News
Network security management
-
April 20, 2021
20
Apr'21
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today
-
April 20, 2021
20
Apr'21
Codecov supply chain attack has echoes of SolarWinds
Supply chain attack on code auditing service may have compromised the likes of HPE and IBM
-
April 20, 2021
20
Apr'21
Singapore’s ViewQwest debuts security service
ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats
-
April 16, 2021
16
Apr'21
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security
-
April 15, 2021
15
Apr'21
Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration
The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts
-
April 15, 2021
15
Apr'21
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack
-
April 14, 2021
14
Apr'21
FBI accesses ProxyLogon target servers to disrupt cyber criminals
US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation
-
April 14, 2021
14
Apr'21
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency
-
April 13, 2021
13
Apr'21
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk
-
April 09, 2021
09
Apr'21
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware
-
April 08, 2021
08
Apr'21
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project
-
April 01, 2021
01
Apr'21
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities
-
March 31, 2021
31
Mar'21
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before
-
March 31, 2021
31
Mar'21
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base
-
March 30, 2021
30
Mar'21
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector
-
March 30, 2021
30
Mar'21
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data
-
March 29, 2021
29
Mar'21
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence
-
March 29, 2021
29
Mar'21
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio
-
March 26, 2021
26
Mar'21
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate
-
March 26, 2021
26
Mar'21
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected
-
March 26, 2021
26
Mar'21
‘Major’ security flaw detected in 5G core network slicing design
Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments
-
March 25, 2021
25
Mar'21
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves
-
March 24, 2021
24
Mar'21
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance
-
March 23, 2021
23
Mar'21
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks
-
March 22, 2021
22
Mar'21
$50m ransomware demand on Acer is highest ever
Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer
-
March 17, 2021
17
Mar'21
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet
-
March 16, 2021
16
Mar'21
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry
-
March 16, 2021
16
Mar'21
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers
-
March 15, 2021
15
Mar'21
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days
-
March 15, 2021
15
Mar'21
Judges refuse EncroChat defendants’ appeal to Supreme Court
Experts suggest Parliament and Investigatory Powers Tribunal need to consider the implications of a court decision on police use of data from the EncroChat phone network
-
March 14, 2021
14
Mar'21
Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime
The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals
-
March 12, 2021
12
Mar'21
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately
-
March 12, 2021
12
Mar'21
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority
-
March 12, 2021
12
Mar'21
Brewer Molson Coors targeted in cyber attack
Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers
-
March 11, 2021
11
Mar'21
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology
-
March 11, 2021
11
Mar'21
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers
-
March 10, 2021
10
Mar'21
Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC
Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to ...
-
March 09, 2021
09
Mar'21
Significant jump in number of hackers reporting vulnerabilities to companies
Since the onset of the Covid-19 pandemic, the number of hackers reporting security vulnerabilities and bugs to enterprises has increased by nearly two-thirds
-
March 09, 2021
09
Mar'21
EBA restores services after Microsoft Exchange attack
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online
-
March 09, 2021
09
Mar'21
Private equity house buys McAfee enterprise business
Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation
-
March 05, 2021
05
Mar'21
Williams F1 car launch disrupted by data leak
Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack
-
March 05, 2021
05
Mar'21
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago
-
March 05, 2021
05
Mar'21
Nottinghamshire schools suspend online learning following cyber attack
Cyber attack on central trust that manages secondary schools in Nottinghamshire leaves them unable to access IT systems and deliver remote lessons
-
March 04, 2021
04
Mar'21
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product
-
February 24, 2021
24
Feb'21
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design
-
February 24, 2021
24
Feb'21
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it
-
February 24, 2021
24
Feb'21
Bombardier is latest victim of Accellion supply chain attack
Canadian aviation company joins the growing list of Accellion breach victims
-
February 24, 2021
24
Feb'21
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack
-
February 23, 2021
23
Feb'21
XDR makes cyber a Stroll in the park for Aston Martin F1
Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet
-
February 19, 2021
19
Feb'21
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger