News
Privacy and data protection
-
November 05, 2019
05
Nov'19
Gartner: The time is right to make IT a boardroom issue
In many businesses, IT is regarded as an internal service provider and cost centre. Gartner says now is the best time for CIOs to make IT strategic
-
November 01, 2019
01
Nov'19
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud
-
October 31, 2019
31
Oct'19
Alibaba Cloud earns security credentials in automotive and healthcare sectors
Alibaba Cloud’s compliance with Tisax and GxP follows earlier efforts by major public cloud suppliers to win over enterprises with strict data protection and security rules
-
October 30, 2019
30
Oct'19
What will succeed the National Cyber Security Strategy?
As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures
-
October 29, 2019
29
Oct'19
Fancy Bear resumes Olympic hacks ahead of Tokyo games
Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft
-
October 24, 2019
24
Oct'19
Endpoint security is a procurement issue, says HP, IDC study
Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders
-
October 24, 2019
24
Oct'19
£4,000 bug bounty could have saved BA from record ICO fine
British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities
-
October 23, 2019
23
Oct'19
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load
-
October 22, 2019
22
Oct'19
Banks move to contain impact of Samsung biometric flaw
NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices
-
October 22, 2019
22
Oct'19
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue
-
October 22, 2019
22
Oct'19
Malware volumes decline, but risks are higher
More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets
-
October 22, 2019
22
Oct'19
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security
-
October 21, 2019
21
Oct'19
Equifax lawsuit offers more evidence against passwords
Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords
-
October 21, 2019
21
Oct'19
Alleged state hackers adapting to cover their tracks, says NCSC
A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence
-
October 18, 2019
18
Oct'19
Huge rise in rogue banking apps driving fraud attacks
Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA
-
October 18, 2019
18
Oct'19
Amazon consumer devices vulnerable to two-year-old exploit
Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017
-
October 17, 2019
17
Oct'19
BEIS launches multimillion-pound security investment package
Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme
-
October 17, 2019
17
Oct'19
NHSX could transform NHS security capabilities
The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service
-
October 17, 2019
17
Oct'19
Security threat landscape becomes more organised and business-like
Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape
-
October 16, 2019
16
Oct'19
Sweden’s first GDPR fine sets regulatory tone
Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority
-
October 15, 2019
15
Oct'19
Attackers hunt iPhone jailbreakers in click fraud campaign
Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices
-
October 14, 2019
14
Oct'19
Private equity swoops on Sophos
British cyber security star picked up by technology sector investors for $3.9bn
-
October 14, 2019
14
Oct'19
Researchers reveal the cyber campaign that built China's new airliner
CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry
-
October 14, 2019
14
Oct'19
The Security Interviews: Applying AI to Lego, and security
Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up
-
October 11, 2019
11
Oct'19
Zuckerberg’s mentor condemns Facebook’s business practices
Long-time Silicon Valley investor speaks out against surveillance capitalism and the lack of rules and regulations governing big tech’s behaviour
-
October 09, 2019
09
Oct'19
US likely to concede on Huawei export ban
The US government may make some concessions over the future of Huawei before the end of the year
-
October 07, 2019
07
Oct'19
Government departments sign up to web data-sharing plan
All but four Whitehall departments have so far agreed to share web analytics data to allow the government to monitor user behaviour across the Gov.uk domain
-
October 04, 2019
04
Oct'19
UK and US call on Facebook to walk back encryption plans
The US, Australian and UK governments have asked Facebook to ditch plans to deploy end-to-end encryption across Facebook Messenger, Instagram and WhatsApp
-
October 03, 2019
03
Oct'19
IT contractor charged over cyber attack on property valuation firm
Australian police charge 49-year-old man with stealing and posting more than 170,000 data records belonging to ASX-listed Landmark White on the dark web
-
October 03, 2019
03
Oct'19
Why data-driven applications need a governance framework
Data is the new oil – but without tight control, how can business determine that the data is valid? Data catalogues are back in vogue
-
October 03, 2019
03
Oct'19
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank
-
October 03, 2019
03
Oct'19
Local authorities hit by 800 cyber attacks every hour
Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year
-
October 03, 2019
03
Oct'19
New threat group behind Airbus cyber attacks, claim researchers
Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore
-
October 03, 2019
03
Oct'19
Cyber war as big a threat as nuclear war, says ex-RSA head Coviello
Former RSA chairman Art Coviello has been speaking about the devastating potential of cyber weapons, and warned that humanity must learn from history in order to control them
-
September 27, 2019
27
Sep'19
Five million DoorDash customers’ details lost in data breach
Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen
-
September 27, 2019
27
Sep'19
GDPR compliance: Whose job is it and is it really possible?
Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to
-
September 26, 2019
26
Sep'19
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs
-
September 26, 2019
26
Sep'19
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach
-
September 26, 2019
26
Sep'19
Teen TalkTalk hacker accused of cryptocurrency fraud in US
Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges
-
September 26, 2019
26
Sep'19
Instagram and WhatsApp – the new tools of social media propaganda
Facebook and Twitter have been cast as the villains of the piece, but social media disinformation and propaganda are evolving in new and alarming directions, say Oxford University researchers
-
September 24, 2019
24
Sep'19
Latest Lorca cyber security challenge has IoT focus
Government-backed cyber security innovation centre Lorca has issued new challenges around connectivity for its next intake of scaleups
-
September 24, 2019
24
Sep'19
Singapore payment card data compromised by JavaScript sniffers
Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer
-
September 24, 2019
24
Sep'19
GandCrab ransomware writers still active despite ‘retirement’
Apparent links between an emerging ransomware family known as REvil and GandCrab suggests the GandCrab authors are keeping busy despite having “retired” in June
-
September 24, 2019
24
Sep'19
Enterprises exposed to data loss by cloud configuration errors
Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee
-
September 24, 2019
24
Sep'19
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure
-
September 19, 2019
19
Sep'19
Government insists 'nothing sinister' about web user data gathering
Government Digital Service responds to allegations that personal data gathered through Gov.uk portal could be used to target political messaging to citizens
-
September 18, 2019
18
Sep'19
Universities tempting targets for cyber criminals, warns NCSC
As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack
-
September 18, 2019
18
Sep'19
WannaCry variants accidentally protecting against WannaCry
New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection
-
September 18, 2019
18
Sep'19
Emotet phishing botnet returns from summer vacation
The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers
-
September 17, 2019
17
Sep'19
Ecuador citizens’ data breach holds lessons for enterprises
What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?