News
Security policy and user awareness
-
November 02, 2022
02
Nov'22
UK spent £6.4m on secret cyber package for Ukraine
Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks
-
November 01, 2022
01
Nov'22
A third of UK cyber leaders want to quit, report says
Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload
-
November 01, 2022
01
Nov'22
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful
-
October 31, 2022
31
Oct'22
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
-
October 27, 2022
27
Oct'22
Government ups cyber support for elderly, vulnerable web users
DCMS announces a funding boost to help the elderly, disabled and other vulnerable groups stay safe online and avoid being misled by disinformation
-
October 27, 2022
27
Oct'22
NCSC’s Levy steps down after 20-year intelligence career
NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’
-
October 27, 2022
27
Oct'22
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
-
October 27, 2022
27
Oct'22
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia
-
October 27, 2022
27
Oct'22
Santander calls for cooperation to tackle APP fraud
New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud
-
October 26, 2022
26
Oct'22
Cuba ransomware cartel spoofs Ukraine armed forces
Ukrainian cyber experts issue a warning over the activities of the Cuba ransomware cartel
-
October 25, 2022
25
Oct'22
Global digital trust market to double by 2027
The global market for digital trust technology is expected to double to $537bn by 2027, up from $270bn today as demand for cyber security and other capabilities continues to grow
-
October 25, 2022
25
Oct'22
Digital-first businesses more willing to accept some fraud
Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report
-
October 24, 2022
24
Oct'22
Complacency biggest cyber risk to UK plc, says ICO
Information commissioner John Edwards warns against complacency as his office issues a multimillion-pound fine to a building company that failed to prevent a ransomware attack
-
October 24, 2022
24
Oct'22
Half of staff might quit after a cyber attack, report says
Findings from a survey of CISOs, IT leaders and staffers reveal how experiencing a cyber incident may take a larger-than-thought toll on employee retention
-
October 20, 2022
20
Oct'22
Cyber professional shortfall hits 3.4 million
Shortage of cyber security professionals continues to grow and shows no signs of abating, says report
-
October 19, 2022
19
Oct'22
Ransomware crews regrouping as LockBit rise continues
Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead
-
October 19, 2022
19
Oct'22
Treat cyber crime as a ‘strategic threat’, UK businesses told
The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community
-
October 18, 2022
18
Oct'22
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report
-
October 14, 2022
14
Oct'22
Malicious WhatsApp add-on highlights risks of third-party mods
Kaspersky researchers discovered a malicious version of a widely used WhatsApp messenger mod, highlighting the risks of using so-called mods
-
October 13, 2022
13
Oct'22
Cyber training firm KnowBe4 bought by private equity firm
Acquisition of KnowBe4 supposedly reflects the success the company has seen since its spring 2021 IPO
-
October 13, 2022
13
Oct'22
Unsung Heroes Awards celebrate diversity in cyber community
The seventh annual Security Serious Unsung Heroes Awards recognise those trying to improve diversity and mental health in cyber for the first time
-
October 12, 2022
12
Oct'22
NCSC urges organisations to secure supply chains
NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers
-
October 12, 2022
12
Oct'22
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen
-
October 10, 2022
10
Oct'22
Ukraine and EU explore deeper cyber collaboration
A Ukrainian delegation has met with officials from the EU’s ENISA cyber agency to explore deeper cooperation on cyber security issues
-
October 05, 2022
05
Oct'22
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure
-
October 04, 2022
04
Oct'22
Tories to replace GDPR
IT industry reacts to the government’s plan to replace the pan-European data protection regulation
-
September 29, 2022
29
Sep'22
Five startups to join NCSC for Startups initiative
The NCSC has invited five startups to join its NCSC for Startups programme to help the government with pressing cyber challenges facing the UK
-
September 29, 2022
29
Sep'22
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia
-
September 28, 2022
28
Sep'22
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs
-
September 28, 2022
28
Sep'22
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access
-
September 27, 2022
27
Sep'22
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic
-
September 26, 2022
26
Sep'22
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials
-
September 26, 2022
26
Sep'22
More than 30 startups to join Plexal’s Cyber Runway accelerator
Now in its second year, the Cyber Runway accelerator has been designed to support firms at various stages of growth, as well as help the cyber security sector to improve on its diversity, inclusion and regional representation
-
September 23, 2022
23
Sep'22
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns
-
September 22, 2022
22
Sep'22
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets
-
September 22, 2022
22
Sep'22
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism
-
September 21, 2022
21
Sep'22
NCSC publishes cyber guidance for retailers
The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime
-
September 21, 2022
21
Sep'22
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix
-
September 20, 2022
20
Sep'22
Thousands of customers affected in Revolut data breach
Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack
-
September 20, 2022
20
Sep'22
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber
-
September 16, 2022
16
Sep'22
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010
-
September 16, 2022
16
Sep'22
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist
-
September 15, 2022
15
Sep'22
EU Cyber Resilience Act sets global standard for connected products
European Commission lays out proposed security regulations on device and software security to better protect consumers and drive global standards
-
September 15, 2022
15
Sep'22
Nominations closing soon for annual cyber awards
Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September
-
September 15, 2022
15
Sep'22
New player pioneers ‘active cyber insurance’ for UK market
Arrival of US-based insurer Coalition in London will supposedly offer SMEs more options when it comes to cyber security insurance
-
September 15, 2022
15
Sep'22
Organisations failing to account for digital trust
The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds
-
September 15, 2022
15
Sep'22
US charges three Iranians over CNI cyber attacks
Three Iranian nationals have been indicted over a spate of ransomware attacks against organisations in the US, UK, Israel and Iran
-
September 14, 2022
14
Sep'22
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data
-
September 14, 2022
14
Sep'22
Ex-CISA head Krebs: Disrupt ransomware support networks to win the war
Speaking at an event hosted by data protection specialist Rubrik, former CISA director Chris Krebs calls for the security community to work collectively to kick out the supports from under ransomware gangs
-
September 14, 2022
14
Sep'22
NCSC warns public of potential Queen-related phishing attacks
The National Cyber Security Centre is urging users to be on guard against phishing attacks during the period of national mourning for the Queen