News

Hackers and cybercrime prevention

April 13, 2023 13 Apr'23
Three charged over banking fraud for hire website

UK authorities have charged three men in connection with the operation of a website that sold social engineering tools to cyber fraudsters
April 12, 2023 12 Apr'23
Okta integrates with Singapore’s national digital ID system

The integration with Singpass will let Okta customers authenticate consumers using Singapore’s national digital ID system and is expected to expand the company’s reach in regulated industries
April 11, 2023 11 Apr'23
Anne Keast-Butler named as new director of GCHQ

The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ
April 11, 2023 11 Apr'23
KFC, Pizza Hut data stolen in January ransomware attack

Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack

April 11, 2023 11 Apr'23
UKtech50 2023: Help us find the most influential people in UK IT

Computer Weekly’s annual search for the 50 most influential people in UK IT is back – let us know who you would like to nominate for this year’s list
April 06, 2023 06 Apr'23
Prioritise automated hardening over traditional cyber controls, says report

A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way
April 06, 2023 06 Apr'23
Clop ransomware booms in March as Fortra zero-day pays off for gang

Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers
April 05, 2023 05 Apr'23
Quick-acting Rorschach ransomware appears out of nowhere

Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains
April 05, 2023 05 Apr'23
Cops bust Genesis cyber crime marketplace

Multinational Operation Cookie Monster takes down Genesis Market, a crucial source of compromised data used by criminals for fraud and other cyber attacks
April 04, 2023 04 Apr'23
National Cyber Force carrying out daily hacking operations to disrupt hostile threats

Government discloses details about the National Cyber Force’s disruption activities against terrorists, organised criminals and nation states – and names first NCF chief as James Babbage

April 04, 2023 04 Apr'23
Threat researchers dissect anatomy of a Royal ransomware attack

Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022
April 04, 2023 04 Apr'23
Over 90% of organisations find threat hunting a challenge

Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report
April 03, 2023 03 Apr'23
Australia’s media and telecoms sector saw most data breaches in 2022

The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture
April 03, 2023 03 Apr'23
Three-day Capita outage was result of cyber attack

Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps
March 31, 2023 31 Mar'23
Mounting Russian disinformation campaign targeting Arab world

Researchers have found evidence of a broad Russian disinformation campaign targeting Arabic-speakers in the Middle East and North Africa
March 31, 2023 31 Mar'23
Ukrainians bust cyber criminals who stole over £3m across Europe

Ukrainian police have arrested members of a cyber crime gang who stole and embezzled millions of pounds from victims across Europe
March 30, 2023 30 Mar'23
3CX unified comms users hit by supply chain attacks

Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors
March 29, 2023 29 Mar'23
New North Korean APT launders crypto to fund spying programmes

Mandiant has attributed an ongoing campaign of malicious activity to a newly designated APT that is engaged in the acquisition and laundering of cryptocurrency to fund the regime’s espionage activities
March 29, 2023 29 Mar'23
How organisations can weaponise data privacy

Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner
March 28, 2023 28 Mar'23
Microsoft expands AI Copilot project into security realm

New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams
March 28, 2023 28 Mar'23
Apple security updates fix 33 iPhone vulnerabilities

A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels
March 28, 2023 28 Mar'23
Inside Group-IB’s cyber security playbook

A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market
March 28, 2023 28 Mar'23
Europol warns cops to prep for malicious AI abuse

In a report looking at how large language models can be used by criminals, Europol’s Innovation Lab calls on law enforcement agencies to prepare themselves for wide-ranging impacts on their work
March 28, 2023 28 Mar'23
Ethical hackers urged to respond to Computer Misuse Act reform proposals

The deadline for submissions to the government’s consultation on reform of the Computer Misuse Act is fast approaching, and ethical hackers and security experts need to make their voices heard, says Bugcrowd
March 28, 2023 28 Mar'23
Ransomware attacks up 45% in February, LockBit responsible

NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active
March 27, 2023 27 Mar'23
France latest to ban TikTok on government devices

Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices
March 24, 2023 24 Mar'23
National Crime Agency sting operation infiltrates cyber crime market

The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks
March 22, 2023 22 Mar'23
Why Veeam thinks ransomware warranty payouts are unlikely

Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts
March 22, 2023 22 Mar'23
Government launches seven-year NHS cyber strategy

The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike
March 21, 2023 21 Mar'23
Nordics move towards common cyber defence strategy

Nordic countries agree to work together to improve their cyber defences amid increasing threat
March 21, 2023 21 Mar'23
How Mimecast thinks differently about email security

Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades
March 21, 2023 21 Mar'23
Hitachi Energy emerges as victim of Clop gang’s Fortra attack

The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe
March 21, 2023 21 Mar'23
Ferrari rejects ransom demand after cyber attack

Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data
March 21, 2023 21 Mar'23
Ransomware gangs harass victims to ‘bypass’ backups

Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order
March 20, 2023 20 Mar'23
NCSC launches cyber check-up tools for SMEs

The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack
March 16, 2023 16 Mar'23
BEC attacks doubled in 2022, outstripping ransomware

Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks
March 16, 2023 16 Mar'23
Rubrik customer, partner data exposed in possible Clop attack

Rubrik was supposedly compromised by the Clop ransomware gang via a zero-day vulnerability in a managed file transfer software package it uses
March 16, 2023 16 Mar'23
Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly
March 15, 2023 15 Mar'23
Chinese Silkloader cyber attack tool falls into Russian hands

A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators
March 15, 2023 15 Mar'23
Microsoft patches Outlook zero-day for March Patch Tuesday

A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update
March 14, 2023 14 Mar'23
NatWest introduces limits on crypto trading to prevent fraud

UK bank says its retail customers will benefit from daily and monthly limits on the amount they can pay into cryptocurrency exchanges
March 14, 2023 14 Mar'23
NCSC warns over AI language models but rejects cyber alarmism

The UK's NCSC has issued advice for those using the technology underpinning AI tools such as ChatGPT, but says some of the security doomsday scenarios being proposed right now are not necessarily realistic
March 13, 2023 13 Mar'23
MI5 to oversee new National Protective Security Authority

The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets
March 08, 2023 08 Mar'23
How ForgeRock is tackling identity management

ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy
March 07, 2023 07 Mar'23
Nine in 10 enterprises fell victim to successful phishing in 2022

Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale
March 07, 2023 07 Mar'23
Dutch hospitals underestimate impact of cyber attack

IT failures in acute care organisations in the Netherlands have increased considerably since 2010, affecting patient care and stressing the need to improve IT security in hospitals
March 07, 2023 07 Mar'23
APAC IT leaders bullish on tech spending

Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas
March 02, 2023 02 Mar'23
WH Smith staff data accessed in cyber attack

The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing
March 02, 2023 02 Mar'23
Salt Labs identifies OAuth security flaw within Booking.com

Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild
March 01, 2023 01 Mar'23
Data breaches in Australia on the rise, says OAIC

Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner