Data breach incident management and recovery

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

Chinese APT using PlugX malware on espionage targets

China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading

Dutch cyber security organisations to join forces

Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading

Albania cuts diplomatic ties with Iran after cyber attack

In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran Continue Reading

August ’22 a bumper month for high-impact vulnerabilities

Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading

Prince’s Trust teams with threat management specialist in skills push

Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading

Hotel group IHG confirms cyber attack after two-day outage

IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading

Cyber threats to Europe’s grid: Utilities rethink strategy

The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals Continue Reading

Bus company Go-Ahead fighting off cyber attack

Go-Ahead Group, which operates bus companies around the UK, says it is in the process of dealing with a cyber attack that may cause disruption to services Continue Reading

Saudi Arabian organisations choose to outsource to improve cyber security posture

Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security Continue Reading

How Okta is regaining customer trust after a cyber attack

In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident Continue Reading

Local authorities experience 10,000 attempted cyber attacks every day

Local authorities across the UK face a daily deluge of cyber incidents, with phishing and DDoS attacks the most prevalent, according to an insurance broker Continue Reading

Swedish Electronics Protection Act coincides with major cyber spend

Swedish cyber security law comes at a time of heavy government investment Continue Reading

New (ISC)² cyber careers schemes go live

(ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide Continue Reading

Norway has NOK200m plan to bolster cyber defences

Norway is investing heavily in its cyber defences amid heightened threat from Russia Continue Reading

NHS staff fall further behind amid ransomware attack

While some NHS bodies are now recovering their services after the ransomware attack on a crucial software supplier, others are still being forced to rely on pen and paper, and some will be waiting months to recover Continue Reading

Four years into GDPR, Norway hopes for safer data transfer to US

Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority Continue Reading

IAM house Okta confirms 0ktapus/Scatter Swine attack

Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard Continue Reading

LastPass breach limited in scale and well-managed, say experts

A breach of LastPass’s developer environment does not seem to have affected users of the password management service, but it may still be time for a credential reset Continue Reading

Criminal 0ktapus spoofed IAM firm in massive phishing attack

Researchers at Group-IB have published research on a major phishing campaign that ensnared victims at the likes of Cloudflare and Twilio Continue Reading

Adaptive RedAlert, Monster ransomwares go cross-platform

Kaspersky researchers have shared new intelligence on two emergent cyber criminal groups that have adapted their ransomwares to target different operating systems at the same time Continue Reading

Millions of Plex users may be at risk in password breach

Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor Continue Reading

LockBit 3.0 cements dominance of ransomware ecosystem

Ransomware attacks were up 47% in July compared with the previous month, according to the latest threat data from NCC Group, with the LockBit family largely to blame Continue Reading

Most CISOs think they’ve been attacked by a nation state

Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack Continue Reading

NCSC shares cyber guidance for large infrastructure builds

Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects Continue Reading

Kaspersky threat data added to Microsoft Sentinel service

Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service Continue Reading

Lloyd’s to end insurance coverage for state cyber attacks

Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk Continue Reading

Cozy Bear targets MS 365 environments with new tactics

Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading

It takes a breach to force boards to take notice of cyber, says UK government

Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims Continue Reading

Ukraine war drives DDoS attack volumes ever higher

There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading

South Staffs Water is victim of botched Clop attack

South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault Continue Reading

Cyber criminal forum targets only Russia

The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to be one of a kind Continue Reading

How critical infrastructure operators can secure OT data

Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

Cisco averts cyber disaster after successful phishing attack

A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading

NHS may take a month to recover from supply chain attack

Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading

‘Coopetition’ a growing trend among ransomware gangs

Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time Continue Reading

Cyber insurance getting harder to obtain

Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance Continue Reading

NHS recovering key services after attack on supplier

Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service Continue Reading

Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading

The dangers of the UK’s illogical war on encryption

The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading

UK has biggest card fraud problem in Europe

Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe Continue Reading

SBRC to administer NCSC training across Scotland

The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations Continue Reading

Financial services regulator opens digital delivery centre in Leeds

The Financial Conduct Authority is increasing the number of tech experts in its workforce through a new digital delivery centre in Leeds Continue Reading

Austrian data firm accused of selling malware, conducting cyber attacks

Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks Continue Reading

Ex-youth footballers kick-start cyber careers

New programme aims to find fresh careers for former youth footballers in cyber security Continue Reading

H0lyGh0st ransomware gang faces challenges, but still a threat

Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat Continue Reading

NCSC startups scheme turns focus to operational technology, SME security

NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading

Consumers left out of pocket as security costs soar

As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people Continue Reading

US doubles bounty on Lazarus cyber crime group to $10m

US State Department doubles a previously announced reward for information on North Korean cyber criminals, including the notorious Lazarus group Continue Reading

Retail software firm PrestaShop warns users about SQL injection attacks

Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading

Cyber security training ‘boring’ and largely ignored

Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them Continue Reading

Security Think Tank: Don’t rely on insurance alone

Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables Continue Reading

No More Ransom initiative helps 1.5 million people in six years

One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project Continue Reading

Visibility and proactive stance needed to secure OT systems

Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says Continue Reading

Ducktail infostealer targets Facebook Business users

Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts Continue Reading

NCSC seeks community input for Cyber Advisor service

The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward Continue Reading

Latest Atlassian Confluence vulnerability raises concerns

CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading

TMT firms among top targets for cyber attacks in Singapore

Organisations in the technology, media and telecoms sector were among the most lucrative targets for malicious actors as their services penetrate almost every aspect of society Continue Reading

LinkedIn most impersonated brand in phishing attacks

Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks Continue Reading

Buy ‘plug-n-play’ malware for the price of a pint of beer

Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading

Russia-linked APTs targeted fleeing Ukrainian civilians

Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment Continue Reading

(ISC)² expands entry-level cyber programme after UK success

Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading

Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading

Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection Continue Reading

Tracking the rise of homeworking across the UK

In this week’s Computer Weekly, new figures show that homeworking has more than doubled in the UK due to the pandemic – we look at the regional differences. The pressure is growing on cyber security teams – we analyse the expert advice on how to avoid staff burnout and lost talent. And we examine the important role that tech startups play in the rapid growth of Amazon Web Services. Read the issue now. Continue Reading

US cyber agency CISA to open London office

The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America Continue Reading

Log4Shell on its way to becoming ‘endemic’

US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading

CW APAC: Buyer’s guide to backup and recovery software

The cyber threat landscape leaves firms with little room for error. In this handbook, focused on backup and recovery software in the Asia-Pacific region, Computer Weekly looks at data protection capabilities, how Veeam aims to achieve a market-leading position, Rubrik’s focus on recovery and Kubernetes’s mission to meet the challenges of containerised application environments. Continue Reading

Videogame maker Bandai Namco confirms cyber attack

Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack Continue Reading

How hostile government APTs target journalists for cyber intrusions

Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey Continue Reading

ICO wants to ‘empower people through information’

Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society Continue Reading

Slippery phish wriggles around MFA protections, says Microsoft

Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence Continue Reading

Digital break-up kit to help women get out of bad relationships safely

Domestic abuse charity Refuge teams up with Avast to equip women with the knowledge to effectively and safely end a relationship digitally Continue Reading

ICO calls for review into government use of private email and WhatsApp messages

Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps Continue Reading

Ransomware and backup: Overcoming the challenges

Ransomware attacks that exfiltrate data don’t nullify the value of backups to restore from, but the challenges – such as not restoring corrupted data – require careful planning Continue Reading

Singapore doubles down on OT security

The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state Continue Reading

Cyber insurance: An effective use of your scant security budget?

The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading

Stop telling clients to pay ransomware gangs, solicitors told

The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims Continue Reading

Microsoft appears to reverse VBA macro-blocking

Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading

Lots to consider when buying cyber insurance, so do your homework

When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading

MI5, FBI chiefs warn of Chinese cyber espionage threat

In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading

Amid NSO lawsuit, Apple expands spyware protections

Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’ Continue Reading

Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it

In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading

Latest Marriott data breach not as serious as others

Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately Continue Reading

CW Middle East: UAE citizens embrace new digital technologies

A survey shows that people in the United Arab Emirates believe next-generation technologies such as 3D printing and artificial intelligence will become widespread in the country. Also read how the UAE has improved its security posture amid mounting cyber threats. Continue Reading

Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading

ESET: Lazarus APT hit aero, defence sector with fake job ads

ESET researchers present new findings into a series of cyber attacks on the aerospace and defence sectors by North Korea’s Lazarus crime syndicate Continue Reading

Prepare for long-term cyber threat from Ukraine war, says NCSC

The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams Continue Reading

LogRhythm bullish on growth in APAC

LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats Continue Reading

NCSC CEO: Why we should run towards crises to elevate cyber security

National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading

How to get the right level of cyber insurance

In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading

ICO to cut back on fines for public sector data breaches

Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over Continue Reading

New cyber extortion op appears to have hit AMD

Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data Continue Reading

Russia-aligned hacktivists behind Lithuania DDoS attack

Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin Continue Reading

Collaboration key to IT sector sustainability

In this week’s Computer Weekly, as sustainability rises up the corporate agenda, IT leaders say more collaboration is needed to meet climate goals. Microsoft faces further calls for greater transparency over software tools used to monitor employees. And the cyber security industry warns over an increasing loss of talent. Read the issue now. Continue Reading

Commercial cyber products must be used responsibly, says NCSC CEO

NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel Continue Reading

LockBit ransomware gang launches bug bounty programme

A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware Continue Reading

The cyber security impact of Operation Russia by Anonymous

The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading

Black Basta ransomware crew aiming for ‘big leagues’

Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason Continue Reading