Hackers and cybercrime prevention

Technologies to support hybrid working

In this week’s Computer Weekly, our latest buyer’s guide looks at technologies to support hybrid working – even when your business is as unique as farming. We examine the new guidelines on AI cyber security published by G7 government security chiefs. And we find out how the Jaguar Formula E racing team is using digital twins to improve electric vehicle performance. Read the issue now. Continue Reading

Rhysida ransomware gang hits hospital holding royal family’s data

Ransomware gang boasts of having stolen data on the royal family in an attack on a private London hospital Continue Reading

Report reveals sorry state of cyber security at UK football clubs

Football clubs up and down the country are putting staff, players and fans alike at risk through outdated attitudes to cyber security, according to a report Continue Reading

Prepare for your worst day: How to create a cyber incident response plan

What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading

Government’s Online Fraud Charter welcomed

The government has corralled 11 of the largest tech platforms in the world to commit to its Online Fraud Charter, designed to tackle online scams, fake adverts, and more Continue Reading

Rhysida gang stole hundreds of gigabytes of British Library data

The Rhysida ransomware gang behind the cyber attack on the British Library has published almost 600GB of stolen data to its dark web leak site Continue Reading

Law enforcement dismembers major ransomware operation in Ukraine

A joint law enforcement operation between the Ukrainian authorities, Europol and Eurojust has seem five ransomware operators taken into custody Continue Reading

Scope of Okta helpdesk breach widens to impact all users

Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light Continue Reading

Scope of British Library data breach widens

Personal data on British Library users has appeared for sale on the dark web following a Rhysida ransomware attack, as the scope of the still-developing incident widens again Continue Reading

Volume of unique malware samples threatens to overwhelm defenders

A massive increase in malware volumes could cause problems for security teams tasked with adapting their defences against them Continue Reading

The Security Interviews: Zeki Turedi, field CTO Europe, CrowdStrike

Organisations are racing to keep their security up to date against the latest threats. CrowdStrike’s Zeki Turedi explains how to protect against novel and innovative cyber attacks Continue Reading

APAC organisations warm to microsegmentation

Nearly two-thirds of organisations in the APAC region see microsegmentation as a way to protect their IT assets, but lack the skills to deploy the technology Continue Reading

MOVEit incident spurred UK decision makers to spend big on cyber

The MOVEit cyber attacks that unfolded in the spring and summer of 2023 seem to have driven an increase in both ransomware awareness and spend, according to a report Continue Reading

North Korean APTs go all in on supply chain attacks, warns NCSC

Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks Continue Reading

Australia ups ante on cyber security

Australia’s new cyber security strategy will focus on building threat blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities Continue Reading

An inside look at a Scattered Spider cyber attack

Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated Continue Reading

CISA reveals how LockBit hacked Boeing via Citrix Bleed

As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew Continue Reading

How do cybercriminals steal credit card information?

Cybercriminals have various methods at their disposal to hack and exploit credit card information. Learn what they are, how to prevent them and what to do when hacked. Continue Reading

Over half of SME cyber incidents now ‘malware-free’

The age of malware-driven cyber attacks may have peaked, at least when it comes to incidents affecting small and medium sized enterprises Continue Reading

Internal documents leaked as Rhysida claims responsibility for British Library ransomware attack

Ransomware group Rhysida threatens to sell documents stolen from the British Library to the highest bidder Continue Reading

Can AI take education to a new level?

In this week’s Computer Weekly, we examine how large language models are being used to teach, support and assess students, enhancing education rather than impairing it. We look at how the AI revolution is impacting the semiconductor sector as the big tech companies put off server upgrades. And we find out how generative AI is changing the way enterprise software works. Read the issue now. Continue Reading

Defence lawyers seek appeal of tribunal ruling on police EncroChat cryptophone hack

Defence lawyers are seeking leave to appeal against a tribunal ruling that found the National Crime Agency had lawfully obtained warrants to access messages from 9,000 cryptophones used in the UK Continue Reading

Royal Mail spent £10m on cyber measures after LockBit attack

Royal Mail has spent approximately £10m on recovery and improved cyber resilience measures in the wake of the January 2023 LockBit ransomware attack Continue Reading

Ransomware gang grasses up uncooperative victim to US regulator

The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off Continue Reading

British Library’s Halloween cyber scare was ransomware

The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack Continue Reading

BlackCat affiliate seen using malvertising to spread ransomware

Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker Continue Reading

Russian cyber criminal pleads guilty to running IPStorm botnet

Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement Continue Reading

US government reinforces ICBC hack link to Citrix Bleed

US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw Continue Reading

How Gigamon is making its mark in deep observability

Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth Continue Reading

Fast-acting cyber gangs increasingly disabling telemetry logs

Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks Continue Reading

The UK AI Safety Summit – what did it achieve?

In this week’s Computer Weekly, we look back at the UK government’s AI Safety Summit and assess what it achieved – and what it didn’t. Our latest buyer’s guide examines the future of business software and modernising legacy applications. And we find out how the UK Product Security and Telecommunications Infrastructure Act aims to protect your smart devices. Read the issue now. Continue Reading

Rogue state-aligned actors are most critical cyber threat to UK

The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night Continue Reading

Lloyds Bank warns over rising threat of crypto scams

Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors Continue Reading

Encrypted mail service Tuta says it was wrongly accused of being a front for intelligence services

German encrypted email service Tuta, formerly known as Tutanota, has denied claims by a former Canadian police intelligence officer accused of passing secrets to criminals that it was compromised by intelligence services Continue Reading

Victims’ legal action over 2015 Carphone Warehouse breach moves forward

A class action against Currys Retail over the 2015 data breach of Carphone Warehouse customers has been granted permission to move forward in the courts Continue Reading

Ransomware attack on major Chinese lender disrupts financial markets

The financial services arm of one of the world’s largest banks was taken offline by a supposed LockBit ransomware attack, causing problems for US markets Continue Reading

APAC cyber security workforce hits record high

The cyber security workforce in Asia-Pacific now stands at just under a million people, but demand for cyber security talent in the region continues to outpace supply Continue Reading

Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure

New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine Continue Reading

NCSC makes annual Black Friday plea to consumers

Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams Continue Reading

Suspected ransomware attack hits Scottish council

Systems at Comhairle nan Eilean Siar were downed on 7 November in a suspected ransomware attack Continue Reading

Heineken lets the data flow

In this month’s CW EMEA ezine, we find out about Heineken’s mission to make the most out of the data it holds through an enterprise-wide data ecosystem. We also look at how the UK has turned its back on the German government-funded Gaia-X data platform, why cyber experts are urging the EU to rethink vulnerability disclosure plans, and how the IT industry is responding to the software developer skills shortfall. Read the issue now. Continue Reading

The plan for the inevitable cyber attack: Get the gist of NIST

What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading

Iconic Singapore hotel caught up in major data breach

The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month Continue Reading

King’s Speech misses the mark on cyber law reform, says campaign

A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress Continue Reading

Researchers ‘break’ rule designed to guard against Barracuda vulnerability

Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective Continue Reading

Unesco unveils seven-point anti-disinformation plan

United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation Continue Reading

IR plans: The difference between disaster and recovery

What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading

Shadow IT use at Okta behind series of damaging breaches

Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account Continue Reading

How Trellix’s CISO keeps threat actors at bay

Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents Continue Reading

SolarWinds hack explained: Everything you need to know

Hackers targeted SolarWinds by deploying malicious code into its Orion IT monitoring and management software used by thousands of enterprises and government agencies worldwide. Continue Reading

Admins told to take action over F5 Big-IP platform flaws

Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild Continue Reading

How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data

UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network Continue Reading

Incident response planning is vulnerable to legacy thinking

What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading

Lloyds bank kicks off Hyderabad operation

Lloyds Banking Group has opened its latest tech operation in Hyderabad, with plans to recruit around 600 IT experts Continue Reading

British Library falls victim to cyber attack

The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature Continue Reading

SEC sues SolarWinds, alleging serious security failures

SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks Continue Reading

Reported major cyberattacks are falling – but watch out for the massive threats posed by gen AI

 The number of reported major cyberattacks is falling. Are we just getting used to them? Continue Reading

Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent

Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances Continue Reading

Microsoft warns over growing threat from Octo Tempest gang

The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft Continue Reading

How Elastic manages cyber security threats

Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings Continue Reading

Germany: European Court opinion kicks questions over EncroChat back to national courts

Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts Continue Reading

ChatGPT, Bard, lack effective defences against fraudsters, Which? warns

Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed Continue Reading

Exploitation of Citrix NetScaler vulns reaching dangerous levels

Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked Continue Reading

UK Finance paints mixed picture of fraud as losses top £500m

UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data Continue Reading

Demystifying the top five OT security myths

Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems Continue Reading

1Password caught up in Okta support breach

After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading

Cisco hackers likely taking steps to avoid identification

Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery Continue Reading

Research team tricks AI chatbots into writing usable malicious code

Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks Continue Reading

Kaspersky opens up over spyware campaign targeting its staffers

Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading

Customers speak out over Okta’s response to latest breach

Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired Continue Reading

NetApp ‘unified storage’ adds new ASA block storage at Insight

Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements Continue Reading

Cisco pushes update to stop exploitation of two IOS XE zero-days

Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software Continue Reading

How Ensign is leading the charge in cyber security

Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem Continue Reading

Computer Weekly contributor named Godfather of UK Security

Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards Continue Reading

Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets

Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets Continue Reading

CW APAC: Buyer’s guide to IAM

Identity access management tools are proving pivotal in the race to outwit cyber criminals. In this handbook, focused on IAM in the Asia-Pacific region, Computer Weekly takes a closer look at their capabilities, CyberArk’s growth, the uses of automation and how ForgeRock enhances user experience. Continue Reading

RagnarLocker cyber gang that pioneered double extortion busted

Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline Continue Reading

Fears grow over extent of Cisco IOS XE zero-day

Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures Continue Reading

Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source Continue Reading

What are the cyber risks from the latest Middle Eastern conflict?

The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations Continue Reading

Five Eyes issues five tips on thwarting nation state threats

Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats Continue Reading

Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine

Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine Continue Reading

Alert sounded over dangerous Cisco IOS XE zero-day

Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems Continue Reading

What it takes to succeed in DevSecOps

Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey Continue Reading

US SEC launches probe into mass MOVEit breach

Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected Continue Reading

Why only 1% of the Snowden Archive will ever be published

Speaking to Computer Weekly after we published new revelations from the Snowden archive, the Guardian’s Pulitzer Prize winner, Ewen MacAskill, explains why more of the Snowden trove is unlikely to see the light of day Continue Reading

MGM faces £100m loss from cyber attack on its casinos

MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading

Microsoft: Nation-state cyber espionage on rise in 2023

Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering Continue Reading

Red Cross issues rules of engagement for hackers in conflicts

The digital rules of engagement are the first time cyber activity has been looked at by the conflict watchdog, but a number of hacker groups have already come out and said they will not be following them Continue Reading

Ransomware dwell times now measured in hours, says Secureworks

Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report Continue Reading

Ransomware: All the ways you can protect storage and backup

We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading

Cyber experts urge EU to rethink vulnerability disclosure plans

The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, experts claim Continue Reading

RSA and other crypto systems vulnerable to side-channel attack

A researcher has found that a flaw in RSA is still vulnerable – a quarter of a century after it was first discovered Continue Reading

CIISec scores DSIT funding to expand successful CyberEPQ scheme

DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date Continue Reading

Salesforce and Zoom embrace ethical hackers. You should, too

Software companies Salesforce and Zoom discuss their successful bug bounty programmes, what they learned at a recent in-person hackathon in which they participated, and why others shouldn’t be scared of hackers Continue Reading

Where next for quantum computing?

In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading

Top science journal faced secret attacks from Covid conspiracy theory group

A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly Continue Reading

The trust deficit in CNI: How to address a growing concern

When it comes to addressing the trust deficit in CNI, technological advancements, evolving threats, inadequate regulations, insufficient investment, public awareness, and international cooperation are all critical components that need attention Continue Reading

Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app

The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps Continue Reading

How Akamai is driving growth in APAC

Akamai's managing director for the region outlines the company’s growth journey, how it sets itself apart from competitors, and its strategies to drive the next phase of growth Continue Reading