News

Privacy and data protection

• November 20, 2019 20 Nov'19

  Massive increase in fraud attacks on TSB customers during IT meltdown

  There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018

• November 20, 2019 20 Nov'19

  Conservatives slammed over social media trickery

  The Conservative Party has been caught spreading online disinformation during the General Election campaign for a second time

• November 19, 2019 19 Nov'19

  Public sector risks downplayed by senior IT leaders

  Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams

• November 19, 2019 19 Nov'19

  Macy’s Magecart breach presages Christmas fraud spike

  US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack

• November 19, 2019 19 Nov'19

  Anti-stalkerware coalition calls time on intrusive abusers

  New coalition plans to tackle the scourge of stalkerware as a tool of domestic and other forms of abuse

• November 19, 2019 19 Nov'19

  Businesses failing to wipe data from old endpoints

  Organisations are not taking adequate precautions to sanitise data held on endpoints when refreshing their PC or mobile device estates

• November 15, 2019 15 Nov'19

  Notorious hackers claim responsibility for Labour DDoS

  Hackers claiming to represent Lizard Squad say they were behind a distributed denial of service attack on the UK’s Labour Party

• November 14, 2019 14 Nov'19

  Home Office Brexit app contains multiple security flaws

  The Home Office’s Brexit app may be putting EU citizens’ personal data at risk

• November 14, 2019 14 Nov'19

  Cyber criminals tool up for Christmas fraud season

  Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques

• November 13, 2019 13 Nov'19

  11 new 5G hacks enable user device tracking and monitoring

  Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities

• November 13, 2019 13 Nov'19

  Business leaders fibbing to cover up lax security posture

  Nominet study finds evidence that many businesses tout the robustness of their security posture as a selling point even though their security teams lack confidence in themselves

• November 13, 2019 13 Nov'19

  Attack on Labour shows need for DDoS defence but should alarm few

  After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t

• November 13, 2019 13 Nov'19

  Business must engage with consumers to boost AI

  Artificial intelligence is set to become a core part of business, but to get the most from it, enterprises need to engage with consumers to focus personalisation

• November 13, 2019 13 Nov'19

  Cyber risk insurance is more than just insurance

  Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 12, 2019 12 Nov'19

  ‘Robust’ security foils cyber attack on Labour Party

  Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked

• November 08, 2019 08 Nov'19

  Morrisons in new appeal over data breach fine

  The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data

• November 07, 2019 07 Nov'19

  Amazon Ring video doorbell flaw left users open to attack

  A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks

• November 07, 2019 07 Nov'19

  Saudis recruited Twitter employees to spy on critics

  Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents

• November 06, 2019 06 Nov'19

  Trend Micro insider breach exposes need for data-centric protection

  Simple measures could have saved consumer security product supplier from insider breach

• November 06, 2019 06 Nov'19

  How Facebook’s ‘Switcheroo’ plan concealed scheme to kill popular apps

  Leaked documents reveal how Facebook used and abused app developers, cut off data to competitors, gave privileged access to its friends and used privacy as a cover story

• November 06, 2019 06 Nov'19

  Professional cyber criminals command $75k per annum

  An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers

• November 06, 2019 06 Nov'19

  Lawmakers study leaked Facebook documents made public today

  Computer Weekly publishes cache of leaked documents disclosed to Congress

• November 06, 2019 06 Nov'19

  Huawei: 5G growth will be maintained with or without US tech supply

  Huawei dismisses US tech sabre-rattling and claims it will continue robust business growth in 5G with or without US suppliers

• November 05, 2019 05 Nov'19

  Ransomware authors seeking new ways to avoid being spotted

  Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls

• November 05, 2019 05 Nov'19

  ICO launches data security campaign for UK General Election

  Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes

• November 05, 2019 05 Nov'19

  Gartner: The time is right to make IT a boardroom issue

  In many businesses, IT is regarded as an internal service provider and cost centre. Gartner says now is the best time for CIOs to make IT strategic

• November 01, 2019 01 Nov'19

  Banks let customers down with mixed approaches to security

  Treasury Committee report recommends new measures to tackle financial fraud

• October 31, 2019 31 Oct'19

  Alibaba Cloud earns security credentials in automotive and healthcare sectors

  Alibaba Cloud’s compliance with Tisax and GxP follows earlier efforts by major public cloud suppliers to win over enterprises with strict data protection and security rules

• October 30, 2019 30 Oct'19

  What will succeed the National Cyber Security Strategy?

  As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures

• October 29, 2019 29 Oct'19

  Fancy Bear resumes Olympic hacks ahead of Tokyo games

  Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft

• October 24, 2019 24 Oct'19

  Endpoint security is a procurement issue, says HP, IDC study

  Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders

• October 24, 2019 24 Oct'19

  £4,000 bug bounty could have saved BA from record ICO fine

  British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 22, 2019 22 Oct'19

  Banks move to contain impact of Samsung biometric flaw

  NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices

• October 22, 2019 22 Oct'19

  NordVPN blames datacentre provider for server breach

  VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue

• October 22, 2019 22 Oct'19

  Malware volumes decline, but risks are higher

  More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets

• October 22, 2019 22 Oct'19

  Over-30s tend to do better at cyber security than younger colleagues

  Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security

• October 21, 2019 21 Oct'19

  Equifax lawsuit offers more evidence against passwords

  Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords

• October 21, 2019 21 Oct'19

  Alleged state hackers adapting to cover their tracks, says NCSC

  A group called Turla with suspected links to the Russian government stole Iranian tools and infrastructure to obscure the origins of attacks on multiple other countries, according to new evidence

• October 18, 2019 18 Oct'19

  Huge rise in rogue banking apps driving fraud attacks

  Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA

• October 18, 2019 18 Oct'19

  Amazon consumer devices vulnerable to two-year-old exploit

  Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017

• October 17, 2019 17 Oct'19

  BEIS launches multimillion-pound security investment package

  Government is making available more than £50m to support a range of new cyber security initiatives and collaborations, including the latest phase of its Digital Security by Design programme

• October 17, 2019 17 Oct'19

  NHSX could transform NHS security capabilities

  The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service

• October 17, 2019 17 Oct'19

  Security threat landscape becomes more organised and business-like

  Approaches to securing the enterprise need to change in the face of a rapidly maturing threat landscape

• October 16, 2019 16 Oct'19

  Sweden’s first GDPR fine sets regulatory tone

  Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority

• October 15, 2019 15 Oct'19

  Attackers hunt iPhone jailbreakers in click fraud campaign

  Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices

• October 14, 2019 14 Oct'19

  Private equity swoops on Sophos

  British cyber security star picked up by technology sector investors for $3.9bn

• October 14, 2019 14 Oct'19

  Researchers reveal the cyber campaign that built China's new airliner

  CrowdStrike has published details of a coordinated campaign of cyber espionage and hacking, forced technology transfer and physical theft as China seeks to gain an advantage in the commercial aviation industry

• October 14, 2019 14 Oct'19

  The Security Interviews: Applying AI to Lego, and security

  Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up