News

Web application security

• June 05, 2020 05 Jun'20

  Police chiefs working with Public Health England on contact-tracing security

  Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme

• June 04, 2020 04 Jun'20

  Small businesses failing on remote worker protection

  Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up

• June 04, 2020 04 Jun'20

  Black Lives Matter activists targeted by cyber attacks

  Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide

• June 04, 2020 04 Jun'20

  The Security Interviews: How the BSI protects the IoT from itself

  David Mudd of the BSI reveals how a pragmatic and realistic approach to security vulnerabilities underpins its internet of things kitemark, helping give users the confidence to buy smart devices safely

• June 04, 2020 04 Jun'20

  Coronavirus: Cyber criminals target laid-off workers

  Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic

• June 01, 2020 01 Jun'20

  Privacy campaigners call for radical changes to contact-tracing app

  Liberty, Privacy International and the Open Rights Group join calls for the government to either put in place better data protection policies or abandon its Covid-19 contact-tracing app altogether

• May 29, 2020 29 May'20

  Test and Trace has not passed data protection impact assessment

  Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme

• May 29, 2020 29 May'20

  How Sega Europe slashed incident response times using cloud SIEM

  Gaming company’s SOC radically improves its operational efficiency with Sumo Logic’s cloud SIEM service

• May 28, 2020 28 May'20

  Public Health England to keep contact-tracing data for 20 years

  PHE will retain the data it collects via the NHS Test and Trace programme for 20 years

• May 27, 2020 27 May'20

  Enterprise clouds hammered by cyber attacks during pandemic

  Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee

• May 27, 2020 27 May'20

  Fears contact-tracing app will open the floodgates for cyber criminals

  Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government

• May 26, 2020 26 May'20

  Android security vulnerabilities differ by country, say researchers

  Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack

• May 22, 2020 22 May'20

  Hancock to Harman: No contact-tracing privacy law

  Health secretary claims existing data protection law is good enough to guarantee the security of contact-tracing data

• May 20, 2020 20 May'20

  NCSC discloses multiple vulnerabilities in contact-tracing app

  National Cyber Security Centre has received mountains of feedback on the security of the government’s Covid-19 contact-tracing app, and has now taken the step of making multiple disclosures

• May 20, 2020 20 May'20

  Serco exposes contact tracers’ data in email error

  Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  Doubts mount over effectiveness of UK contact-tracing app

  Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  GitLab makes foray into Southeast Asia

  GitLab expands in Southeast Asia with a Singapore presence to shore up its growing footprint across the Asia-Pacific region

• May 14, 2020 14 May'20

  Harman seeks to bring private member’s bill over contact tracing

  Chair of Human Rights Committee aims to put the proposed Contact Tracing (Data Protection) Bill 2020 before parliament as a private member’s bill if necessary

• May 14, 2020 14 May'20

  Venafi buys cloud protection service Jetstack

  Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems

• May 14, 2020 14 May'20

  UK’s contact-tracing app targeted by scammers

  Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Microsoft fixes 16 critical vulnerabilities on Patch Tuesday

  The trend towards mammoth Patch Tuesdays continues as Microsoft fixes 111 vulnerabilities

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 07, 2020 07 May'20

  Zoom buys secure messaging service Keybase

  Unified comms platform Zoom says the acquisition of Keybase will finally let it bring end-to-end encryption to the table

• May 07, 2020 07 May'20

  Contact-tracing app fails to protect privacy and human rights

  Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee

• May 07, 2020 07 May'20

  Next round of Zoom updates targets consumer security

  Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend

• May 04, 2020 04 May'20

  Xen Orchestra latest victim of Salt cryptojackers

  More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• April 30, 2020 30 Apr'20

  Critical SaltStack vulnerability affects thousands of datacentres

  Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away

• April 30, 2020 30 Apr'20

  Mobile banking customers at risk from new EventBot trojan

  Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan

• April 28, 2020 28 Apr'20

  Under the spotlight, video apps rush to strengthen security

  Most popular videoconferencing applications now meet Mozilla’s minimum security standards, with fierce competition and public pressure driving rapid improvement

• April 28, 2020 28 Apr'20

  Almost half of security pros being redeployed during pandemic

  Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic

• April 28, 2020 28 Apr'20

  Black Rose Lucy ransomware now posing as FBI porn warning

  A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point

• April 27, 2020 27 Apr'20

  Microsoft patches .gif file vulnerability in Teams

  Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts

• April 24, 2020 24 Apr'20

  The Security Interviews: Can AV go from dodgy scareware to cyber hero?

  Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

• April 23, 2020 23 Apr'20

  iOS zero-day leaves iPhone users dangerously exposed

  Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices

• April 23, 2020 23 Apr'20

  Zoom to roll out fresh cyber security updates

  New features include support for advanced AES 256-bit encryption

• April 22, 2020 22 Apr'20

  Coronavirus: Cyber criminals may be changing tactics

  Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition

• April 20, 2020 20 Apr'20

  NCSC launches coronavirus cyber security campaign

  The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic

• April 20, 2020 20 Apr'20

  Zoom and WebEx users targeted by credential stealing attempts

  Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 17, 2020 17 Apr'20

  EU warns no compromise on privacy as NHS clashes with tech firms on contact tracing

  EU and UK regulators express data privacy concerns days after Silicon Valley giants announce collaboration on contact-tracing apps to prevent the spread of the Covid-19 coronavirus

• April 15, 2020 15 Apr'20

  Coronavirus: Standard Chartered bans employees from Zoom

  Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom

• April 15, 2020 15 Apr'20

  Coronavirus: Researcher finds security vulnerability in Slack

  Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher

• April 15, 2020 15 Apr'20

  Microsoft patches 19 critical bugs in another heavy Patch Tuesday

  The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday

• April 14, 2020 14 Apr'20

  Coronavirus: Zoom user credentials for sale on dark web

  IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web

• April 10, 2020 10 Apr'20

  Coronavirus: Warning over surge in Zoom security incidents

  Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools

• April 09, 2020 09 Apr'20

  Coronavirus: Zoom restricted or banned at multiple organisations

  Use of videoconferencing tool has been banned at Google and in parts of the German and US governments