News
Data breach incident management and recovery
-
August 28, 2020
28
Aug'20
Benefit fraud: Underground trade in stolen identities revealed
A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds
-
August 26, 2020
26
Aug'20
Avaddon ransomware operators having a go at double extortion
The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm
-
August 25, 2020
25
Aug'20
North Korea’s Lazarus targets cryptocurrency vertical
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research
-
August 21, 2020
21
Aug'20
Australian regulator sues RI Advice for cyber security lapses
The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives
-
August 20, 2020
20
Aug'20
Social media data leak highlights murky world of data scraping
A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it
-
August 19, 2020
19
Aug'20
Marriott slapped with class action lawsuit over 2018 breach
Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period
-
August 18, 2020
18
Aug'20
Carnival cruise lines hit by ransomware, customer data stolen
Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack
-
August 14, 2020
14
Aug'20
US decision to file new charges against Julian Assange ‘astonishing and potentially abusive’
Lawyer for WikiLeaks founder slams US decision to serve a second indictment at the 11th hour alleging that Assange conspired with hackers, as a potential abuse of process
-
August 14, 2020
14
Aug'20
Russia’s Fancy Bear targets Linux environments with Drovorub malware
The Russian intelligence-linked Fancy Bear group is deploying a new malware called Drovorub against Linux environments as part of a cyber espionage operation, according to US warnings
-
August 13, 2020
13
Aug'20
APAC consumers do not feel responsible for data security
Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on
-
August 12, 2020
12
Aug'20
How Dharma ransomware became an effective services business
New research looks under the bonnet of a Dharma ransomware attack, with the ransomware's ease of use being particularly dangerous for small to medium-sized enterprises
-
August 12, 2020
12
Aug'20
Security training body Sans Institute hit by data breach
Around 28,000 items of personally identifiable data were lost in a phishing attack on Sans, proving that even the professionals can be caught out
-
August 11, 2020
11
Aug'20
NHS hit by thousands of malicious emails at height of pandemic
The NHS received nearly 30,000 malicious emails at the height of the Covid-19 pandemic in March and April
-
August 11, 2020
11
Aug'20
Coronavirus: Phishing lures pivot to exploit vaccine hopes
Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19
-
August 10, 2020
10
Aug'20
Retailer Monsoon allegedly exposing data via Pulse Connect server
A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures
-
August 07, 2020
07
Aug'20
Capital One hit with $80m fine by US regulators over 2019 data breach
US regulator imposes fine over data breach that affected 106 million Capital One customers in the US and Canada
-
August 06, 2020
06
Aug'20
Canon said to be latest Maze ransomware victim
Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang
-
August 05, 2020
05
Aug'20
Second wave of Covid-19 cyber attacks locked in
More cyber attacks exploiting the pandemic seem likely, says Interpol
-
August 04, 2020
04
Aug'20
Five signs you’re about to get hit with ransomware
A series of Sophos reports on the ransomware threat landscape shows how security professionals can sniff out a potential ransomware attack before it happens
-
August 04, 2020
04
Aug'20
Liam Fox hack raises questions over government security
The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government
-
August 02, 2020
02
Aug'20
More data breaches from ransomware attacks in Australia
The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner
-
July 31, 2020
31
Jul'20
Labour Party is latest victim of Blackbaud ransomware attack
Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour
-
July 31, 2020
31
Jul'20
Twitter confirms it was hit by targeted spearphishing attack
Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident
-
July 31, 2020
31
Jul'20
EU sanctions China and Russia over cyber attacks
The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU
-
July 30, 2020
30
Jul'20
List of Blackbaud breach victims tops 120
More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform
-
July 29, 2020
29
Jul'20
Majority of organisations at risk of cloud data exposure
Report casts doubt on the effectiveness of the shared responsibility model of cloud security
-
July 29, 2020
29
Jul'20
Cosmetics firm Avon faces new cyber security incident
Technical information relating to Avon’s web and mobile sites was inadvertently left exposed on an unsecured Microsoft Azure server
-
July 28, 2020
28
Jul'20
De Montfort, KCL, Newcastle universities join list of Blackbaud victims
Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities
-
July 28, 2020
28
Jul'20
Garmin may have paid hackers ransom, reports suggest
Garmin’s services are coming back online, but the company remains tight-lipped about what exactly happened to it
-
July 28, 2020
28
Jul'20
NCSC names national security expert Lindy Cameron as new CEO
New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad
-
July 26, 2020
26
Jul'20
Australia issues new cloud computing guidelines
The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience
-
July 24, 2020
24
Jul'20
Garmin outage prompts ransomware attack speculation
Details are thin on the ground following a major service outage at Garmin, prompting industry speculation that the firm has fallen victim to a ransomware attack
-
July 24, 2020
24
Jul'20
A question of trust: University and supplier on the hook for data breach
Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions
-
July 22, 2020
22
Jul'20
NCSC reveals scale of cyber attacks on UK sports industry
The UK’s sports industry is under near constant cyber attack, according to new statistics from the National Cyber Security Centre
-
July 22, 2020
22
Jul'20
No let-up in cyber attacks as lockdown eases
Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors
-
July 22, 2020
22
Jul'20
US charges Chinese nationals with Covid-19 research hacking
The two hackers allegedly worked with the Chinese Ministry of State Security, targeting intellectual property and confidential business information
-
July 21, 2020
21
Jul'20
Russia Report reveals long-running cyber warfare campaign against UK
Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report
-
July 21, 2020
21
Jul'20
Australian industry panel calls for ‘clear consequences’ of cyber attacks
A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy
-
July 20, 2020
20
Jul'20
Test and Trace programme unlawful, admits government
The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment
-
July 17, 2020
17
Jul'20
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come
-
July 16, 2020
16
Jul'20
Russian state hackers attacking Covid-19 researchers
Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world
-
July 16, 2020
16
Jul'20
Cryptocurrency scammers attack Twitter in insider breach
Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam
-
July 16, 2020
16
Jul'20
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic
-
July 15, 2020
15
Jul'20
Video providers slammed by credential stuffing attacks
Attacks on the media sector are spiking as cyber criminals try to gain access to valuable consumer accounts
-
July 14, 2020
14
Jul'20
Recon vulnerability puts thousands of SAP customers at risk
Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems
-
July 14, 2020
14
Jul'20
‘Name-and-shame’ ransomware attacks increasing in prevalence
Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research
-
July 14, 2020
14
Jul'20
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country
-
July 13, 2020
13
Jul'20
NCSC launches pen testing service for remote workers
An expansion to the successful Exercise in a Box toolkit will enable SMEs to probe the cyber security defences of remote workers
-
July 09, 2020
09
Jul'20
Clearview AI faces ICO investigation over facial recognition
Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices
-
July 09, 2020
09
Jul'20
Most finance firms are multicloud, but many are unprepared for public cloud cyber attacks
Financial services firms are moving to the cloud at pace, but many are uncertain whether they could cope with an attack on an application based in the public cloud