Hackers and cybercrime prevention

Security Think Tank: Security teams are key workers and need support

Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading

Contact tracing: The privacy vs protection debate

The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading

Coronavirus: NCSC issues urgent alert for healthcare sector

UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading

GoDaddy owns up to October 2019 data breach

Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts Continue Reading

Revealed: The man behind the first major computer virus pandemic

After 20 years of silence, Onel de Guzman has admitted unleashing the “Love Bug”, the computer virus that caused havoc by infecting 45 million machines around the world Continue Reading

Xen Orchestra latest victim of Salt cryptojackers

More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward Continue Reading

Assange extradition hearing to take place in September following coronavirus lockdown

An extradition hearing against WikiLeaks founder Julian Assange has been delayed by four months, after defence and prosecution lawyers said the Covid-19 lockdown would make it impractical to hold a fair hearing in May Continue Reading

Blogging platform Ghost hacked through Salt vulnerability

Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability Continue Reading

IT Priorities 2020: Compliance and risk are top security concerns

When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study Continue Reading

Why you should think before you Zoom

Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential Continue Reading

Cyber security skills courses go online during pandemic

The government is turning to online learning to find the next generation of cyber security talent Continue Reading

Critical SaltStack vulnerability affects thousands of datacentres

Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away Continue Reading

Mobile banking customers at risk from new EventBot trojan

Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan Continue Reading

IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture

Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases Continue Reading

Coronavirus: GCHQ gets access to NHS data to beef up security

Health secretary gave GCHQ emergency powers to obtain information relating to the security of its networks and IT systems at the beginning of April, it has emerged Continue Reading

Almost half of security pros being redeployed during pandemic

Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic Continue Reading

Black Rose Lucy ransomware now posing as FBI porn warning

A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point Continue Reading

Julian Assange extradition hearing postponed amid coronavirus lockdown

Julian Assange’s lawyers say they have been unable to communicate or share legal documents with the WikiLeaks founder to enable them to prepare a defence in time for a planned extradition hearing in May Continue Reading

Microsoft patches .gif file vulnerability in Teams

Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts Continue Reading

UK tech companies launch online safety body

Online Safety Tech Industry Association unites 14 technology companies to drive conversation and policy around online safeguarding Continue Reading

The Security Interviews: Can AV go from dodgy scareware to cyber hero?

Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing Continue Reading

Ransomware-stricken Travelex up for sale

Travelex’s parent Finablr is washing its hands of the ransomware-stricken forex provider as it struggles with the twin shocks of the Covid-19 pandemic and a developing fraud scandal Continue Reading

iOS zero-day leaves iPhone users dangerously exposed

Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices Continue Reading

Zoom to roll out fresh cyber security updates

New features include support for advanced AES 256-bit encryption Continue Reading

NCSC overwhelmed by response to coronavirus campaign

The UK’s NCSC has taken down more than 80 malicious web campaigns and received 5,000 reports of suspicious emails within 24 hours of launching reporting service Continue Reading

Coronavirus: Banking and mobile sectors collaborate to stop text scams

Initiative aims to protect 50 genuine brands and government organisations from being impersonated by cyber criminals Continue Reading

Coronavirus: Cyber criminals may be changing tactics

Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition Continue Reading

Revealed: The man behind the first major computer virus pandemic

After 20 years of silence, Onel de Guzman has admitted unleashing the “Love Bug”, the computer virus that caused havoc by infecting 45 million machines around the world Continue Reading

Coronavirus: HMRC job retention scheme targeted by cyber criminals

The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals Continue Reading

When data protection is not enough

Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy Continue Reading

NCSC launches coronavirus cyber security campaign

The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic Continue Reading

IT services company Cognizant warns customers after ‘Maze’ ransomware attack

US IT services company Cognizant alerts customers after the Maze ransomware group launches a cyber attack Continue Reading

Zoom and WebEx users targeted by credential stealing attempts

Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data Continue Reading

Dutch organisations address business email compromise fraud

Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks Continue Reading

Australian workers are weakest link in fight against cyber attacks

About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, new study finds Continue Reading

Coronavirus: How Nominet fights back against malicious domains

Domain name registry has thwarted hundreds of attempts to register malicious .uk domain names during the coronavirus pandemic Continue Reading

Check Point sounds alarm over double extortion ransomware threat

Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard Continue Reading

NHS Wales to get free security services during coronavirus pandemic

NHS Wales Informatics Services enlists Thales to help it face down security threats and let its teams focus on the Covid-19 coronavirus crisis Continue Reading

Coronavirus: Cyber attacks on banks seen spiking, says Carbon Black

VMware’s Carbon Black observes a spike in cyber attacks on financial services organisations Continue Reading

Coronavirus: Standard Chartered bans employees from Zoom

Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom Continue Reading

Coronavirus: Researcher finds security vulnerability in Slack

Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher Continue Reading

Microsoft patches 19 critical bugs in another heavy Patch Tuesday

The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday Continue Reading

Apple and Netflix most imitated brands in phishing attacks

A new report highlights the brands which are being most frequently spoofed by cyber criminals in phishing attacks Continue Reading

Coronavirus: Zoom user credentials for sale on dark web

IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web Continue Reading

Coronavirus: Warning over surge in Zoom security incidents

Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools Continue Reading

Coronavirus: Zoom restricted or banned at multiple organisations

Use of videoconferencing tool has been banned at Google and in parts of the German and US governments Continue Reading

CW Middle East: A quarter of Middle East businesses have no women in IT

Over a quarter of businesses in the Middle East have no women in their IT departments, according to Computer Weekly’s Salary Survey, which has also revealed that 40% of Middle East-based IT professionals would change job for more money. Also in this issue, find out whether China’s public cloud provider, Alibaba, has what it takes to trouble the likes of Amazon Web Services and Microsoft in the infrastructure-as-a-service market. Continue Reading

Revealed: Estonia targeted by Russia-linked disinformation deluge

Kremlin-linked threat actors are undermining the government of Estonia and its relationship with the European Union through a concerted disinformation campaign, with wider ramifications Continue Reading

Despite coronavirus, overall cyber crime volumes hold steady

The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being Continue Reading

Coronavirus: McAfee unearths dark web blood bank

Cyber criminals are selling fake goods and running scams on online marketplaces during the Covid-19 pandemic. Don’t be taken in Continue Reading

Coronavirus threats ramp up as more hospitals come under attack

The Covid-19 Cyber Threat Coalition finds the majority of security pros have been targeted by cyber criminals exploiting the coronavirus pandemic, and adds to warnings of increased activity targeting the health sector Continue Reading

Judge refuses to delay Assange's extradition hearing over coronavirus pandemic

District Judge Vanessa Baraitser says extradition proceedings will go ahead against Julian Assange, after his lawyers argued that the coronavirus lockdown means they cannot prepare their defence Continue Reading

Coronavirus: Criminals using Zoom installer to spread cryptominer

Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims Continue Reading

Adapting IT to the new normal

In this week’s Computer Weekly, we talk to four top IT leaders to find out how they are supporting their organisations through the coronavirus crisis. We look at the security best practices recommended by experts to ensure safe remote working for staff. And the CISO of Equifax explains why the firm is moving to public cloud. Read the issue now. Continue Reading

Zero-day exploits increasingly commodified, say researchers

The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills Continue Reading

Security Think Tank: Why and how cyber criminals exploit world events

In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading

Interpol warns of more ransomware attacks against healthcare sector

Purple notice issued to alert police forces around the world of ransomware attacks against hospitals and other healthcare institutions Continue Reading

Google data shows high interest in security and remote working

An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis Continue Reading

Coronavirus: What does the ‘new normal’ mean for how we work?

Examining the long-term impact of the Covid-19 coronavirus pandemic on the world of work, security, privacy and networks Continue Reading

JavaScript skimmers: An evolving and dangerous threat

Cyber attacks exploiting Magecart JavaScript skimmers are spiking during the coronavirus pandemic, and like biological viruses, they just keep evolving Continue Reading

Coronavirus: Magecart attacks on online retailers jump 20%

RiskIQ researchers have observed a sharp uptick in Magecart credit card attacks, driven by increased traffic to online retailers during the coronavirus pandemic Continue Reading

Morrisons appeal success is cold comfort for enterprises

The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them Continue Reading

What we can learn from Marriott’s new data breach embarrassment

Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences Continue Reading

Morrisons not liable for 2014 data breach, says Supreme Court

Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability Continue Reading

Coronavirus: WHO, Rakuten collaborate on anti-disinformation chatbot

The World Health Organisation and Rakuten Viber have built an interactive, multi-language chatbot to try to get on top of the growing problem of disinformation during the coronavirus pandemic Continue Reading

Nigerian email attacks evolving into credible, dangerous threat

Palo Alto’s Unit 42 reports on Nigeria’s SilverTerrier cyber crime group, which is becoming a highly dangerous threat to businesses worldwide Continue Reading

Marriott International hotel chain in second data breach

Marriott International notifies customers of a major data breach that unfolded earlier in 2020 – the second it has experienced in the past two years Continue Reading

Too late to protect online privacy, say Brits

Most UK consumers are concerned about data privacy, but think it’s too late to do much about it, according to a report Continue Reading

Houseparty denies hack as credential stuffing attacks spread

Social media service denies its service has been hacked, and is offering a million-dollar bounty to anybody who can prove otherwise Continue Reading

Why security validation matters

FireEye’s top executives in Asia-Pacific discuss the benefits of security validation and offer their take on the region’s cyber threat landscape Continue Reading

Coronavirus: Don’t fall for fake cures, warns UK government

Government urges people to be more vigilant about what they read and share online as it relaunches its Don’t Feed the Beast campaign to counter coronavirus disinformation Continue Reading

Insurance firm Chubb may be latest Maze ransomware victim

Maze ransomware group claims to have stolen personal data from the systems of cyber security insurance firm Chubb Continue Reading

Lorca calls on security scaleups to tackle coronavirus challenge

Lorca innovation programme has launched an open call for its next cohort of cyber security scaleups, with a timely focus on coronavirus challenges Continue Reading

Coronavirus: What are the latest free cyber security offers?

We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis Continue Reading

Tupperware fixes hacked site, but questions remain over response

Kitchenware brand removes active digital credit card skimmer from its website and insists it takes security seriously despite ignoring repeated attempts to contact it Continue Reading

Coronavirus: Be alert to rogue mobile apps exploiting outbreak

Well-meaning developers are beginning to offer medical apps to monitor coronavirus symptoms and provide information on the pandemic. Opportunists and cyber criminals are not far behind them Continue Reading

Developed APAC states most exposed to cyber risks

Singapore, South Korea, Japan, Australia and New Zealand have the highest exposure to cyber risks, but they are also the most prepared to deal with cyber attacks, study finds Continue Reading

Kitchenware brand Tupperware is ignoring hacked website

Website has been hacked in a targeted cyber attack, and the dangerous vulnerability has not been addressed Continue Reading

Almost half of UK businesses suffered a cyber attack in past year

Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism Continue Reading

Australia inks digital economy pact with Singapore

Australia’s digital economy agreement with Singapore will pave the way for data transfers and other digital trade opportunities Continue Reading

Fake antivirus site promises coronavirus protection, delivers trojan

Researchers at Malwarebytes have warned of an increasing volume of scam sites exploiting the Covid-19 coronavirus Continue Reading

Tekya auto-clicker malware exploits kids’ Android apps

Google has removed multiple apps for children that were found to contain Tekya auto-clicker malware Continue Reading

Legacy AV defenceless against onslaught of evasive malware

More than two-thirds of malware detected by WatchGuard in the last three months of 2019 was able to evade signature-based antivirus products, rendering them effectively useless in most instances Continue Reading

The AWS bucket list: Keep your cloud secure

Misconfigured cloud installations risk billions of records being exposed, damaging organisations’ finances and reputations. Paying attention to securing AWS storage buckets is a simple matter Continue Reading

Coronavirus: Kaspersky, Bitdefender make products free to NHS

Kaspersky and Bitdefender have both made various products and services available free to healthcare customers as the Covid-19 coronavirus pandemic intensifies Continue Reading

Thousands of Netflix, Disney+ streaming accounts being stolen

Proofpoint has urged users of streaming services to be alert to cyber criminals hijacking their accounts Continue Reading

Interview: Jamil Farshchi, CISO, Equifax

Equifax CISO Jamil Farshchi discusses public cloud and why it’s not something IT security professionals should be afraid of Continue Reading

Cyber gangsters hit UK medical firm poised for work on coronavirus with Maze ransomware attack

The Maze ransomware group has published personal and medical details of thousands of former patients of a London-based medical research company after a failed attempt to disable the firm's computer systems Continue Reading

Coronavirus: Sans Institute issues cyber security advice for parents

With schools now shut across the UK, parents will bear more responsibility for keeping children safe online and educating them about online harms Continue Reading

Unpatched Zyxel storage devices co-opted into IoT botnet

Owners of Zyxel network-attached storage devices are in danger of being hijacked by Mukashi, a descendant of the infamous Mirai botnet, if they don’t patch a critical vulnerability Continue Reading

Essential Guide: Technology readiness for the Covid-19 coronavirus crisis

The global Covid-19 coronavirus pandemic requires an important response from enterprise IT departments - in this guide, we examine the key considerations for IT leaders Continue Reading

IT Priorities 2020: ANZ firms to spend more on cyber security

Over half of respondents in Australia and New Zealand plan to invest more in cyber security, especially in key areas such as data loss prevention Continue Reading

Volume of computer misuse incidents falling, says ONS

Downward trend comes despite an overall increase in fraud, according to new statistics Continue Reading

Coronavirus: How to implement safe and secure remote working

Find out what CIOs and CISOs need to know to enable their end-users to work remotely and stay secure during the Covid-19 coronavirus crisis, and learn how users can help themselves Continue Reading

Coronavirus now possibly largest-ever cyber security threat

The cumulative volume of coronavirus-related email lures and other threats is the largest collection of attack types exploiting a single theme for years, possibly ever Continue Reading

Prudential turns to AI to secure computer networks against cyber attacks

Prudential, the UK’s largest listed insurer, is turning to artificial intelligence to protect its computer networks in the US, Asia and Africa from malware hackers and internal threats Continue Reading

Security Think Tank: Amid panic, how to find a sound level of security

In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading

Covid-19: NCSC issues secure remote working guidance

With hundreds of thousands likely to be working remotely for some time, the UK’s NCSC has issued best practice guidance to enable security teams to support them Continue Reading

Travelex under threat as insolvency risk, hacking costs and coronavirus take their toll

Foreign exchange group’s future remains uncertain as its parent company, Finablr, prepares for potential insolvency Continue Reading

SentinelOne makes security platform free to support remote workers

Endpoint protection platform service will be made free until 16 May 2020 to help protect remote workers during the Covid-19 coronavirus crisis Continue Reading