News

Data breach incident management and recovery

• November 08, 2023 08 Nov'23

  King’s Speech misses the mark on cyber law reform, says campaign

  A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress

• November 06, 2023 06 Nov'23

  Shadow IT use at Okta behind series of damaging breaches

  Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account

• November 06, 2023 06 Nov'23

  How Trellix’s CISO keeps threat actors at bay

  Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents

• November 02, 2023 02 Nov'23

  Admins told to take action over F5 Big-IP platform flaws

  Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild

• November 02, 2023 02 Nov'23

  UK workers exhibit poor security behaviours, report reveals

  Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working

• October 31, 2023 31 Oct'23

  British Library falls victim to cyber attack

  The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature

• October 31, 2023 31 Oct'23

  SEC sues SolarWinds, alleging serious security failures

  SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks

• October 27, 2023 27 Oct'23

  Domestic abuse charities surface fresh worries over NHS data sharing

  With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk

• October 27, 2023 27 Oct'23

  Microsoft warns over growing threat from Octo Tempest gang

  The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft

• October 27, 2023 27 Oct'23

  How Elastic manages cyber security threats

  Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings

• October 27, 2023 27 Oct'23

  Germany: European Court opinion kicks questions over EncroChat back to national courts

  Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts

• October 26, 2023 26 Oct'23

  ChatGPT, Bard, lack effective defences against fraudsters, Which? warns

  Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed

• October 26, 2023 26 Oct'23

  Exploitation of Citrix NetScaler vulns reaching dangerous levels

  Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked

• October 25, 2023 25 Oct'23

  UK Finance paints mixed picture of fraud as losses top £500m

  UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data

• October 25, 2023 25 Oct'23

  1Password caught up in Okta support breach

  After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems

• October 24, 2023 24 Oct'23

  Cisco hackers likely taking steps to avoid identification

  Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery

• October 24, 2023 24 Oct'23

  Research team tricks AI chatbots into writing usable malicious code

  Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 24, 2023 24 Oct'23

  Customers speak out over Okta’s response to latest breach

  Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired

• October 24, 2023 24 Oct'23

  NetApp ‘unified storage’ adds new ASA block storage at Insight

  Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements

• October 23, 2023 23 Oct'23

  Cisco pushes update to stop exploitation of two IOS XE zero-days

  Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software

• October 23, 2023 23 Oct'23

  How Ensign is leading the charge in cyber security

  Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem

• October 20, 2023 20 Oct'23

  RagnarLocker cyber gang that pioneered double extortion busted

  Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline

• October 19, 2023 19 Oct'23

  Fears grow over extent of Cisco IOS XE zero-day

  Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 18, 2023 18 Oct'23

  What are the cyber risks from the latest Middle Eastern conflict?

  The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations

• October 17, 2023 17 Oct'23

  Five Eyes issues five tips on thwarting nation state threats

  Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats

• October 10, 2023 10 Oct'23

  MGM faces £100m loss from cyber attack on its casinos

  MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m

• October 05, 2023 05 Oct'23

  Ransomware dwell times now measured in hours, says Secureworks

  Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• September 27, 2023 27 Sep'23

  Researchers offer free threat briefings on Vegas casino hackers

  Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment

• September 27, 2023 27 Sep'23

  City of Las Vegas masters cyber incident response with Darktrace

  The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence

• September 26, 2023 26 Sep'23

  Sony alleged victim of new extortion gang

  A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off

• September 26, 2023 26 Sep'23

  Cover-ups still the norm in the wake of a cyber incident

  Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report

• September 26, 2023 26 Sep'23

  Crest and IASME to deliver upcoming NCSC Cyber Exercise programme

  Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job

• September 21, 2023 21 Sep'23

  ‘Top’ ransomware gangs favour smaller businesses

  Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses

• September 20, 2023 20 Sep'23

  Organisations failing to proactively address insider cyber risk

  Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk

• September 19, 2023 19 Sep'23

  Okta confirms link to cyber attacks on Las Vegas casinos

  Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed

• September 19, 2023 19 Sep'23

  38TB Microsoft data leak highlights risks of oversharing

  An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing

• September 18, 2023 18 Sep'23

  Government seeks industry views on cyber threat to UK CNI

  The Science, Innovation and Technology Select Committee is seeking evidence from the cyber sector as it launches an inquiry into the resilience of the UK's critical national infrastructure

• September 15, 2023 15 Sep'23

  Las Vegas mainstay Caesars Palace likely paid off ransomware crew

  Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers

• September 15, 2023 15 Sep'23

  Manchester police data breach a classic supply chain incident

  The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force

• September 14, 2023 14 Sep'23

  Data on over 3,000 Airbus suppliers leaked after breach

  An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines

• September 14, 2023 14 Sep'23

  BlackCat on the hook for cyber attack that crippled Vegas casinos

  The ALPHV/BlackCat ransomware operation claimed responsibility for an attack that forced MGM Resorts to shut down systems at some of Las Vegas’ most popular gambling venues

• September 14, 2023 14 Sep'23

  Google, Microsoft and Mozilla push browser updates to foil zero-day

  A zero-day in Google’s Chrome browser was first reported by surveillance researchers at The Citizen Lab and Apple, but also affects other browsers

• September 13, 2023 13 Sep'23

  BianLian ransomware gang holds Save the Children hostage

  The dangerous and prolific BianLian ransomware gang claims to have stolen almost 7TB of data from NGO Save the Children, but thankfully the charity’s vital work on the ground appears to be unaffected

• September 13, 2023 13 Sep'23

  NCSC and ICO sign MoU to forge deeper collaborative links

  The scope of the MoU signed by the NCSC and the ICO includes collaboration on new cyber regulations and guidance, and how to support cyber attack victims appropriately and minimise regulatory penalties

• September 12, 2023 12 Sep'23

  US casino giant MGM Resorts battles 36-hour outage after cyber attack

  Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos

• September 11, 2023 11 Sep'23

  Professional ransomware gangs clearly a threat, but attacks can be easily stopped

  NCSC and NCA report reveals insight into business models and underpinnings of ransomware gangs and their affiliates, but also urges defenders to take heart, as stopping a ransomware attack is not that hard to do

• September 11, 2023 11 Sep'23

  Polish election questioned after Pegasus spyware used to smear opposition, investigation finds

  Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents