News
Regulatory compliance and standard requirements
-
July 25, 2024
25
Jul'24
Fortune 500 stands to lose $5bn plus from CrowdStrike incident
The largest global organisations hit by the CrowdStrike-Microsoft incident on 19 July will likely be out of pocket to the tune of billions of dollars
-
July 24, 2024
24
Jul'24
Mimecast to buy insider threat specialist Code42
Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms
-
July 24, 2024
24
Jul'24
WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears
Defence lawyers seek leave to appeal a decision by the Investigatory Powers Tribunal that the National Crime Agency lawfully obtained warrants to intercept messages sent over an encrypted phone network
-
July 23, 2024
23
Jul'24
Innovations to power secure-by-design development
Secure Code Warrior unveils technology designed to help CISOs and AppSec teams ensure their projects remain safe and free of coding errors and vulnerabilities – a big issue following the CrowdStrike incident
-
July 23, 2024
23
Jul'24
Chrome cookies reprieved amid Google Privacy Sandbox changes
Google abruptly changes tack on third-party cookies in its Chrome web browser, cancelling plans to deprecate them in favour of an unspecified ‘new experience’ for users
-
July 22, 2024
22
Jul'24
CrowdStrike chaos shows risks of concentrated ‘big IT’
The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous
-
July 18, 2024
18
Jul'24
Growth in nude image sharing heightens cyber abuse risk
The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky
-
July 17, 2024
17
Jul'24
UK Cyber Bill teases mandatory ransomware reporting
In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting
-
July 17, 2024
17
Jul'24
Hackney Council reprimanded over 2020 ransomware attack
The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating cyber attack, but at the same time, the regulator praised the local authority for its response and commitment to making improvements
-
July 16, 2024
16
Jul'24
Strategic Defence Review must emphasise cyber security, says industry
Cyber security leaders say the new government's Strategic Defence Review needs to put digital security front and centre
-
July 11, 2024
11
Jul'24
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain
-
July 10, 2024
10
Jul'24
The security interview: Managing the ‘no’ mindset
Matt Riley, data protection and information security officer at Sharp Europe, discusses balancing cyber risks with business leaders’ goals
-
July 08, 2024
08
Jul'24
Synnovis attack highlights degraded, outdated state of NHS IT
More cyber attacks against the health service are likely, and will succeed if something isn’t done to address the increasingly elderly NHS IT estate, experts are warning
-
June 27, 2024
27
Jun'24
Gulf Edge to operate Google Distributed Cloud in Thailand
The Gulf Energy subsidiary will offer Google’s sovereign cloud service in Thailand with a focus on air-gapped configurations
-
June 25, 2024
25
Jun'24
NHS experts raise warning over patient data breach risk in registries project
Clinicians warn that the NHS England Outcome Registries Platform has poor security and is vulnerable to cyber attack, putting critical patient data at risk of being exposed
-
June 21, 2024
21
Jun'24
Sellafield whistleblower ordered to pay costs after email tampering claims
A former consultant at Sellafield has been ordered to pay costs for having ‘acted unreasonably’ in claiming the nuclear facility tampered with metadata in letters used against her in court
-
June 21, 2024
21
Jun'24
Qilin ransomware gang publishes stolen NHS data online
The ransomware gang behind a major cyber attack on NHS supplier Synnovis has published a 400GB trove of private healthcare data online
-
June 21, 2024
21
Jun'24
Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban
The US government is stopping Kaspersky Lab from offering its antivirus software and cyber security tools to US firms and citizens
-
June 19, 2024
19
Jun'24
Microsoft admits no guarantee of sovereignty for UK policing data
Documents show Microsoft’s lawyers admitted to Scottish policing bodies that the company cannot guarantee sensitive law enforcement data will remain in the UK, despite long-standing public claims to the contrary
-
June 11, 2024
11
Jun'24
PSNI ran secret unit to monitor journalists’ and lawyers’ phones, claims former senior officer
The Police Service of Northern Ireland denies claims that its anti-corruption unit used a standalone computer to ‘avoid scrutiny and control’
-
June 11, 2024
11
Jun'24
More than 160 Snowflake customers hit in targeted data theft spree
Mandiant reports that more than 160 Snowflake customers have been hit in a broad data theft and extortion campaign targeting organisations that have failed to pay proper attention to securing valuable credentials
-
June 07, 2024
07
Jun'24
Northern Irish police used covert powers to monitor over 300 journalists
PSNI publishes report on police surveillance of journalists and lawyers, but Northern Ireland’s Policing Board says it does not give the assurances needed
-
June 07, 2024
07
Jun'24
Bitdefender makes MDR services free to NHS bodies hit by Qilin
Bitdefender offers NHS bodies affected by a major cyber incident free access to its product suite, as the health service continues to deal with the impact of the Qilin ransomware attack on partner Synnovis
-
June 04, 2024
04
Jun'24
OAIC files civil penalty action against Medibank
The OAIC alleges that Medibank failed to take reasonable steps to protect the personal information of 9.7 million Australians in the October 2022 data breach
-
June 03, 2024
03
Jun'24
Police chief commissions ‘independent review’ of surveillance against journalists and lawyers
PNSI chief constable appoints lawyer to conduct review into police phone surveillance of journalists, lawyers and NGOs
-
June 03, 2024
03
Jun'24
97 FTSE 100 firms exposed to supply chain breaches
Between March 2023 and March 2024, 97 out of 100 companies on the UK’s FTSE 100 list were put at risk of compromise following supply chain breaches at third-party suppliers
-
June 03, 2024
03
Jun'24
AI Seoul Summit review
Dozens of governments and tech companies attending the second global AI Safety Summit have committed themselves to the safe and inclusive development of the technology, but questions remain around whether the commitments made go far enough
-
June 02, 2024
02
Jun'24
Ticketek Australia hit by data breach
Customer names, dates of birth and email addresses of Ticketek Australia account holders reportedly impacted in latest data breach affecting event ticketing firm
-
May 31, 2024
31
May'24
Law student ‘unfairly disciplined’ after reporting data breach blunder
A law student has accused a leading legal college of unethical behaviour and a “lack of integrity” after it brought misconduct proceedings against him when he reported a data security blunder
-
May 28, 2024
28
May'24
Executive Interview: Why Dell wants to be your one-stop AI shop
At Dell Technologies World in Las Vegas, artificial intelligence was the talk of the town as Dell staked out an all-encompassing strategy ahead of an anticipated goldrush. Dell’s Nick Brackney explains why the tech giant believes it's onto a winner
-
May 23, 2024
23
May'24
Northern Ireland police face £750,000 fine after data protection blunder put lives at risks
Information commissioner John Edwards uses discretion to reduce proposed fine from £5.6m to £750,000
-
May 23, 2024
23
May'24
Munich Re sees strong growth in AI insurance
Global reinsurance giant Munich Re expects more demand for AI insurance from organisations that are looking to manage the risks of AI as they experiment more with the technology
-
May 21, 2024
21
May'24
Parliamentary committee criticises big tech response to election threats
Parliamentary committee says tech companies ‘regurgitated publicly available content’ and failed to address questions raised by MPs and peers
-
May 21, 2024
21
May'24
The Security Interviews: What is the real cyber threat from China?
Former NCSC boss Ciaran Martin talks about nation-state attacks, why the UK has become so exercised about cyber espionage, and how our leaders are in danger of misunderstanding their adversaries
-
May 20, 2024
20
May'24
WikiLeaks founder Julian Assange granted appeal
Two high court judges granted WikiLeaks founder Julian Assange leave to appeal against extradition to the US after defence lawyers argued that the US had failed to give adequate assurances
-
May 17, 2024
17
May'24
Why the UK needs to fix its broken IT security market
Ollie Whitehouse, CTO of GCHQ’s National Cyber Security Centre, says the market for secure software is broken. Are new laws required to make software companies liable for poor security?
-
May 15, 2024
15
May'24
Cyber Safety Force wants to change conversation around risk
A consortium to help cyber pros better manage risk has launched, with ambitious goals to change the nature of the conversation from cyber security to cyber safety
-
May 15, 2024
15
May'24
WikiLeaks founder’s extradition case labelled ‘institutional corruption’
Call for Julian Assange to be prosecuted in the US has been condemned as ‘institutional corruption on a judicial level’ with the WikiLeaks founder a ‘political prisoner’
-
May 14, 2024
14
May'24
CyberUK 24: UK insurance industry gets tough on ransomware
Three of the UK’s largest insurance associations have signed on to a new initiative spearheaded by the NCSC to try to bring down the number of ransomware payments being made
-
May 10, 2024
10
May'24
Over 5.3 billion data records exposed in April 2024
The number of data records breached in April 2024 hit over five billion, a staggering year-on-year increase
-
May 09, 2024
09
May'24
Cyber attack victims need to speak up, says ICO
The Information Commissioner’s Office is urging organisations to be transparent and learn from each other’s mistakes as it reveals most of the cyber attacks it responds to stem from the same core errors
-
May 09, 2024
09
May'24
Ofcom publishes draft online child safety rules for tech firms
In the draft codes, Ofcom calls on technology firms to use ‘robust’ age-checking and content moderation systems to keep harmful material away from children online
-
May 08, 2024
08
May'24
Police accessed phone records of ‘trouble-making journalists’
The Police Service of Northern Ireland ran a rolling programme to monitor phone records of journalists to identify the source of police leaks, it was claimed today
-
May 03, 2024
03
May'24
Patch GitLab vuln without delay, users warned
The addition of a serious vulnerability in the GitLab open source platform to CISA’s KEV catalogue prompts a flurry of concern
-
May 03, 2024
03
May'24
EU calls out Fancy Bear over attacks on Czech, German governments
The European Union, alongside member states Czechia and Germany, have accused Russian government APT Fancy Bear of being behind a series of attacks on political parties and government bodies
-
May 02, 2024
02
May'24
NCSC updates warning over hacktivist threat to CNI
The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked
-
May 02, 2024
02
May'24
Dropbox Sign user information accessed in data breach
Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure
-
May 02, 2024
02
May'24
Ukrainian national sentenced over REvil ransomware spree
A 24-year-old Ukrainian man has been sentenced to more than 13 years in prison after being convicted of his role in the REvil ransomware attacks
-
May 02, 2024
02
May'24
BBC instructs lawyers over allegations of police surveillance of journalist
Lawyers for the BBC have written to the Investigatory Powers Tribunal over allegations that the Police Service of Northern Ireland spied on investigative journalist Vincent Kearney
-
May 01, 2024
01
May'24
EMEA CISOs must address human factors behind cyber incidents
The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching