Data breach incident management and recovery
-
News
20 Jun 2025
Cyber Essentials certifications rising slowly but steadily
The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme. Continue Reading
-
News
20 Jun 2025
M&S, Co-op attacks a ‘Category 2 cyber hurricane’, say UK experts
The UK’s Cyber Monitoring Centre has published its first in-depth assessment of a major incident, reflecting on the impact of and lessons learned from Scattered Spider attacks on M&S and Co-op Continue Reading
-
Feature
21 Jul 2021
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
News
21 Jul 2021
France’s Macron among alleged Pegasus targets
Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware Continue Reading
-
News
20 Jul 2021
NCSC’s Cameron urges deeper cyber alliance-building
Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration Continue Reading
-
Opinion
20 Jul 2021
The Secret IR Insider’s Diary: It’s all gone quie...
The ‘Q’ word isn’t one that’s really used in incident response, says the Secret IR Insider, largely because as soon as you use it, something happens Continue Reading
-
News
19 Jul 2021
UK, US confirm Chinese state backed MS Exchange Server attacks
UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors Continue Reading
-
E-Zine
15 Jul 2021
CW APAC: Trend Watch on supply chain security
In this handbook, Computer Weekly looks at the rise of supply chain attacks, the challenges that come with zero trust security and attacks on the Covid-19 vaccine supply chain Continue Reading
-
News
15 Jul 2021
Singapore to invest S$50m in ‘digital trust’ capabilities
The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management Continue Reading
-
News
14 Jul 2021
REvil ransomware crew drops offline, reasons murky
The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated Continue Reading
-
News
13 Jul 2021
Secureworks sets up in EU datacentre for XDR services
New datacentre location helps Secureworks’ customers meet EU data residency requirements Continue Reading
-
News
12 Jul 2021
Kaseya VSA services coming online after week-long outage
Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online Continue Reading
-
News
11 Jul 2021
Ransomware and botnets among top cyber threats in Singapore
The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic Continue Reading
-
Opinion
09 Jul 2021
Professionals need protection from the Computer Misuse Act
The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act Continue Reading
-
News
09 Jul 2021
Ransomware gangs seek people skills for negotiations
The process of negotiating a ransomware payment is delicate, hence cyber criminal organisations are prepared to offer good terms to those with the right skillsets Continue Reading
-
News
08 Jul 2021
Kaseya apologises for extended downtime after ransom attack
CEO of Kaseya apologises after pushing back the restoration of the firm’s VSA service following a REvil ransomware attack Continue Reading
-
News
07 Jul 2021
How the UK Cyber Security Council plans to professionalise security
As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is Continue Reading
-
News
07 Jul 2021
Opportunists seen targeting Kaseya REvil victims
Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident Continue Reading
-
News
06 Jul 2021
About 60 Kaseya customers hit by REvil
Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend Continue Reading
-
News
06 Jul 2021
Klarna under investigation by Swedish finance watchdog
Swedish fintech is being investigated by financial services regulator after customer information was visible to others Continue Reading
-
News
06 Jul 2021
Cyber insurance costs up by a third
The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance Continue Reading
-
News
06 Jul 2021
BA reaches settlement in data breach group action
A group action against BA following its 2018 data breach has been successfully settled Continue Reading
-
News
05 Jul 2021
REvil crew wants $70m in Kaseya ransomware heist
Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo Continue Reading
-
News
02 Jul 2021
Should I be worried about PrintNightmare?
The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be? Continue Reading
-
News
02 Jul 2021
Cyber attackers up the ante on embattled IT teams
Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading
-
News
01 Jul 2021
NCSC joins US authorities to expose Russian brute force campaign
A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments Continue Reading
-
News
01 Jul 2021
Cyber espionage campaign targeted central Asian states
The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT Continue Reading
-
News
01 Jul 2021
Nominations open for 2021 Security Serious Unsung Heroes Awards
Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading
-
News
30 Jun 2021
REvil affiliates offer hefty ransom discounts, data reveals
REvil or Sodinokibi ransomware activity is higher than ever, but its success appears to be relative, with some affiliates prepared to dramatically cut their prices Continue Reading
-
News
30 Jun 2021
LinkedIn denies exposure of 700 million user records is a data breach
Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a security breach Continue Reading
-
News
30 Jun 2021
Cops seize criminal VPN used by ransomware gangs
A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading
-
Opinion
30 Jun 2021
Ethical hacking: What, why, and overcoming concerns
We find out why and how hitting your own business with a cyber attack can help improve security Continue Reading
-
News
29 Jun 2021
New Nobelium attacks a reminder to attend to cyber basics
A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated Continue Reading
-
News
29 Jun 2021
UK Cyber Security Council launches inaugural initiatives
Security association seeks to determine terms of reference for committees to oversee standards and ethics, and qualifications and careers in the cyber sector Continue Reading
-
News
29 Jun 2021
EU recognises UK data protection adequacy but warns against divergence
The European Commission has granted the UK data adequacy, allowing data sharing between the EU and the UK, but warns it may yet be revoked Continue Reading
-
Opinion
29 Jun 2021
Banking tech fraud: How to trace and recover your money
Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost Continue Reading
-
News
29 Jun 2021
Video game industry under relentless cyber attacks
Web application attacks against the global video game industry grew by 340% in 2020 as more people turn to gaming during pandemic lockdowns Continue Reading
-
News
28 Jun 2021
Insurers unprepared for challenges of underwriting ransomware
RUSI think tank calls for an industry-wide reset amid intense challenges for providers of cyber security insurance Continue Reading
-
Opinion
28 Jun 2021
How CIOs can help their organisations accelerate digital transformation
Companies need to win the trust of their customers to gather the data they need to transform their businesses Continue Reading
-
News
28 Jun 2021
Lazada rolls out public bug bounty programme
Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty Continue Reading
-
News
25 Jun 2021
NCSC CEO: UK-Ireland collaboration crucial to stop cyber threats
Speaking at a conference in Dublin, NCSC Lindy Cameron is highlighting the importance of continued collaboration between the UK and Ireland to protect shared interests and counter security threats Continue Reading
-
News
25 Jun 2021
Anglesey schools offline after cyber attack
Isle of Anglesey County Council is investigating a cyber attack that has forced it to shut down systems at all five secondary schools on the island Continue Reading
-
News
24 Jun 2021
Revealed: Crypto platform’s role in Cl0p ransomware raid
Crypto infrastructure provider Binance provided assistance to law enforcement after finding its exchange was being used by cyber criminals to launder their ransomware profits Continue Reading
-
News
24 Jun 2021
Make ransomware payments illegal, say 79% of cyber pros
Report produced for MSSP Talion claims overwhelming support for the criminalisation of ransomware payments Continue Reading
-
News
23 Jun 2021
City of York picks Barracuda Networks for data protection
York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365 Continue Reading
-
News
23 Jun 2021
European Union to set up new cyber response unit
Proposed Joint Cyber Unit will tackle a rising number of serious incidents impacting public services, businesses and citizens of the EU Continue Reading
-
News
23 Jun 2021
Time to patch increases significantly during pandemic
New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security Continue Reading
-
News
23 Jun 2021
UK councils reported over 700 data breaches to ICO in 2020
Data disclosed under the Freedom of Information Act reveals an estimated 700 data breaches were reported to the Information Commissioner’s Office by local councils last year Continue Reading
-
News
23 Jun 2021
Openness can protect Dutch companies against ransomware
Dutch businesses that suffer ransomware attacks need to be more open about it, if this growing problem is to be brought under control Continue Reading
-
News
22 Jun 2021
SonicWall sees 226.3 million ransomware attack attempts this year
SonicWall detected 226.3 million attempted ransomware attacks between January and May 2021, more than double the number seen in the same period last year Continue Reading
-
News
22 Jun 2021
NSPCC, IWF help under-18s scrub their nude photos from the web
Report Remove tool is designed to be used by under-18s to report nude images or videos of themselves that have appeared online Continue Reading
-
News
22 Jun 2021
UK SMEs lack capacity to fend off cyber attacks
Three-quarters of UK SME leaders would not have sufficient capacity or expertise to deal with a cyber attack, according to a report Continue Reading
-
News
21 Jun 2021
Parliamentary devices left in taxis, buses, trains and pubs
Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020 Continue Reading
-
News
18 Jun 2021
Lorca Ignite programme targets breakout cyber talent
Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme Continue Reading
-
News
18 Jun 2021
Carnival Cruises hit by fourth cyber incident in a year
Latest data breach at Covid-hit cruise line comes hot on the heels of two recent ransomware attacks and a spring 2020 breach Continue Reading
-
News
17 Jun 2021
UnitingCare Queensland restores IT systems after cyber attack
Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year Continue Reading
-
News
17 Jun 2021
Biden tackles Putin on ransomware at Geneva summit
Discussions between Joe Biden and Vladimir Putin on cyber crime appear to have been somewhat positive, but the path ahead remains unclear Continue Reading
-
News
16 Jun 2021
Organisations cannot rely on cyber insurance to cover losses
Ransomware attacks have become a big driver of cyber insurance claims, but insurance must not be relied upon as a failsafe, says a report Continue Reading
-
News
15 Jun 2021
NHS Test and Trace picks Risk Ledger to secure supply chain
Risk Ledger’s technology promises ‘unparalleled’ visibility into NHS Test and Trace’s supply chain Continue Reading
-
News
15 Jun 2021
Privacy pro salaries rise throughout pandemic, but at a cost
Data from the IAPP’s latest salary survey reveals some insight into how the pandemic impacted the privacy profession Continue Reading
-
News
15 Jun 2021
Ransomware most insidious cyber threat facing UK
NCSC CEO urges organisations to do more to prepare for ransomware attacks Continue Reading
-
News
15 Jun 2021
The Security Interviews: How to build a government model to ‘hack for good’
Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’ Continue Reading
-
News
14 Jun 2021
G7 commits to action on ransomware, digital privacy
The G7 urges Russia to do more to hold criminal ransomware gangs operating from within its borders to account as it commits to more action on the issue Continue Reading
-
News
09 Jun 2021
Unit 42 warns of emergent Prometheus ransomware
Palo Alto’s Unit 42 shares intel on the emergent Prometheus ransomware gang, with apparent links to the Thanos crew Continue Reading
-
News
09 Jun 2021
RSA spins out fraud and risk unit as Outseer
RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer Continue Reading
-
News
09 Jun 2021
Colonial Pipeline ransom seizure is a win, but don’t relax yet
The security community is enthusiastic about the US authorities’ recovery of a significant part of the Colonial Pipeline ransomware payment, but this positivity should perhaps be somewhat tempered Continue Reading
-
Feature
08 Jun 2021
The rise and rise of supply chain attacks
Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains Continue Reading
-
News
07 Jun 2021
NCSC updates schools ransomware guidance amid surge
The National Cyber Security Centre says it is dealing with a renewed surge of ransomware attacks targeting schools, colleges and universities Continue Reading
-
News
07 Jun 2021
DNS attacks on the rise in APAC
Attacks on the domain name system in Asia-Pacific grew by 15% last year, with Malaysian organisations seeing the sharpest rise in damages among countries in the region Continue Reading
-
News
04 Jun 2021
HSBC offers all businesses scam awareness app
HSBC is sharing information on the latest scams and how to defend against them thorough its latest app, available to all businesses Continue Reading
-
News
04 Jun 2021
Government action on ransomware epidemic gathers pace
The US government steps up action against ransomware operators, while the UK’s NCSC publishes guidance on preparing to deal with a ransomware attack Continue Reading
-
News
03 Jun 2021
Norway’s auditor general lifts lid on energy industry’s cyber security risks
Auditor General’s Office questions the security posture of Norway’s energy industry Continue Reading
-
News
03 Jun 2021
Tories fined over email data protection breaches
The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list Continue Reading
-
News
03 Jun 2021
Pandemic a ‘once-in-a-lifetime’ chance to reshape security
The volume of remote working has made it hard to paint an accurate picture of the true state of enterprise cyber security, but it presents an opportunity to change things up Continue Reading
-
News
02 Jun 2021
Scottish businesses missing out on Cyber Essentials benefits
More than a third of Scottish businesses do not believe they are adequately prepared to deal with a cyber security incident Continue Reading
-
Opinion
01 Jun 2021
Long-term thinking is vital to secure UK’s critical infrastructure
To face down the threat of cyber warfare against UK CNI, the government needs long-term thinking that looks beyond the next general election cycle, says Advent-IM’s Mike Gillespie Continue Reading
-
News
01 Jun 2021
Exagrid pays $2.6m to Conti ransomware attackers
Backup appliance specialist hit by Conti ransomware in May with cyber criminals downloading employee and customer data, confidential contracts and source code Continue Reading
-
News
31 May 2021
Microsoft brings APAC policymakers together in security council
Microsoft’s APAC public sector security council will meet once a quarter to share threat intelligence and best practices for combating cyber threats Continue Reading
-
Guide
28 May 2021
Essential Guide: How APAC firms can ride out the pandemic
In this Essential Guide, we examine the impact of Covid-19 on Asia-Pacific businesses, how they have responded and important lessons that can be learned as they ready themselves for the post-pandemic world. Continue Reading
-
News
27 May 2021
Security ops teams struggle to switch off at home
Spiralling stress levels among SOC and IT security teams can be attributed mainly to alert overload, says Trend Micro Continue Reading
-
News
26 May 2021
More data stolen in January 2021 than in all of 2017, says report
The volume of data being stolen through breaches is growing steadily and shows no sign of slowing, according to a report from Imperva Continue Reading
-
News
26 May 2021
Millions of pounds lost to crypto fraud on social media
More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud Continue Reading
-
News
25 May 2021
Threat of group GDPR legal action haunts CISOs
The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach Continue Reading
-
News
25 May 2021
Industry reflects on three years of GDPR
Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection Continue Reading
-
News
25 May 2021
Legacy vulnerabilities may be biggest enterprise cyber risk
While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading
-
News
24 May 2021
Air India is latest victim of Sita hack
Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack Continue Reading
-
News
24 May 2021
Dutch researchers build security software to mimic human immune system
Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection Continue Reading
-
News
24 May 2021
Why the security stack needs to move to the edge
Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge Continue Reading
-
Podcast
21 May 2021
CyberUK, bees and datacentres, Red Cross digital mapping – Computer Weekly Downtime Upload podcast
In this episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly and Brian McKenna are joined by Alex Scroxton, security editor, to discuss CyberUK, bees and datacentres, and the British Red Cross’ use of digital mapping to combat Covid-19 Continue Reading
-
News
21 May 2021
Lack of developer attention to cloud security prompts alerts
The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations Continue Reading
-
News
20 May 2021
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes Continue Reading
-
Blog Post
20 May 2021
Throwback Thursday: Even data fragmentation has gone virtual
If there’s one thing that our report Storage Anywhere and Everywhere from eight years ago reminds us, it’s that the risks of uncontrolled data growth are nothing new. As our contribution to the bit ... Continue Reading
-
News
20 May 2021
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained Continue Reading
-
News
19 May 2021
Reports of stolen Irish health service data being leaked online
Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang Continue Reading
-
News
18 May 2021
Australian budget lends support to digital economy
Australia’s A$1.2bn Digital Economy Strategy ticks most of the right boxes, but some industry experts say areas such as broadband infrastructure and artificial intelligence are still underfunded Continue Reading
-
E-Zine
18 May 2021
The real-life consequences of ransomware attacks
In this week’s Computer Weekly, after a ransomware attack shut a major US oil pipeline, we examine the real-life consequences for organisations facing similar threats. We ask the experts for their top tips in reducing datacentre running costs. And we hear how data science skills are helping government make better decisions. Read the issue now. Continue Reading
-
News
17 May 2021
Conti ransomware syndicate behind attack on Irish health service
More details continue to emerge of the significant ransomware attack on Ireland’s HSE Continue Reading
-
News
17 May 2021
Government seeks input on supply chain security
Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security Continue Reading
-
News
14 May 2021
Colonial Pipeline paid $5m ransom, reports say
Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here Continue Reading
-
News
14 May 2021
Irish health service hit by major ransomware attack
IT systems in hospitals across Ireland have been switched off following a significant ransomware attack Continue Reading
-
News
13 May 2021
Publishing exploit code does more harm than good, says report
Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security Continue Reading
-
News
13 May 2021
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing Continue Reading