News

Privacy and data protection

• August 02, 2020 02 Aug'20

  More data breaches from ransomware attacks in Australia

  The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner

• July 31, 2020 31 Jul'20

  ICO launches guidance on AI and data protection

  The Information Commissioner’s Office (ICO) has published guidance aimed at rendering the application of machine learning to data compliant with data protection principles

• July 31, 2020 31 Jul'20

  Labour Party is latest victim of Blackbaud ransomware attack

  Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour

• July 31, 2020 31 Jul'20

  US lawmakers grill big tech chiefs over market power

  Sixth antitrust hearing sees CEOs of major technology companies face combative questioning from members of Congress over their market power and dominance

• July 31, 2020 31 Jul'20

  Twitter confirms it was hit by targeted spearphishing attack

  Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident

• July 31, 2020 31 Jul'20

  EU sanctions China and Russia over cyber attacks

  The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU

• July 30, 2020 30 Jul'20

  Former UC Global staff confirm Embassy surveillance operation against Julian Assange

  Spanish court investigates claims that security company illegally recorded meetings between Julian Assange, politicians, lawyers and celebrities at the Ecuadorian Embassy in London

• July 30, 2020 30 Jul'20

  List of Blackbaud breach victims tops 120

  More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform

• July 29, 2020 29 Jul'20

  Serious BootHole vulnerability puts millions of systems at risk

  BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise

• July 29, 2020 29 Jul'20

  Campaigners urge government to resist big tech lobbying pressure

  Lobbyists for big tech, supported by senior US politicians, have rallied against stricter regulation of technology companies, and threatened the US-UK trade deal unless Britain scraps plans to levy a digital services tax

• July 29, 2020 29 Jul'20

  Schrems steps up pressure on Irish data protection commissioner on Facebook’s data sharing with US

  Austrian lawyer is considering ‘other’ options if the Irish data protection commissioner does not make a decision by October on his seven-year-old complaint against Facebook

• July 29, 2020 29 Jul'20

  Cosmetics firm Avon faces new cyber security incident

  Technical information relating to Avon’s web and mobile sites was inadvertently left exposed on an unsecured Microsoft Azure server

• July 28, 2020 28 Jul'20

  De Montfort, KCL, Newcastle universities join list of Blackbaud victims

  Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities

• July 28, 2020 28 Jul'20

  Garmin may have paid hackers ransom, reports suggest

  Garmin’s services are coming back online, but the company remains tight-lipped about what exactly happened to it

• July 28, 2020 28 Jul'20

  NCSC names national security expert Lindy Cameron as new CEO

  New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad

• July 28, 2020 28 Jul'20

  Scotland’s security resilience centre concept goes national

  Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK

• July 28, 2020 28 Jul'20

  NCSC inducts six security startups to Cyber Accelerator

  10-week programme will guide some of the UK’s most innovative security startups as they scale their businesses for future growth

• July 27, 2020 27 Jul'20

  MI6 apologises after attempt to interfere with intelligence court

  The UK Secret Intelligence Service, MI6, has apologised after attempting to persuade the secretary of Britain’s most secret court to withhold documents from senior judges in a case about crimes by undercover agents

• July 27, 2020 27 Jul'20

  Court adjourns hearing into Assange extradition as US delays serving new indictment

  Westminster Magistrates Court suspends scheduled extradition hearing into WikiLeaks founder after it emerged the US had failed to serve a second superseding indictment against him

• July 26, 2020 26 Jul'20

  Australia issues new cloud computing guidelines

  The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience

• July 24, 2020 24 Jul'20

  Garmin outage prompts ransomware attack speculation

  Details are thin on the ground following a major service outage at Garmin, prompting industry speculation that the firm has fallen victim to a ransomware attack

• July 24, 2020 24 Jul'20

  A question of trust: University and supplier on the hook for data breach

  Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions

• July 23, 2020 23 Jul'20

  Post-Privacy Shield, what chance for a Brexit data adequacy deal?

  The striking down of Privacy Shield has been hailed as a victory for digital rights and privacy campaign groups, but it will have consequences that go beyond transatlantic data transfers

• July 22, 2020 22 Jul'20

  NCSC reveals scale of cyber attacks on UK sports industry

  The UK’s sports industry is under near constant cyber attack, according to new statistics from the National Cyber Security Centre

• July 22, 2020 22 Jul'20

  US charges Chinese nationals with Covid-19 research hacking

  The two hackers allegedly worked with the Chinese Ministry of State Security, targeting intellectual property and confidential business information

• July 22, 2020 22 Jul'20

  Privacy Shield: Companies face new hurdles to legally transfer data to the US

  Businesses will have to conduct legal assessments to ensure they can transfer data from the EU to the US and other countries, following a European Court of Justice ruling

• July 21, 2020 21 Jul'20

  Coronavirus: Government drags its feet on online misinformation

  Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms

• July 21, 2020 21 Jul'20

  Russia Report reveals long-running cyber warfare campaign against UK

  Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report

• July 21, 2020 21 Jul'20

  Australian industry panel calls for ‘clear consequences’ of cyber attacks

  A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy

• July 20, 2020 20 Jul'20

  ICO hails transformative year as average fine trebles

  Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR

• July 20, 2020 20 Jul'20

  Test and Trace programme unlawful, admits government

  The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment

• July 17, 2020 17 Jul'20

  Twitter hack fallout: Investigators on trail of cyber criminals

  Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come

• July 16, 2020 16 Jul'20

  Russian state hackers attacking Covid-19 researchers

  Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world

• July 16, 2020 16 Jul'20

  Schrems v Facebook: European court strikes down EU-US Privacy Shield agreement

  The European Court of Justice has struck down Privacy Shield, the EU-US data-sharing agreement, creating uncertainty for European countries that share data with the US and pressuring the US to reform surveillance laws

• July 16, 2020 16 Jul'20

  Cryptocurrency scammers attack Twitter in insider breach

  Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam

• July 16, 2020 16 Jul'20

  Coronavirus shines spotlight on cyber security

  Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic

• July 15, 2020 15 Jul'20

  Government proposes IoT security enforcement body

  The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals

• July 15, 2020 15 Jul'20

  Video providers slammed by credential stuffing attacks

  Attacks on the media sector are spiking as cyber criminals try to gain access to valuable consumer accounts

• July 15, 2020 15 Jul'20

  Singapore’s Project Ubin hits commercialisation milestone

  A blockchain payments network prototype spearheaded by Singapore’s central bank and its partners could speed up and lower the cost of cross-border payments

• July 14, 2020 14 Jul'20

  European court to decide legality of EU-US data sharing in dispute between Schrems and Facebook

  A ruling by the European Court of Justice will have ramifications for hundreds of thousands of companies that share data with the US. The case aims to balance US surveillance laws with the rights of EU citizens to keep their data private

• July 14, 2020 14 Jul'20

  ‘Name-and-shame’ ransomware attacks increasing in prevalence

  Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research

• July 14, 2020 14 Jul'20

  Australian enterprises facing more cyber attacks

  The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country

• July 13, 2020 13 Jul'20

  Zoom zero-day a reminder to stop using Windows 7

  Researchers have disclosed a newly discovered zero-day vulnerability to videoconferencing service Zoom, which only affects users of Windows 7 systems

• July 09, 2020 09 Jul'20

  HSBC customers targeted in new smishing scam

  SMS phishing scam is targeting HSBC customers in the UK to trick them into handing over their bank account details

• July 09, 2020 09 Jul'20

  NHS trust uses case management software to deliver time savings

  To deal with inefficient and unreliable processes, East Suffolk and North Essex NHS Trust has implemented a case management system specifically designed for HR practitioners

• July 09, 2020 09 Jul'20

  Clearview AI faces ICO investigation over facial recognition

  Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices

• July 09, 2020 09 Jul'20

  Most finance firms are multicloud, but many are unprepared for public cloud cyber attacks

  Financial services firms are moving to the cloud at pace, but many are uncertain whether they could cope with an attack on an application based in the public cloud

• July 09, 2020 09 Jul'20

  More Joker malware apps chucked off Google Play Store

  Infamous Joker billing fraud malware continues to sneak past Google’s security controls

• July 09, 2020 09 Jul'20

  Pubs and restaurants failing on cyber fraud protection

  Virtually all of the UK’s most popular restaurant and pub brands are failing to proactively block fraudulent emails from reaching their targets

• July 09, 2020 09 Jul'20

  Tencent Cloud teams up with ADBC on banking services

  Singapore’s Asia Digital Bank Corporation could leverage Tencent Cloud’s financial cloud platform to provide banking services to small businesses

• July 08, 2020 08 Jul'20

  Political awareness needed to ethically handle migration data, panel claims

  Understanding the political, social and economic relationships between different groups in society is needed to ensure location data is not used in ways that further endanger already vulnerable people on the move

• July 08, 2020 08 Jul'20

  Use of spyware apps linked to domestic abuse soars in lockdown

  The rise in domestic violence during the pandemic has been linked to increase use of stalkerware apps by abusers

• July 08, 2020 08 Jul'20

  Cosmic Lynx cyber crime group takes BEC to new heights

  Newly identified Russian threat group targets large organisations with increasingly dangerous business email compromise attacks

• July 08, 2020 08 Jul'20

  Over 15 billion credentials for sale on dark web

  Research by Digital Shadows reveals the scale of the security threat facing consumers as it uncovers 15 billion usernames and passwords stolen in more than 100,000 different data breaches

• July 08, 2020 08 Jul'20

  Security funding soars despite Covid-19 slump, but problems lie ahead

  The overall cyber security funding ecosystem in the UK is healthier than ever despite Covid-19, but the figures mask stark and concerning disparities in where the money is going

• July 07, 2020 07 Jul'20

  MSP Xchanging attacked in ransomware incident

  Specialist managed services provider is restoring customer access to systems after an unspecified ransomware incident

• July 07, 2020 07 Jul'20

  Australian government foreshadows ‘sovereign data’ classification

  The Australian government will examine if certain government datasets should be declared sovereign and only be hosted in the country

• July 06, 2020 06 Jul'20

  Lorca scale-ups bring diverse security to the fore

  London Office for Rapid Cybersecurity Advancement announces the cyber security scale-ups that will make up its fifth cohort

• July 06, 2020 06 Jul'20

  North Korea behind spate of Magecart attacks

  The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec

• July 03, 2020 03 Jul'20

  Chinese law may require companies to disclose cyber-security preparations outside China

  Companies with Chinese operations may have to disclose information about the security of their networks in other countries under China’s draft data security law

• July 02, 2020 02 Jul'20

  Cops take out encrypted comms to disrupt organised crime

  The UK’s National Crime Agency, alongside other law enforcement agencies in France and the Netherlands, have busted illicit arms and drugs rings after disabling an encrypted comms platform

• July 02, 2020 02 Jul'20

  Locked-down teens flock to NCSC CyberFirst training scheme

  A record number of 14 to 17-year-olds have signed up to the National Cyber Security Centre’s CyberFirst summer school

• July 02, 2020 02 Jul'20

  Police secrecy over ‘IMSI-catcher’ mass surveillance of mobile phones

  Following a tribunal ruling, constabularies in England and Wales can refuse to confirm or deny whether they use mass surveillance devices, known as IMSI-catchers to monitor people’s location, phone calls and text messages

• July 02, 2020 02 Jul'20

  Sodinokibi gang begins dark web celebrity data auctions

  Group claims to be auctioning confidential legal data on pop stars Mariah Carey, Nicki Minaj and basketball player LeBron James

• July 01, 2020 01 Jul'20

  UK’s unsung cyber security heroes sought

  Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards

• July 01, 2020 01 Jul'20

  Zoom making progress on cyber security and privacy, says CEO

  Three months after being hit by a spate of security incidents, Zoom’s CEO, Eric Yuan, has been discussing progress towards a more secure product

• July 01, 2020 01 Jul'20

  Remote workers more aware of security, but still flout the rules

  Almost three-quarters of remote workers reckon they have gained in cyber security awareness during lockdown, but don’t seem to be especially bothered about keeping themselves safe

• July 01, 2020 01 Jul'20

  FakeSpy Android malware targets Royal Mail app users

  The FakeSpy malware was first identified in October 2017 but is now significantly more powerful and dangerous

• June 29, 2020 29 Jun'20

  Lawyers learn of fresh US allegations against WikiLeaks founder Julian Assange from press reports

  The US has filed an updated indictment against Julian Assange alleging that he conspired with hacking groups to obtain information for WikiLeaks. Defence and prosecution lawyers learned about it from press reports

• June 29, 2020 29 Jun'20

  Evil Corp’s latest ransomware project spreading fast

  A new ransomware strain dubbed WastedLocker is spreading rapidly and targeting major corporations

• June 29, 2020 29 Jun'20

  Out of date security laws leave UK plc at risk during pandemic

  The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws

• June 29, 2020 29 Jun'20

  Airports deploy thermal cameras to control Covid-19, science suggests it’s merely ‘safety theatre’

  UK airports are rolling out thermal surveillance cameras to identify people who may have coronavirus, but science says the technology is ineffective at detecting and preventing the spread of the disease

• June 25, 2020 25 Jun'20

  Pub ‘check-in’ apps provoke fresh privacy concerns

  With pubs and restaurants required to collect customer data for contact tracing when they reopen, data privacy risks will be heightened

• June 25, 2020 25 Jun'20

  CBI: Digital economy needs joined-up regulations and gigabit broadband

  The coronavirus pandemic has shown the need for fast, reliable networking across the UK. The CBI is urging the government to do more

• June 25, 2020 25 Jun'20

  Veeam bullish on growth in APAC

  Veeam’s top executive in Asia-Pacific expects the company’s growth momentum in the region to continue despite the Covid-19 pandemic, and is setting sights on growth areas such as container backups

• June 24, 2020 24 Jun'20

  NCSC catches a million phishes in its nets

  The NCSC has racked up a million suspicious email reports from the public just two months after launching a reporting service, but the lucky sender won’t be receiving a grand prize

• June 24, 2020 24 Jun'20

  EU judges GDPR an overall success, but changes still needed

  Two years after its implementation, an EU report says that the GDPR is achieving what it set out to do, with a few reservations

• June 24, 2020 24 Jun'20

  Political parties harvest personal data to create profiles on voters, most of it wrong

  The UK’s three main political parties are collecting personal data on voters, but much of it is wrong and its use may fall foul of data protection laws

• June 24, 2020 24 Jun'20

  Brits will sell their personal data for pennies

  Surprising findings from an Okta report on digital identity suggest Brits would be willing to part with valuable personal data for a surprisingly low amount

• June 23, 2020 23 Jun'20

  Neurodiversity on the rise among career hackers

  More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd

• June 23, 2020 23 Jun'20

  Twitter contacts business users over data exposure

  Issue relates to how web browsers cached confidential data entered in Twitter’s ads and analytics services, but is unlikely to have resulted in compromise

• June 23, 2020 23 Jun'20

  Concern over digital risk falls dramatically during pandemic

  Brits are understandably more worried about the NHS than personal cyber security

• June 21, 2020 21 Jun'20

  APAC still hotbed for cyber attacks

  Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds

• June 19, 2020 19 Jun'20

  Eurostar to roll out facial recognition for ‘passport-free’ travel to Europe

  Facial recognition will make passports on the Eurotunnel an option rather than a necessity, but privacy campaigners have questioned whether gathering biometric data on passengers is necessary

• June 19, 2020 19 Jun'20

  Australian prime minister confirms country is suffering repeated nation-state cyber attacks

  Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors

• June 19, 2020 19 Jun'20

  AI bias and privacy issues require more than clever tech

  The new AI Barometer report from the Centre for Data Ethics and Innovation has assessed the threats and opportunities of artificial intelligence in the UK

• June 18, 2020 18 Jun'20

  US pulls out of talks with Europe for global digital tax

  Despite the US’s resistance to an international digital services tax, the UK and other European countries plan to continue pushing for a global solution to taxing technology giants

• June 18, 2020 18 Jun'20

  Data protection watchdog calls for controls on police mobile phone stop-and-searches

  Information commissioner wants new safeguards on the use of police powers to download sensitive personal data from the mobile phones of suspects and crime victims

• June 18, 2020 18 Jun'20

  Cisco patches dangerous Webex vulnerability

  CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service

• June 18, 2020 18 Jun'20

  Zoom U-turns on end-to-end encryption

  Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users

• June 17, 2020 17 Jun'20

  Cosmetics company Avon offline after cyber attack

  Representatives left unable to place orders after company’s back-end systems went offline over a week ago

• June 17, 2020 17 Jun'20

  Amnesty identifies most privacy-invasive Covid-19 contact-tracing apps

  Bahrain’s ‘BeAware Bahrain’, Kuwait’s ‘Shlonik’ and Norway’s ‘Smittestopp’ are the most privacy-invasive contact-tracing apps, reveals Amnesty International study

• June 17, 2020 17 Jun'20

  Macquarie eyes government contracts with new Canberra datacentre

  New Macquarie datacentre in the Australian capital designed to achieve Tier 4 datacentre standards will deliver 1.5MW of capacity by December 2020

• June 16, 2020 16 Jun'20

  UK-US data deal puts Brexit data adequacy pact at risk

  European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note

• June 16, 2020 16 Jun'20

  Activists call on Zoom to implement encryption for all

  A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users

• June 16, 2020 16 Jun'20

  Norway’s contact-tracing app suspended over privacy concerns

  Norway has been given until 23 June to justify the location tracking of citizens who download its contract-tracing app

• June 15, 2020 15 Jun'20

  Banking trojans roar back to prominence in May

  Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants

• June 15, 2020 15 Jun'20

  Accessories store Claire’s hit by Magecart credit card fraudsters

  Attackers gained access to retailer’s website as long ago as March

• June 12, 2020 12 Jun'20

  Hospital uses thermal surveillance cameras to protect patients against second wave of Covid-19

  A North Midlands NHS trust claims to be the first NHS trust to deploy thermal surveillance cameras to protect patients and staff against the coronavirus

• June 12, 2020 12 Jun'20

  NHS email service users ensnared in phishing attack

  More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed