News

Hackers and cybercrime prevention

• May 26, 2023 26 May'23

  Bumbling IT security analyst convicted of blackmail offences

  A Hertfordshire man has been convicted of blackmail and other offences after piggybacking on an in-progress ransomware attack to try to defraud his employer, but failing to cover his tracks in any meaningful way

• May 25, 2023 25 May'23

  Cabinet Office publishes response to data sharing for digital ID consultation

  The majority of respondents to government’s consultation on data sharing for digital identity are critical to the plans and concerned about data privacy, but Whitehall’s response says many of the responses ‘were driven by anti-digital commentaries’

• May 25, 2023 25 May'23

  Alert over Chinese cyber campaign targeting critical networks

  A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence

• May 24, 2023 24 May'23

  Almost all ransomware attacks target backups, says Veeam

  Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey

• May 24, 2023 24 May'23

  Two-thirds of all 2022 breaches resulted from spear phishing

  Research by Barracuda Networks has found that, despite the low volume of spear-phishing attempts, the attacks are highly successful and have major consequences

• May 23, 2023 23 May'23

  Cohesity Turing aims AI tools at backup and ransomware

  Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance

• May 17, 2023 17 May'23

  Pentera ups ante in penetration testing

  The Israeli startup, which expanded to the APAC region last year, scans for vulnerabilities and emulates cyber attacks through its automated security validation platform

• May 16, 2023 16 May'23

  Scality pushes anti-ransomware features in Artesca object storage

  Object storage specialist announces v2.0 of Artesca, with a heavy focus on functionality that can protect against ransomware such as object locking, sharding, backup to object etc

• May 12, 2023 12 May'23

  Let’s put an end to secrecy and cover-ups in ransomware attacks

  The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them

• May 12, 2023 12 May'23

  IT Priorities 2023: Budgeting for IT innovation

  In spite of the economic slowdown, IT leaders are driving forward investments in IT

• May 12, 2023 12 May'23

  How Splunk is driving security automation

  Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region

• May 11, 2023 11 May'23

  Investigatory Powers Tribunal finds NCA EncroChat hacking warrants were lawful

  Investigatory Powers Tribunal refers questions over whether messages obtained from the EncroChat encrypted phone network are legally admissible back to the criminal court

• May 11, 2023 11 May'23

  Australia to shore up cyber and digital capabilities in Budget 2023

  Australia is spending more than A$2bn to strengthen cyber resilience, improve digital government services and fuel AI adoption, among other areas, in its latest budget

• May 11, 2023 11 May'23

  AI outcry intensifies as EU readies regulation

  Policymakers are battling to keep pace with AI developments, while experts warn of societal impact

• May 10, 2023 10 May'23

  Black Basta ransomware attack to cost Capita over £15m

  Exceptional costs arising from the March 2023 Black Basta ransomware attack on the systems of outsourcer Capita will be somewhere between £15m and £20m, the organisation says

• May 10, 2023 10 May'23

  How datacentre operators can fend off cyber attacks

  Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats

• May 05, 2023 05 May'23

  Capita pension clients told data may have leaked

  Capita has told trustees of some of the pension funds for which it provides outsourced services that their customer data may have been stolen by the Black Basta ransomware operation

• May 05, 2023 05 May'23

  Santander reports increase in scams and admits fraud head was impersonated

  Santander has reported an increase in impersonation scams, and admitted its own head of fraud was impersonated by a fraudster

• May 04, 2023 04 May'23

  Inside BlackBerry’s cyber security playbook

  BlackBerry’s president of cyber security discusses the company’s cyber security strategy and what it is doing to deliver an integrated set of capabilities for enterprises

• May 03, 2023 03 May'23

  Cyber Action Plan for Wales launched

  The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country

• May 03, 2023 03 May'23

  TikTok fixes vulnerability that could have exposed user activity data

  A potentially dangerous vulnerability in the TikTok video-sharing platform was discovered by Imperva researchers, and has now been fixed

• May 03, 2023 03 May'23

  Government anti-fraud strategy targets the tech behind the scams

  The UK government’s anti-fraud strategy proposes to make it much harder for criminals to target their victims by cracking down on the exploitation of technology

• May 02, 2023 02 May'23

  Researchers see surge in scam websites linked to coronation

  Scammers and fraudsters continue to take advantage of large public events, with the coronation of King Charles III no exception

• April 28, 2023 28 Apr'23

  Government is playing ‘psychic war’ in battle over end-to-end encryption

  Peers hear that the UK government is being deliberately ambiguous about its plans to require technology companies to scan the content of encrypted messages

• April 27, 2023 27 Apr'23

  Tenable opens playground for generative AI cyber tools

  A set of generative AI cyber tools designed to help security researchers in reverse engineering, debugging and other areas of work have been made available for the community to experiment with

• April 26, 2023 26 Apr'23

  Researchers deal blow to Gootloader gang that supported REvil

  Thousands of compromised WordPress blogs have been spreading the Gootloader malware for years, but eSentire’s security research team are turning the tables on the gang that played a key role in REvil ransomware attacks

• April 26, 2023 26 Apr'23

  Ransomware gang exploiting unpatched Veeam backup products

  Cyber criminals with links to multiple virulent ransomware strains are exploiting a recently disclosed vulnerability in Veeam’s Backup & Replication product, threat analysts have warned

• April 26, 2023 26 Apr'23

  Cyber security and analytics propel jobs boost in Scotland’s tech sector

  A tech industry survey from ScotlandIS indicates the country’s tech sector is set to grow, with cyber security as the hottest domain

• April 25, 2023 25 Apr'23

  CISOs under-supported, under pressure, Trellix finds

  The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job

• April 25, 2023 25 Apr'23

  Almost three-quarters of cyber attacks involve ransomware

  Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware

• April 21, 2023 21 Apr'23

  CyberUK 23: New advice on smart city security issued

  The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities

• April 20, 2023 20 Apr'23

  Bumblebee malware flies on the wings of Zoom and ChatGPT

  Bumblebee malware, often used as a stepping stone to ransomware, is now spreading via trojanised installers for popular software applications

• April 20, 2023 20 Apr'23

  UK Emergency Alert Test sparks cyber fraud warning

  Fraudsters and scammers are likely to use the upcoming test of the UK's new mobile Emergency Alert system as bait in their attacks, while misinformation and conspiracy theories spread

• April 20, 2023 20 Apr'23

  3CX incident may be world’s first double supply chain attack

  It’s supply chain attacks all the way down as Mandiant publishes information suggesting that the 3CX software supply chain compromise was initiated via a prior software supply chain compromise

• April 20, 2023 20 Apr'23

  Good Friday Agreement key to growth of Northern Ireland cyber hub

  Now 25 years since the historic Good Friday Agreement ended the Troubles, Northern Ireland has become a flourishing centre of cyber security excellence and has ambitions to grow further

• April 20, 2023 20 Apr'23

  Capita customer data was stolen in March ransomware attack

  Capita says it has uncovered evidence of data exfiltration from a small proportion of its server estate following a cyber attack at the end of March

• April 19, 2023 19 Apr'23

  CyberUK 23: Ukraine offers masterclass in withstanding cyber war

  Russian cyber activity has seen an unprecedented evolution in scale and pace over the past year, but Ukraine’s resilience has enabled it to mount a masterful response, says the NCSC

• April 19, 2023 19 Apr'23

  CyberUK 23: Irresponsible use of commercial hacking tools a rising threat

  Commercial cyber tools and hackers-for-hire pose a growing threat to organisations and individuals worldwide, according to an NCSC report

• April 19, 2023 19 Apr'23

  UK plc sees fewer cyber breaches and attacks, but lacks resilience

  Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears...

• April 19, 2023 19 Apr'23

  CyberUK 23: NCSC launches Cyber Advisor service for SMEs

  The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out

• April 19, 2023 19 Apr'23

  CyberUK 23: NCSC CEO calls for collaboration and warns against complacency

  NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency

• April 19, 2023 19 Apr'23

  Global finance firms take part in NATO cyber attack simulation

  Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure

• April 19, 2023 19 Apr'23

  Cisco urges users to keep its network hardware up-to-date

  In the wake of a campaign of threat activity targeting a six-year-old Cisco router vulnerability, the networking giant has warned users to be on high alert and update their hardware

• April 19, 2023 19 Apr'23

  CyberUK 23: Alert over mercenary Russian threat to CNI

  Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned

• April 19, 2023 19 Apr'23

  How organisations can succeed with zero trust

  By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm

• April 18, 2023 18 Apr'23

  IT Priorities 2023: Cloud and disaster recovery top storage and backup plans

  Cloud storage still the biggest project planned in data storage in 2023, with disaster recovery the most important area in data protection cited by TechTarget/Computer Weekly survey respondents

• April 18, 2023 18 Apr'23

  CyberUK 23: NCSC conference centres cyber collaboration

  The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda

• April 18, 2023 18 Apr'23

  Focus on these three risky behaviours to boost cloud security

  Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report

• April 17, 2023 17 Apr'23

  Restaurants hit by IT problems after BlackCat attack on supplier NCR

  Ransomware attack on systems of payments giant causing service outages for restaurants around the world

• April 17, 2023 17 Apr'23

  Charity data stolen in ransomware attack on supplier

  A number of charities in Ireland and the UK have had their data compromised following a ransomware attack on an IT supplier