News

Data breach incident management and recovery

• October 26, 2021 26 Oct'21

  Lacework expands into ANZ, eyes APAC market

  DevSecOps supplier Lacework’s expansion into Australia and New Zealand will pave the way for a broader move into the Asia-Pacific region

• October 13, 2021 13 Oct'21

  Google Cybersecurity Action Team springs into life

  Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 11, 2021 11 Oct'21

  Malaysia’s highway authority improves DR capabilities

  The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster-recovery-as-a-service offering powered by Veeam software

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 08, 2021 08 Oct'21

  Craft beer specialist Brewdog fixes serious app vulnerability

  Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers

• October 08, 2021 08 Oct'21

  Fast-moving Ryuk campaign targets healthcare organisations

  Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 07, 2021 07 Oct'21

  Twitch data breach investigations continue

  Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Apache web server users urged to patch immediately

  New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately

• October 05, 2021 05 Oct'21

  New Python-based ransomware attacks unfold in record time

  Sophos researchers detail a new variety of Python-based ransomware attack targeting VMware ESXi-hosted VMs

• October 04, 2021 04 Oct'21

  Mandiant name returns to fore ahead of FireEye sale

  Mandiant has completed its corporate rebrand pending the imminent sale of the FireEye products business to a private equity group

• October 04, 2021 04 Oct'21

  Two arrests made in European ransomware investigation

  Unnamed ransomware operation was disrupted last week in Kiev, Ukraine, following a coordinated investigation

• October 01, 2021 01 Oct'21

  JVCKenwood hit by Conti ransomware attack

  Nearly 2TB of data was stolen from Japanese electronics firm in a Conti ransomware hit

• October 01, 2021 01 Oct'21

  IR35: Giant Group cyber attack prompts renewed calls for statutory regulation of umbrella companies

  As details about the fallout from the cyber attack on the Giant Group umbrella company emerge, stakeholders say the incident should prompt the government to expedite regulating contractor payroll processing firms

• September 29, 2021 29 Sep'21

  FoggyWeb malware latest tool of dangerous Nobelium APT

  Microsoft’s threat intelligence team warns of a new strain of malware being used by the Russia-linked Nobelium APT

• September 29, 2021 29 Sep'21

  The Security Interviews: How SolarWinds came through its darkest hour

  In his first major UK press interview, SolarWinds CEO Sudhakar Ramakrishna tells Computer Weekly how a relentless focus on transparency saw the company safely through a nightmare cyber breach scenario

• September 29, 2021 29 Sep'21

  UK consumer trust in banks, retailers and telcos declines as scams increase

  Consumers are blaming banks, retailers and social media for the huge increase in online scams, survey shows

• September 28, 2021 28 Sep'21

  How one red team exercise averted a new SolarWinds-style attack

  Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack

• September 27, 2021 27 Sep'21

  Women and BAME people bear brunt of cyber crime impact

  Cyber crime has a disproportionate impact on women and BAME people, according to a new report

• September 27, 2021 27 Sep'21

  Giant Umbrella contractors suffer salary payment delays following suspected ‘data breach’

  Following the discovery of “suspicious network activity” in its systems, payroll processing firm Giant Umbrella has taken itself offline, leaving contractors to fume over missing salary payments

• September 24, 2021 24 Sep'21

  How Australia punches above its weight in cyber security

  Australia is playing to its strengths in niche areas such as governance and deep tech to punch above its weight in the cyber security industry

• September 23, 2021 23 Sep'21

  Fresh alert over Conti ransomware surge

  Conti ransomware crew appears increasingly active, prompting fresh warnings from the US authorities

• September 23, 2021 23 Sep'21

  MoD in second leak of Afghan citizens’ data

  A second breach of data relating to Afghan citizens at risk of Taliban reprisals has been reported by the Ministry of Defence

• September 21, 2021 21 Sep'21

  US sanctions Suex crypto exchange over ransomware links

  US Treasury cracks down on cryptocurrency exchange that supposedly facilitated proceeds from multiple ransomware gangs

• September 21, 2021 21 Sep'21

  Investigation launched after MoD email blunder

  Exposure of PII on Afghan interpreters who worked with the UK may put hundreds at risk of Taliban reprisals

• September 21, 2021 21 Sep'21

  BlackMatter gang ramps up attacks on multiple victims

  A wave of new BlackMatter ransomware attacks is hitting organisations around the world, even as the US authorities mull new sanctions on ransom payment infrastructure

• September 16, 2021 16 Sep'21

  Dutch education administrators underestimate threat of cyber crime

  Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks

• September 16, 2021 16 Sep'21

  Bitdefender launches free REvil ransomware decryptor

  Working alongside law enforcement partners, Bitdefender has developed and released a tool to help REvil victims recover their data for free

• September 16, 2021 16 Sep'21

  Travel-themed phishing lures spiked this summer

  As people begin to take holidays again after more than a year of restrictions and lockdowns, opportunist cyber criminals have taken note, according to new data from Palo Alto’s Unit 42

• September 15, 2021 15 Sep'21

  Australia and Singapore have higher incidences of insecure databases

  Five-year longitudinal study by Imperva shows the proportion of databases with at least one known vulnerability in Australia and Singapore are among the world’s highest

• September 14, 2021 14 Sep'21

  Mass health tracker data breach has UK impact

  The leak of a database of 61 million users of health-tracking devices includes records on individuals located in the UK

• September 14, 2021 14 Sep'21

  Cost of ransomware attack in financial sector exceeds $2m

  Mid-sized financial services organisations worldwide spend an average of over $2m recovering from ransomware attacks

• September 14, 2021 14 Sep'21

  Apple patches ForcedEntry vulnerability used by spyware firm NSO

  Apple patches ForcedEntry vulnerability that was used to target political activists with spyware

• September 13, 2021 13 Sep'21

  Olympus likely victim of BlackMatter ransomware

  Key IT systems remain shut off at Olympus, five days after what seems to have been a BlackMatter ransomware attack

• September 09, 2021 09 Sep'21

  UK GDPR faces changes under planned reforms

  DCMS is launching a major consultation on proposed changes to the UK’s data protection regime, under which several key elements of the GDPR are likely to change

• September 08, 2021 08 Sep'21

  REvil reappearance may herald new ransom campaigns

  The re-emergence of the infamous REvil ransomware gang is a likely sign that more high-profile attacks will unfold over the coming weeks

• September 08, 2021 08 Sep'21

  Stolen credit card data worth about £13 on dark web, PayPal worth more

  The average price of a stolen credit card on a dark web marketplace comes in at around $17.40, or £12.60, according to new data – but the real money for cyber criminals is in hacked PayPal accounts

• September 07, 2021 07 Sep'21

  OT security in APAC remains work in progress

  Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges

• September 03, 2021 03 Sep'21

  Mandiant, Sophos detail dangerous ProxyShell attacks

  Threat researchers and incident responders continue to track threat activity around the dangerous ProxyShell Microsoft Exchange vulnerabilities, including impactful ransomware hits

• September 03, 2021 03 Sep'21

  China accused of cyber attacks on Norwegian IT systems

  China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway

• September 02, 2021 02 Sep'21

  Finance firms faced up to £760,000 costs per DNS attack during pandemic

  Financial services firms have been the focus of attacks by cyber criminals during the Covid-19 crisis

• September 01, 2021 01 Sep'21

  Experts warn on Office 365 phishing attacks

  Newly observed campaign is particularly dangerous because it appears to neutralise one of the most widely known anti-phishing techniques

• August 31, 2021 31 Aug'21

  GovTech launches vulnerability rewards programme

  Vulnerability rewards programme will offer rewards ranging from $250 to $5,000 to white hat hackers who find vulnerabilities in critical government systems

• August 27, 2021 27 Aug'21

  Are proposed data protection changes a threat to UK citizens’ privacy?

  Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth

• August 26, 2021 26 Aug'21

  Tech giants commit to Biden's cyber security action plan

  Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden