News
IT security
-
August 28, 2019
28
Aug'19
Most UK firms ignore security in tech investments
Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals
-
August 28, 2019
28
Aug'19
Ransomware has evolved into a serious enterprise threat
Ransomware has seen a resurgence since the start of 2019, with cyber criminals changing code and tactics to target enterprises and local authorities for higher ransom payments, McAfee researchers warn
-
August 27, 2019
27
Aug'19
Employees, MSPs and developers top third-party risks
Employees, managed service providers and developers are the top sources of third-party risks in terms of data security, a survey reveals, highlighting the value of workplace monitoring
-
August 26, 2019
26
Aug'19
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal
-
August 23, 2019
23
Aug'19
Three more identity providers to withdraw from troubled Gov.uk Verify programme
Three of the five companies supporting the government's troubled digital identity scheme are pulling out, raising further questions over the viability of the £175m programme
-
August 23, 2019
23
Aug'19
Majority of organisations struggling with cloud security
The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility model is unclear, according to a survey of information security professionals
-
August 23, 2019
23
Aug'19
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials
-
August 23, 2019
23
Aug'19
Human rights group challenges police over counter-terrorism powers
Bringing into question the effectiveness of terror laws, a report by human rights group Cage highlights poor conviction rates and the discriminatory application of police powers at the border
-
August 22, 2019
22
Aug'19
Security pros reiterate warning against encryption backdoors
The majority of security professionals believe countries with government-mandated encryption backdoors are more susceptible to nation-state cyber attacks
-
August 22, 2019
22
Aug'19
A helping hand from the Nordics in the eye of the GDPR storm
Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them
-
August 22, 2019
22
Aug'19
Tech firms join forces to boost cloud security
Top tech firms are to collaborate on open source technologies, tools, frameworks and standards that accelerate the adoption of confidential computing to boost security in cloud and edge computing
-
August 22, 2019
22
Aug'19
Cyber attackers exploiting poor cloud security
More than a third of organisations report a cyber attack on the cloud environment due to a lack of basic cloud security hygiene
-
August 21, 2019
21
Aug'19
Box aims to shield businesses from data loss threat
Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders
-
August 21, 2019
21
Aug'19
Healthcare faces triple cyber threat, says FireEye
Criminal and nation-state cyber attackers are increasingly targeting the healthcare industry to steal data, carry out espionage and cause disruption, a report reveals
-
August 21, 2019
21
Aug'19
Security concerns blocking UK digital transformation
The majority of UK firms are holding off adopting new, more efficient and cost effective technology because they are failing to see cyber security as a driver of strategic value, report reveals
-
August 21, 2019
21
Aug'19
Silence APT group eyes APAC banks
Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks
-
August 20, 2019
20
Aug'19
Human error a big risk to ICS cyber security, study shows
Despite the rise in automation, industrial processes are at risk due to human error, a report on industrial cyber security reveals
-
August 20, 2019
20
Aug'19
Malware still top security threat, say infosec pros
Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows
-
August 20, 2019
20
Aug'19
Huawei to US: Ban violates free market principles
Huawei has hit back at the US government’s latest moves to restrict its activities
-
August 20, 2019
20
Aug'19
Even fintech startups battling to meet cyber security challenges
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge
-
August 19, 2019
19
Aug'19
UK financial account takeovers up, report warns
Commercial cyber criminal services are helping to drive up the number of account takeovers, a fraud report for the first half of the year shows
-
August 19, 2019
19
Aug'19
Q2 shows ransomware proliferation, Kaspersky warns
Ransomware modifications have more than doubled in the past year, the number of ransomware families has grown, and the number of attempted infections is up nearly 50%
-
August 19, 2019
19
Aug'19
US extends temporary stay on Huawei ban
American network operators given extra wiggle room to wean themselves off Huawei’s hardware
-
August 19, 2019
19
Aug'19
How EDR is moving beyond the endpoint
An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise
-
August 16, 2019
16
Aug'19
Google finds that web users log in with compromised credentials
People continue to use passwords that have been breached. Google has proposed a protocol, which could warn them if their credentials have been stolen
-
August 16, 2019
16
Aug'19
Passwordless enterprise already possible, says RSA
The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief
-
August 16, 2019
16
Aug'19
New approach to risk management needed, says Gartner
Most third-party risks are discovered after the initial due diligence period, Gartner study shows, highlighting the need for a new approach to risk management and the importance of effective access controls
-
August 16, 2019
16
Aug'19
ICO to probe facial recognition at King’s Cross
UK privacy watchdog is to investigate whether the use of live facial recognition technology at King’s Cross complies with data protection laws
-
August 15, 2019
15
Aug'19
Australia needs to get digital identity right
A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime
-
August 15, 2019
15
Aug'19
2019 set to be another record year for data breaches
The number of data breach incidents continues to rise and looks set to reach another record this year, with the business sector first in the firing line, according to a mid-year breach report
-
August 15, 2019
15
Aug'19
Most UK financial firms hit by cyber attack in the past year
The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals
-
August 15, 2019
15
Aug'19
Cisco frozen out of China as Trump’s trade war rages on
Cisco CEO Chuck Robbins reveals the firm is being edged out of the Chinese market
-
August 15, 2019
15
Aug'19
Formjacking dominates web-related data breaches
Formjacking has become one of the most popular data stealing methods, say researchers, who urge commercial websites to review all third-party coding practices without delay
-
August 15, 2019
15
Aug'19
Melbourne researchers uncover privacy lapses in transport dataset
A team of University of Melbourne researchers has been able to re-identify individuals from a public transport dataset, raising serious privacy, safety and security issues
-
August 14, 2019
14
Aug'19
Publicly accessible biometric database highlights key failings
The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data
-
August 14, 2019
14
Aug'19
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector
-
August 14, 2019
14
Aug'19
GDPR faces growing pains across Europe
The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds
-
August 14, 2019
14
Aug'19
Cyber criminal collaboration intensifies
The level of cooperation between high-profile cyber threat groups has shifted up a gear, enabling a higher level of automation and making attribution more difficult, research shows
-
August 14, 2019
14
Aug'19
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks
-
August 14, 2019
14
Aug'19
Norman evasive cryptominer conquers networks
Cryptomining malware designed to evade detection is capable of invading every device in targeted companies, researchers warn
-
August 14, 2019
14
Aug'19
UK finance regulator gives extra time for companies to meet payment security rules
Financial Conduct Authority gives companies under its watch an extra 18 months to meet an EU payments security standard
-
August 14, 2019
14
Aug'19
British Airways e-ticketing system could expose passenger details
British Airways has not addressed a potential leak of passenger details despite warnings from security researchers, but says it is aware of the issue and is taking action
-
August 14, 2019
14
Aug'19
NTT Security partners with Europol
Link-up is part of a commitment to share strategic information with partners and law enforcement to bolster threat intelligence in the global fight against cyber crime
-
August 13, 2019
13
Aug'19
Breach cost $53m in Q2, says Desjardins
Credit union cooperative Desjardins reveals that a data breach in June cost the company $53m in the second quarter, but that could be just the start, warn industry commentators
-
August 13, 2019
13
Aug'19
UK businesses still overlooking human element in security
Most UK businesses are still failing to address the human element in cyber security as part of an integrated approach, exposing themselves unnecessarily to cyber criminal attacks, a study shows
-
August 13, 2019
13
Aug'19
BACnet IoT building automation devices vulnerable to attack
A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack
-
August 12, 2019
12
Aug'19
Phishing top security threat to business
A new Telefónica security service for business shows that phishing is the most-blocked threat and smaller businesses are a popular attack target in the first two months of deployment
-
August 12, 2019
12
Aug'19
South Wales Police starts facial recognition trial despite opposition
The use of the facial recognition app by South Wales Police marks the latest deployment of controversial facial recognition technology by police forces in the UK
-
August 12, 2019
12
Aug'19
Digital transformation driving security rethink
Organisations are focusing on internet of things and cloud in developing cyber defence systems, study shows
-
August 09, 2019
09
Aug'19
McAfee warns of serious security flaw in building controller
Security researchers have demonstrated how simple flaws in building controllers could allow malicious actors to manipulate control systems with devastating effect, highlighting the importance of operational technology security
-
August 09, 2019
09
Aug'19
F-Secure warns of F5 Big IP-related security issue
F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks
-
August 09, 2019
09
Aug'19
NCC Group warns of security risks of leading printers
Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems
-
August 09, 2019
09
Aug'19
Whistleblowers: James Glenn’s battle with Cisco opens new front on cyber security
James Glenn, a 42-year-old security specialist, fought a 10-year legal battle with Cisco after blowing the whistle on serious security flaws. He lost his job, but has no regrets
-
August 08, 2019
08
Aug'19
Ransomware a continued threat to business, report warns
Businesses are increasingly becoming the most popular targets for ransomware, which remains a top cyber threat around the world, especially in the US, a report reveals
-
August 08, 2019
08
Aug'19
Cyber criminals hijacking legitimate website comms
Criminals are exploiting firms’ use of online feedback methods to distribute spam and phishing emails, security researchers warn
-
August 08, 2019
08
Aug'19
Can you trust pen-testers?
Pen-testers have knowingly posted security workarounds on the public internet that are now commonly used by hackers
-
August 07, 2019
07
Aug'19
Southeast Asian ‘white hat’ urges more countries to sign the Paris Call
A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare
-
August 07, 2019
07
Aug'19
Shared files in the cloud are a top ransomware target
Vectra 2019 Spotlight report shows recent ransomware attacks cast a wider net to ensnare cloud, datacentre and enterprise infrastructures
-
August 07, 2019
07
Aug'19
FireEye identifies dual nature Chinese cyber threat group
Security researchers have identified a China-based cyber threat group engaged in state-spored espionage in parallel with cyber criminal activities targeting multiple industries worldwide
-
August 07, 2019
07
Aug'19
Industry collaborates to patch SwapGS CPU vulnerability
Newly disclosed SwapGS vulnerability in modern processors has been patched in Windows, Linux and ChromeOS, underlining the importance of keeping systems up to date
-
August 06, 2019
06
Aug'19
African bank foils suspected North Korean cyber attack
An African bank is among the financial institutions to be targeted by North Korea’s multi-billion dollar cyber theft campaign to support its weapons programmes
-
August 06, 2019
06
Aug'19
Most UK firms lack confidence in disaster recovery
Only a third of UK firms are confident in their ability to recover from cyber attacks and other disasters, with business continuity still relatively low on the agenda, a study reveals
-
August 06, 2019
06
Aug'19
ICO joins international call for transparency around Facebook’s Libra currency
Data protection regulators from around the world have signed a statement raising privacy concerns about Libra
-
August 05, 2019
05
Aug'19
DDoS on the rise, warns Kaspersky
Security researchers at Kaspersky are among those warning business that, more than ever, mitigation of distributed denial of service attacks needs to be a key element of cyber defence strategies
-
August 05, 2019
05
Aug'19
Most UK university applicants at risk of email fraud
The majority of hundreds of thousands of applicants to UK universities are at risk of email fraud before and after A-level results day, due to a failure to implement full Dmarc protection, a study reveals
-
August 02, 2019
02
Aug'19
Lack of resources top challenge to IT security
A lack of resources is the top challenge to information security professionals, followed by a lack of experience and skills, a survey reveals
-
August 02, 2019
02
Aug'19
Government continues probe of UK cyber security labour market
The government has announced a second phase of research to help understand the UK's cyber security labour market
-
August 01, 2019
01
Aug'19
Facebook asked to explain discrepancies in evidence over Cambridge Analytica
DCMS Committee chairman asks Facebook to clarify what it knew about Cambridge Analytica’s use of its data and when
-
August 01, 2019
01
Aug'19
Industrial control system cyber security risk high, report warns
The industrial control system cyber risk to global oil and gas companies is high and rising, as new attack groups continue to enter the arena
-
August 01, 2019
01
Aug'19
Enterprise-readiness of business cloud services found lacking in Netskope research
Latest analysis of cloud and internet usage trends in the enterprise space by Netskope suggests the majority of the off-premise services businesses use are not fit for purpose from a security and data protection standpoint
-
August 01, 2019
01
Aug'19
GDPR taken more seriously after first fines
Security professionals believe the first big fines under the General Data Protection Regulation will get organisations to take the new rules more seriously, but will not necessarily change policies or practices
-
August 01, 2019
01
Aug'19
Leaked Sephora databases peddled on dark web
Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand
-
July 31, 2019
31
Jul'19
Cisco pays $8.6m after whistleblower discloses security flaws in video surveillance system
James Glenn, a video surveillance expert working for a Cisco reseller in Denmark, alerted Cisco to security faults and stands to gain a share of a multimillion-dollar settlement with the US government
-
July 31, 2019
31
Jul'19
How Singapore’s NTUC Enterprise is embracing digital transformation
NTUC Enterprise is starting to look more like a technology company, employing DevOps to speed up software development and developing new digital business models even as cultural barriers to transformation remain
-
July 31, 2019
31
Jul'19
Financial services top cyber attack target
Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats
-
July 30, 2019
30
Jul'19
Australian firms grappling with “train-smash” of security legislation
While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators
-
July 30, 2019
30
Jul'19
Mobiles top target of nation state surveillance
Nation states are targeting individual mobile users for intelligence gathering and disruption of rivals as security on mobile devices lags behind traditional computing, a report reveals
-
July 30, 2019
30
Jul'19
Huawei ‘galvanised’ by Trump ban
Huawei has found itself caught in the crossfire of the US president’s trade war with China, but chairman Liang Hua says the firm is rising to the challenge
-
July 30, 2019
30
Jul'19
Former AWS engineer arrested for Capital One data breach
Capital One announces data breach affecting more than 100 million customers as US federal authorities arrest a Seattle woman formerly employed by Amazon Web Services
-
July 29, 2019
29
Jul'19
ICO selects first innovation Sandbox participants
UK privacy watchdog has chosen the first firms to take part in its Sandbox programme aimed at developing innovative and beneficial products and services that are privacy compliant
-
July 29, 2019
29
Jul'19
Visa card vulnerabilities enable contactless limit bypass
Security researchers have discovered vulnerabilities on Visa cards that could be exploited to bypass contactless payment limits and result in huge losses
-
July 29, 2019
29
Jul'19
WannaCry hero Marcus Hutchins spared jail
British security researcher who helped halt the global WannaCry ransomware attack that hit the NHS in 2017 has avoided jail in the US for creating other malware
-
July 29, 2019
29
Jul'19
Cyber kill chain is outdated, says Carbon Black
The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles
-
July 26, 2019
26
Jul'19
Email security as important as ever, report shows
Cyber security professionals need to keep up to date with email-borne threats because they continue to evolve and have a major impact on business, research reveals
-
July 26, 2019
26
Jul'19
86 million reasons to support No More Ransom
Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world
-
July 25, 2019
25
Jul'19
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC
Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated
-
July 25, 2019
25
Jul'19
Mobile banking malware surges in 2019
Mobile banking malware surged in the first half of the year, email scams geared up and attacks on cloud increased, while illicit cryptocurrency miners declined, report reveals
-
July 25, 2019
25
Jul'19
Most SMEs severely underestimate cyber security vulnerabilities
Small businesses are the primary target for cyber attacks, yet most are unprepared and do not think they will be targeted, a survey reveals
-
July 25, 2019
25
Jul'19
Facebook shrugs off $5bn fine, reports strong quarter
Investors responded positively after social networking firm reported better-than-expected second-quarter results after budgeting for FTC fine, but the company faces a further antitrust investigation
-
July 24, 2019
24
Jul'19
Internet crime costs global economy £2.3m a minute
Cyber crime cost the global economy £2.3m every minute in 2018, reveals a report aimed at defining the scale of cyber attacks taking place over the internet
-
July 24, 2019
24
Jul'19
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine
Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission
-
July 24, 2019
24
Jul'19
Global malware down but ransomware up, with UK hard hit
Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals
-
July 24, 2019
24
Jul'19
Controversial ‘immigration exemption’ used in 60% of cases
The UK government has used a controversial GDPR opt-out in response to the majority of its immigration-related data requests since the start of 2019, the High Court has heard
-
July 24, 2019
24
Jul'19
AI to advance Swedish military systems
Swedish report into use of artificial intelligence in military systems reveals opportunities and concerns
-
July 23, 2019
23
Jul'19
Phishing attack highlights cyber security need at universities
UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices
-
July 23, 2019
23
Jul'19
Almost a third of European firms still not compliant with GDPR
Almost a third of European businesses admit they are still not compliant with the EU’s General Data Protection Regulation, but there are encouraging signs of increased maturity in data protection, with the new rules driving better, ...
-
July 23, 2019
23
Jul'19
Norsk Hydro cyber attack could cost up to $75m
March 2019 ransomware attack could cost Norwegian aluminium giant up to $75m in the first half of the year, according to latest estimates
-
July 23, 2019
23
Jul'19
Data breach costs on the rise, IBM study shows
Data breach costs have risen in the past decade, and the financial impact can be felt for years. Breaches posing a growing risk for small businesses, a study shows, underlining the importance of incident response
-
July 23, 2019
23
Jul'19
High Court to hear challenge to immigration exemption in DPA
The High Court is to hear a challenge by two human rights groups of a controversial clause in new UK data protection legislation they say is in conflict with the EU’s Charter of Fundamental Rights and undermines the General Data Protection Regulation
-
July 23, 2019
23
Jul'19
Government delays final decision on Huawei
Culture secretary says he cannot yet make specific decisions about Huawei’s involvement in the UK’s telecoms and mobile networks due to a lack of clarity from the US, effectively green-lighting its use