Data breach incident management and recovery

CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats Continue Reading

Supply chain security goes deep – forget this at your peril

It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading

Dreams come true – how data and communication saved a failing company

In this week’s Computer Weekly, the former CEO of bed retailer Dreams explains how digital, data and communication helped turn round a failing company. The UK government has a new digital strategy – but it all seems rather familiar. And we talk to the tech firms trialling a four-day working week. Read the issue now. Continue Reading

Lords move to protect cyber researchers from prosecution

A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their work Continue Reading

Complex Russian cyber threat requires we go back to basics

The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains Continue Reading

Government responds to Data Reform Bill consultation

Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit Continue Reading

Consider governance, coordination and risk to secure supply chain

A recent ISACA study found myriad factors that give good reason to be concerned about supply chain security. Cyber adviser Brian Fletcher recommends three areas to zero in on Continue Reading

TalkTalk hacker Daniel Kelley gives up his black hat for good

After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career Continue Reading

Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading

Security Think Tank: Best practices for boosting supply chain security

In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading

Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading

$2k to access your organisation on the dark web

Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000 Continue Reading

Patch Tuesday dogged by concerns over Microsoft vulnerability response

The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading

Security Think Tank: Basic steps to secure your supply chain

When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading

MS Azure Synapse vulnerability fixed after six-month slog

Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading

New warning over tech suppliers in thrall to hostile governments

Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer Continue Reading

Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading

Snake Keylogger climbing malware charts, says Check Point

Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers Continue Reading

Researchers find eight CVEs in single building access system

A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets Continue Reading

SolarWinds CEO offers to commit staffers to government cyber agencies

A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response Continue Reading

Cyber researchers step in to fill Patch Tuesday’s shoes

Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss Continue Reading

China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading

ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data Continue Reading

Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks Continue Reading

APAC buyer’s guide to backup and recovery software

In this buyer’s guide, learn more about the market for backup and recovery software and key data protection capabilities to look for Continue Reading

Time to act on the DCMS Select Committee 2016 Recommendations

Prepare for when losses from impersonation replace whiplash and PPI as the target income stream of ambulance-chasing lawyers, so that you can rapidly sort the genuine claims from the rest. Continue Reading

What does the EU’s NIS 2 cyber directive cover?

We run the rule over the European Union’s updated NIS2 security directive Continue Reading

The importance of making information security more accessible

Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure Continue Reading

Attack of the clones: the rise of identity theft on social media

The proliferation of social media has resulted in the rise of identity theft on these platforms, with accounts copied for fraudulent or malicious purposes. What can be done to mitigate it? Continue Reading

Industrial systems not safe for the future, say Dutch ethical hackers

Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations Continue Reading

Log4Shell: How friendly hackers rose to the challenge

HackerOne CISO Chris Evans looks back at how the security community successfully rose to the challenge of Log4Shell, and saved end-user organisations millions Continue Reading

Strong internal foundations are key to withstanding external threats

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Security Think Tank: Core security processes must adapt in a complex landscape

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report Continue Reading

Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report Continue Reading

Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats Continue Reading

Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody Continue Reading

Did the Conti ransomware crew orchestrate its own demise?

Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise Continue Reading

Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations Continue Reading

Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates Continue Reading

Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures Continue Reading

Nature of cyber war evolving in real time, says Microsoft president

The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London Continue Reading

Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading

Security Think Tank: Yes, zero trust can help you understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Veeam outlines data protection vision

Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads Continue Reading

Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds Continue Reading

Keeping Singapore’s critical systems secure

Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore Continue Reading

The limits and risks of backup as ransomware protection

Backups can provide a sound means of recovery from ransomware infection, but they are not 100% certain to foil attackers. We look at the limits and risks of depending on backups Continue Reading

Nerbian RAT enjoys using Covid-19 phishing lures

The world is slowly coming to terms with Covid-19, but fear of the coronavirus is no less useful to cyber criminals because of it, as Proofpoint researchers have discovered Continue Reading

CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading

Analysts confirm return of REvil ransomware gang

Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks Continue Reading

Cyber accreditation body Crest forges new training partnerships

Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading

CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading

The spies who hack you – the growing threat of spyware

In this week’s Computer Weekly, after 10 Downing Street was hit by a spyware attack, fears about targeted mobile phone hacks are increasing. Our salary survey highlights the diversity challenge in IT, with men’s support for women in IT declining. And we look at how datacentre heat reuse can help reduce carbon emissions. Read the issue now. Continue Reading

CyberUK 22: NCSC’s ACD programme blocks 2.7 million scams

On the opening day of its annual CyberUK event, the NCSC reveals how organisations around the country have used its Active Cyber Defence programme to their advantage Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Intellectual property theft operation attributed to Winnti group

Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property Continue Reading

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Information security in 2022 – managing constant change

It’s been an unprecedented couple of years for everyone – but a particularly frantic one for cyber security leaders. The pandemic led to a huge rise in remote working, with all the extra risks involved in putting users outside the corporate perimeter. The home environment then became a new attack vector, and as a result there was a huge increase in ransomware, affecting individuals and enterprises. And then, just as lockdowns started to ease, Russia’s invasion of Ukraine brought new nation-state threats that may yet become even more serious. For chief information security officers (CISOs), managing constant change and emerging threats is becoming the norm. In this essential guide to information security in 2022, we examine the key strategies, latest innovations and leadership insights – and highlight the importance of collaboration across the cyber community to keep everyone secure. Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Ransomware recovery costs dwarf actual ransoms

The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data Continue Reading

Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading

Russia plumbs new depths in cyber war on Ukraine

Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign Continue Reading

Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading

Russia-supporting cyber crime gang claims Coca-Cola as victim

Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off Continue Reading

Leeds Beckett’s ethical hacking platform wins Innovate UK backing

An ethical hacking and cyber education platform developed at Leeds Beckett University has received a major funding boost to help it launch commercially Continue Reading

Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading

Coralogix makes foray into cyber security with Snowbit

Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Sophos soaks up SOC.OS

Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services Continue Reading

What’s up with Conti and REvil, and should we be worrying?

New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back Continue Reading

UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading

Five Eyes in new Russia cyber warning

Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading

Impact of Lapsus$ attack on Okta less than feared

Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential Continue Reading

One-third of scams that hit TSB are impersonation fraud

TSB reports an increase in fraudsters impersonating trusted organisations to trick consumers into making payments to them Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Median threat actor ‘dwell time’ dropped during 2021

Security teams appear to be getting better at detecting attackers within their networks, according to a report Continue Reading

Lack of expertise hurting UK government’s cyber preparedness

UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report Continue Reading

Kyndryl kindles cyber incident recovery pact with Dell

IBM spin-out Kyndryl hops into bed with Dell Technologies in a joint cyber resilience proposition Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant

Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack

Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief Continue Reading

Universal IAM policy failings put cloud environments at risk

Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading

Multiple arrests made in RaidForums takedown

A Portuguese national and a 21-year-old man from Croydon are among a number of individuals arrested ahead of the closure of RaidForums by police Continue Reading

Sandworm rolls out Industroyer2 malware against Ukraine

A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT Continue Reading

Singapore to start licensing cyber security service providers

Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading

Ukrainian cyber criminal gets five years in jail

A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence Continue Reading

Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Hydra takedown merely shifts cyber criminal problem elsewhere

The seizure of the Hydra dark web marketplace is a positive development in the fight against cyber crime, but will only be a temporary setback for determined criminals Continue Reading

Discount retailer The Works hit by cyber attack

A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature Continue Reading

Triple-threat Borat malware no joke for victims

Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros Continue Reading

IBM z16 tackles financial fraud and quantum hacks

New addition to Z series mainframe family uses IBM Telum processor to accelerate AI for real-time credit card fraud detection Continue Reading

Two teenagers charged with Lapsus$ cyber attacks

City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree Continue Reading

Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading

Apple drops emergency patches for two zero-days

Apple has fixed two zero-day vulnerabilities that appear to have been actively exploited in the wild Continue Reading

Lapsus$ cyber crime spree continues despite arrests

The arrests of seven people in connection with the Lapsus$ cyber crime group has not dented the gang’s enthusiasm for causing chaos Continue Reading