News

IT security

August 13, 2019 13 Aug'19
Breach cost $53m in Q2, says Desjardins

Credit union cooperative Desjardins reveals that a data breach in June cost the company $53m in the second quarter, but that could be just the start, warn industry commentators
August 13, 2019 13 Aug'19
UK businesses still overlooking human element in security

Most UK businesses are still failing to address the human element in cyber security as part of an integrated approach, exposing themselves unnecessarily to cyber criminal attacks, a study shows
August 13, 2019 13 Aug'19
BACnet IoT building automation devices vulnerable to attack

A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack
August 12, 2019 12 Aug'19
Phishing top security threat to business

A new Telefónica security service for business shows that phishing is the most-blocked threat and smaller businesses are a popular attack target in the first two months of deployment

August 12, 2019 12 Aug'19
South Wales Police starts facial recognition trial despite opposition

The use of the facial recognition app by South Wales Police marks the latest deployment of controversial facial recognition technology by police forces in the UK
August 12, 2019 12 Aug'19
Digital transformation driving security rethink

Organisations are focusing on internet of things and cloud in developing cyber defence systems, study shows
August 09, 2019 09 Aug'19
McAfee warns of serious security flaw in building controller

Security researchers have demonstrated how simple flaws in building controllers could allow malicious actors to manipulate control systems with devastating effect, highlighting the importance of operational technology security
August 09, 2019 09 Aug'19
F-Secure warns of F5 Big IP-related security issue

F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks
August 09, 2019 09 Aug'19
NCC Group warns of security risks of leading printers

Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems
August 09, 2019 09 Aug'19
Whistleblowers: James Glenn’s battle with Cisco opens new front on cyber security

James Glenn, a 42-year-old security specialist, fought a 10-year legal battle with Cisco after blowing the whistle on serious security flaws. He lost his job, but has no regrets

August 08, 2019 08 Aug'19
Ransomware a continued threat to business, report warns

Businesses are increasingly becoming the most popular targets for ransomware, which remains a top cyber threat around the world, especially in the US, a report reveals
August 08, 2019 08 Aug'19
Cyber criminals hijacking legitimate website comms

Criminals are exploiting firms’ use of online feedback methods to distribute spam and phishing emails, security researchers warn
August 08, 2019 08 Aug'19
Can you trust pen-testers?

Pen-testers have knowingly posted security workarounds on the public internet that are now commonly used by hackers
August 07, 2019 07 Aug'19
Southeast Asian ‘white hat’ urges more countries to sign the Paris Call

A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare
August 07, 2019 07 Aug'19
Shared files in the cloud are a top ransomware target

Vectra 2019 Spotlight report shows recent ransomware attacks cast a wider net to ensnare cloud, datacentre and enterprise infrastructures
August 07, 2019 07 Aug'19
FireEye identifies dual nature Chinese cyber threat group

Security researchers have identified a China-based cyber threat group engaged in state-spored espionage in parallel with cyber criminal activities targeting multiple industries worldwide
August 07, 2019 07 Aug'19
Industry collaborates to patch SwapGS CPU vulnerability

Newly disclosed SwapGS vulnerability in modern processors has been patched in Windows, Linux and ChromeOS, underlining the importance of keeping systems up to date
August 06, 2019 06 Aug'19
African bank foils suspected North Korean cyber attack

An African bank is among the financial institutions to be targeted by North Korea’s multi-billion dollar cyber theft campaign to support its weapons programmes
August 06, 2019 06 Aug'19
Most UK firms lack confidence in disaster recovery

Only a third of UK firms are confident in their ability to recover from cyber attacks and other disasters, with business continuity still relatively low on the agenda, a study reveals
August 06, 2019 06 Aug'19
ICO joins international call for transparency around Facebook’s Libra currency

Data protection regulators from around the world have signed a statement raising privacy concerns about Libra
August 05, 2019 05 Aug'19
DDoS on the rise, warns Kaspersky

Security researchers at Kaspersky are among those warning business that, more than ever, mitigation of distributed denial of service attacks needs to be a key element of cyber defence strategies
August 05, 2019 05 Aug'19
Most UK university applicants at risk of email fraud

The majority of hundreds of thousands of applicants to UK universities are at risk of email fraud before and after A-level results day, due to a failure to implement full Dmarc protection, a study reveals
August 02, 2019 02 Aug'19
Lack of resources top challenge to IT security

A lack of resources is the top challenge to information security professionals, followed by a lack of experience and skills, a survey reveals
August 02, 2019 02 Aug'19
Government continues probe of UK cyber security labour market

The government has announced a second phase of research to help understand the UK's cyber security labour market
August 01, 2019 01 Aug'19
Facebook asked to explain discrepancies in evidence over Cambridge Analytica

DCMS Committee chairman asks Facebook to clarify what it knew about Cambridge Analytica’s use of its data and when
August 01, 2019 01 Aug'19
Industrial control system cyber security risk high, report warns

The industrial control system cyber risk to global oil and gas companies is high and rising, as new attack groups continue to enter the arena
August 01, 2019 01 Aug'19
Enterprise-readiness of business cloud services found lacking in Netskope research

Latest analysis of cloud and internet usage trends in the enterprise space by Netskope suggests the majority of the off-premise services businesses use are not fit for purpose from a security and data protection standpoint
August 01, 2019 01 Aug'19
GDPR taken more seriously after first fines

Security professionals believe the first big fines under the General Data Protection Regulation will get organisations to take the new rules more seriously, but will not necessarily change policies or practices
August 01, 2019 01 Aug'19
Leaked Sephora databases peddled on dark web

Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand
July 31, 2019 31 Jul'19
Cisco pays $8.6m after whistleblower discloses security flaws in video surveillance system

James Glenn, a video surveillance expert working for a Cisco reseller in Denmark, alerted Cisco to security faults and stands to gain a share of a multimillion-dollar settlement with the US government
July 31, 2019 31 Jul'19
How Singapore’s NTUC Enterprise is embracing digital transformation

NTUC Enterprise is starting to look more like a technology company, employing DevOps to speed up software development and developing new digital business models even as cultural barriers to transformation remain
July 31, 2019 31 Jul'19
Financial services top cyber attack target

Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats
July 30, 2019 30 Jul'19
Australian firms grappling with “train-smash” of security legislation

While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators
July 30, 2019 30 Jul'19
Mobiles top target of nation state surveillance

Nation states are targeting individual mobile users for intelligence gathering and disruption of rivals as security on mobile devices lags behind traditional computing, a report reveals
July 30, 2019 30 Jul'19
Huawei ‘galvanised’ by Trump ban

Huawei has found itself caught in the crossfire of the US president’s trade war with China, but chairman Liang Hua says the firm is rising to the challenge
July 30, 2019 30 Jul'19
Former AWS engineer arrested for Capital One data breach

Capital One announces data breach affecting more than 100 million customers as US federal authorities arrest a Seattle woman formerly employed by Amazon Web Services
July 29, 2019 29 Jul'19
ICO selects first innovation Sandbox participants

UK privacy watchdog has chosen the first firms to take part in its Sandbox programme aimed at developing innovative and beneficial products and services that are privacy compliant
July 29, 2019 29 Jul'19
Visa card vulnerabilities enable contactless limit bypass

Security researchers have discovered vulnerabilities on Visa cards that could be exploited to bypass contactless payment limits and result in huge losses
July 29, 2019 29 Jul'19
WannaCry hero Marcus Hutchins spared jail

British security researcher who helped halt the global WannaCry ransomware attack that hit the NHS in 2017 has avoided jail in the US for creating other malware
July 29, 2019 29 Jul'19
Cyber kill chain is outdated, says Carbon Black

The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles
July 26, 2019 26 Jul'19
Email security as important as ever, report shows

Cyber security professionals need to keep up to date with email-borne threats because they continue to evolve and have a major impact on business, research reveals
July 26, 2019 26 Jul'19
86 million reasons to support No More Ransom

Anti-ransomware cross-industry initiative says it has prevented more than £86m in ransom payments as it marks its third anniversary, which coincides with a resurgence in ransomware in many parts of the world
July 25, 2019 25 Jul'19
F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated
July 25, 2019 25 Jul'19
Mobile banking malware surges in 2019

Mobile banking malware surged in the first half of the year, email scams geared up and attacks on cloud increased, while illicit cryptocurrency miners declined, report reveals
July 25, 2019 25 Jul'19
Most SMEs severely underestimate cyber security vulnerabilities

Small businesses are the primary target for cyber attacks, yet most are unprepared and do not think they will be targeted, a survey reveals
July 25, 2019 25 Jul'19
Facebook shrugs off $5bn fine, reports strong quarter

Investors responded positively after social networking firm reported better-than-expected second-quarter results after budgeting for FTC fine, but the company faces a further antitrust investigation
July 24, 2019 24 Jul'19
Internet crime costs global economy £2.3m a minute

Cyber crime cost the global economy £2.3m every minute in 2018, reveals a report aimed at defining the scale of cyber attacks taking place over the internet
July 24, 2019 24 Jul'19
Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine

Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission
July 24, 2019 24 Jul'19
Global malware down but ransomware up, with UK hard hit

Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals
July 24, 2019 24 Jul'19
Controversial ‘immigration exemption’ used in 60% of cases

The UK government has used a controversial GDPR opt-out in response to the majority of its immigration-related data requests since the start of 2019, the High Court has heard