News
Privacy and data protection
-
December 02, 2016
02
Dec'16
Academics link payment card vulnerability to Tesco Bank cyber heist
UK academics uncover a vulnerability in online payment systems, which they say could have been used in the Tesco Bank cyber heist
-
December 01, 2016
01
Dec'16
US and UK government expand surveillance powers
The US has introduced wide new hacking powers for federal agents a day after the UK's Investigatory Powers Act firmed up bulk surveillance powers for intelligence and polices services
-
December 01, 2016
01
Dec'16
Mozilla and Tor issue patches for Firefox flaw exposing Tor users
Users of Tor anonymous browsing urged to update to the latest versions of relevant software to block an exploit that collects IP and MAC addresses to identify users
-
November 28, 2016
28
Nov'16
IBM blamed for Australian census website crash
Computer giant reportedly pays $30m to Australian government as reports are released from two inquiries into DDoS attacks on census website
-
November 25, 2016
25
Nov'16
One in four Wi-Fi hotspots vulnerable to attack, study finds
At least one in four Wi-Fi hotspots are open to attack, a study by Kaspersky Lab reveals
-
November 22, 2016
22
Nov'16
Consumer identity key to digital transformation
Customer identity and access management has benefits for consumers and service providers alike, but is key to digital transformation, says KuppingerCole
-
November 22, 2016
22
Nov'16
Alleged hacker Lauri Love’s ‘life will be destroyed’ under Trump regime
Supporters fear for activist Lauri Love if his extradition to face hacking charges to the US goes ahead
-
November 18, 2016
18
Nov'16
Three breach highlights several security issues, says (ISC)2
Customer data breaches continue to demonstrate that companies are still not treating cyber risk like every other business risk, says Adrian Davis of (ISC)2
-
November 18, 2016
18
Nov'16
Hackers arrested in Three mobile upgrade scam
Three men arrested in connection with mobile handset upgrade fraud enabled by unauthorised access to customer data
-
November 16, 2016
16
Nov'16
Digital transformation not a finite process, says Martin Kuppinger
Security, privacy and identity are key to digital transformation, which is an evolutionary process, according to Martin Kuppinger
-
November 16, 2016
16
Nov'16
Government data security confusing, finds PAC
A Public Accounts Committee hearing shows the government’s data and cyber security landscape is chaotic and confusing
-
November 15, 2016
15
Nov'16
Online identity needs to be fixed, says Microsoft’s Kim Cameron
Software giant’s identity architect calls on enterprises to professionalise the way they relate to customers to help replace online identity infrastructure that is not fit for purpose
-
November 15, 2016
15
Nov'16
Amber Rudd orders Lauri Love extradition to US to face hacking charges
Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health
-
November 14, 2016
14
Nov'16
412 million user accounts exposed in FriendFinder Networks hack
Another huge data breach has exposed poor security of user details and continued poor user password practices
-
November 11, 2016
11
Nov'16
Russian banks hit by IoT-enabled DDoS attacks
DDoS attacks on Russian banks have been linked to IoT botnets, further confirming this worrying trend and highlighting the need for IoT suppliers to improve security capabilties
-
November 11, 2016
11
Nov'16
24 cyber criminals arrested in Europol operation
Romanian police arrest 24 members of a card skimming and cloning operation and identify 47 other suspects
-
November 02, 2016
02
Nov'16
Pure-play cyber security has real value, says incoming McAfee head
Intel Security has outlined its strategy to protect the new digital economy as it gears up for innovation as a new independent pure-play security firm under the McAfee banner
-
October 28, 2016
28
Oct'16
Apple iCloud and Gmail hacker gets 18 months in jail
A US man is given a sentence of 18 months in jail for hacking into celebrity iCloud and Gmail accounts after investigators failed to find a link with the leak of celebrity nude photos online in 2014
-
October 27, 2016
27
Oct'16
Information security set for steep trajectory, says (ISC)2
By helping to create a thriving, diverse and open information security community, (ISC)2 hopes to ensure a steep rise for the profession
-
October 20, 2016
20
Oct'16
Lessons to be learned from attempted $1bn bank heist
Analysis of an attack aimed at stealing $1bn reveals important lessons for cyber defenders, says BAE Systems head of threat intelligence Adrian Nish
-
October 20, 2016
20
Oct'16
Armed forces minister wants military recruiters to "think different" to attract cyber security pros
Armed Forces minister Mike Penning says military must rethink how it recruits trainees to attract people with the cyber security skills the country needs to protect itself
-
October 19, 2016
19
Oct'16
Snowden: the IT analyst turned whistleblower who exposed mass surveillance
Oliver Stone's biopic on Edward Snowden reaches the heart of the ethical crisis posed by mass surveillance for the state and ordinary citizens
-
October 19, 2016
19
Oct'16
Information security needs to cast recruitment net wider, says panel
Companies struggling to fill info sec roles should focus on finding people who can do what they need, not on qualifications, according to a security industry panel
-
October 18, 2016
18
Oct'16
Saving Lauri Love: activists plan their next move
An eclectic bunch of activists, charity workers and reformed hackers spent a rainy Sunday afternoon plotting their next move in a campaign to save Lauri Love from extradition to the US on hacking charges
-
October 18, 2016
18
Oct'16
Most businesses vulnerable to cyber attacks through firmware, study shows
Company culture and overall attitude to security is a major contribution to vulnerability to cyber attack through firmware, a study by Isaca has revealed
-
October 14, 2016
14
Oct'16
Digital Economy Bill lacks clarity on data sharing, experts say
The Digital Economy Bill needs to firm up its definitions on data sharing and improve transparency to avoid losing public trust, according to experts
-
October 14, 2016
14
Oct'16
Retail websites riddled with security holes, researchers warn
Retailers urged to improve the security of their online stores amid a series of discoveries of cyber criminal campaigns to exploit vulnerabilities in retail websites
-
October 13, 2016
13
Oct'16
Almost two-thirds of US office workers unaware of ransomware threat
Nearly half of ransomware attacks are aimed at office workers, but almost two-thirds of those polled in the US are unaware of the threat
-
October 10, 2016
10
Oct'16
Smartwatches banned from UK Cabinet as EC plans IoT security standards
The EC is planning a security certification scheme for internet of things devices as the UK Cabinet bans smartwatches amid heightened fears of cyber espionage
-
September 29, 2016
29
Sep'16
NGOs challenge UK and US mass surveillance in human rights court
Privacy International, Liberty and the American Civil Liberties Union are among 10 human rights groups backing a landmark challenge to mass surveillance in the European Court of Human Rights
-
September 29, 2016
29
Sep'16
Trust issues stifling digital economy growth, study shows
Businesses that have products and services based on trust have a significant opportunity to future-proof their business, but those who do not risk being side-lined, a study shows
-
September 20, 2016
20
Sep'16
Business warned not to be complacent about cyber security
Lloyds of London survey reveals just how badly some European firms are failing in terms of cyber security and low levels of awareness about the role of cyber insurance
-
September 16, 2016
16
Sep'16
Alleged hacker Lauri Love can be extradited to the US, court rules
Westminster Magistrates’ Court has ruled that alleged hacker, Lauri Love, can be extradited to the US, where he could face a 99-year prison sentence
-
September 12, 2016
12
Sep'16
MaidSafe secure internet concept enters testing phase
Scottish internet startup MaidSafe brings its vision for a more private and secure approach to the web a step closer to reality
-
September 07, 2016
07
Sep'16
NSA used Iraq war to develop surveillance capability, documents show
As the controversial Investigatory Powers Bill inches closer to becoming law, NSA documents reveal that the agency used the Iraq war to develop and expand its surveillance infrastructure
-
September 07, 2016
07
Sep'16
Basic security could have prevented OPM breach, says report
Basic security controls and malware-detection tools could have prevented the breach of more than 21 million records at the US Office of Personnel Management in 2015, claims a congressional report
-
September 06, 2016
06
Sep'16
Use ransomware to get security buy-in, says Trend Micro CTO
Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes
-
September 01, 2016
01
Sep'16
Lessons from the Dropbox breach
Dropbox is the latest major company to confirm a data breach, albeit four years old, but – as with all recent data breaches by cloud-based services – it highlights some key security lessons
-
August 31, 2016
31
Aug'16
Evidence of DNS tunnelling in two-fifths of business networks
Cyber criminals are capitalising on the failure of many businesses to examine their DNS traffic for malware insertion and data exfiltration, according to Infoblox
-
August 30, 2016
30
Aug'16
Westpac bank launches Databank data protection service
Australia's Westpac bank is offering organisations that share customer data a service that it says securely locks down personal information
-
August 30, 2016
30
Aug'16
Encryption hiding malware in half of cyber attacks
Cyber attackers are using encryption to hide malicious activity, making it increasingly difficult to find as more organisations turn to encryption to protect data, a study has revealed
-
August 26, 2016
26
Aug'16
Law firms planning litigation market for GDPR
Businesses should be preparing for the storm of litigation that is likely to be unleashed when the GDPR goes into force, warns Stewart Room of PwC Legal
-
August 25, 2016
25
Aug'16
French submarine maker data breach highlights challenges of IP security
French naval contractor data breach proves that protecting intellectual property is challenging, say security experts
-
August 19, 2016
19
Aug'16
Expect ransomware arrests soon, says bitcoin tracking firm Chainalysis
Law enforcement organisations are set to ramp up arrests of cyber criminals behind ransomware attacks, according to financial technology startup Chainalysis
-
August 19, 2016
19
Aug'16
Police arrest woman in connection with Sage data breach
A woman has been arrested on suspicion of fraud in connection with a data breach at accounting software firm Sage
-
August 16, 2016
16
Aug'16
Cerber ransomware service reaps $195,000 profit in a month
Franchises such as Cerber are making highly profitable ransomware available to a broader range of cyber criminals, according to a report by security firm Check Point
-
August 15, 2016
15
Aug'16
Financial sector faces era of cyber mega heists
Banks and other financial institutions are threatened by a new breed of elite cyber criminals running professional operations that will use any means to achieve their goals, says Barclays security chief
-
August 15, 2016
15
Aug'16
Sage data breach underlines insider threat
Organisations need to take insider threats more seriously say security experts, as Sage warns that a data breach using an internal log-in may have compromised employee data at nearly 300 UK firms
-
August 10, 2016
10
Aug'16
MI5 staff repeatedly overrode data surveillance rules
Security service MI5 is responsible for 210 “clear contraventions” over five years for the way it accessed private internet and telephone data
-
August 08, 2016
08
Aug'16
Strider cyber attack group deploying malware for espionage
Symantec security researchers have uncovered a spying campaign by a previously unknown group using modular malware as stealthware