite users open to having their valuable customer data stolen, researchers say

• August 16, 2024 16 Aug'24

  Campaigners criticise Starmer post-riot public surveillance plans

  A UK government programme to expand police facial recognition and information sharing after racist riots is attracting criticism from campaigners for exploiting the far-right unrest to generally crack down on protest and increase surveillance

• August 15, 2024 15 Aug'24

  Google Cloud survey shows GenAI business benefits

  Survey on behalf of Google Cloud suggests that business can start generating value from GenAI within six months

• August 15, 2024 15 Aug'24

  ASEAN organisations lack mature AI strategy

  IBM-commissioned study reveals that while ASEAN organisations are engaging with AI, only 4% have reached a transformative level of AI maturity

• August 14, 2024 14 Aug'24

  August Patch Tuesday proves busy with six zero-days to fix

  Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update

• August 14, 2024 14 Aug'24

  Dawn Project calls out Big Tech for selling AI snake oil

  A campaigning group focused on safety critical technology has called out the major tech firms for putting people’s lives at risk with flawed AI

• August 14, 2024 14 Aug'24

  Automated police tech contributes to UK structural racism problem

  Civil society groups say automated policing technologies are helping to fuel the disparities that people of colour face across the criminal justice sector, as part of wider warning about the UK’s lack of progress in dealing with systemic racism

• August 14, 2024 14 Aug'24

  Leeds Teaching Hospitals deploys patient records and data sharing on Azure

  In-house patient records system has been migrated to the Microsoft public cloud, opening up the potential for greater data sharing

• August 13, 2024 13 Aug'24

  NIST debuts three quantum-safe encryption algorithms

  NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can

• August 13, 2024 13 Aug'24

  Cyber criminal kingpin ‘J.P. Morgan’ appears in US court

  ‘J.P. Morgan’, a Belarusian cyber criminal who ran a major ransomware campaign supported by malvertising scams, faces decades in prison in the United States after being extradited from the EU

• August 13, 2024 13 Aug'24

  Australia’s cyber security skills gap remains pressing issue

  Study reveals Australia’s critical shortage of cyber security professionals, escalating the risk of data breaches

• August 09, 2024 09 Aug'24

  The Security Interviews: Google’s take on confidential computing

  We speak to Google’s Nelly Porter about the company’s approach to keeping data as safe as possible on Google Cloud

• August 08, 2024 08 Aug'24

  Royal ransomware crew puts on a BlackSuit in rebrand

  The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA

• August 08, 2024 08 Aug'24

  US lawmakers seek to brand ransomware gangs as terrorists

  Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers

• August 08, 2024 08 Aug'24

  Ofcom issues online safety warning to firms in wake of UK riots

  Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK

• August 07, 2024 07 Aug'24

  Microsoft and CrowdStrike hit back at Delta’s legal threats

  Microsoft and CrowdStrike have rejected claims by Delta Air Lines that it was left high and dry amid thousands of flight cancellations during July’s software outage, accusing the airline of ignoring their offers of help and running out-of-date IT ...

• August 06, 2024 06 Aug'24

  Advanced faces fine over LockBit attack that crippled NHS 111

  Advanced Software faces a multimillion pound fine for a series of failings which directly led to a 2022 LockBit ransomware attack that disrupted NHS and social care services across the UK

• August 06, 2024 06 Aug'24

  2024 seeing more CVEs than ever before, but few are weaponised

  The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies

• August 05, 2024 05 Aug'24

  Chinese cyber attack sparks alert over six-year-old MS vuln

  After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824

• August 05, 2024 05 Aug'24

  World’s largest companies at near-universal risk of supply chain breach

  Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats

• August 05, 2024 05 Aug'24

  Russia’s luxury car phish continues to prove effective

  Government organisations and other bodies operating in Ukraine continue to be targeted by a relatively unsophisticated phishing campaign that has proven so effective for Russia’s cyber spooks that there are now multiple agencies involved

• August 02, 2024 02 Aug'24

  How CrowdStrike is leveraging AI to empower security teams

  CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges

• August 01, 2024 01 Aug'24

  Police hunt scammers after takedown of Russian Coms fraud platform

  The National Crime Agency has arrested four people after taking down a phone number spoofing platform used by criminals to defraud hundreds of thousands of people in the UK with more arrests to follow

• August 01, 2024 01 Aug'24

  CrowdStrike shareholders sue, alleging false security claims

  A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage

• August 01, 2024 01 Aug'24

  Banks, telcos call for more data sharing to fight fraud

  A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud

• July 31, 2024 31 Jul'24

  API attacks surge by 65% in APAC, fuelled by rapid digitisation

  Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit

• July 31, 2024 31 Jul'24

  Campaigners call for evidence to reform UK cyber laws

  The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work

• July 31, 2024 31 Jul'24

  Mayor launches London Privacy Register for smart city information

  To increase transparency around and trust in London’s smart city technology deployments, the London Privacy Register aims to provide the public with more information about the systems they encounter in their day-to-day lives

• July 31, 2024 31 Jul'24

  Breach costs soar as record ransomware payment made

  IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made

• July 30, 2024 30 Jul'24

  Basic failures led to hack of Electoral Commission data on 40 million people

  UK government identifies Chinese state-linked hackers as likely to have been behind attack on the Electoral Commission