News
Web application security
-
July 31, 2020
31
Jul'20
Labour Party is latest victim of Blackbaud ransomware attack
Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour
-
July 29, 2020
29
Jul'20
Majority of organisations at risk of cloud data exposure
Report casts doubt on the effectiveness of the shared responsibility model of cloud security
-
July 29, 2020
29
Jul'20
Cosmetics firm Avon faces new cyber security incident
Technical information relating to Avon’s web and mobile sites was inadvertently left exposed on an unsecured Microsoft Azure server
-
July 28, 2020
28
Jul'20
Garmin may have paid hackers ransom, reports suggest
Garmin’s services are coming back online, but the company remains tight-lipped about what exactly happened to it
-
July 28, 2020
28
Jul'20
NCSC inducts six security startups to Cyber Accelerator
10-week programme will guide some of the UK’s most innovative security startups as they scale their businesses for future growth
-
July 22, 2020
22
Jul'20
No let-up in cyber attacks as lockdown eases
Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors
-
July 20, 2020
20
Jul'20
Businesses underestimate negative impact of bot traffic
Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact
-
July 17, 2020
17
Jul'20
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come
-
July 16, 2020
16
Jul'20
Cryptocurrency scammers attack Twitter in insider breach
Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam
-
July 16, 2020
16
Jul'20
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic
-
July 15, 2020
15
Jul'20
Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update
The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update
-
July 14, 2020
14
Jul'20
Recon vulnerability puts thousands of SAP customers at risk
Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems
-
July 14, 2020
14
Jul'20
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country
-
July 13, 2020
13
Jul'20
Zoom zero-day a reminder to stop using Windows 7
Researchers have disclosed a newly discovered zero-day vulnerability to videoconferencing service Zoom, which only affects users of Windows 7 systems
-
July 09, 2020
09
Jul'20
HSBC customers targeted in new smishing scam
SMS phishing scam is targeting HSBC customers in the UK to trick them into handing over their bank account details
-
July 09, 2020
09
Jul'20
More Joker malware apps chucked off Google Play Store
Infamous Joker billing fraud malware continues to sneak past Google’s security controls
-
July 09, 2020
09
Jul'20
Pubs and restaurants failing on cyber fraud protection
Virtually all of the UK’s most popular restaurant and pub brands are failing to proactively block fraudulent emails from reaching their targets
-
July 08, 2020
08
Jul'20
Over 15 billion credentials for sale on dark web
Research by Digital Shadows reveals the scale of the security threat facing consumers as it uncovers 15 billion usernames and passwords stolen in more than 100,000 different data breaches
-
July 08, 2020
08
Jul'20
Security funding soars despite Covid-19 slump, but problems lie ahead
The overall cyber security funding ecosystem in the UK is healthier than ever despite Covid-19, but the figures mask stark and concerning disparities in where the money is going
-
July 07, 2020
07
Jul'20
Cyber4Summer scheme to divert young people from cyber crime
Cyber4Summer platform will offer 100 different tracks covering a range of security skills to divert them from falling into a life of cyber crime
-
July 06, 2020
06
Jul'20
Lorca scale-ups bring diverse security to the fore
London Office for Rapid Cybersecurity Advancement announces the cyber security scale-ups that will make up its fifth cohort
-
July 06, 2020
06
Jul'20
North Korea behind spate of Magecart attacks
The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec
-
July 02, 2020
02
Jul'20
Locked-down teens flock to NCSC CyberFirst training scheme
A record number of 14 to 17-year-olds have signed up to the National Cyber Security Centre’s CyberFirst summer school
-
July 01, 2020
01
Jul'20
UK’s unsung cyber security heroes sought
Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards
-
July 01, 2020
01
Jul'20
Zoom making progress on cyber security and privacy, says CEO
Three months after being hit by a spate of security incidents, Zoom’s CEO, Eric Yuan, has been discussing progress towards a more secure product
-
July 01, 2020
01
Jul'20
Remote workers more aware of security, but still flout the rules
Almost three-quarters of remote workers reckon they have gained in cyber security awareness during lockdown, but don’t seem to be especially bothered about keeping themselves safe
-
July 01, 2020
01
Jul'20
Mysterious EvilQuest macOS ransomware spreads through torrents
A new strain of ransomware, dubbed EvilQuest, is threatening Apple Mac environments, and seems to behave quite oddly
-
July 01, 2020
01
Jul'20
FakeSpy Android malware targets Royal Mail app users
The FakeSpy malware was first identified in October 2017 but is now significantly more powerful and dangerous
-
June 25, 2020
25
Jun'20
Pub ‘check-in’ apps provoke fresh privacy concerns
With pubs and restaurants required to collect customer data for contact tracing when they reopen, data privacy risks will be heightened
-
June 23, 2020
23
Jun'20
Neurodiversity on the rise among career hackers
More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd
-
June 23, 2020
23
Jun'20
Flash-based MacOS malware hides in plain sight
By masquerading as a legitimate Adobe web application, the new malware strains can trick Mac users into bypassing their on-board defences
-
June 19, 2020
19
Jun'20
Australian prime minister confirms country is suffering repeated nation-state cyber attacks
Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors
-
June 18, 2020
18
Jun'20
Cisco patches dangerous Webex vulnerability
CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service
-
June 18, 2020
18
Jun'20
Check Point uncovers targeted Microsoft Office 365 phishing campaign
Organised criminal campaign exploited Adobe, Oxford University and Samsung web domains to trick users into giving up their passwords
-
June 18, 2020
18
Jun'20
Zoom U-turns on end-to-end encryption
Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users
-
June 17, 2020
17
Jun'20
Coronavirus: 50% of security pros had no pandemic contingency plan
A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic
-
June 16, 2020
16
Jun'20
Activists call on Zoom to implement encryption for all
A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users
-
June 15, 2020
15
Jun'20
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March
-
June 14, 2020
14
Jun'20
Coronavirus: Enterprise VPN adoption in India set to rise
Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData
-
June 12, 2020
12
Jun'20
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed
-
June 12, 2020
12
Jun'20
Fake contact-tracing apps delivering banking trojans
Spoof government coronavirus apps are popping up all over the world, says the Anomali Threat Research team
-
June 12, 2020
12
Jun'20
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors
-
June 12, 2020
12
Jun'20
Twitter kills thousands of misinformation accounts
The accounts were linked to the governments of China, Russia and Turkey, and engaged in systematic operations against pro-democracy activists, political opponents and dissidents
-
June 10, 2020
10
Jun'20
Government to fund nine advanced security projects
Nine academic projects have been selected to receive a share of a £10m funding pot as they develop advanced cyber security solutions using prototype chipsets
-
June 10, 2020
10
Jun'20
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks
-
June 10, 2020
10
Jun'20
Unsecured Elasticsearch server breached in eight hours flat
Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot
-
June 10, 2020
10
Jun'20
Virtual GP practice accidentally exposes patient video calls
A small number of users of Babylon’s GP at Hand service were briefly able to view other patients’ video GP consultations thanks to a bug in a new software feature
-
June 09, 2020
09
Jun'20
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data
-
June 08, 2020
08
Jun'20
What it takes to get DevSecOps right
DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024, but getting it right will require change management, a collaborative mindset and the right automation tools
-
June 05, 2020
05
Jun'20
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme