News

Security policy and user awareness

October 21, 2019 21 Oct'19
Equifax lawsuit offers more evidence against passwords

Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords
October 21, 2019 21 Oct'19
Trend Micro buys cloud security firm to broaden offering

Acquisition of Cloud Conformity will address often overlooked cloud security fundamentals
October 21, 2019 21 Oct'19
Sodinokibi emerging as a diverse, multi-vector threat to businesses

McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots
October 18, 2019 18 Oct'19
Huge rise in rogue banking apps driving fraud attacks

Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA

October 17, 2019 17 Oct'19
NHSX could transform NHS security capabilities

The health sector is increasingly confident that NHSX can deliver a streamlined, effective cyber security policy for the health service
October 16, 2019 16 Oct'19
Pitney Bowes ‘considering options’ after malware attack

Mailing and shipping services firm in recovery mode after key systems were encrypted by a malware attack
October 15, 2019 15 Oct'19
Attackers hunt iPhone jailbreakers in click fraud campaign

Research by Cisco’s Talos threat intel unit has identified a new click fraud campaign targeting people looking to jailbreak their iPhone devices
October 03, 2019 03 Oct'19
Local authorities hit by 800 cyber attacks every hour

Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year
October 03, 2019 03 Oct'19
New threat group behind Airbus cyber attacks, claim researchers

Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore
September 27, 2019 27 Sep'19
Nodersok malware campaign is infecting thousands, Microsoft warns

Thousands of Windows endpoints in the US and Europe have been infected by a new fileless malware campaign in the past few weeks

September 27, 2019 27 Sep'19
Five million DoorDash customers’ details lost in data breach

Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen
September 27, 2019 27 Sep'19
GDPR compliance: Whose job is it and is it really possible?

Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to
September 24, 2019 24 Sep'19
Enterprises exposed to data loss by cloud configuration errors

Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee
September 24, 2019 24 Sep'19
Google pushes back on scale of YouTube phishing threat

Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure
September 18, 2019 18 Sep'19
Universities tempting targets for cyber criminals, warns NCSC

As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack
September 18, 2019 18 Sep'19
WannaCry variants accidentally protecting against WannaCry

New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection
September 18, 2019 18 Sep'19
Emotet phishing botnet returns from summer vacation

The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers
September 17, 2019 17 Sep'19
Ecuador citizens’ data breach holds lessons for enterprises

What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?
September 16, 2019 16 Sep'19
Ensign InfoSecurity opens global headquarters in Singapore

The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence
September 13, 2019 13 Sep'19
European court to decide on legality of bulk phone and internet surveillance

The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week
September 11, 2019 11 Sep'19
Nordic countries deepen collaboration with Estonia-based cyber security operation

Nordic countries are now working closer with Nato’s Estonia-based centre of excellence in cyber security
September 11, 2019 11 Sep'19
GDPR non-compliance worse than feared

Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts
September 10, 2019 10 Sep'19
UK calls for cyber capacity-building at UN security group

The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security
September 09, 2019 09 Sep'19
Social engineering a factor in virtually all cyber attacks, report claims

Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint
September 06, 2019 06 Sep'19
Australia government to chart 2020 cyber security strategy

Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint
September 05, 2019 05 Sep'19
Singapore’s SecureAge eyes US market

The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan
September 02, 2019 02 Sep'19
CISOs turn to AI, detection, response and education

Information security leaders are looking to artificial intelligence, better detection and response capabilities and user education in the face of cyber threats, but need more budget, a study shows
August 30, 2019 30 Aug'19
Social media and enterprise apps pose big security risks

The lack of security policies in many business applications is putting enterprise data at risk and social media apps are the biggest source of malware, a poll of IT professionals reveals
August 29, 2019 29 Aug'19
Finland’s security agencies collaborate after cyber attacks

National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure
August 28, 2019 28 Aug'19
Targeted cyber attacks, including ransomware, on the rise

Governments and healthcare institutions are prime targets of ransomware operators, a report shows
August 28, 2019 28 Aug'19
Most UK firms ignore security in tech investments

Less than a quarter of UK firms prioritise security when investing in new technology, despite the threat of cyber attacks and data protection regulations, a survey reveals
August 23, 2019 23 Aug'19
Kaspersky eyes enterprise business, opens APAC transparency hub

The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials
August 21, 2019 21 Aug'19
Box aims to shield businesses from data loss threat

Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders
August 20, 2019 20 Aug'19
Malware still top security threat, say infosec pros

Malware remains the top security threat to organisations, with ransomware still considered to be the top malware threat and lack of budget the biggest obstacle to defence, a study shows
August 15, 2019 15 Aug'19
Australia needs to get digital identity right

A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime
August 15, 2019 15 Aug'19
Most UK financial firms hit by cyber attack in the past year

The majority of UK financial companies are failing to prevent cyber security incidents, mainly because of employees failing to follow security policies and a lack of security budget, a survey reveals
August 14, 2019 14 Aug'19
DCMS funding aims to increase diversity in cyber sector

A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector
August 14, 2019 14 Aug'19
Digital domain identified as major security threat by Norway’s intelligence service

Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks
July 30, 2019 30 Jul'19
Australian firms grappling with “train-smash” of security legislation

While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators
July 26, 2019 26 Jul'19
86 million reasons to support No More Ransom

Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world
July 25, 2019 25 Jul'19
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated
July 24, 2019 24 Jul'19
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine

Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission
July 19, 2019 19 Jul'19
HID weighs in the glacial move towards digital ID

There are still concerns over data integrity, security and privacy of digital identities, but the convenience of the technology outweighs the risks, says a HID expert
July 18, 2019 18 Jul'19
UK poor cyber security practice undermining controls

UK firms investing in the latest cyber security products and services risk this being undermined by poor security practices, a survey reveals
July 18, 2019 18 Jul'19
Lateral phishing used to attack organisations on global scale

Lateral phishing is a growing type of account takeover that has enabled attackers to target more than 100,000 people by hijacking just 154 email accounts
July 16, 2019 16 Jul'19
Digital safety skills initiative launched against cyber crime

Security industry partners have launched an initiative aimed at raising individuals’ digital safety skills to enable them to protect themselves and their families from most common cyber attacks
July 15, 2019 15 Jul'19
Organisations turn to AI in race against cyber attackers

Businesses are racing to automate their defences as hackers and nation states launch increasingly sophisticated cyber attacks
July 15, 2019 15 Jul'19
UK boards ignoring £30bn cyber risk

Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds
July 01, 2019 01 Jul'19
Symantec gearing up for future cyber security

Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson
June 28, 2019 28 Jun'19
TIN coalition calls for industry action against cyber fraud

An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud