News

Data breach incident management and recovery

• June 04, 2020 04 Jun'20

  Dutch organisations invest heavily in compliance – but in vain

  Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment

• June 04, 2020 04 Jun'20

  Data privacy groups pile in on UK contact-tracing app

  UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app

• June 03, 2020 03 Jun'20

  Sodinokibi data auctions highlight changing criminal tactics

  The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic?

• June 01, 2020 01 Jun'20

  How managed threat hunting helps bust malicious insiders

  Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending

• May 29, 2020 29 May'20

  Test and Trace has not passed data protection impact assessment

  Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme

• May 29, 2020 29 May'20

  Singapore’s contact-tracing app tops privacy study

  Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds

• May 25, 2020 25 May'20

  Coronavirus: Australia calls for stronger defences amid cyber attacks

  The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector

• May 22, 2020 22 May'20

  EasyJet to be sued over customer data breach

  If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn

• May 20, 2020 20 May'20

  Serco exposes contact tracers’ data in email error

  Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message

• May 20, 2020 20 May'20

  Personal devices putting Singapore employers at risk

  More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats

• May 19, 2020 19 May'20

  Cancelled NCSC CyberUK event gets green light for 2021

  The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales

• May 19, 2020 19 May'20

  GDPR wholly inappropriate to govern contact-tracing data

  Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Doubts mount over effectiveness of UK contact-tracing app

  Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app

• May 19, 2020 19 May'20

  Nine million EasyJet customer details lost in data breach

  Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline

• May 19, 2020 19 May'20

  Sodinokibi cyber criminals plot to ‘auction’ Madonna data

  The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time

• May 19, 2020 19 May'20

  Vast majority of cyber attacks are easy to stop, says Verizon

  Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it

• May 15, 2020 15 May'20

  Questions raised after UK’s electrical grid shrugs off cyber attack

  Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse

• May 15, 2020 15 May'20

  Law firm hackers threaten to release dirt on Trump

  A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts

• May 14, 2020 14 May'20

  China targeting Covid-19 researchers through IT suppliers, claims US

  The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China

• May 13, 2020 13 May'20

  Report reveals inadequate cyber security at Schiphol Airport

  A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport

• May 13, 2020 13 May'20

  Nation state APT groups prefer old, unpatched vulnerabilities

  The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list

• May 13, 2020 13 May'20

  Can Lady Gaga and Madonna get people to take security seriously?

  What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers

• May 12, 2020 12 May'20

  Draft Covid-19 contact tracing legislation proposes formal oversight

  Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app

• May 12, 2020 12 May'20

  Pay the ransom and double your recovery costs, report warns

  Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos

• May 12, 2020 12 May'20

  APAC firms still coming to grips with data protection

  More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain

• May 12, 2020 12 May'20

  Maze ransomware attack will cost Cognizant at least $50m to $70m

  Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold

• May 12, 2020 12 May'20

  How Australian firms can plug data protection gaps

  Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene

• May 11, 2020 11 May'20

  Pitney Bowes hit by Maze in second ransomware attack in a year

  Shipping services firm falls victim to Maze ransomware just seven months after a previous major attack

• May 07, 2020 07 May'20

  SilverTerrier cyber crime group targets Covid-19 key workers

  Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang

• May 06, 2020 06 May'20

  Criminal justice system is failing cyber crime victims

  Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study

• May 05, 2020 05 May'20

  Coronavirus: NCSC issues urgent alert for healthcare sector

  UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations

• May 05, 2020 05 May'20

  GoDaddy owns up to October 2019 data breach

  Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts

• May 05, 2020 05 May'20

  Building security and privacy into contact-tracing apps

  Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA

• May 04, 2020 04 May'20

  Xen Orchestra latest victim of Salt cryptojackers

  More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward

• May 04, 2020 04 May'20

  NHSX contact-tracing app needs legislative oversight

  Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app

• May 04, 2020 04 May'20

  Blogging platform Ghost hacked through Salt vulnerability

  Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability

• May 04, 2020 04 May'20

  IT Priorities 2020: Compliance and risk are top security concerns

  When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study

• May 04, 2020 04 May'20

  Research institutes warn of necessity for UK contact-tracing app to link to testing

  BCS and Cass Business School call for proposed UK contact-tracing app not to be launched without alignment to testing and warns that without this link, NHS will not be able to “big data” its way out of “no data” situation

• April 30, 2020 30 Apr'20

  Cyber security skills courses go online during pandemic

  The government is turning to online learning to find the next generation of cyber security talent

• April 30, 2020 30 Apr'20

  Critical SaltStack vulnerability affects thousands of datacentres

  Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away

• April 29, 2020 29 Apr'20

  Coronavirus: GCHQ gets access to NHS data to beef up security

  Health secretary gave GCHQ emergency powers to obtain information relating to the security of its networks and IT systems at the beginning of April, it has emerged

• April 24, 2020 24 Apr'20

  The Security Interviews: Can AV go from dodgy scareware to cyber hero?

  Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

• April 23, 2020 23 Apr'20

  Ransomware-stricken Travelex up for sale

  Travelex’s parent Finablr is washing its hands of the ransomware-stricken forex provider as it struggles with the twin shocks of the Covid-19 pandemic and a developing fraud scandal

• April 22, 2020 22 Apr'20

  NCSC overwhelmed by response to coronavirus campaign

  The UK’s NCSC has taken down more than 80 malicious web campaigns and received 5,000 reports of suspicious emails within 24 hours of launching reporting service

• April 21, 2020 21 Apr'20

  When data protection is not enough

  Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy

• April 20, 2020 20 Apr'20

  IT services company Cognizant warns customers after ‘Maze’ ransomware attack

  US IT services company Cognizant alerts customers after the Maze ransomware group launches a cyber attack

• April 20, 2020 20 Apr'20

  Dutch organisations address business email compromise fraud

  Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks

• April 16, 2020 16 Apr'20

  Check Point sounds alarm over double extortion ransomware threat

  Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard

• April 16, 2020 16 Apr'20

  NHS Wales to get free security services during coronavirus pandemic

  NHS Wales Informatics Services enlists Thales to help it face down security threats and let its teams focus on the Covid-19 coronavirus crisis

• April 15, 2020 15 Apr'20

  Coronavirus: ICO temporarily relaxes regulatory approach

  The Information Commissioner’s Office sets out a revised approach to its regulatory duties during the Covid-19 coronavirus pandemic