Hackers and cybercrime prevention

Attack of the clones: the rise of identity theft on social media

The proliferation of social media has resulted in the rise of identity theft on these platforms, with accounts copied for fraudulent or malicious purposes. What can be done to mitigate it? Continue Reading

Industrial systems not safe for the future, say Dutch ethical hackers

Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations Continue Reading

Trial and error – why the law on computer evidence must change

In this week’s Computer Weekly, the Post Office IT scandal highlighted the problem with computer evidence – we examine the need for legal reform. We assess the nuclear option for sustainable datacentre power. And we find out how IT experts can improve their soft skills and boost their career prospects as a result. Read the issue now. Continue Reading

Log4Shell: How friendly hackers rose to the challenge

HackerOne CISO Chris Evans looks back at how the security community successfully rose to the challenge of Log4Shell, and saved end-user organisations millions Continue Reading

Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report Continue Reading

Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report Continue Reading

New inquiry looks at the state of UK chips

Foreign Affairs Committee is fishing for evidence in a new inquiry assessing skills, security and end-to-end semiconductor supply chain concerns Continue Reading

Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats Continue Reading

Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody Continue Reading

Bad bots make up a quarter of APAC’s web traffic

Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds Continue Reading

Need a CISO? No need to look for that tech boffin

This is a guest post by Yvette Lejins, resident CISO at Proofpoint Asia-Pacific and Japan The role of the CISO (chief information security officer) has become increasingly important as more ... Continue Reading

Did the Conti ransomware crew orchestrate its own demise?

Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise Continue Reading

How Ivanti views patch management with a security lens

Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay Continue Reading

Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations Continue Reading

Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates Continue Reading

Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures Continue Reading

Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable Continue Reading

Top cyber criminal earnings outpace those of business leaders

Cyber crime can pay significantly better than leading a FTSE 100 organisation, according to a report Continue Reading

Nature of cyber war evolving in real time, says Microsoft president

The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London Continue Reading

Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading

Security Think Tank: Yes, zero trust can help you understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Singapore opens security testing centre

Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent Continue Reading

Mastercard biometric programme will allow payment authentication by smile

Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology Continue Reading

Veeam outlines data protection vision

Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads Continue Reading

Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds Continue Reading

The limits and risks of backup as ransomware protection

Backups can provide a sound means of recovery from ransomware infection, but they are not 100% certain to foil attackers. We look at the limits and risks of depending on backups Continue Reading

APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field Continue Reading

Nerbian RAT enjoys using Covid-19 phishing lures

The world is slowly coming to terms with Covid-19, but fear of the coronavirus is no less useful to cyber criminals because of it, as Proofpoint researchers have discovered Continue Reading

Emotet has commanding lead on Check Point monthly threat chart

Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics Continue Reading

CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading

CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading

Analysts confirm return of REvil ransomware gang

Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks Continue Reading

Cyber accreditation body Crest forges new training partnerships

Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading

CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

The spies who hack you – the growing threat of spyware

In this week’s Computer Weekly, after 10 Downing Street was hit by a spyware attack, fears about targeted mobile phone hacks are increasing. Our salary survey highlights the diversity challenge in IT, with men’s support for women in IT declining. And we look at how datacentre heat reuse can help reduce carbon emissions. Read the issue now. Continue Reading

CyberUK 22: NCSC’s ACD programme blocks 2.7 million scams

On the opening day of its annual CyberUK event, the NCSC reveals how organisations around the country have used its Active Cyber Defence programme to their advantage Continue Reading

IT infrastructure used to launch DDoS attack on Russian targets

Organisations could unwittingly be participating in hostile activity against the Russian government as compromised IT infrastructure is used without their knowledge to launch denial of service attacks Continue Reading

Five companies join NCSC for Startups to deal with ransomware

The NCSC has invited five startups to join the NCSC for Startups programme to develop tech that can help deal with the threat of ransomware Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

NHS email accounts hijacked for phishing campaign

Microsoft credentials targeted in phishing operation using hijacked NHSMail accounts Continue Reading

Intellectual property theft operation attributed to Winnti group

Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property Continue Reading

PeerGFS to add AI/ML anomaly detection to distributed file system product

Peer will add AI/ML-based anomaly detection as it ramps up security protection in its PeerGFS distributed file management software, with Linux server support also to come in 2022 Continue Reading

Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading

Information security in 2022 – managing constant change

It’s been an unprecedented couple of years for everyone – but a particularly frantic one for cyber security leaders. The pandemic led to a huge rise in remote working, with all the extra risks involved in putting users outside the corporate perimeter. The home environment then became a new attack vector, and as a result there was a huge increase in ransomware, affecting individuals and enterprises. And then, just as lockdowns started to ease, Russia’s invasion of Ukraine brought new nation-state threats that may yet become even more serious. For chief information security officers (CISOs), managing constant change and emerging threats is becoming the norm. In this essential guide to information security in 2022, we examine the key strategies, latest innovations and leadership insights – and highlight the importance of collaboration across the cyber community to keep everyone secure. Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Ransomware recovery costs dwarf actual ransoms

The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data Continue Reading

Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading

Russia plumbs new depths in cyber war on Ukraine

Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign Continue Reading

Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading

Russia-supporting cyber crime gang claims Coca-Cola as victim

Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off Continue Reading

Leeds Beckett’s ethical hacking platform wins Innovate UK backing

An ethical hacking and cyber education platform developed at Leeds Beckett University has received a major funding boost to help it launch commercially Continue Reading

Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading

Emotet tests new tricks to thwart enhanced security

The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users Continue Reading

Coralogix makes foray into cyber security with Snowbit

Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Sophos soaks up SOC.OS

Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services Continue Reading

Mimecast makes deeper push into ASEAN

Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region Continue Reading

What’s up with Conti and REvil, and should we be worrying?

New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back Continue Reading

UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading

Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading

Five Eyes in new Russia cyber warning

Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading

India’s cyber security industry doubles in size during the Covid-19 pandemic

India’s revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitisation and regulatory attention on data and privacy Continue Reading

CW APAC: Trend Watch: Cyber security

Protection from malicious actors has become a critical consideration for organisations in recent years. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at how to minimise edge security risks, India’s rise in cyber security revenues, Check Point’s sales force and partner ecosystem processes, and Trellix’s decision to democratise XDR access Continue Reading

One-third of scams that hit TSB are impersonation fraud

TSB reports an increase in fraudsters impersonating trusted organisations to trick consumers into making payments to them Continue Reading

Home secretary Priti Patel to decide whether to extradite Assange

Home secretary will decide in four weeks whether to approve Julian Assange’s extradition to the US, where he faces espionage and hacking charges Continue Reading

AWS fixes vulnerabilities in Log4Shell hot patch

AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Median threat actor ‘dwell time’ dropped during 2021

Security teams appear to be getting better at detecting attackers within their networks, according to a report Continue Reading

Lack of expertise hurting UK government’s cyber preparedness

UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report Continue Reading

Kyndryl kindles cyber incident recovery pact with Dell

IBM spin-out Kyndryl hops into bed with Dell Technologies in a joint cyber resilience proposition Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant

Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack

Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief Continue Reading

Universal IAM policy failings put cloud environments at risk

Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading

Multiple arrests made in RaidForums takedown

A Portuguese national and a 21-year-old man from Croydon are among a number of individuals arrested ahead of the closure of RaidForums by police Continue Reading

Sandworm rolls out Industroyer2 malware against Ukraine

A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT Continue Reading

Singapore to start licensing cyber security service providers

Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading

Open source CMS platform Directus patches XSS bug

A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading

We must target a broad church to fill vacant cyber roles

The security industry focuses a lot on cyber-specific specialisms and technical skills, but it could really benefit from widening its search. Take it from a social anthropologist Continue Reading

Raspberry Pi Foundation ditches default username policy

Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices Continue Reading

Nordic countries discuss joint cyber defence capability

Nordic countries are in talks to increase their cyber defences in the face of the threat from Russia Continue Reading

EncroChat: France says ‘defence secrecy’ in police surveillance operations is constitutional

Constitutional court finds that invoking ‘defence secrecy’ to withhold information about the state hacking of EncroChat cryptophones is constitutional. Defence lawyers now head for the supreme court Continue Reading

Ukrainian cyber criminal gets five years in jail

A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Apple criticised over unpatched CVEs in Catalina, Big Sur

Apple patched two zero-days in macOS Monterey last week, but did not address the same issue in Catalina or Big Sur, raising questions Continue Reading

Denonia malware may be first to target AWS Lambda

The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind Continue Reading

Hydra takedown merely shifts cyber criminal problem elsewhere

The seizure of the Hydra dark web marketplace is a positive development in the fight against cyber crime, but will only be a temporary setback for determined criminals Continue Reading

Secrecy over police EncroChat hacking is unconstitutional, defence lawyers tell top French court

France’s constitutional court, the Conseil Constitutionnel, has heard arguments that the use of ‘defence secrecy’ to withhold information about police surveillance operations breaches the French constitution Continue Reading

Discount retailer The Works hit by cyber attack

A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature Continue Reading

Triple-threat Borat malware no joke for victims

Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros Continue Reading

IBM z16 tackles financial fraud and quantum hacks

New addition to Z series mainframe family uses IBM Telum processor to accelerate AI for real-time credit card fraud detection Continue Reading

How remote browser isolation can mitigate cyber threats

Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device Continue Reading

Two teenagers charged with Lapsus$ cyber attacks

City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree Continue Reading

Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading

Apple drops emergency patches for two zero-days

Apple has fixed two zero-day vulnerabilities that appear to have been actively exploited in the wild Continue Reading

Global upheaval shows cyber security isn’t good enough, says GCHQ director

Generational global upheaval has laid bare significant gaps in national cyber strategies, GCHQ chief Jeremy Fleming has said in a speech Continue Reading