News

Hackers and cybercrime prevention

• August 14, 2024 14 Aug'24

  August Patch Tuesday proves busy with six zero-days to fix

  Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update

• August 13, 2024 13 Aug'24

  Cyber criminal kingpin ‘J.P. Morgan’ appears in US court

  ‘J.P. Morgan’, a Belarusian cyber criminal who ran a major ransomware campaign supported by malvertising scams, faces decades in prison in the United States after being extradited from the EU

• August 13, 2024 13 Aug'24

  Australia’s cyber security skills gap remains pressing issue

  Study reveals Australia’s critical shortage of cyber security professionals, escalating the risk of data breaches

• August 08, 2024 08 Aug'24

  Royal ransomware crew puts on a BlackSuit in rebrand

  The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA

• August 08, 2024 08 Aug'24

  US lawmakers seek to brand ransomware gangs as terrorists

  Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers

• August 06, 2024 06 Aug'24

  2024 seeing more CVEs than ever before, but few are weaponised

  The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies

• August 05, 2024 05 Aug'24

  Chinese cyber attack sparks alert over six-year-old MS vuln

  After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824

• August 05, 2024 05 Aug'24

  Russia’s luxury car phish continues to prove effective

  Government organisations and other bodies operating in Ukraine continue to be targeted by a relatively unsophisticated phishing campaign that has proven so effective for Russia’s cyber spooks that there are now multiple agencies involved

• August 02, 2024 02 Aug'24

  How CrowdStrike is leveraging AI to empower security teams

  CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges

• August 01, 2024 01 Aug'24

  Banks, telcos call for more data sharing to fight fraud

  A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud

• July 31, 2024 31 Jul'24

  API attacks surge by 65% in APAC, fuelled by rapid digitisation

  Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit

• July 31, 2024 31 Jul'24

  Campaigners call for evidence to reform UK cyber laws

  The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work

• July 31, 2024 31 Jul'24

  Breach costs soar as record ransomware payment made

  IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made

• July 30, 2024 30 Jul'24

  Basic failures led to hack of Electoral Commission data on 40 million people

  UK government identifies Chinese state-linked hackers as likely to have been behind attack on the Electoral Commission

• July 30, 2024 30 Jul'24

  Core British Library services to return for new academic year

  The British Library’s recovery from a devastating ransomware attack that laid waste to its IT systems continues - with hopes that some of its most popular services will be running again in September

• July 29, 2024 29 Jul'24

  Scam CrowdStrike domains growing in volume

  Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out

• July 25, 2024 25 Jul'24

  North Korean cyber APT targeting nuclear secrets

  Mandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, including nuclear secrets

• July 24, 2024 24 Jul'24

  Mimecast to buy insider threat specialist Code42

  Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms

• July 23, 2024 23 Jul'24

  NCA seizes thousands of social media accounts used by people smugglers

  A three-year campaign has seen thousands of social media posts and accounts used to advertise the services of illegal people smugglers taken down

• July 22, 2024 22 Jul'24

  NCA cracks digitalstress DDoS-for-hire operation

  The UK authorities have taken down a major component of the multinational DDoS cyber attack-for-hire ecosystem, hacking into the digitalstress.su service and exfiltrating data on its users, who now face arrest

• July 22, 2024 22 Jul'24

  NCSC: Beware of criminal CrowdStrike opportunists

  Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow

• July 18, 2024 18 Jul'24

  Growth in nude image sharing heightens cyber abuse risk

  The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky

• July 17, 2024 17 Jul'24

  UK Cyber Bill teases mandatory ransomware reporting

  In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting

• July 17, 2024 17 Jul'24

  Hackney Council reprimanded over 2020 ransomware attack

  The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating cyber attack, but at the same time, the regulator praised the local authority for its response and commitment to making improvements

• July 17, 2024 17 Jul'24

  Labour government plans new laws around cyber security, data sharing and skills

  The King's Speech outlined the legislative agenda for the new Parliament, including several bills that will impact the tech community

• July 17, 2024 17 Jul'24

  How iProov is fending off deepfake fraud

  Facial biometrics and controlled illumination can detect liveness, verify identities and help prevent deepfake attacks

• July 16, 2024 16 Jul'24

  Strategic Defence Review must emphasise cyber security, says industry

  Cyber security leaders say the new government's Strategic Defence Review needs to put digital security front and centre

• July 15, 2024 15 Jul'24

  NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack

  The two NHS Trusts most heavily impacted by the Qilin ransomware attack on pathology services provider Synnovis have cancelled over 6,000 appointments and procedures in the past five weeks

• July 12, 2024 12 Jul'24

  AT&T loses ‘nearly all’ phone records in Snowflake breach

  Hackers have stolen records of virtually every call made by AT&T's customers during a six-month period in 2022, after compromising the US telco's Snowflake data environment

• July 12, 2024 12 Jul'24

  Public awareness of ID security grows, but big obstacles remain

  Consumers are improving their awareness of the issues around digital identity security, but there are still some big issues preventing many from doing better, according to an Okta report

• July 11, 2024 11 Jul'24

  Dutch research firm TNO pictures the SOC of the future

  In only a few years, security operations centres will have a different design and layout, and far fewer will remain

• July 11, 2024 11 Jul'24

  Inside Israel’s cyber security operations

  An emergency phone line allows cyber security analysts at the Israel Computer Emergency Response Team to map threats against national infrastructure

• July 09, 2024 09 Jul'24

  Chinese spies target vulnerable home office kit to run cyber attacks

  China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert

• July 09, 2024 09 Jul'24

  Lessons from war: How Israel is fighting Iranian state-backed hacking

  The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties

• July 09, 2024 09 Jul'24

  Atos jumps on ‘moving train’ for Euro 2024

  Atos provides the IT supporting major recurring sporting events including Uefa’s European Football Championship

• July 08, 2024 08 Jul'24

  Synnovis attack highlights degraded, outdated state of NHS IT

  More cyber attacks against the health service are likely, and will succeed if something isn’t done to address the increasingly elderly NHS IT estate, experts are warning

• July 03, 2024 03 Jul'24

  NCA’s Operation Morpheus targets illicit Cobalt Strike use

  International law enforcement operation targets cyber criminals using the Cobalt Strike penetration testing framework for dodgy purposes

• June 28, 2024 28 Jun'24

  How FWD is driving its digital strategy

  FWD’s group chief technology and operations officer talks up how the pan-Asian insurer is driving change faster and putting technology at the heart of its services

• June 28, 2024 28 Jun'24

  How Recorded Future is operationalising threat intelligence

  Recorded Future is investing in APIs to enable automated security workflows, among other measures, to help organisations overcome the hurdles of operationalising threat intelligence

• June 26, 2024 26 Jun'24

  Israel’s cyber chief calls for international front against Iranian hackers

  Israel’s cyber chief has called for international action against Iran over state-backed hacking

• June 25, 2024 25 Jun'24

  WikiLeaks founder Julian Assange freed from prison

  A deal reached with US authorities will end the WikiLeaks founder’s years-long legal saga, setting him free if he pleads guilty to a criminal conspiracy charge

• June 25, 2024 25 Jun'24

  NHS experts raise warning over patient data breach risk in registries project

  Clinicians warn that the NHS England Outcome Registries Platform has poor security and is vulnerable to cyber attack, putting critical patient data at risk of being exposed

• June 24, 2024 24 Jun'24

  Sellafield pleads guilty to criminal charges over cyber security

  Nuclear Decommissioning Authority-backed organisation Sellafield Ltd pleads guilty to criminal charges brought over significant cyber security failings that could have compromised sensitive nuclear information

• June 21, 2024 21 Jun'24

  Qilin ransomware gang publishes stolen NHS data online

  The ransomware gang behind a major cyber attack on NHS supplier Synnovis has published a 400GB trove of private healthcare data online

• June 13, 2024 13 Jun'24

  Black Basta ransomware crew may be exploiting Microsoft zero-day

  A Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ransomware gang, threat hunters warn

• June 12, 2024 12 Jun'24

  RCE flaw and DNS zero-day top list of Patch Tuesday bugs

  An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday

• June 11, 2024 11 Jun'24

  Pure Storage hit by Snowflake credential hackers

  Pure Storage emerges as the latest victim of a fast-spreading breach of Snowflake customers targeting users with lax credential security measures in place

• June 11, 2024 11 Jun'24

  More than 160 Snowflake customers hit in targeted data theft spree

  Mandiant reports that more than 160 Snowflake customers have been hit in a broad data theft and extortion campaign targeting organisations that have failed to pay proper attention to securing valuable credentials

• June 10, 2024 10 Jun'24

  General election 2024: Liberal Democrats thread digital commitments throughout manifesto

  The Lib Dems have promised a new industrial strategy and emphasised the importance of the digital sector, skills and regulating AI, as they lay out plans for the UK general election

• June 10, 2024 10 Jun'24

  NHS blood stocks running low after ransomware attack

  The NHS is appealing for people with O Positive and O Negative blood types to come forward to donate as hospitals in London struggle to keep critical services running after ransomware attack