News

Network security management

• August 12, 2020 12 Aug'20

  Microsoft patches two zero-days with active exploits

  Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals

• August 11, 2020 11 Aug'20

  Citrix users urged to patch five XenMobile CVEs

  Patches are available for CVEs 2020-8208 through 8212 and should be installed as soon as possible

• August 11, 2020 11 Aug'20

  Coronavirus: Phishing lures pivot to exploit vaccine hopes

  Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19

• August 10, 2020 10 Aug'20

  Retailer Monsoon allegedly exposing data via Pulse Connect server

  A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures

• August 10, 2020 10 Aug'20

  Security teams struggle to keep pace with cloud threats

  Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up

• August 06, 2020 06 Aug'20

  Canon said to be latest Maze ransomware victim

  Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang

• August 05, 2020 05 Aug'20

  Second wave of Covid-19 cyber attacks locked in

  More cyber attacks exploiting the pandemic seem likely, says Interpol

• August 04, 2020 04 Aug'20

  Five signs you’re about to get hit with ransomware

  A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  Labour Party is latest victim of Blackbaud ransomware attack

  Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour

• July 31, 2020 31 Jul'20

  Twitter confirms it was hit by targeted spearphishing attack

  Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident

• July 29, 2020 29 Jul'20

  Majority of organisations at risk of cloud data exposure

  Report casts doubt on the effectiveness of the shared responsibility model of cloud security

• July 29, 2020 29 Jul'20

  Cosmetics firm Avon faces new cyber security incident

  Technical information relating to Avon’s web and mobile sites was inadvertently left exposed on an unsecured Microsoft Azure server

• July 28, 2020 28 Jul'20

  Scotland’s security resilience centre concept goes national

  Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK

• July 28, 2020 28 Jul'20

  NCSC inducts six security startups to Cyber Accelerator

  10-week programme will guide some of the UK’s most innovative security startups as they scale their businesses for future growth

• July 27, 2020 27 Jul'20

  Court adjourns hearing into Assange extradition as US delays serving new indictment

  Westminster Magistrates Court suspends scheduled extradition hearing into WikiLeaks founder after it emerged the US had failed to serve a second superseding indictment against him

• July 24, 2020 24 Jul'20

  Garmin outage prompts ransomware attack speculation

  Details are thin on the ground following a major service outage at Garmin, prompting industry speculation that the firm has fallen victim to a ransomware attack

• July 22, 2020 22 Jul'20

  US charges Chinese nationals with Covid-19 research hacking

  The two hackers allegedly worked with the Chinese Ministry of State Security, targeting intellectual property and confidential business information

• July 21, 2020 21 Jul'20

  Russia Report reveals long-running cyber warfare campaign against UK

  Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report

• July 20, 2020 20 Jul'20

  Businesses underestimate negative impact of bot traffic

  Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact

• July 16, 2020 16 Jul'20

  Russian state hackers attacking Covid-19 researchers

  Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world

• July 15, 2020 15 Jul'20

  Government proposes IoT security enforcement body

  The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals

• July 15, 2020 15 Jul'20

  Warning over security holes in fake Cisco kit

  Two counterfeit Cisco Catalyst 2960-X switches were only found after a software update caused them to stop working

• July 14, 2020 14 Jul'20

  Check Point unearths critical SigRed bug in Windows DNS

  SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update

• July 14, 2020 14 Jul'20

  Recon vulnerability puts thousands of SAP customers at risk

  Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems

• July 08, 2020 08 Jul'20

  Security funding soars despite Covid-19 slump, but problems lie ahead

  The overall cyber security funding ecosystem in the UK is healthier than ever despite Covid-19, but the figures mask stark and concerning disparities in where the money is going

• July 07, 2020 07 Jul'20

  MSP Xchanging attacked in ransomware incident

  Specialist managed services provider is restoring customer access to systems after an unspecified ransomware incident

• July 06, 2020 06 Jul'20

  Lorca scale-ups bring diverse security to the fore

  London Office for Rapid Cybersecurity Advancement announces the cyber security scale-ups that will make up its fifth cohort

• July 06, 2020 06 Jul'20

  Need to secure industrial IoT more acute than ever

  A report from the Lloyd’s Register Foundation is calling for urgent action to secure industrial infrastructure, as the IoT leaves it increasingly exposed

• July 06, 2020 06 Jul'20

  North Korea behind spate of Magecart attacks

  The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec

• July 02, 2020 02 Jul'20

  Cops take out encrypted comms to disrupt organised crime

  The UK’s National Crime Agency, alongside other law enforcement agencies in France and the Netherlands, have busted illicit arms and drugs rings after disabling an encrypted comms platform

• July 01, 2020 01 Jul'20

  UK’s unsung cyber security heroes sought

  Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards

• July 01, 2020 01 Jul'20

  Zoom making progress on cyber security and privacy, says CEO

  Three months after being hit by a spate of security incidents, Zoom’s CEO, Eric Yuan, has been discussing progress towards a more secure product

• June 30, 2020 30 Jun'20

  The Security Interviews: What CISOs can learn from Covid-19

  Mike Lloyd, CTO at Redseal, holds 21 cyber security patents and a PhD in stochastic epidemic modelling from Heriot-Watt University in Edinburgh, so is probably the man to talk to when it comes to cyber security in the world of Covid-19

• June 30, 2020 30 Jun'20

  Complex security estates hinder incident response

  The more disparate security tools in use in an organisation, the harder it becomes to mount an effective incident response

• June 29, 2020 29 Jun'20

  Post-pandemic security market still set for growth, but slower

  Frost & Sullivan report says the global security industry will withstand the economic crash caused by the Covid-19 pandemic, but growth will be slower for a few years

• June 29, 2020 29 Jun'20

  Making the case for cloud-based security

  Cloud-based security tools can hasten threat detection and response, but adoption will depend on where an enterprise is on the cloud readiness scale

• June 19, 2020 19 Jun'20

  Australian prime minister confirms country is suffering repeated nation-state cyber attacks

  Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors

• June 18, 2020 18 Jun'20

  Zoom U-turns on end-to-end encryption

  Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users

• June 17, 2020 17 Jun'20

  Cosmetics company Avon offline after cyber attack

  Representatives left unable to place orders after company’s back-end systems went offline over a week ago

• June 17, 2020 17 Jun'20

  Coronavirus: Cyber security spend to slow in 2020

  Analysts revise down previous growth targets for security technology as the Covid-19 pandemic bites

• June 17, 2020 17 Jun'20

  Coronavirus: 50% of security pros had no pandemic contingency plan

  A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic

• June 16, 2020 16 Jun'20

  Activists call on Zoom to implement encryption for all

  A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users

• June 15, 2020 15 Jun'20

  Banking trojans roar back to prominence in May

  Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants

• June 14, 2020 14 Jun'20

  Coronavirus: Enterprise VPN adoption in India set to rise

  Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData

• June 12, 2020 12 Jun'20

  100,000 cheap wireless cameras vulnerable to hacking

  Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors

• June 11, 2020 11 Jun'20

  CISOs buying into unified security proposition

  The time is right for all-in-one security solutions, according to a report

• June 10, 2020 10 Jun'20

  Decade-old vulnerability among 129 Patch Tuesday fixes

  A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks

• June 10, 2020 10 Jun'20

  Unsecured Elasticsearch server breached in eight hours flat

  Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot

• June 09, 2020 09 Jun'20

  Honda investigates suspected Snake ransomware attack

  Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended

• June 04, 2020 04 Jun'20

  Small businesses failing on remote worker protection

  Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up

• June 04, 2020 04 Jun'20

  The Security Interviews: How the BSI protects the IoT from itself

  David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely

• June 03, 2020 03 Jun'20

  Aston Martin swaps out legacy antivirus for AI-driven service

  Luxury car manufacturer says the advent of artificial intelligence-powered services will revolutionise its security posture

• June 03, 2020 03 Jun'20

  Keeping IT operations running for remote workers

  Measuring employee experience and enabling self-service are some of the ways businesses can manage and empower a remote workforce

• June 01, 2020 01 Jun'20

  How managed threat hunting helps bust malicious insiders

  Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending

• May 29, 2020 29 May'20

  Government launches IoT security funding round

  A £400,000 funding pot is on offer for innovators to design schemes that boost internet-of-things security

• May 29, 2020 29 May'20

  How Sega Europe slashed incident response times using cloud SIEM

  Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service

• May 28, 2020 28 May'20

  IoT buyers eye private network deployments for added security

  Fully private, segregated networks for IoT deployments are becoming increasingly attractive to many organisations, according to a report

• May 27, 2020 27 May'20

  Enterprise clouds hammered by cyber attacks during pandemic

  Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee

• May 27, 2020 27 May'20

  Fears contact-tracing app will open the floodgates for cyber criminals

  Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 15, 2020 15 May'20

  Questions raised after UK’s electrical grid shrugs off cyber attack

  Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse

• May 14, 2020 14 May'20

  China targeting Covid-19 researchers through IT suppliers, claims US

  The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China

• May 14, 2020 14 May'20

  SK Telecom brings quantum security to the masses

  The South Korean telco is readying the world’s first 5G smartphone equipped with a quantum random number generator chipset

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  European comms bodies set up standards group, call for vigilance on contact-tracing apps

  New ETSI group will develop standardisation framework for secure smartphone-based proximity tracing systems, helping to break Covid-19 transmission chains

• May 12, 2020 12 May'20

  Details released of second UK contact-tracing app development

  Contractual documents show Zuhlke Engineering receiving an official start date of 6 May to supply a managed delivery team to support and run proximity mobile application and services for the UK

• May 07, 2020 07 May'20

  Zoom buys secure messaging service Keybase

  Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 05, 2020 05 May'20

  GoDaddy owns up to October 2019 data breach

  Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts

• May 04, 2020 04 May'20

  Xen Orchestra latest victim of Salt cryptojackers

  More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• April 29, 2020 29 Apr'20

  IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture

  Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases

• April 28, 2020 28 Apr'20

  Almost half of security pros being redeployed during pandemic

  Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic

• April 22, 2020 22 Apr'20

  Coronavirus: Cyber criminals may be changing tactics

  Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition

• April 21, 2020 21 Apr'20

  Revealed: The man behind the first major computer virus pandemic

  After 20 years of silence, Onel de Guzman has admitted unleashing the “Love Bug”, the computer virus that caused havoc by infecting 45 million machines around the world

• April 20, 2020 20 Apr'20

  NCSC launches coronavirus cyber security campaign

  The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 17, 2020 17 Apr'20

  EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing

  EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus

• April 16, 2020 16 Apr'20

  Check Point sounds alarm over double extortion ransomware threat

  Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard

• April 16, 2020 16 Apr'20

  Coronavirus: India eases lockdown restrictions for IT service providers

  Indian government allows IT services firms to bring half their staff back to delivery centres

• April 16, 2020 16 Apr'20

  NHS Wales to get free security services during coronavirus pandemic

  NHS Wales Informatics Services enlists Thales to help it face down security threats and let its teams focus on the Covid-19 coronavirus crisis

• April 16, 2020 16 Apr'20

  Coronavirus: Cyber attacks on banks seen spiking, says Carbon Black

  VMware’s Carbon Black observes a spike in cyber attacks on financial services organisations

• April 14, 2020 14 Apr'20

  Coronavirus puts brakes on 5G core deployments

  Research firm identifies short- and long-term impacts that global pandemic will have on 5G core and edge networks

• April 10, 2020 10 Apr'20

  Coronavirus: Warning over surge in Zoom security incidents

  Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools

• April 07, 2020 07 Apr'20

  Coronavirus: Criminals using Zoom installer to spread cryptominer

  Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims

• April 06, 2020 06 Apr'20

  Zero-day exploits increasingly commodified, say researchers

  The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills

• April 05, 2020 05 Apr'20

  Google data shows high interest in security and remote working

  An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis

• April 02, 2020 02 Apr'20

  Coronavirus: Is Zoom safe and should security teams ban it?

  Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright?

• April 01, 2020 01 Apr'20

  CDN and cloud suppliers join routing security initiative

  Akamai and Amazon Web Services are among a group of cloud and content delivery network providers to participate in a global initiative to address the security threats to internet routing systems

• March 31, 2020 31 Mar'20

  Marriott International hotel chain in second data breach

  Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years

• March 31, 2020 31 Mar'20

  How IT leaders and their teams are supporting employees through the coronavirus crisis

  We talk to four top IT chiefs across the UK to find out how their teams are supporting their organisations and staff to keep working through the Covid-19 outbreak

• March 31, 2020 31 Mar'20

  Too late to protect online privacy, say Brits

  Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report

• March 27, 2020 27 Mar'20

  Insurance firm Chubb may be latest Maze ransomware victim

  Maze ransomware group claims to have stolen personal data from the systems of cyber security insurance firm Chubb

• March 27, 2020 27 Mar'20

  Lorca calls on security scaleups to tackle coronavirus challenge

  Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges