News

Data breach incident management and recovery

• March 16, 2022 16 Mar'22

  SentinelOne adds Attivo Networks to identity portfolio

  SentinelOne adds identity threat detection and response technology to its cyber portfolio, saying it will benefit zero-trust adoption among its customers

• March 16, 2022 16 Mar'22

  CaddyWiper is fourth new malware linked to Ukraine war

  ESET’s cyber security analysts have identified yet another destructive wiper malware being used against targets in Ukraine

• March 11, 2022 11 Mar'22

  Kaspersky forced to deny source code leak

  Kaspersky says an alleged leak of its source code was in fact material anyone could have gleaned from its public servers

• March 10, 2022 10 Mar'22

  Government to force tech firms to stop fraudsters using their platforms for scams

  Changes to legislation will make social media and search engine firms responsible for preventing fraudsters using their platforms to commit crimes

• March 09, 2022 09 Mar'22

  China’s APT41 exploited Log4j within hours

  APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims

• March 08, 2022 08 Mar'22

  Google buys Mandiant for £4bn

  Acquisition will see cyber defence and threat intelligence specialist folded into Google Cloud’s security suite

• March 03, 2022 03 Mar'22

  Boardroom does not see ransomware as a priority

  Less than a quarter of company directors think ransomware is a top priority for their security teams, according to Egress

• March 03, 2022 03 Mar'22

  Direct action is a risky business for Ukraine's volunteer hackers

  Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea

• March 01, 2022 01 Mar'22

  Toyota production to resume after supply chain attack

  Toyota production has been set back by over 10,000 vehicles following a cyber attack on a critical components supplier in Japan

• March 01, 2022 01 Mar'22

  BBC blasted with millions of malicious emails

  Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day

• March 01, 2022 01 Mar'22

  ESET details new IsaacWiper malware used on Ukraine

  Having been among the first to report on the HermeticWiper malware used against Ukraine last week, ESET has now identified another destructive malware called IsaacWiper

• February 28, 2022 28 Feb'22

  Ukraine cyber attacks seen spiking, but no destructive cyber war yet

  While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region

• February 28, 2022 28 Feb'22

  Cloudflare: Our network is our product

  Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats

• February 25, 2022 25 Feb'22

  Mass phishing attacks against Ukrainian citizens reported

  The Ukrainian cyber authorities are alerting people located in the country to be alert to phishing attacks

• February 24, 2022 24 Feb'22

  Researchers link Dridex botnet to emergent Entropy ransomware

  A little-known new ransomware called Entropy contains significant code similarities to the general purpose Dridex botnet, suggesting some kind of link between the two

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  New wave of cyber attacks on Ukraine preceded Russian invasion

  A wave of DDoS attacks, and a second data wiper attack, were seen hitting Ukraine in the hours leading up to the Russian invasion

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  DCMS launches free cyber skills platform for kids

  Government introduces free online cyber skills training for schoolchildren to encourage them into cyber security roles in the future and help address the skills gap

• February 23, 2022 23 Feb'22

  Backups ‘no longer effective’ for stopping ransomware attacks

  Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 22, 2022 22 Feb'22

  UK organisations swift to chide phishing victims

  While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 21, 2022 21 Feb'22

  UK joins US in pinning Ukraine DDoS attacks on Russia

  A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action

• February 18, 2022 18 Feb'22

  UK organisations untroubled by Trickbot surge

  A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  DDoS attacks hit Ukrainian defence ministry and banks

  A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region

• February 16, 2022 16 Feb'22

  BlackCat ransomware gang claims responsibility for Swissport attack

  Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 15, 2022 15 Feb'22

  Botched third-party configuration exposes Internet Society data to web

  Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage

• February 15, 2022 15 Feb'22

  Parasol data breach: Frustrated IT contractors dig into the dark web in search of their data

  The emergence on the dark web of passports, payslips and other personal documents belonging to contractors affected by the cyber attack and subsequent data breach at Parasol is prompting group actions and forcing some IT contractors to find out for ...

• February 15, 2022 15 Feb'22

  China emerges as leader in vulnerability exploitation

  Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 11, 2022 11 Feb'22

  Why security professionals should pay attention to what Russia is doing

  Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to

• February 11, 2022 11 Feb'22

  Hackney Council could be forced to answer questions about IT security training after Psya ransomware

  Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic

• February 09, 2022 09 Feb'22

  Ransomware ever more sophisticated and impactful, warns NCSC

  UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs

• February 08, 2022 08 Feb'22

  DPD delivers swift fix for serious API flaw

  API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 08, 2022 08 Feb'22

  Parasol data breach: Contractors rage as fallout from umbrella cyber attack continues

  Contractors working for the Parasol umbrella company are querying why it has taken so long for news of the firm's data breach, which is linked to a cyber attack on its systems five weeks ago, to come to light

• February 07, 2022 07 Feb'22

  Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago

  In an email to contractors sent out earlier today, umbrella company confirmed some data had been accessed and shared online in the wake of last month’s suspected ransomware attack on its systems

• February 07, 2022 07 Feb'22

  Airport services firm thwarts attempted ransomware heist

  Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack

• February 04, 2022 04 Feb'22

  Cyber attacks on European oil facilities spreading

  Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them

• February 04, 2022 04 Feb'22

  Check Point looks to plug ASEAN’s cyber security gap

  Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors

• February 03, 2022 03 Feb'22

  Brookson and Parasol cyber attacks: Contractor complaints about delayed payments continue

  Several weeks on from the suspected ransomware attack that blighted two of the umbrella industry’s biggest players, contractors are still chasing their missing money

• February 02, 2022 02 Feb'22

  Reforms needed to tackle economic crime, says Treasury Committee

  The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action

• February 02, 2022 02 Feb'22

  British Council data exposed by third-party cyber failure

  The British Council entrusted confidential data on its students to a third-party and was let down

• February 01, 2022 01 Feb'22

  German fuel supplier taken offline in cyber attack

  Cyber attack against Germany’s Oiltanking, a major fuel logistics company, affects 13 distribution terminals across Germany, in an incident with echoes of last year’s hit on Colonial Pipeline