News

Data breach incident management and recovery

• September 22, 2022 22 Sep'22

  ALPHV/BlackCat ransomware family becoming more dangerous

  Researchers from Symantec share fresh insight into the ongoing development of the ransomware-as-a-service family known variously as ALPHV, BlackCat and Noberus

• September 21, 2022 21 Sep'22

  NCSC publishes cyber guidance for retailers

  The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime

• September 20, 2022 20 Sep'22

  Thousands of customers affected in Revolut data breach

  Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack

• September 20, 2022 20 Sep'22

  IHG attackers phished employee to deploy destructive wiper

  A couple from Vietnam who claim to be behind a destructive wiper cyber attack on hotel operator IHG told the BBC how they orchestrated their operation

• September 20, 2022 20 Sep'22

  Reports Uber and Rockstar incidents work of same attacker

  Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber

• September 16, 2022 16 Sep'22

  Uber suffers major cyber attack

  Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist

• September 15, 2022 15 Sep'22

  Nominations closing soon for annual cyber awards

  Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September

• September 15, 2022 15 Sep'22

  New player pioneers ‘active cyber insurance’ for UK market

  Arrival of US-based insurer Coalition in London will supposedly offer SMEs more options when it comes to cyber security insurance

• September 15, 2022 15 Sep'22

  US charges three Iranians over CNI cyber attacks

  Three Iranian nationals have been indicted over a spate of ransomware attacks against organisations in the US, UK, Israel and Iran

• September 14, 2022 14 Sep'22

  Ex-CISA head Krebs: Disrupt ransomware support networks to win the war

  Speaking at an event hosted by data protection specialist Rubrik, former CISA director Chris Krebs calls for the security community to work collectively to kick out the supports from under ransomware gangs

• September 14, 2022 14 Sep'22

  DDoS attacks on UK financial sector surged during Ukraine war

  A quarter of cyber security incidents reported to the Financial Conduct Authority in the first six months of 2022 involved DDoS, with a likely link to events in Ukraine

• September 13, 2022 13 Sep'22

  Cisco confirms leaked data was stolen in Yanluowang ransomware hit

  Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack

• September 13, 2022 13 Sep'22

  Multi-persona impersonation adds new dimension to phishing

  Iranian APT used multiple personas on a single email thread to convince targets of the legitimacy of its phishing lures

• September 12, 2022 12 Sep'22

  Mandiant floats off into Google Cloud

  As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business

• September 12, 2022 12 Sep'22

  CISOs should spend on critical apps, cloud, zero-trust, in 2023

  Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts

• September 08, 2022 08 Sep'22

  Chinese APT using PlugX malware on espionage targets

  China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit

• September 08, 2022 08 Sep'22

  Dutch cyber security organisations to join forces

  Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into

• September 07, 2022 07 Sep'22

  Albania cuts diplomatic ties with Iran after cyber attack

  In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran

• September 07, 2022 07 Sep'22

  August ’22 a bumper month for high-impact vulnerabilities

  Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future

• September 07, 2022 07 Sep'22

  Prince’s Trust teams with threat management specialist in skills push

  Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry

• September 07, 2022 07 Sep'22

  Hotel group IHG confirms cyber attack after two-day outage

  IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor

• September 07, 2022 07 Sep'22

  Cyber threats to Europe’s grid: Utilities rethink strategy

  The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals

• September 06, 2022 06 Sep'22

  Bus company Go-Ahead fighting off cyber attack

  Go-Ahead Group, which operates bus companies around the UK, says it is in the process of dealing with a cyber attack that may cause disruption to services

• September 06, 2022 06 Sep'22

  Saudi Arabian organisations choose to outsource to improve cyber security posture

  Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security

• September 05, 2022 05 Sep'22

  How Okta is regaining customer trust after a cyber attack

  In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident

• September 01, 2022 01 Sep'22

  Local authorities experience 10,000 attempted cyber attacks every day

  Local authorities across the UK face a daily deluge of cyber incidents, with phishing and DDoS attacks the most prevalent, according to an insurance broker

• September 01, 2022 01 Sep'22

  Swedish Electronics Protection Act coincides with major cyber spend

  Swedish cyber security law comes at a time of heavy government investment

• September 01, 2022 01 Sep'22

  New (ISC)² cyber careers schemes go live

  (ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide

• August 31, 2022 31 Aug'22

  Norway has NOK200m plan to bolster cyber defences

  Norway is investing heavily in its cyber defences amid heightened threat from Russia

• August 31, 2022 31 Aug'22

  NHS staff fall further behind amid ransomware attack

  While some NHS bodies are now recovering their services after the ransomware attack on a crucial software supplier, others are still being forced to rely on pen and paper, and some will be waiting months to recover

• August 31, 2022 31 Aug'22

  Four years into GDPR, Norway hopes for safer data transfer to US

  Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority

• August 30, 2022 30 Aug'22

  IAM house Okta confirms 0ktapus/Scatter Swine attack

  Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard

• August 30, 2022 30 Aug'22

  LastPass breach limited in scale and well-managed, say experts

  A breach of LastPass’s developer environment does not seem to have affected users of the password management service, but it may still be time for a credential reset

• August 25, 2022 25 Aug'22

  Criminal 0ktapus spoofed IAM firm in massive phishing attack

  Researchers at Group-IB have published research on a major phishing campaign that ensnared victims at the likes of Cloudflare and Twilio

• August 25, 2022 25 Aug'22

  Adaptive RedAlert, Monster ransomwares go cross-platform

  Kaspersky researchers have shared new intelligence on two emergent cyber criminal groups that have adapted their ransomwares to target different operating systems at the same time

• August 25, 2022 25 Aug'22

  Millions of Plex users may be at risk in password breach

  Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor

• August 25, 2022 25 Aug'22

  LockBit 3.0 cements dominance of ransomware ecosystem

  Ransomware attacks were up 47% in July compared with the previous month, according to the latest threat data from NCC Group, with the LockBit family largely to blame

• August 24, 2022 24 Aug'22

  Most CISOs think they’ve been attacked by a nation state

  Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack

• August 23, 2022 23 Aug'22

  NCSC shares cyber guidance for large infrastructure builds

  Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects

• August 22, 2022 22 Aug'22

  Kaspersky threat data added to Microsoft Sentinel service

  Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service

• August 22, 2022 22 Aug'22

  Lloyd’s to end insurance coverage for state cyber attacks

  Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 18, 2022 18 Aug'22

  Ukraine war drives DDoS attack volumes ever higher

  There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity

• August 16, 2022 16 Aug'22

  South Staffs Water is victim of botched Clop attack

  South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault

• August 12, 2022 12 Aug'22

  Cyber criminal forum targets only Russia

  The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to be one of a kind

• August 12, 2022 12 Aug'22

  How critical infrastructure operators can secure OT data

  Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats

• August 11, 2022 11 Aug'22

  Researcher finds 10 vulnerabilities in Cisco firewalls

  At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches

• August 11, 2022 11 Aug'22

  Cisco averts cyber disaster after successful phishing attack

  A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage

• August 11, 2022 11 Aug'22

  NHS may take a month to recover from supply chain attack

  Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations