News

Security policy and user awareness

October 31, 2025 31 Oct'25
European governments opt for open source alternatives to Big Tech encrypted communications

European governments are rolling out decentralised secure messaging and collaboration services as they seek to reduce their reliance on Big Tech companies
October 31, 2025 31 Oct'25
Cyber agencies co-sign Exchange Server security guide

US and allied cyber agencies team up to try to nudge users to pay more attention to securing Microsoft Exchange Server
October 30, 2025 30 Oct'25
Yubico bolsters APAC presence, touts device subscriptions

Yubico is hiring local teams in Singapore and pitching its subscription service to help enterprises secure employee access to corporate networks and applications
October 29, 2025 29 Oct'25
Scope of US state-level privacy laws expands rapidly in 2025

Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge

October 28, 2025 28 Oct'25
Effective cyber sanctions require a joined-up approach, says Rusi

Calling out and sanctioning cyber threat actors can be an effective tool, but is not a universal panacea, and needs to be considered as part of a wider, strategic approach, say Rusi think tank analysts
October 27, 2025 27 Oct'25
LockBit 5.0 expands targeting amid ransomware escalation

The LockBit RaaS operation is back in action, with technical features and expanded targeting, and is contributing to a steadily growing number of ransomware attacks
October 24, 2025 24 Oct'25
UK ramps up ransomware fightback with supply chain security guide

Multinational guidance, developed by the UK and Singapore, is designed to help organisations reinforce their supply chain against ransomware attacks
October 23, 2025 23 Oct'25
Amid CISA cuts, US state launches first VDP

Legislators in Annapolis, Maryland, have teamed up with Bugcrowd to launch a statewide vulnerability disclosure programme
October 22, 2025 22 Oct'25
Jaguar Land Rover attack to cost UK £1.9bn, say cyber monitors

The UK's Cyber Monitoring Centre calculates the overall cost of the Jaguar Land Rover cyber attack will be almost two billion pounds
October 22, 2025 22 Oct'25
Building security and trust in AI agents

AI agents require standardised guidelines, clear human responsibility and a shared language between developers and policymakers to be secure and trusted, experts say

October 21, 2025 21 Oct'25
New cyber resilience centre to help SMEs fend off cyber threats

Spearheaded by the Singapore Business Federation, the cyber resilience centre will equip SMEs in the city-state with cyber security capabilities to mitigate and recover from cyber attacks
October 16, 2025 16 Oct'25
Gitex 2025: Help AG aims to be global cyber force as UAE leads AI security transformation

Acting CEO Aleksandar Valjarevic discusses how Help AG is evolving from a regional cyber security authority into a global innovation-driven player, powered by sovereign services, AI automation and managed security models
October 15, 2025 15 Oct'25
Obsession with cyber breach notification fuelling costly mistakes

The race to meet security breach notification deadlines is leading to staff burnout, destroyed evidence and a culture of blame, warns a Trend Micro risk and security strategist
October 14, 2025 14 Oct'25
NCSC calls for action after rise in ‘nationally significant’ cyber incidents

National Cyber Security Centre says businesses should take action now as the number of nationally significant cyber incidents doubles
October 07, 2025 07 Oct'25
The Security Interviews: David Bradbury, CSO, Okta

Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model
October 01, 2025 01 Oct'25
US government shutdown stalls cyber intel sharing

A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.
September 26, 2025 26 Sep'25
Over half of India-based companies suffer security breaches

Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year
September 26, 2025 26 Sep'25
Okta CEO: AI security and identity security are one and the same

At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations
September 25, 2025 25 Sep'25
Netherlands establishes cyber resilience network to strengthen public-private digital defence

Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing
September 23, 2025 23 Sep'25
SolarWinds warns over dangerous RCE flaw

A newly uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously issued fixes, and users should prioritise updates as exploitation is likely to occur
September 23, 2025 23 Sep'25
‘Our worst day’: The untold story of the Electoral Commission cyber attack

As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly
September 19, 2025 19 Sep'25
UK cyber action plan lays out path to resilience

A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector
September 17, 2025 17 Sep'25
Microsoft scores win against Office 365 credential thieves

Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials
September 17, 2025 17 Sep'25
Lufthansa pilots EU Digital Identity Wallet-based travel

