News

Privacy and data protection

August 01, 2019 01 Aug'19
Leaked Sephora databases peddled on dark web

Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand
July 31, 2019 31 Jul'19
Financial services top cyber attack target

Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats
July 30, 2019 30 Jul'19
Australian firms grappling with “train-smash” of security legislation

While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators
July 30, 2019 30 Jul'19
Huawei ‘galvanised’ by Trump ban

Huawei has found itself caught in the crossfire of the US president’s trade war with China, but chairman Liang Hua says the firm is rising to the challenge

July 30, 2019 30 Jul'19
Former AWS engineer arrested for Capital One data breach

Capital One announces data breach affecting more than 100 million customers as US federal authorities arrest a Seattle woman formerly employed by Amazon Web Services
July 29, 2019 29 Jul'19
ICO selects first innovation Sandbox participants

UK privacy watchdog has chosen the first firms to take part in its Sandbox programme aimed at developing innovative and beneficial products and services that are privacy compliant
July 29, 2019 29 Jul'19
Visa card vulnerabilities enable contactless limit bypass

Security researchers have discovered vulnerabilities on Visa cards that could be exploited to bypass contactless payment limits and result in huge losses
July 29, 2019 29 Jul'19
WannaCry hero Marcus Hutchins spared jail

British security researcher who helped halt the global WannaCry ransomware attack that hit the NHS in 2017 has avoided jail in the US for creating other malware
July 29, 2019 29 Jul'19
Cyber kill chain is outdated, says Carbon Black

The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles
July 26, 2019 26 Jul'19
Email security as important as ever, report shows

Cyber security professionals need to keep up to date with email-borne threats because they continue to evolve and have a major impact on business, research reveals

July 26, 2019 26 Jul'19
86 million reasons to support No More Ransom

Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world
July 25, 2019 25 Jul'19
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated
July 25, 2019 25 Jul'19
Mobile banking malware surges in 2019

Mobile banking malware surged in the first half of the year, email scams geared up and attacks on cloud increased, while illicit cryptocurrency miners declined, report reveals
July 25, 2019 25 Jul'19
Facebook shrugs off $5bn fine, reports strong quarter

Investors responded positively after social networking firm reported better-than-expected second-quarter results after budgeting for FTC fine, but the company faces a further antitrust investigation
July 24, 2019 24 Jul'19
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine

Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission
July 24, 2019 24 Jul'19
Controversial ‘immigration exemption’ used in 60% of cases

The UK government has used a controversial GDPR opt-out in response to the majority of its immigration-related data requests since the start of 2019, the High Court has heard
July 23, 2019 23 Jul'19
Phishing attack highlights cyber security need at universities

UK university cyber security is once again under the spotlight after Lancaster University reveals that it has been targeted by a phishing attack used to send fake invoices
July 23, 2019 23 Jul'19
Almost a third of European firms still not compliant with GDPR

Almost a third of European businesses admit they are still not compliant with the EU’s General Data Protection Regulation, but there are encouraging signs of increased maturity in data protection, with the new rules driving better, ...
July 23, 2019 23 Jul'19
Norsk Hydro cyber attack could cost up to $75m

March 2019 ransomware attack could cost Norwegian aluminium giant up to $75m in the first half of the year, according to latest estimates
July 23, 2019 23 Jul'19
Data breach costs on the rise, IBM study shows

Data breach costs have risen in the past decade, and the financial impact can be felt for years. Breaches posing a growing risk for small businesses, a study shows, underlining the importance of incident response
July 23, 2019 23 Jul'19
High Court to hear challenge to immigration exemption in DPA

The High Court is to hear a challenge by two human rights groups of a controversial clause in new UK data protection legislation they say is in conflict with the EU’s Charter of Fundamental Rights and undermines the General Data Protection Regulation
July 23, 2019 23 Jul'19
Government delays final decision on Huawei

Culture secretary says he cannot yet make specific decisions about Huawei’s involvement in the UK’s telecoms and mobile networks due to a lack of clarity from the US, effectively green-lighting its use
July 22, 2019 22 Jul'19
US fines Equifax $700m over 2017 breach

Global settlement with US authorities follows systems breach that saw more than 140 million customer records stolen
July 22, 2019 22 Jul'19
Big tech firms back UK cyber security initiative

Big technology firms have pledged their support for UK investment in an initiative to “design out” of new tech the most damaging cyber security threats
July 19, 2019 19 Jul'19
Latest ICO fine highlights privacy due diligence

A week after issuing the first serious GDPR fines, the ICO has further underlined the importance of data stewardship and due diligence regarding privacy practices
July 19, 2019 19 Jul'19
Second CyberThreat Summit announced by NCSC and SANS Institute

CyberThreat 2019 aims to bring together a more diverse set of technical professionals in cyber security from the private and public sectors in the UK and abroad to encourage collaboration
July 19, 2019 19 Jul'19
Warzone bulletproof hosts protecting Magecart group

Security researchers have discovered a Magecart group operating with impunity using bulletproof hosting services, including one in battle-scarred Ukraine
July 19, 2019 19 Jul'19
HID weighs in the glacial move towards digital ID

There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert
July 18, 2019 18 Jul'19
Free tool reveals the true cost of ‘free’ online services

New data discovery portal developed by Finnish security firm F-Secure helps to uncover what Facebook, Amazon, Google and other tech giants know about consumers
July 18, 2019 18 Jul'19
Digital minister Margot James quits after Brexit vote

James voted against the government in an attempt to stop the next Prime Minister from suspending Parliament to force through a no-deal Brexit
July 18, 2019 18 Jul'19
Parliamentary committee calls for halt to facial recognition trials

Issues with biometrics and forensics pose a significant risk to effective functioning of the criminal justice system, according to a report by the Science and Technology Committee
July 18, 2019 18 Jul'19
UK poor cyber security practice undermining controls

UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals
July 17, 2019 17 Jul'19
Most security pros still concerned about public cloud security

Despite accelerated adoption of public cloud services by companies keen to benefit from increased efficiency, scalability and agility, most security professionals have reservations
July 17, 2019 17 Jul'19
Facebook accused of ‘breathtaking arrogance’ over Libra cryptocurrency plan

US senators grill Facebook’s David Marcus over social media giant’s plans to launch cryptocurrency
July 16, 2019 16 Jul'19
UN resolution ignores special rapporteur’s call for halt to spyware sales

UN’s Human Rights Council adopts resolution to explore the impact of new and emerging digital technologies on human rights, but the text ignores a damning report by the council’s own expert on freedom of expression
July 16, 2019 16 Jul'19
NCSC reports on second year of cyber defence at scale

The UK’s National Cyber Security Centre releases a report on the second year of its Active Cyber Defence programme to demonstrate its effects in the public sector and wider UK cyber ecosystem
July 15, 2019 15 Jul'19
UK launches 5G security inquiry

The Joint Committee on the National Security Strategy is to probe the UK government’s approach to telecoms technology as a national security issue
July 15, 2019 15 Jul'19
Smartodds bets on Rubrik backup appliance with cloud archive

Betting intelligence analytics firm Smartodds replaced its old tape backup infrastructure with Rubrik appliances to cut management time and database restores from hours to minutes
July 15, 2019 15 Jul'19
Billion-dollar privacy penalties put CEOs on notice

Facebook’s potential $5bn settlement with the FTC follows notifications of planned GDPR fines for British Airways and Marriott International, underlining the importance of data stewardship
July 15, 2019 15 Jul'19
No technical grounds to ban Huawei, DCMS told

Science and Technology Committee tells Department for Digital, Culture, Media and Sport that there are no technical grounds for it to exclude Huawei
July 15, 2019 15 Jul'19
Organisations turn to AI in race against cyber attackers

Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks
July 15, 2019 15 Jul'19
UK public sector needs to prioritise mobile device security

Only 10% of public service stolen and lost mobile are recovered, underlining the need for mobile-centric, zero-trust model to reduce the risk, says MobileIron
July 12, 2019 12 Jul'19
New FinSpy versions extend surveillance capabilities

New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers
July 12, 2019 12 Jul'19
Windows 10 to enable passwordless sign-in

Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security
July 11, 2019 11 Jul'19
Attacks against AI systems are a growing concern

European research group says attacks against AI systems are already occurring, difficult to identify, and could be far more common than currently understood
July 11, 2019 11 Jul'19
RiskIQ uncovers new Magecart campaign

A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers
July 11, 2019 11 Jul'19
Dutch privacy watchdog tells banks not to use customer payment data for marketing

Autoriteit Persoonsgegevens tells banks to respect client privacy and not to market products based on spending data
July 10, 2019 10 Jul'19
Max Schrems not calling for SCCs to be invalidated

The privacy activist at the centre of legal battle against Facebook is not calling for all standard contractual clauses to be invalidated, according to his non-profit privacy organisation
July 10, 2019 10 Jul'19
Agent Smith mobile malware hits millions of devices

New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered
July 10, 2019 10 Jul'19
Demand for ICO help escalates in GDPR's first year

The past year has seen increased demand across all support services offered by the UK’s privacy watchdog as new data protection laws went into force