News
Security policy and user awareness
-
August 27, 2021
27
Aug'21
Are proposed data protection changes a threat to UK citizens’ privacy?
Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth
-
August 26, 2021
26
Aug'21
Tech giants commit to Biden's cyber security action plan
Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden
-
August 26, 2021
26
Aug'21
NZ privacy lead John Edwards named new information commissioner
DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner
-
August 25, 2021
25
Aug'21
Calling the cops for ransomware attacks doesn’t help, say cyber pros
A new study for the #Ransomaware campaign reveals some insight into why so few victims report ransomware attacks
-
August 25, 2021
25
Aug'21
UK loses £1.3bn to fraud and cyber crime so far this year
New figures from the National Fraud Intelligence Bureau show a threefold spike in reported financial losses to fraud and cyber crime in the first six months of 2021
-
August 24, 2021
24
Aug'21
Half of MS Exchange servers at risk in ProxyShell debacle
Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited
-
August 24, 2021
24
Aug'21
More data breaches in Australia arising from ransomware
The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, according to OAIC’s latest data breach report
-
August 19, 2021
19
Aug'21
Pub apps harvesting swathes of customer data unnecessarily
Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners
-
August 19, 2021
19
Aug'21
IT leaders fear ‘trickle-down’ of nation-state cyber attacks
Three-quarters of IT decision-makers are concerned that the tactics, techniques and procedures used by nation-state attackers could be used against them
-
August 13, 2021
13
Aug'21
Cyber Runway programme supports new security businesses
The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses
-
August 13, 2021
13
Aug'21
Hospitals see cyber security investment as a low priority
Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority
-
August 12, 2021
12
Aug'21
ICO consults on new international data transfer agreement
Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers
-
August 11, 2021
11
Aug'21
The Netherlands still lacks digital resilience, says report
Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient
-
August 10, 2021
10
Aug'21
Third of finance firms accelerate use of artificial intelligence to detect money laundering
Financial services firms are stepping up their use of artificial intelligence and machine learning technology to fight increasing money laundering activity
-
August 06, 2021
06
Aug'21
Apple unveils plans to scan US iPhones for child sex abuse images
Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content
-
August 04, 2021
04
Aug'21
Initial access brokers unaffected by ransomware content bans
Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021
-
August 03, 2021
03
Aug'21
UK MoD turns to hackers to help secure digital assets
Hackers given direct access to internal Ministry of Defence systems to identify and report security vulnerabilities
-
August 03, 2021
03
Aug'21
Ransomware attacks increase dramatically during 2021
Dramatic increase in ransomware attacks globally during first half of 2021 driven by triple extortion technique, and is only set to expand further
-
July 29, 2021
29
Jul'21
Technical hiccups force Babuk ransomware gang to change tactics
The Babuk ransomware operation backed away from encrypting its victims’ files, and technical difficulties may be to blame, reports McAfee
-
July 28, 2021
28
Jul'21
Almost half unaware of GP data-sharing plans
Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign
-
July 28, 2021
28
Jul'21
COP26 cyber resource hub launched for Glasgow businesses
New digital information hub for Glasgow business to help organisations keep secure both physically and online ahead of major climate change summit
-
July 27, 2021
27
Jul'21
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower
The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank
-
July 26, 2021
26
Jul'21
Malicious actors turn to obscure programming languages
Using new, lesser-known or otherwise uncommon programming languages to code new malwares can help skirt cyber defences
-
July 26, 2021
26
Jul'21
No More Ransom initiative saves £850m over five years
Initiative’s free ransomware decryption tools have been used by more than six million people since 2016
-
July 25, 2021
25
Jul'21
Tokyo 2020 hit by data breach
The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large
-
July 22, 2021
22
Jul'21
Respect in Security challenges abuse and harassment in cyber
With around a third of cyber pros saying they have personally experienced harassment at work or online, a new initiative is urging organisations to pledge their support to help free the community from the scourge of abuse. We met its founders
-
July 21, 2021
21
Jul'21
France’s Macron among alleged Pegasus targets
Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware
-
July 20, 2021
20
Jul'21
NCSC’s Cameron urges deeper cyber alliance-building
Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration
-
July 20, 2021
20
Jul'21
NHS Digital tightens rules for GPDPR data scrape
The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital
-
July 19, 2021
19
Jul'21
UK, US confirm Chinese state backed MS Exchange Server attacks
UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors
-
July 19, 2021
19
Jul'21
Pegasus mobile RAT abused to monitor journalists and activists
Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes
-
July 16, 2021
16
Jul'21
Legacy SonicWall kit exploited in ransom campaign
Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign
-
July 15, 2021
15
Jul'21
Lawyers take EncroChat hacking operation to French supreme court
Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law
-
July 15, 2021
15
Jul'21
Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield
-
July 15, 2021
15
Jul'21
Singapore to invest S$50m in ‘digital trust’ capabilities
The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management
-
July 14, 2021
14
Jul'21
REvil ransomware crew drops offline, reasons murky
The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated
-
July 14, 2021
14
Jul'21
Multiple Microsoft bugs being actively exploited
Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited
-
July 13, 2021
13
Jul'21
Regional cyber clusters score £700k of funding
DCMS has awarded £700,000 of funding to a network of 20 regional cyber clusters
-
July 13, 2021
13
Jul'21
Modipwn vulnerability puts millions of building systems at risk
Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover
-
July 13, 2021
13
Jul'21
UK Cyber Security Council calls for new push on training
Too many companies have cut back on security training and development during the pandemic, says UK Cyber Security Council
-
July 13, 2021
13
Jul'21
Met Police seize £180m worth of Bitcoin
The largest ever seizure of cryptocurrency in the UK comes just weeks after a previous multi-million pound confiscation, as law enforcement clamps down on money laundering
-
July 12, 2021
12
Jul'21
Kaseya VSA services coming online after week-long outage
Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online
-
July 09, 2021
09
Jul'21
Ransomware gangs seek people skills for negotiations
The process of negotiating a ransomware payment is delicate, hence cyber criminal organisations are prepared to offer good terms to those with the right skillsets
-
July 08, 2021
08
Jul'21
Kaseya apologises for extended downtime after ransom attack
CEO of Kaseya apologises after pushing back the restoration of the firm’s VSA service following a REvil ransomware attack
-
July 08, 2021
08
Jul'21
PrintNightmare haunts Microsoft as patch may miss mark
Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied
-
July 07, 2021
07
Jul'21
ICO to probe Hancock over private email use
Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business
-
July 07, 2021
07
Jul'21
How the UK Cyber Security Council plans to professionalise security
As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is
-
July 06, 2021
06
Jul'21
About 60 Kaseya customers hit by REvil
Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend
-
July 06, 2021
06
Jul'21
Cyber insurance costs up by a third
The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance
-
July 05, 2021
05
Jul'21
REvil crew wants $70m in Kaseya ransomware heist
Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo