News

Privacy and data protection

September 14, 2021 14 Sep'21
Apple patches ForcedEntry vulnerability used by spyware firm NSO

Apple patches ForcedEntry vulnerability that was used to target political activists with spyware
September 13, 2021 13 Sep'21
Smishing attacks up sevenfold in six months

Scam text messages are reaching pandemic proportions, thanks in part to the pandemic
September 09, 2021 09 Sep'21
UK GDPR faces changes under planned reforms

DCMS is launching a major consultation on proposed changes to the UK’s data protection regime, under which several key elements of the GDPR are likely to change
September 08, 2021 08 Sep'21
Stolen credit card data worth about £13 on dark web, PayPal worth more

The average price of a stolen credit card on a dark web marketplace comes in at around $17.40, or £12.60, according to new data – but the real money for cyber criminals is in hacked PayPal accounts

September 07, 2021 07 Sep'21
Procuring law enforcement tech needs greater scrutiny

Tech firms are playing a high-stakes game to drive adoption of artificial intelligence and surveillance technology in law enforcement
September 07, 2021 07 Sep'21
OT security in APAC remains work in progress

Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges
September 07, 2021 07 Sep'21
ICO in bid to end cookie pop-ups

Outgoing information commissioner Elizabeth Denham will call on her equivalents across the G7 group of countries to collaborate on an overhaul of cookie consent pop-ups
September 03, 2021 03 Sep'21
Berlin court reverses ban on use of EncroChat evidence in criminal trials

Berlin Superior Court allows use of EncroChat evidence in criminal trials but lawyers say the question will ultimately need to be decided by the German Supreme Court
September 03, 2021 03 Sep'21
China accused of cyber attacks on Norwegian IT systems

China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway
September 02, 2021 02 Sep'21
WhatsApp fined €225m over GDPR breaches

Irish data protection watchdog has issued one of the largest GDPR fines to date against Facebook-owned WhatsApp

September 02, 2021 02 Sep'21
Twitter tests auto-block feature for accounts at risk of abuse

Latest Twitter feature automatically blocks abusive users, and is intended to help victims regain control of their experience on the platform
September 01, 2021 01 Sep'21
Experts warn on Office 365 phishing attacks

Newly observed campaign is particularly dangerous because it appears to neutralise one of the most widely known anti-phishing techniques
August 31, 2021 31 Aug'21
GovTech launches vulnerability rewards programme

Vulnerability rewards programme will offer rewards ranging from $250 to $5,000 to white hat hackers who find vulnerabilities in critical government systems
August 27, 2021 27 Aug'21
Are proposed data protection changes a threat to UK citizens’ privacy?

Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth
August 26, 2021 26 Aug'21
Tech giants commit to Biden's cyber security action plan

Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden
August 26, 2021 26 Aug'21
Government unveils post-Brexit data flow proposals

The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law
August 26, 2021 26 Aug'21
NZ privacy lead John Edwards named new information commissioner

DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner
August 24, 2021 24 Aug'21
Over a million opt out of NHS data-sharing

Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme
August 24, 2021 24 Aug'21
Campaign groups claim police have bypassed Parliament with plans for live facial-recognition tech

Civil society groups call for Parliament to scrutinise the use of live facial-recognition cameras
August 24, 2021 24 Aug'21
More data breaches in Australia arising from ransomware

The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, according to OAIC’s latest data breach report
August 23, 2021 23 Aug'21
Flexxon and Lenovo tie up on AI-infused SSDs

Singapore-based Flexxon teams up with Lenovo to make its solid-state drive that uses artificial intelligence to fend off cyber threats available on ThinkPad-based laptops
August 19, 2021 19 Aug'21
Pub apps harvesting swathes of customer data unnecessarily

Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners
August 18, 2021 18 Aug'21
Global VPN downloads soar in first half of 2021

Song remains the same with VPNs as repressive regimes’ continued regulatory demands and remote working see virtual private network usage rocket over the first six months of the year
August 17, 2021 17 Aug'21
Educational publisher Pearson fined for data breach cover-up

Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach
August 17, 2021 17 Aug'21
Security Think Tank: Building privacy-preserving apps and platforms

ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture
August 16, 2021 16 Aug'21
ICO consults public on personal data in employment practices

The ICO has launched a public consultation on employers’ use of personal data to help it provide practical guidance for both businesses and workers
August 16, 2021 16 Aug'21
Nearly half of retailers hit by ransomware in 2020

In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases
August 13, 2021 13 Aug'21
UN special rapporteurs call for surveillance tech moratorium

In the wake of revelations about NSO Groups Pegasus spyware, a number of special rapporteurs from the United Nations are re-igniting calls for a global moratorium on the sale and transfer of surveillance technologies
August 13, 2021 13 Aug'21
Cyber Runway programme supports new security businesses

The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses
August 13, 2021 13 Aug'21
Hospitals see cyber security investment as a low priority

Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority
August 12, 2021 12 Aug'21
ICO consults on new international data transfer agreement

Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers
August 11, 2021 11 Aug'21
US wins bid to widen grounds of appeal in Julian Assange extradition case

The US government accused medical expert professor Michael Kopelman of misleading the court by failing to disclose details of Assange’s relationship
August 11, 2021 11 Aug'21
Microsoft fixes seven critical bugs on light Patch Tuesday

All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service
August 11, 2021 11 Aug'21
The Netherlands still lacks digital resilience, says report

Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient
August 10, 2021 10 Aug'21
Ransomware demands and payments hit new records

Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021
August 10, 2021 10 Aug'21
Dutch lead the way in protecting themselves against internet risks

Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent
August 10, 2021 10 Aug'21
Researchers uncover database with 126 million unsecured records

Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns
August 09, 2021 09 Aug'21
Possible ransomware attack hits Italian vaccine booking system

It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor
August 06, 2021 06 Aug'21
Apple unveils plans to scan US iPhones for child sex abuse images

Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content
August 05, 2021 05 Aug'21
BlackMatter goes on the record about DarkSide and REvil links

BlackMatter gives details of its ransomware-as-a-service operation and distinguishes itself from now-defunct ransomware gangs in interview with cyber security analysts from Recorded Future
August 04, 2021 04 Aug'21
Six Isle of Wight schools hit by ransomware attack

Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September
August 04, 2021 04 Aug'21
Leading venture capital firms are failing to protect human rights

Venture capital firms and high-profile tech accelerators are not conducting human rights due diligence on their investments, which means they cannot be sure the companies they invest in are not causing, or contributing to, human rights abuses
August 03, 2021 03 Aug'21
Destruction and integrity cyber attacks on the rise

Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data
August 02, 2021 02 Aug'21
Government publishes second version of digital identity trust framework

The second iteration of the framework, still in alpha version, sets out how organisations can become certified digital identity service providers
July 29, 2021 29 Jul'21
Investigatory Powers Tribunal finds UK spy agencies unlawfully collected personal data

Campaign groups Privacy International and Liberty are gearing up to bring further legal action after a court found that UK spy agencies unlawfully collected phone and internet records
July 28, 2021 28 Jul'21
Almost half unaware of GP data-sharing plans

Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign
July 27, 2021 27 Jul'21
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower

The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank
July 27, 2021 27 Jul'21
US lawmakers call for probe into ‘arrogant’ spyware firm

US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal
July 27, 2021 27 Jul'21
TikTok sets up cyber security hub in Dublin

Dublin-based cyber centre will oversee the security of TikTok’s users across Europe
July 27, 2021 27 Jul'21
How IBM is solving the data privacy problem

IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy