News
Web application security
-
June 04, 2020
04
Jun'20
Small businesses failing on remote worker protection
Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up
-
June 04, 2020
04
Jun'20
Black Lives Matter activists targeted by cyber attacks
Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide
-
June 04, 2020
04
Jun'20
The Security Interviews: How the BSI protects the IoT from itself
David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely
-
June 04, 2020
04
Jun'20
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic
-
June 01, 2020
01
Jun'20
Privacy campaigners call for radical changes to contact-tracing app
Liberty, Privacy International and the Open Rights Group join calls for the government to either put in place better data protection policies or abandon its Covid-19 contact-tracing app altogether
-
May 29, 2020
29
May'20
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme
-
May 29, 2020
29
May'20
How Sega Europe slashed incident response times using cloud SIEM
Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service
-
May 28, 2020
28
May'20
Public Health England to keep contact-tracing data for 20 years
PHE will retain the data it collects via the NHS Test and Trace programme for 20 years
-
May 27, 2020
27
May'20
Enterprise clouds hammered by cyber attacks during pandemic
Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee
-
May 27, 2020
27
May'20
Fears contact-tracing app will open the floodgates for cyber criminals
Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government
-
May 26, 2020
26
May'20
Android security vulnerabilities differ by country, say researchers
Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack
-
May 22, 2020
22
May'20
Hancock to Harman: No contact-tracing privacy law
Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data
-
May 20, 2020
20
May'20
NCSC discloses multiple vulnerabilities in contact-tracing app
National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures
-
May 20, 2020
20
May'20
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message
-
May 19, 2020
19
May'20
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales
-
May 19, 2020
19
May'20
Doubts mount over effectiveness of UK contact-tracing app
Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app
-
May 19, 2020
19
May'20
GitLab makes foray into Southeast Asia
GitLab expands in Southeast Asia with a Singapore presence to shore up its growing footprint across the Asia-Pacific region
-
May 14, 2020
14
May'20
Harman seeks to bring private member’s bill over contact tracing
Chair of Human Rights Committee aims to put the proposed Contact Tracing (Data Protection) Bill 2020 before parliament as a private member’s bill if necessary
-
May 14, 2020
14
May'20
Venafi buys cloud protection service Jetstack
Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems
-
May 14, 2020
14
May'20
UK’s contact-tracing app targeted by scammers
Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals
-
May 13, 2020
13
May'20
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport
-
May 13, 2020
13
May'20
Microsoft fixes 16 critical vulnerabilities on Patch Tuesday
The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities
-
May 12, 2020
12
May'20
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app
-
May 07, 2020
07
May'20
Zoom buys secure messaging service Keybase
Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table
-
May 07, 2020
07
May'20
Contact-tracing app fails to protect privacy and human rights
Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee
-
May 07, 2020
07
May'20
Next round of Zoom updates targets consumer security
Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend
-
May 04, 2020
04
May'20
Xen Orchestra latest victim of Salt cryptojackers
More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward
-
May 04, 2020
04
May'20
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability
-
May 04, 2020
04
May'20
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study
-
April 30, 2020
30
Apr'20
Critical SaltStack vulnerability affects thousands of datacentres
Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away
-
April 30, 2020
30
Apr'20
Mobile banking customers at risk from new EventBot trojan
Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan
-
April 28, 2020
28
Apr'20
Under the spotlight, video apps rush to strengthen security
Most popular videoconferencing applications now meet Mozilla’s minimum security standards, with fierce competition and public pressure driving rapid improvement
-
April 28, 2020
28
Apr'20
Almost half of security pros being redeployed during pandemic
Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic
-
April 28, 2020
28
Apr'20
Black Rose Lucy ransomware now posing as FBI porn warning
A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point
-
April 27, 2020
27
Apr'20
Microsoft patches .gif file vulnerability in Teams
Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts
-
April 24, 2020
24
Apr'20
The Security Interviews: Can AV go from dodgy scareware to cyber hero?
Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing
-
April 23, 2020
23
Apr'20
iOS zero-day leaves iPhone users dangerously exposed
Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices
-
April 23, 2020
23
Apr'20
Zoom to roll out fresh cyber security updates
New features include support for advanced AES 256-bit encryption
-
April 22, 2020
22
Apr'20
Coronavirus: Cyber criminals may be changing tactics
Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition
-
April 20, 2020
20
Apr'20
NCSC launches coronavirus cyber security campaign
The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic
-
April 20, 2020
20
Apr'20
Zoom and WebEx users targeted by credential stealing attempts
Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data
-
April 20, 2020
20
Apr'20
Dutch organisations address business email compromise fraud
Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks
-
April 17, 2020
17
Apr'20
EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing
EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus
-
April 15, 2020
15
Apr'20
Coronavirus: Standard Chartered bans employees from Zoom
Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom
-
April 15, 2020
15
Apr'20
Coronavirus: Researcher finds security vulnerability in Slack
Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher
-
April 15, 2020
15
Apr'20
Microsoft patches 19 critical bugs in another heavy Patch Tuesday
The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday
-
April 14, 2020
14
Apr'20
Coronavirus: Zoom user credentials for sale on dark web
IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web
-
April 10, 2020
10
Apr'20
Coronavirus: Warning over surge in Zoom security incidents
Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools
-
April 09, 2020
09
Apr'20
Coronavirus: Zoom restricted or banned at multiple organisations
Use of videoconferencing tool has been banned at Google and in parts of the German and US governments
-
April 08, 2020
08
Apr'20
Despite coronavirus, overall cyber crime volumes hold steady
The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being