News

Privacy and data protection

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 23, 2022 23 Feb'22

  Paid-for advertising still not covered in Online Safety Bill

  Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill

• February 23, 2022 23 Feb'22

  Backups ‘no longer effective’ for stopping ransomware attacks

  Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 23, 2022 23 Feb'22

  Attempted burglary exposes risk of NatWest customer data in former worker’s home

  Former Royal Bank of Scotland employee offers bank a compromise in her dispute over the return of confidential customer information

• February 23, 2022 23 Feb'22

  Tech acquisition to be major priority for UK police

  Policing minister cites technology as major focus for future of UK police, in comments made ahead of the publication of the Strategic Review of Policing in England and Wales

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 18, 2022 18 Feb'22

  Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

  Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  DDoS attacks hit Ukrainian defence ministry and banks

  A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region

• February 16, 2022 16 Feb'22

  BlackCat ransomware gang claims responsibility for Swissport attack

  Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 15, 2022 15 Feb'22

  Botched third-party configuration exposes Internet Society data to web

  Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage

• February 15, 2022 15 Feb'22

  Parasol data breach: Frustrated IT contractors dig into the dark web in search of their data

  The emergence on the dark web of passports, payslips and other personal documents belonging to contractors affected by the cyber attack and subsequent data breach at Parasol is prompting group actions and forcing some IT contractors to find out for ...

• February 11, 2022 11 Feb'22

  CMA secures final Privacy Sandbox guarantees from Google

  The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 10, 2022 10 Feb'22

  How diplomatic immunity silenced the prosecutor who coordinated Sweden’s EncroChat probe

  Defence lawyers claim Swedish court decision not to hear evidence from a Swedish prosecutor leaves important legal questions unanswered over international police operation to hack EncroChat cryptophone network

• February 09, 2022 09 Feb'22

  Minister defends digital economy legislation before Lords

  A digital minister has said that the UK’s forthcoming digital markets legislation is ‘superior’ to similar efforts in the EU, but could not commit to a specific time frame for when it will be introduced to Parliament

• February 09, 2022 09 Feb'22

  Ransomware ever more sophisticated and impactful, warns NCSC

  UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 08, 2022 08 Feb'22

  Parasol data breach: Contractors rage as fallout from umbrella cyber attack continues

  Contractors working for the Parasol umbrella company are querying why it has taken so long for news of the firm's data breach, which is linked to a cyber attack on its systems five weeks ago, to come to light

• February 08, 2022 08 Feb'22

  Porn sites will be legally required to verify users’ ages

  Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online

• February 08, 2022 08 Feb'22

  Right to disconnect and less monitoring key to better remote work

  The World Health Organisation and International Labour Organisation warn against invasive workplace surveillance and promote right to disconnect in joint briefing on how to promote healthy and safe remote working

• February 03, 2022 03 Feb'22

  BlackCat crew supposedly behind OilTanking ransomware heist

  Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group

• February 03, 2022 03 Feb'22

  Crisp supply shortage looms after KP Snacks hit by ransomware

  Supplies of Hula Hoops and many other snack brands are under threat after a ransomware attack on the systems of KP Snacks

• February 03, 2022 03 Feb'22

  French Supreme Court raises constitutional questions over EncroChat hacking secrecy

  Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution

• February 02, 2022 02 Feb'22

  Mechanism underlying cookie popups found in breach of GDPR

  A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation

• February 02, 2022 02 Feb'22

  Reforms needed to tackle economic crime, says Treasury Committee

  The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action

• February 02, 2022 02 Feb'22

  British Council data exposed by third-party cyber failure

  The British Council entrusted confidential data on its students to a third-party and was let down

• February 01, 2022 01 Feb'22

  Met Police faces legal action over Gangs Matrix

  Campaign group Liberty is taking legal action against the Met over its use of the Gangs Matrix, claiming it is driven by racial stereotypes and disproportionately affects people from black and minority ethnic backgrounds

• January 31, 2022 31 Jan'22

  Data on children of armed forces personnel exposed in breach

  Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence

• January 28, 2022 28 Jan'22

  Cyber skills gap affecting data privacy practice, finds ISACA

  Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report

• January 28, 2022 28 Jan'22

  Korean researchers invent silk-based security device

  Experts from the Gwangju Institute of Science have built a digital security device based on natural silk fibres that they claim is practically unbreachable

• January 24, 2022 24 Jan'22

  WikiLeaks founder Julian Assange can ask Supreme Court to hear extradition appeal

  Senior judges said today that WikiLeaks founder Julian Assange can petition the Supreme Court to decide whether to hear an appeal against his extradition to the US

• January 21, 2022 21 Jan'22

  Tinder algorithm charging users more based on age

  Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices

• January 21, 2022 21 Jan'22

  Mandiant analysts: Russia-backed APTs likely to ramp up attacks

  More cyber attacks like those perpetrated against targets in Ukraine are to be expected, and they may become more destructive

• January 21, 2022 21 Jan'22

  ICO criticises government-backed campaign to delay end-to-end encryption

  Data protection watchdog warns that delaying end-to-end encryption will put children at risk

• January 21, 2022 21 Jan'22

  Cyber pros: Don’t revel in REvil’s downfall just yet

  The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely

• January 21, 2022 21 Jan'22

  Scam losses in Australia hit record high

  Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses

• January 20, 2022 20 Jan'22

  Ransomware attacks dropped 37% in December, claims NCC

  Latest monthly data reveals a significant decline in ransomware attacks at the end of 2021, but a new, emergent gang is making waves

• January 20, 2022 20 Jan'22

  Data of 515,000 vulnerable people stolen in Red Cross attack

  The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised

• January 20, 2022 20 Jan'22

  Singapore to tighten digital banking security

  Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state

• January 19, 2022 19 Jan'22

  Government funds charity campaign to warn big tech over the risks of encryption to children

  Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’

• January 19, 2022 19 Jan'22

  Investigators find Beijing 2022 app riddled with security flaws

  Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack

• January 18, 2022 18 Jan'22

  Police take down VPN linked to multiple ransomware hits

  German police led a multinational effort to seize and take down the LabVPN service, which was allegedly used by cyber criminals to facilitate ransomware attacks

• January 17, 2022 17 Jan'22

  ‘Russian-backed’ hackers defaced Ukrainian websites as cover for dangerous malware attack

  Kiev claims that a hacking group in Belarus – a close ally of Russia – was responsible for hacking Ukrainian government websites amid threats of military action

• January 12, 2022 12 Jan'22

  MEPs demand EU probe into Pegasus spyware abuse

  A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it

• January 11, 2022 11 Jan'22

  Banks accused of neglecting customer security measures

  Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes

• January 11, 2022 11 Jan'22

  Companies propose scanning content pre-encryption to fight CSAM

  Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain