News

Privacy and data protection

November 18, 2015 18 Nov'15
Cyber security mindset needs to change, says report

Government organisations are prime targets for cyber attacks, leading to increased importance on robust information security, according to a report by Intel Security and the Digital Government Security Forum
November 12, 2015 12 Nov'15
Three men charged over JP Morgan hacking and fraud

Exploiting the Heartbleed bug was one of the methods used by three men charged in connection with the theft of more than 100 million customer data records from financial institutions to carry out "pump and dump" fraud
November 11, 2015 11 Nov'15
Snoopers’ charter will force ISPs to raise broadband prices

The Science and Technology Select Committee hears that ISPs may be forced to put up their service charges to cover the cost of retaining communications data, should the Investigatory Powers Bill become law
November 11, 2015 11 Nov'15
Germany is finalising legislation to shore up CNI cyber security

Germany is working to ensure digital sovereignty through IT security legislation and negotiations on IT security regulations and transatlantic trade at a European Union level

November 10, 2015 10 Nov'15
EU data protection official optimistic on successor to Safe Harbour

An EU data protection official says he is optimistic that an alternative to the Safe Harbour agreement will be found, but it will take work from both the US and the EU
November 04, 2015 04 Nov'15
UAE recognises importance of cyber security, says official

Like the UK, the UAE federal government has identified the importance of creating an environment in which it is safe to do business online
November 03, 2015 03 Nov'15
Theresa May proposes bulk data and internet tracking under the Investigatory Powers Bill

The home secretary has unveiled the draft Investigatory Powers Bill, which sets out the government's plans to collect data on UK citizens' internet use
November 02, 2015 02 Nov'15
000Webhost blames PHP exploit for breach of 13.5 million records

Unencrypted passwords for a free web hosting firm were on sale for five months before customers were notified their records had been leaked, according to a security researcher
November 02, 2015 02 Nov'15
Theresa May promises strong oversight in surveillance bill

The proposed Investigatory Powers Bill contains “very strong” oversight and “world-beating” authorisation procedures, according to home secretary Theresa May
October 30, 2015 30 Oct'15
Law enforcement cracks down on DroidJack Android snooping malware users

A joint EU/US operation on the DroidJack malware is the latest example of international collaboration between law enforcement officers directed at cyber crime

October 29, 2015 29 Oct'15
M&S data breach forces retailer to temporarily suspend service

A glitch that allowed online customers to see each others' details forced retailer Mark & Spencer to take its website offline while it resolved the issue
October 23, 2015 23 Oct'15
TalkTalk warns customers about personal data breach

TalkTalk has warned customers their personal data may have been compromised in the second cyber attack on the firm in 2015, with some data left unencrypted
October 22, 2015 22 Oct'15
Police and industry to tackle cyber crime together, says TechUK

A TechUK report calls for collaboration between police and industry to raise standards of reporting, recording and responding to cyber crime
October 21, 2015 21 Oct'15
Infosec pros should start preparing for the future, say experts

Information security professionals need to grow their skills, engage with the business, increase security awareness, set business goals and tailor their messages, says a panel of experts
October 19, 2015 19 Oct'15
Dow Jones denies it was target of insider trading hack

Dow Jones says there is no information to support reports that it was the target of hackers seeking information for insider trading
October 16, 2015 16 Oct'15
Yahoo announces password-killing Account Key

Yahoo Account Key uses push notifications to provide a fast and secure way to access Yahoo accounts from a mobile device
October 13, 2015 13 Oct'15
Cyber security innovation is crucial, says security evangelist

Visibility and automation are key areas of cyber security innovation, but firms should concentrate first on the basics and not overlook the human element of security
October 12, 2015 12 Oct'15
NHS Health Apps Library to close

The NHS Health Apps Library is shutting down after a two-year tenure, shortly after NHS-approved apps were found to leak data
October 09, 2015 09 Oct'15
Apple removes more iOS apps over security concerns

Apple has blocked more apps over security concerns just weeks after ridding the App Store of XcodeGhost malware
October 08, 2015 08 Oct'15
Samsung Pay isolated from LoopPay attack

Hackers who compromised LoopPay’s computer systems had no access to Samsung Pay’s user data or other core information, says Samsung
October 07, 2015 07 Oct'15
Singapore and UK researchers investigate privacy in big data era

Academic organisations in Singapore and the UK collaborate on the privacy questions raised by big data and the cloud
October 06, 2015 06 Oct'15
Researchers find credential-stealing webmail server APT attack

Security researchers have discovered a new and unique advanced persistent threat (APT) technique that involves a malicious module loaded onto a webmail server
October 05, 2015 05 Oct'15
Facebook ruling not only landmark data protection case in Europe, say experts

A landmark ruling against Slovakia-based website Weltimmo could impact the Max Schrems case against Facebook and new European data protection rules currently being finalised
October 02, 2015 02 Oct'15
David Jones online customers hit by data breach

Hackers have accessed the personal details of an unknown number of David Jones online customers, but the retailer says payment details and passwords are not affected
September 30, 2015 30 Sep'15
Medical devices must be secure by design, say industry experts

The information security industry is calling for medical device manufacturers to design and build cyber security into all internet-enabled devices after thousands are found to be hackable
September 29, 2015 29 Sep'15
120-day patching gap puts many firms at risk of cyber attack, study shows

The probability of a vulnerability being exploited hits 90% between 40-60 days after discovery, but many firms are taking up to 60 days beyond that to patch, while others are failing to patch at all, a study shows
September 22, 2015 22 Sep'15
Is Microsoft Office 2016 reliable enough for business?

A day after a major Skype outage, Microsoft unveils Office 2016, which, ironically, offers tight integration with Skype
September 21, 2015 21 Sep'15
Department for Culture, Media and Sport takes over responsibility for data protection policy

Government transfers responsibility for data protection policy and ICO oversight from Ministry of Justice (MOJ) to Department for Culture, Media and Sport (DCMS)
September 21, 2015 21 Sep'15
Health chief 'should be held to account' for whistleblow errors

Former nurse and clincial commissioner Bernie Rochford claims unfair dismissal after blowing the whistle on IT problems which put patient care at risk
September 16, 2015 16 Sep'15
BT launches ethical hacking service for bankers

BT introduces a certified Crest Star ethical hacking test service for financial services customers
September 15, 2015 15 Sep'15
Most DDoS attacks hiding something more sinister, Neustar warns

Smaller DDoS attacks can be more dangerous than a powerful attack that knocks a company offline but does not install malware or steal data, warns Neustar
September 15, 2015 15 Sep'15
NHS trust denies bullying and intimidation of IT whistleblower

Managers were already aware of whistleblower's concerns about the accuracy of NHS Southwark's data, tribunal hears
September 14, 2015 14 Sep'15
RSA Group flags ID theft risk to Lloyds Bank customers following datacentre storage theft

International insurance group has seen 500 customers take up offer of identity theft protection in wake of datacentre theft
September 11, 2015 11 Sep'15
Security industry welcomes GCHQ password guidelines

GCHQ's guidance on password policy covers some of the most pressing issues facing UK businesses and employees today, according to Skyhigh Networks
September 10, 2015 10 Sep'15
US health insurer Excellus BlueCross BlueShield hit by data breach

Forensic investigation reveals a data breach at US health insurer Excellus BlueCross BlueShield exposing up to 11 million records 21 months after the first intrusion
September 10, 2015 10 Sep'15
Cloudian boosts object storage HyperStore compliance features

Distributed object storage software maker Cloudian upgrades HyperStore with added granularity of data protection features that can help meet compliance requirements
September 09, 2015 09 Sep'15
Security pros failing to address digital certificate risks, survey shows

Even though 90% of security professionals believe a leading CA will be compromised in next two years, only 13% have existing automation to deal with that happening
September 09, 2015 09 Sep'15
Conventional security measures hit productivity, study shows

Most IT professionals say context-aware security would improve productivity without compromising security, a survey from Dell reveals
September 09, 2015 09 Sep'15
Security vulnerability management more than patching, warns Secunia

Keeping track of what makes an IT environment vulnerable is an ongoing and complex task, according to Secunia
September 04, 2015 04 Sep'15
US State Department plans cyber security playbook

The US State Department issues a request for information to determine the capabilities of commercial industry to provide and maintain a cyber security playbook
September 01, 2015 01 Sep'15
Use 2FA to mitigate KeyRaider iOS malware, says Rapid7

KeyRaider iOS malware targeting iPhone users in China and 17 other countries including the UK has raised enterprise security concerns
August 28, 2015 28 Aug'15
Police arrest six UK teenagers for using DDoS cyber attack tool

Police arrest six UK teenagers on suspicion of using a DDoS attack tool targeting a national newspaper, a school and online gaming companies and retailers
August 27, 2015 27 Aug'15
Rapid7 calls on router makers to eliminate backdoors

Until manufacturers stop using default passwords, we will continue to see opportunistic attacks on home and small business routers, says Rapid7's Tod Beardsley
August 26, 2015 26 Aug'15
Many firms not getting to grips with third-party data security risk

Supply chain data security risk is pervasive, but being unable to deal with it is down to basic failings, says a cyber risk expert
August 25, 2015 25 Aug'15
Sans Institute identifies top UK cyber talent

The cream of UK cyber security talent selected from 24,000 candidates are set to begin eight weeks of intensive training in the first-ever intake at the Sans UK Cyber Academy
August 24, 2015 24 Aug'15
Spotify to update privacy policy after user protest

Some Spotify users are unhappy about new privacy policies that allow access to users’ photos, video, mobile device location, voice controls and contacts
August 21, 2015 21 Aug'15
ICO orders Google to remove links to right to be forgotten takedowns

The Information Commissioner's Office (ICO) says Google must remove newer links that reveal the same details as previously removed links
August 20, 2015 20 Aug'15
Broadband Stakeholder Group to review UK net neutrality policy

The Broadband Stakeholder Group commissions an independent review into the UK’s industry-led approach to net neutrality and the open internet
August 20, 2015 20 Aug'15
Mumsnet suffers multi-vector cyber attack

Mumsnet has been hit by a DDoS attack, its admin hacked and data stolen, and then a hoax call sent armed police to the home of the organisation's co-founder, Justine Roberts
August 20, 2015 20 Aug'15
Premiership Rugby scores security and efficiency with Intralinks

By setting access controls, Premiership Rugby can ensure that its partners get quick access only to role-appropriate content