News
Privacy and data protection
-
October 20, 2022
20
Oct'22
Singapore extends cyber security labelling scheme to medical devices
The Cyber Security Agency of Singapore is extending its cyber security labelling scheme to medical devices to encourage medical device manufacturers to adopt a security-by-design approach to product development
-
October 14, 2022
14
Oct'22
Office 365 email encryption flaw could pose risk to user privacy
A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are
-
October 14, 2022
14
Oct'22
Advanced: Healthcare data was stolen in LockBit 3.0 attack
Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack
-
October 14, 2022
14
Oct'22
Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor
Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism
-
October 14, 2022
14
Oct'22
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency
-
October 12, 2022
12
Oct'22
French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation
France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation
-
October 12, 2022
12
Oct'22
ICO selectively discloses reprimands for data protection breaches
Data protection experts question ICO’s selective approach to publishing formal reprimands for contravening the law, after FoI request reveals the Cabinet Office was among the organisations reprimanded
-
October 10, 2022
10
Oct'22
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape
-
October 07, 2022
07
Oct'22
Australia to amend telecoms regulations following Optus breach
Amendments to Australia’s telecoms regulations are in the works to temporarily allow sharing of individuals’ identifier information between telcos and financial institutions
-
October 06, 2022
06
Oct'22
Proposals for scanning encrypted messages should be cut from Online Safety Bill, say researchers
Automatic scanning of messaging services for illegal content could lead to one billion false alarms each day in Europe
-
October 05, 2022
05
Oct'22
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure
-
October 04, 2022
04
Oct'22
Tories to replace GDPR
IT industry reacts to the government’s plan to replace the pan-European data protection regulation
-
October 04, 2022
04
Oct'22
France extradites Spanish EncroChat cryptophone distributors for complicity with organised crime
Three phone sellers have been extradited from Spain to France to face charges that they were complicit in the activities of criminal EncroChat phone users
-
October 03, 2022
03
Oct'22
Security regulation cuts online payment fraud at 73% of retailers
New online payments security standard, Strong Customer Authentication (SCA), sees immediate fall in fraudulent payments to retailers
-
October 03, 2022
03
Oct'22
CIO interview: James Fleming, Francis Crick Institute
Francis Crick Institute CIO discusses how Europe’s largest biomedical research institute has co-developed a framework for data sharing
-
September 30, 2022
30
Sep'22
Surveillance tech firms complicit in MENA human rights abuses
Research finds companies are profiting from surveillance technologies that facilitate human rights abuses against migrants, asylum seekers and refugees in the Middle East and North Africa, with little to no oversight
-
September 29, 2022
29
Sep'22
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia
-
September 28, 2022
28
Sep'22
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs
-
September 28, 2022
28
Sep'22
Data protection in Finland, four years after GDPR came into force
Data privacy has always been a big concern in Finland, so the country naturally has a lot to say about the General Data Protection Regulation four years on
-
September 28, 2022
28
Sep'22
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access
-
September 27, 2022
27
Sep'22
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic
-
September 26, 2022
26
Sep'22
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials
-
September 26, 2022
26
Sep'22
More than 30 startups to join Plexal’s Cyber Runway accelerator
Now in its second year, the Cyber Runway accelerator has been designed to support firms at various stages of growth, as well as help the cyber security sector to improve on its diversity, inclusion and regional representation
-
September 23, 2022
23
Sep'22
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns
-
September 22, 2022
22
Sep'22
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets
-
September 22, 2022
22
Sep'22
Dr Martens goes feetfirst into cloud-to-cloud backup
Iconic bootmaker laces up for a strategy to move all applications to the cloud, beginning with cloud-to-cloud backup for Microsoft 365 apps plus on-site VMware operations
-
September 22, 2022
22
Sep'22
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism
-
September 21, 2022
21
Sep'22
NCSC publishes cyber guidance for retailers
The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime
-
September 21, 2022
21
Sep'22
ANZ organisations using antiquated backup and recovery systems
Nearly half of ANZ organisations are still using backup and recovery systems from over a decade ago, hampering their ability to protect their data assets and recover from ransomware attacks
-
September 20, 2022
20
Sep'22
IHG attackers phished employee to deploy destructive wiper
A couple from Vietnam who claim to be behind a destructive wiper cyber attack on hotel operator IHG told the BBC how they orchestrated their operation
-
September 20, 2022
20
Sep'22
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber
-
September 16, 2022
16
Sep'22
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist
-
September 15, 2022
15
Sep'22
EU Cyber Resilience Act sets global standard for connected products
European Commission lays out proposed security regulations on device and software security to better protect consumers and drive global standards
-
September 15, 2022
15
Sep'22
Organisations failing to account for digital trust
The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds
-
September 14, 2022
14
Sep'22
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data
-
September 14, 2022
14
Sep'22
NCSC warns public of potential Queen-related phishing attacks
The National Cyber Security Centre is urging users to be on guard against phishing attacks during the period of national mourning for the Queen
-
September 13, 2022
13
Sep'22
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack
-
September 13, 2022
13
Sep'22
Blancco works with charity to provide IT for African schools
Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem
-
September 13, 2022
13
Sep'22
Multi-persona impersonation adds new dimension to phishing
Iranian APT used multiple personas on a single email thread to convince targets of the legitimacy of its phishing lures
-
September 12, 2022
12
Sep'22
Mandiant floats off into Google Cloud
As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business
-
September 12, 2022
12
Sep'22
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts
-
September 08, 2022
08
Sep'22
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit
-
September 08, 2022
08
Sep'22
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into
-
September 08, 2022
08
Sep'22
India’s wake-up call on health data privacy
Health app developers and industry watchers in India are keeping an eye on data privacy following the reversal of the Roe vs Wade ruling in the US
-
September 07, 2022
07
Sep'22
Albania cuts diplomatic ties with Iran after cyber attack
In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran
-
September 07, 2022
07
Sep'22
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor
-
September 07, 2022
07
Sep'22
Digital identity is key to coping with surge in air travel
The International Air Transport Association’s One ID digital identity initiative will pave the way for seamless air travel from curb to gate and help airports cope with growing passenger traffic
-
September 01, 2022
01
Sep'22
Space nerds beware: James Webb images used to spread malware
Astronomy and space aficionados are being targeted by cyber criminals exploiting some of the now-famous images captured by Nasa’s James Webb Space Telescope to distribute malware
-
August 31, 2022
31
Aug'22
Four years into GDPR, Norway hopes for safer data transfer to US
Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority
-
August 30, 2022
30
Aug'22
UK government presses on with new cyber rules for telcos
Government has finalised new security rules for telecoms companies and will move to make them binding in the near future