Travellers will only be required to tap their phone to pass the various steps of checking in and boarding aircraft
September 16, 2025 16 Sep'25
Exabeam: Treat AI agents as the new insider threat

As artificial intelligence agents are given more power inside organisations, Exabeam’s chief AI officer, Steve Wilson, argues they must be monitored for rogue behaviour just like their human counterparts
September 15, 2025 15 Sep'25
Arqit to support NCSC’s post-quantum cryptography pilot

Quantum specialist Arqit will provide specialised post-quantum migration planning services to organisations preparing to address the imminent risks to traditional cryptography
September 11, 2025 11 Sep'25
Students an increasing source of cyber threat in UK schools

Insider threats arising from student activity now appears to be the chief cause of notifiable cyber or data breach incidents in Britain’s schools
September 10, 2025 10 Sep'25
Splunk.conf: Cisco and Splunk expand agentic SOC vision

The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims
September 10, 2025 10 Sep'25
Open source security and sustainability remain unsolved problem

While software bills of materials offer some transparency over software components, they don’t solve the imbalance between corporate consumption of open source software and the lack of investment in its security and health
September 09, 2025 09 Sep'25
Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right
September 05, 2025 05 Sep'25
US politicians ponder Wimwig cyber intel sharing law

US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities
August 28, 2025 28 Aug'25
UK cyber security centre helps expose China-based cyber campaign

GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses
August 27, 2025 27 Aug'25
Incident response planning cuts the risk of claiming on cyber security insurance

Proper attention to incident response planning is emerging as a core cyber control when it comes to reducing the risk of having to claim on cyber security insurance, according to a report
August 27, 2025 27 Aug'25
Ransomware activity levelled off in July, says NCC

Ransomware levels held steady in the month of July, although the risk remained as persistent as ever
August 26, 2025 26 Aug'25
Three new Citrix NetScaler zero-days under active exploitation

Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor
August 25, 2025 25 Aug'25
Ransomware attack volumes up nearly three times on 2024

During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024
August 21, 2025 21 Aug'25
Moscow exploiting seven-year-old Cisco flaw, says FBI

US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software
August 21, 2025 21 Aug'25
Scale of MoD Afghan data breaches widens dramatically

Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists
August 21, 2025 21 Aug'25
Apple iOS update fixes new iPhone zero-day flaw

Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users
August 19, 2025 19 Aug'25
Google spins up agentic SOC to speed up incident management

Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite
August 19, 2025 19 Aug'25
Deepfake AI scammers target the Big Yin

Cyber criminal scammers exploiting GenAI to create deepfake AI tools are targeting one of the UK’s most beloved comics, and one of its strongest accents
August 19, 2025 19 Aug'25
ISACA launches AI security management certification

ISACA accredited security professionals can now pursue a new AI security management credential
August 19, 2025 19 Aug'25
Singapore board directors to get cyber crisis training

The Singapore Institute of Directors and Ensign InfoSecurity have launched a programme to equip 1,000 board leaders with the skills to navigate high-stakes decisions during a cyber crisis
August 18, 2025 18 Aug'25
Workday hit in wave of social engineering attacks

A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday
August 18, 2025 18 Aug'25
L’Oréal to promote cyber resilience for Britain’s beauty salons

L’Oréal UK and Ireland will work with law enforcement, cyber educators and students, and other large organisations to help thousands of small salons across the UK improve their cyber resilience practice
August 15, 2025 15 Aug'25
US trade body calls on Washington to cut cyber red tape

The US Information Technology Industry Council has called on the White House’s Office of the National Cyber Director to cut burdensome regulations in areas such as AI and incident reporting, and to do more to build a unified security regime
August 12, 2025 12 Aug'25
Eight critical RCE flaws make Microsoft’s latest Patch Tuesday list

Microsoft rolls out fixes for over 100 CVEs in its August Patch Tuesday update
August 12, 2025 12 Aug'25
Researchers firm up ShinyHunters, Scattered Spider link

ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs
August 12, 2025 12 Aug'25
UK work visa sponsors are target of phishing campaign

Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud
August 08, 2025 08 Aug'25
OpenAI closes gap to artificial general intelligence with GPT-5

As OpenAI’s latest large language model delivers smarter AI, experts are wary of the risks GPT-5 poses to human creativity