News
Privacy and data protection
-
April 13, 2021
13
Apr'21
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked
-
April 13, 2021
13
Apr'21
Covid-19 left people feeling vulnerable to cyber crime
Around 15 million people in the UK experienced cybercrime in the past 12 months, with a cumulative 64 million hours wasted dealing with the fallout
-
April 13, 2021
13
Apr'21
EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities
Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications
-
April 12, 2021
12
Apr'21
Vaccine passports and travel plans race up Covid threat charts
With lockdown restrictions easing in the UK, cyber criminals are tailoring their phishing lures to new areas of interest
-
April 11, 2021
11
Apr'21
Executive interview: Unleashing blockchain’s potential
Labrys founder and CEO Lachlan Feeney offers his observations about blockchain adoption in Australia, and what his firm is doing to help organisations unleash the full potential of the technology
-
April 09, 2021
09
Apr'21
Egypt, Italy and US most affected in Facebook leak
Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook
-
April 09, 2021
09
Apr'21
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said
-
April 08, 2021
08
Apr'21
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project
-
April 07, 2021
07
Apr'21
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise
-
April 06, 2021
06
Apr'21
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force
-
April 01, 2021
01
Apr'21
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities
-
March 31, 2021
31
Mar'21
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before
-
March 31, 2021
31
Mar'21
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base
-
March 31, 2021
31
Mar'21
Nordics run information sharing on digital vaccination passports
Nordic countries advance plans for digital Covid-19 vaccination passports in a bid to kick-start their economies
-
March 30, 2021
30
Mar'21
Privacy campaigners hail legal victory over Hancock and Palantir
Civil liberties organisation OpenDemocracy says it has scored a legal victory over health secretary Matt Hancock regarding the involvement of Palantir in the NHS Covid-19 data store
-
March 30, 2021
30
Mar'21
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector
-
March 30, 2021
30
Mar'21
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data
-
March 29, 2021
29
Mar'21
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence
-
March 29, 2021
29
Mar'21
CW Innovation Awards: SIA taps blockchain for loyalty app
Singapore Airlines, winner of the transportation category in this year’s CW Innovation Awards APAC, expands its blockchain-based digital wallet into a broader digital lifestyle platform
-
March 26, 2021
26
Mar'21
Surveillance expert ‘unfairly’ refused job at intelligence regulator after MI5 intervened
The Home Office unfairly refused Eric Kind, a specialist in criminal justice and UK surveillance law, clearance for a job at an intelligence watchdog after MI5 claimed he was “insufficiently deferential”
-
March 26, 2021
26
Mar'21
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate
-
March 26, 2021
26
Mar'21
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected
-
March 25, 2021
25
Mar'21
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber
-
March 25, 2021
25
Mar'21
TUC warns of gaps in British law over use of AI at work
The TUC has published a report warning of AI-powered discrimination against working people enabled by gaps in existing British employment law
-
March 25, 2021
25
Mar'21
Facebook disrupts Chinese espionage operation
Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority
-
March 24, 2021
24
Mar'21
Apparent drop in cyber incidents highlights underlying problems
UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report
-
March 24, 2021
24
Mar'21
Cyber criminals forging Covid-19 vaccine certificates
Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon
-
March 23, 2021
23
Mar'21
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks
-
March 22, 2021
22
Mar'21
$50m ransomware demand on Acer is highest ever
Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer
-
March 22, 2021
22
Mar'21
Unionised drivers call on Microsoft to suspend Uber’s Face API licences
Unionised private hire drivers in the UK are calling for Microsoft to suspend Uber’s licences to use its Face API technology after claims the ride-hailing firm’s ID-checking system has led to drivers losing their jobs and having licences revoked
-
March 18, 2021
18
Mar'21
Vaccine passports cannot put basic rights at risk, warns BCS
BCS warns of challenges to come as the government presses on with its plans for Covid-19 vaccine passports
-
March 18, 2021
18
Mar'21
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident
-
March 17, 2021
17
Mar'21
Average ransomware cost triples, says report
The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report
-
March 17, 2021
17
Mar'21
Digital Green Certificate proposed for travel in Europe
Digital Green Certificates will supposedly help re-establish freedom of movement within the European Union
-
March 17, 2021
17
Mar'21
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet
-
March 16, 2021
16
Mar'21
Uber and Ola ordered to hand over more data to drivers
A Dutch court has rejected Uber and Ola’s claims that drivers collectively taking action to access their data amounts to an abuse of their individual data access rights, laying the ground for drivers to form their own union-controlled data trust
-
March 16, 2021
16
Mar'21
MoD partners playing fast and loose with confidential data
Clear spike in data breach incidents at defence partners may reflect better reporting standards, claims MoD
-
March 16, 2021
16
Mar'21
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry
-
March 16, 2021
16
Mar'21
Government calls for input into Covid-19 vaccine passports
Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme
-
March 16, 2021
16
Mar'21
ST Engineering teams up with Google Cloud
Singapore’s ST Engineering and Google Cloud will explore offering secure cloud services for organisations in regulated industries
-
March 15, 2021
15
Mar'21
UK plans ‘full spectrum’ approach to national cyber security
PM Boris Johnson expands on proposed National Cyber Force and plans to set up a north of England Cyber Corridor
-
March 15, 2021
15
Mar'21
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days
-
March 14, 2021
14
Mar'21
Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime
The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals
-
March 12, 2021
12
Mar'21
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately
-
March 12, 2021
12
Mar'21
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority
-
March 12, 2021
12
Mar'21
CW Innovation Awards: Fighting fake Covid-19 vaccines with blockchain
A blockchain-based system developed by Singapore-based Zuellig Pharma can help governments and healthcare providers weed out fake vaccines and manage vaccine distribution and administration
-
March 11, 2021
11
Mar'21
UK digital regulators set out plans to strengthen cooperation
Digital Regulation Cooperation Forum outlines plans for the coming year, marking a shift towards a more collaborative regulatory approach
-
March 11, 2021
11
Mar'21
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology
-
March 11, 2021
11
Mar'21
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers
-
March 10, 2021
10
Mar'21
Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC
Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to ...
-
March 09, 2021
09
Mar'21
Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network
More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat
-
March 09, 2021
09
Mar'21
EBA restores services after Microsoft Exchange attack
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online
-
March 05, 2021
05
Mar'21
Williams F1 car launch disrupted by data leak
Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack
-
March 05, 2021
05
Mar'21
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago
-
March 05, 2021
05
Mar'21
Nottinghamshire schools suspend online learning following cyber attack
Cyber attack on central trust that manages secondary schools in Nottinghamshire leaves them unable to access IT systems and deliver remote lessons
-
March 05, 2021
05
Mar'21
Singapore Airlines the latest victim of supply chain attack
A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system
-
March 04, 2021
04
Mar'21
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product
-
March 03, 2021
03
Mar'21
Emergency patch addresses MS Exchange Server zero-days
Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server
-
March 02, 2021
02
Mar'21
EU seeking pan-European Covid-19 passport solution
The European Union’s proposal could see the creation of a Covid-19 vaccine passport to enable travel across the EU
-
March 01, 2021
01
Mar'21
Digital secretary Dowden outlines UK post-Brexit data approach
The UK government is searching for a new information commissioner with an updated remit to use data to support growth and innovation, and plans on reaching new international data partnerships
-
February 25, 2021
25
Feb'21
GCHQ sets out rules of the road for AI in cyber
A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security
-
February 25, 2021
25
Feb'21
Npower shuts off app after credential stuffing attack
Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach
-
February 25, 2021
25
Feb'21
MHRA and other agencies to offer new resources for scam victims
New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance
-
February 24, 2021
24
Feb'21
Transport for NSW hit by Accellion breach
Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system
-
February 24, 2021
24
Feb'21
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design
-
February 24, 2021
24
Feb'21
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it
-
February 24, 2021
24
Feb'21
Bombardier is latest victim of Accellion supply chain attack
Canadian aviation company joins the growing list of Accellion breach victims
-
February 24, 2021
24
Feb'21
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack
-
February 23, 2021
23
Feb'21
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland
-
February 22, 2021
22
Feb'21
Microphones, smartphones, laptops among items stolen from BBC
A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers
-
February 22, 2021
22
Feb'21
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem
-
February 19, 2021
19
Feb'21
European Commission proposes UK data adequacy agreement
The publication of two draft data adequacy decisions brings the UK closer to a final positive decision, which will enable the continued free flow of data between the EU and the UK if green-lit by member states
-
February 19, 2021
19
Feb'21
NCSC cyber defence scheme blocked thousands of scams in 2019
The NCSC has reported another productive year for its Active Cyber Defence programme
-
February 19, 2021
19
Feb'21
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger
-
February 18, 2021
18
Feb'21
Swedish police fined for unlawful use of facial-recognition app
Sweden’s data watchdog has found that Swedish police failed to conduct the data protection checks required by law before using controversial facial-recognition tool
-
February 18, 2021
18
Feb'21
City of Helsinki adopts MyData principles to improve digital services
Principles on the use of personal data for the benefit of society will guide Finnish capital’s ambitious digital plans
-
February 18, 2021
18
Feb'21
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy
-
February 18, 2021
18
Feb'21
Assessing UK law enforcement data adequacy
Data protection experts discuss the consequences of achieving data adequacy between the UK and EU for the UK’s intelligence services and criminal justice sector
-
February 17, 2021
17
Feb'21
North Korean Lazarus Group hackers indicted in US
Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures
-
February 17, 2021
17
Feb'21
Egregor ransomware arrests confirmed
Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware
-
February 17, 2021
17
Feb'21
Law firm and cyber criminals clash over source of stolen data
Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees
-
February 16, 2021
16
Feb'21
North Korea accused of Pfizer Covid vaccine cyber attack
South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour
-
February 16, 2021
16
Feb'21
Central government should promote data policy compliance, say civil servants
Most civil servants want the government to gain additional powers to promote data policy compliance to ensure better use of data, according to research
-
February 15, 2021
15
Feb'21
Post Office to offer digital ID services to customers
Post Office partnership with Yoti is intended to expand customer choice as to how people prove their identity when accessing services
-
February 15, 2021
15
Feb'21
NCSC recognises UK’s top cyber schools
National Cyber Security Centre CyberFirst Schools initiative has handed out 14 gold, silver and bronze awards recognising excellence in cyber security teaching
-
February 15, 2021
15
Feb'21
Government to impose new digital identity system across all Gov.uk services
Cabinet Office minister Michael Gove writes to Whitehall departments mandating the use of a new digital identity system that will allow citizens to be tracked across the Gov.uk website
-
February 12, 2021
12
Feb'21
UK border surveillance regime highly privatised, says Privacy International
Research from Privacy International raises concerns about the deep involvement of technology companies in the development and deployment of various technologies throughout the UK’s border regime, along with the lack of scrutiny they receive
-
February 11, 2021
11
Feb'21
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy
-
February 11, 2021
11
Feb'21
Government launches digital identity trust framework
The government’s draft framework, which aims to set out rules for the use of digital identities, will be tested with industries, services, users and organisations ahead of a final version being published
-
February 11, 2021
11
Feb'21
Singtel falls prey to supply chain attack
The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack
-
February 10, 2021
10
Feb'21
Dating app users warned to watch out for scammers
A vast amount of money was lost to romance scammers last year, and with millions of people isolated in lockdown the problem is getting worse, according to a report
-
February 10, 2021
10
Feb'21
HelloKitty almost certainly behind CD Projekt ransomware attack
Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis
-
February 10, 2021
10
Feb'21
Sim-swapping crooks targeted celebrities, influencers
Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims
-
February 09, 2021
09
Feb'21
Facebook sued for data-sharing practices with third parties
Data protection claim filed in London against social media giant for its alleged failure to give at least one million users in England and Wales meaningful control over their personal data
-
February 09, 2021
09
Feb'21
Government launches review of use of health data for research
The review, which will be led by Ben Goldacre, will look at home-efficient and safe use of health data for research and analysis
-
February 09, 2021
09
Feb'21
Data breaches are a ticking timebomb for consumers
Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure
-
February 09, 2021
09
Feb'21
Cyberpunk 2077 developer refuses to pay up after ransomware attack
Polish video game developer CD Projekt has released details of a ransomware attack on its systems
-
February 09, 2021
09
Feb'21
NHS reports fewer phishing emails in 2020
The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020
-
February 08, 2021
08
Feb'21
Data of thousands of Dutch citizens leaked from government Covid-19 systems
Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19
-
February 05, 2021
05
Feb'21
EncroChat: Appeal court finds ‘digital phone tapping’ admissible in criminal trials
Appeal Court decides EncroChat-encrypted phone records can be used in criminal trials. Critics say the decision means phone tapping no longer has a ‘clear meaning in the digital age’