News

Privacy and data protection

• November 02, 2015 02 Nov'15

  Theresa May promises strong oversight in surveillance bill

  The proposed Investigatory Powers Bill contains “very strong” oversight and “world-beating” authorisation procedures, according to home secretary Theresa May

• October 30, 2015 30 Oct'15

  Law enforcement cracks down on DroidJack Android snooping malware users

  A joint EU/US operation on the DroidJack malware is the latest example of international collaboration between law enforcement officers directed at cyber crime

• October 29, 2015 29 Oct'15

  M&S data breach forces retailer to temporarily suspend service

  A glitch that allowed online customers to see each others' details forced retailer Mark & Spencer to take its website offline while it resolved the issue

• October 23, 2015 23 Oct'15

  TalkTalk warns customers about personal data breach

  TalkTalk has warned customers their personal data may have been compromised in the second cyber attack on the firm in 2015, with some data left unencrypted

• October 22, 2015 22 Oct'15

  Police and industry to tackle cyber crime together, says TechUK

  A TechUK report calls for collaboration between police and industry to raise standards of reporting, recording and responding to cyber crime

• October 21, 2015 21 Oct'15

  Infosec pros should start preparing for the future, say experts

  Information security professionals need to grow their skills, engage with the business, increase security awareness, set business goals and tailor their messages, says a panel of experts

• October 19, 2015 19 Oct'15

  Dow Jones denies it was target of insider trading hack

  Dow Jones says there is no information to support reports that it was the target of hackers seeking information for insider trading

• October 16, 2015 16 Oct'15

  Yahoo announces password-killing Account Key

  Yahoo Account Key uses push notifications to provide a fast and secure way to access Yahoo accounts from a mobile device

• October 13, 2015 13 Oct'15

  Cyber security innovation is crucial, says security evangelist

  Visibility and automation are key areas of cyber security innovation, but firms should concentrate first on the basics and not overlook the human element of security

• October 12, 2015 12 Oct'15

  NHS Health Apps Library to close

  The NHS Health Apps Library is shutting down after a two-year tenure, shortly after NHS-approved apps were found to leak data

• October 09, 2015 09 Oct'15

  Apple removes more iOS apps over security concerns

  Apple has blocked more apps over security concerns just weeks after ridding the App Store of XcodeGhost malware

• October 08, 2015 08 Oct'15

  Samsung Pay isolated from LoopPay attack

  Hackers who compromised LoopPay’s computer systems had no access to Samsung Pay’s user data or other core information, says Samsung

• October 07, 2015 07 Oct'15

  Singapore and UK researchers investigate privacy in big data era

  Academic organisations in Singapore and the UK collaborate on the privacy questions raised by big data and the cloud

• October 06, 2015 06 Oct'15

  Researchers find credential-stealing webmail server APT attack

  Security researchers have discovered a new and unique advanced persistent threat (APT) technique that involves a malicious module loaded onto a webmail server

• October 05, 2015 05 Oct'15

  Facebook ruling not only landmark data protection case in Europe, say experts

  A landmark ruling against Slovakia-based website Weltimmo could impact the Max Schrems case against Facebook and new European data protection rules currently being finalised

• October 02, 2015 02 Oct'15

  David Jones online customers hit by data breach

  Hackers have accessed the personal details of an unknown number of David Jones online customers, but the retailer says payment details and passwords are not affected

• September 30, 2015 30 Sep'15

  Medical devices must be secure by design, say industry experts

  The information security industry is calling for medical device manufacturers to design and build cyber security into all internet-enabled devices after thousands are found to be hackable

• September 29, 2015 29 Sep'15

  120-day patching gap puts many firms at risk of cyber attack, study shows

  The probability of a vulnerability being exploited hits 90% between 40-60 days after discovery, but many firms are taking up to 60 days beyond that to patch, while others are failing to patch at all, a study shows

• September 22, 2015 22 Sep'15

  Is Microsoft Office 2016 reliable enough for business?

  A day after a major Skype outage, Microsoft unveils Office 2016, which, ironically, offers tight integration with Skype

• September 21, 2015 21 Sep'15

  Department for Culture, Media and Sport takes over responsibility for data protection policy

  Government transfers responsibility for data protection policy and ICO oversight from Ministry of Justice (MOJ) to Department for Culture, Media and Sport (DCMS)

• September 21, 2015 21 Sep'15

  Health chief 'should be held to account' for whistleblow errors

  Former nurse and clincial commissioner Bernie Rochford claims unfair dismissal after blowing the whistle on IT problems which put patient care at risk

• September 16, 2015 16 Sep'15

  BT launches ethical hacking service for bankers

  BT introduces a certified Crest Star ethical hacking test service for financial services customers

• September 15, 2015 15 Sep'15

  Most DDoS attacks hiding something more sinister, Neustar warns

  Smaller DDoS attacks can be more dangerous than a powerful attack that knocks a company offline but does not install malware or steal data, warns Neustar

• September 15, 2015 15 Sep'15

  NHS trust denies bullying and intimidation of IT whistleblower

  Managers were already aware of whistleblower's concerns about the accuracy of NHS Southwark's data, tribunal hears

• September 14, 2015 14 Sep'15

  RSA Group flags ID theft risk to Lloyds Bank customers following datacentre storage theft

  International insurance group has seen 500 customers take up offer of identity theft protection in wake of datacentre theft

• September 11, 2015 11 Sep'15

  Security industry welcomes GCHQ password guidelines

  GCHQ's guidance on password policy covers some of the most pressing issues facing UK businesses and employees today, according to Skyhigh Networks

• September 10, 2015 10 Sep'15

  US health insurer Excellus BlueCross BlueShield hit by data breach

  Forensic investigation reveals a data breach at US health insurer Excellus BlueCross BlueShield exposing up to 11 million records 21 months after the first intrusion

• September 10, 2015 10 Sep'15

  Cloudian boosts object storage HyperStore compliance features

  Distributed object storage software maker Cloudian upgrades HyperStore with added granularity of data protection features that can help meet compliance requirements

• September 09, 2015 09 Sep'15

  Security pros failing to address digital certificate risks, survey shows

  Even though 90% of security professionals believe a leading CA will be compromised in next two years, only 13% have existing automation to deal with that happening

• September 09, 2015 09 Sep'15

  Conventional security measures hit productivity, study shows

  Most IT professionals say context-aware security would improve productivity without compromising security, a survey from Dell reveals

• September 09, 2015 09 Sep'15

  Security vulnerability management more than patching, warns Secunia

  Keeping track of what makes an IT environment vulnerable is an ongoing and complex task, according to Secunia

• September 04, 2015 04 Sep'15

  US State Department plans cyber security playbook

  The US State Department issues a request for information to determine the capabilities of commercial industry to provide and maintain a cyber security playbook

• September 01, 2015 01 Sep'15

  Use 2FA to mitigate KeyRaider iOS malware, says Rapid7

  KeyRaider iOS malware targeting iPhone users in China and 17 other countries including the UK has raised enterprise security concerns

• August 28, 2015 28 Aug'15

  Police arrest six UK teenagers for using DDoS cyber attack tool

  Police arrest six UK teenagers on suspicion of using a DDoS attack tool targeting a national newspaper, a school and online gaming companies and retailers

• August 27, 2015 27 Aug'15

  Rapid7 calls on router makers to eliminate backdoors

  Until manufacturers stop using default passwords, we will continue to see opportunistic attacks on home and small business routers, says Rapid7's Tod Beardsley

• August 26, 2015 26 Aug'15

  Many firms not getting to grips with third-party data security risk

  Supply chain data security risk is pervasive, but being unable to deal with it is down to basic failings, says a cyber risk expert

• August 25, 2015 25 Aug'15

  Sans Institute identifies top UK cyber talent

  The cream of UK cyber security talent selected from 24,000 candidates are set to begin eight weeks of intensive training in the first-ever intake at the Sans UK Cyber Academy

• August 24, 2015 24 Aug'15

  Spotify to update privacy policy after user protest

  Some Spotify users are unhappy about new privacy policies that allow access to users’ photos, video, mobile device location, voice controls and contacts

• August 21, 2015 21 Aug'15

  ICO orders Google to remove links to right to be forgotten takedowns

  The Information Commissioner's Office (ICO) says Google must remove newer links that reveal the same details as previously removed links

• August 20, 2015 20 Aug'15

  Broadband Stakeholder Group to review UK net neutrality policy

  The Broadband Stakeholder Group commissions an independent review into the UK’s industry-led approach to net neutrality and the open internet

• August 20, 2015 20 Aug'15

  Mumsnet suffers multi-vector cyber attack

  Mumsnet has been hit by a DDoS attack, its admin hacked and data stolen, and then a hoax call sent armed police to the home of the organisation's co-founder, Justine Roberts

• August 20, 2015 20 Aug'15

  Premiership Rugby scores security and efficiency with Intralinks

  By setting access controls, Premiership Rugby can ensure that its partners get quick access only to role-appropriate content

• August 17, 2015 17 Aug'15

  AT&T a key NSA partner in internet spying Snowden docs show

  The NSA considered its relationship with AT&T to be unique and especially productive, leaked documents show

• August 16, 2015 16 Aug'15

  Mobile phone users at risk as hackers bug and track victims

  An investigation by Australian TV show 60 Minutes demonstrates how hackers based thousands of miles away in Germany were able to record the calls of an Australian senator and track his movements

• August 11, 2015 11 Aug'15

  FBI uncovers cyber insider trading gang

  Nine suspects are expected to be charged in the US with insider trading based on corporate press releases stolen by hackers before they had been made public

• August 10, 2015 10 Aug'15

  BlackHat 2015: Industrial hacking - the untold story

  Hackers have been penetrating industrial control systems for at least a decade for extortion, yet little is known about how they gain access

• August 10, 2015 10 Aug'15

  Carphone Warehouse data breach hits 2.4 million UK customers

  Carphone Warehouse confirms the authorities have been notified about the breach, and urges customers to take steps to protect themselves

• August 03, 2015 03 Aug'15

  Why the time is ripe for security behaviour analytics

  Recent months have seen an uptick in announcements by security suppliers around behavioural analytics, but what is driving this trend?

• July 31, 2015 31 Jul'15

  Commercial software more secure than open source, finds report

  A study has found that commercial code is more compliant than open source code with security compliance standards, such as the Owasp top 10 and the CWE top 25

• July 29, 2015 29 Jul'15

  A third of employees will sell company data if the price is right, study reveals

  For £5,000, a quarter of employees polled said they would sell confidential company data, and risk both their job and criminal convictions