News

IT security

• March 09, 2022 09 Mar'22

  Microsoft serves up three zero-days on March Patch Tuesday

  Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders

• March 08, 2022 08 Mar'22

  Google buys Mandiant for £4bn

  Acquisition will see cyber defence and threat intelligence specialist folded into Google Cloud’s security suite

• March 07, 2022 07 Mar'22

  Ukraine joins Nato cyber knowledge hub

  Ukraine is to become a contributing participant in Nato’s Cooperative Cyber Defence Centre of Excellence

• March 04, 2022 04 Mar'22

  Scrapping NHS Digital a backward step for patient data rights

  Former NHS Digital chair Kingsley Manning has spoken out over proposals to fold NHS Digital into NHS England, saying that more oversight is needed to safeguard patient data in light of recent events

• March 04, 2022 04 Mar'22

  Microsoft stops sales of products and services to Russia

  Citing sanctions and cyber security concerns, Microsoft has become the latest company to withdraw from the Russian market

• March 03, 2022 03 Mar'22

  Boardroom does not see ransomware as a priority

  Less than a quarter of company directors think ransomware is a top priority for their security teams, according to Egress

• March 03, 2022 03 Mar'22

  Nato Cyber Security unit tests post-quantum VPN

  Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN

• March 03, 2022 03 Mar'22

  Direct action is a risky business for Ukraine's volunteer hackers

  Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea

• March 03, 2022 03 Mar'22

  Use of encrypted Telegram platform soars in Ukraine, Russia

  Encrypted messaging service Telegram is proving a valuable asset to both sides in Russia’s war on Ukraine

• March 02, 2022 02 Mar'22

  Eight schools recognised for quality security education

  Eight new schools and colleges around the UK have been recognised by the NCSC’s CyberFirst Schools initiative

• March 02, 2022 02 Mar'22

  Cyber companies step up support for Ukraine

  Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine

• March 02, 2022 02 Mar'22

  SunSeed malware hits those involved in Ukraine refugee relief

  European governments involved in managing the logistics of hundreds of thousands of people fleeing Ukraine have been targeted by a suspected state-backed actor

• March 02, 2022 02 Mar'22

  Ban predictive policing systems in EU AI Act, says civil society

  A coalition of civil society groups has called on European lawmakers to use the upcoming Artificial Intelligence Act as an opportunity to ban predictive policing systems

• March 01, 2022 01 Mar'22

  Toyota production to resume after supply chain attack

  Toyota production has been set back by over 10,000 vehicles following a cyber attack on a critical components supplier in Japan

• March 01, 2022 01 Mar'22

  BBC blasted with millions of malicious emails

  Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day

• March 01, 2022 01 Mar'22

  DCMS opens consultation on telecoms cyber standards

  Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act

• March 01, 2022 01 Mar'22

  ESET details new IsaacWiper malware used on Ukraine

  Having been among the first to report on the HermeticWiper malware used against Ukraine last week, ESET has now identified another destructive malware called IsaacWiper

• February 28, 2022 28 Feb'22

  Ukraine cyber attacks seen spiking, but no destructive cyber war yet

  While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region

• February 28, 2022 28 Feb'22

  Online Safety Bill updated to deal with anonymous abuse

  Social media companies will be forced to deal with anonymous abuse online by the introduction of new measures in the Online Safety Bill

• February 28, 2022 28 Feb'22

  Cloudflare: Our network is our product

  Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats

• February 25, 2022 25 Feb'22

  Mass phishing attacks against Ukrainian citizens reported

  The Ukrainian cyber authorities are alerting people located in the country to be alert to phishing attacks

• February 25, 2022 25 Feb'22

  Irish data watchdog calls for ‘objective metrics’ for big tech regulation

  Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation

• February 25, 2022 25 Feb'22

  Darktrace buys attack surface management firm Cybersprint

  Emergent AI cyber specialist Darktrace is to pay £39.7m for Netherlands-based Cybersprint

• February 24, 2022 24 Feb'22

  Researchers link Dridex botnet to emergent Entropy ransomware

  A little-known new ransomware called Entropy contains significant code similarities to the general purpose Dridex botnet, suggesting some kind of link between the two

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  New wave of cyber attacks on Ukraine preceded Russian invasion

  A wave of DDoS attacks, and a second data wiper attack, were seen hitting Ukraine in the hours leading up to the Russian invasion

• February 24, 2022 24 Feb'22

  Security organisations form Nonprofit Cyber coalition

  Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  Paid-for advertising still not covered in Online Safety Bill

  Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill

• February 23, 2022 23 Feb'22

  Salesforce pays out over £2m in bug bounties

  Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme

• February 23, 2022 23 Feb'22

  DCMS launches free cyber skills platform for kids

  Government introduces free online cyber skills training for schoolchildren to encourage them into cyber security roles in the future and help address the skills gap

• February 23, 2022 23 Feb'22

  Backups ‘no longer effective’ for stopping ransomware attacks

  Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques

• February 23, 2022 23 Feb'22

  Microsoft extends Defender umbrella to Google Cloud Platform

  Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 23, 2022 23 Feb'22

  Attempted burglary exposes risk of NatWest customer data in former worker’s home

  Former Royal Bank of Scotland employee offers bank a compromise in her dispute over the return of confidential customer information

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 23, 2022 23 Feb'22

  Tech acquisition to be major priority for UK police

  Policing minister cites technology as major focus for future of UK police, in comments made ahead of the publication of the Strategic Review of Policing in England and Wales

• February 22, 2022 22 Feb'22

  UK organisations swift to chide phishing victims

  While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 21, 2022 21 Feb'22

  UK joins US in pinning Ukraine DDoS attacks on Russia

  A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action

• February 18, 2022 18 Feb'22

  Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

  Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them

• February 18, 2022 18 Feb'22

  UK organisations untroubled by Trickbot surge

  A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  DDoS attacks hit Ukrainian defence ministry and banks

  A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region

• February 16, 2022 16 Feb'22

  BlackCat ransomware gang claims responsibility for Swissport attack

  Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm

• February 16, 2022 16 Feb'22

  Cloud Security Alliance publishes guidelines to bridge compliance and DevOps

  The Cloud Security Alliance has published a report detailing practices that organisations can adopt to bridge the gap between compliance and software development and operations

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 15, 2022 15 Feb'22

  Botched third-party configuration exposes Internet Society data to web

  Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage