News

Privacy and data protection

• August 08, 2023 08 Aug'23

  Many UK organisations considering ChatGPT bans on employee devices

  More than 60% of organisations in the UK have either banned, or are considering banning, the use of generative AI tools on employee- or business-owned devices

• August 07, 2023 07 Aug'23

  Rise in fraudsters spoofing the websites of leading UK banks

  Despite safeguards to protect customers from scams, UK retail banks are still seeing high volumes of fake phishing websites exploiting their brands, and the problem seems to be increasing in scope and scale

• August 03, 2023 03 Aug'23

  Scottish NHS trust ducks fine after staff shared patient data via WhatsApp

  NHS Lanarkshire has been issued a formal reprimand by the ICO after staff members used WhatsApp to share patients’ personal data with one another

• August 03, 2023 03 Aug'23

  Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign

  Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims

• August 02, 2023 02 Aug'23

  Pig butchers caught using ChatGPT to con victims

  Romance scammers looking to con people out of their savings appear to be turning to generative AI tools to save time and effort

• August 01, 2023 01 Aug'23

  Singtel adds Zscaler SSE to managed security services portfolio

  Singtel teams up with Zscaler to offer a managed security service edge service as it looks to ramp up its enterprise business

• July 28, 2023 28 Jul'23

  Lancaster Uni lends cyber support to nuclear decommissioning body

  Lancaster University’s cyber team has joined with the Nuclear Decommissioning Authority to help support and protect its 300-year mission, while enhancing its own capabilities in the process

• July 28, 2023 28 Jul'23

  How Indian organisations are keeping pace with cyber security

  Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics

• July 27, 2023 27 Jul'23

  US cyber breach reporting rules to have global impact

  Organisations that operate as Foreign Private Issuers in the US will have to get to grips with strict new cyber breach reporting regulations handed down by the SEC in Washington

• July 27, 2023 27 Jul'23

  Meta results show impact of data fines and datacentre upgrade strategy

  The owner of Facebook is battling with regulators over transferring EU data to the US. It is also seeing less improvements on CPUs

• July 27, 2023 27 Jul'23

  Ant Group teams with NTU to advance privacy-preserving technologies

  The Chinese fintech giant is partnering with Singapore’s Nanyang Technological University on a cryptographic protocol that ensures the privacy of transacting parties

• July 25, 2023 25 Jul'23

  Tetra radio users’ comms may have been exposed for years

  A number of flaws in the encryption algorithms used in the secure Tetra radio communications standard have potentially left users exposed to snooping

• July 24, 2023 24 Jul'23

  Tribunal investigates complaint that journalists’ phones were unlawfully monitored

  The Investigatory Powers Tribunal has agreed to investigate complaints by Northern Ireland investigative journalists Trevor Birney and Barry McCaffrey that they were unlawfully placed under surveillance

• July 24, 2023 24 Jul'23

  Why cyber security should be part of your ESG strategy

  The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy

• July 21, 2023 21 Jul'23

  Government boosts protection for encryption in Online Safety Bill but civil society groups concerned

  House of Lords adopts amendment to require Ofcom to commission a report before requiring technology companies to scan encrypted messages, but drops proposals for judicial oversight

• July 20, 2023 20 Jul'23

  Online Safety Bill screening measures amount to ‘prior restraint’

  The Open Rights Group is calling on Parliament to reform the Online Safety Bill, on the basis that its content-screening measures would amount to “prior restraint” on freedom of expression

• July 20, 2023 20 Jul'23

  How the DSMA balances security and privacy with press freedom

  In a world of information sharing and 24-hour news cycles, the Defence and Security Media Advisory committee have to balance national security and data privacy with freedom of the press

• July 19, 2023 19 Jul'23

  Cyber criminal AI tool WormGPT produces ‘unsettling’ results

  A newly discovered generative AI tool dubbed WormGPT is being sold to the cyber criminal underground via the dark web, and poses a significant danger, researchers warn

• July 17, 2023 17 Jul'23

  Police Scotland use cloud for biometric data despite clear risks

  Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach...

• July 13, 2023 13 Jul'23

  MPs launch inquiry into government use of data

  The Public Administration and Constitutional Affairs Committee is to investigate the possibility of reforming the way government collects and analyses data, and whether the UK census could be scrapped

• July 12, 2023 12 Jul'23

  Ofcom’s online safety preparedness efforts hobbled by government

  Despite Ofcom’s progress so far, UK government changes to the scope and timetable of the Online Safety Bill are hobbling the ability of the regulator to successfully prepare for the new regime

• July 11, 2023 11 Jul'23

  EU formally grants data adequacy to US

  The European Commission has formally granted the US data adequacy, allowing companies and organisations to freely transfer personal data across the Atlantic via the EU-US Data Privacy Framework. But privacy activist Max Schrems has already committed...

• July 11, 2023 11 Jul'23

  Malicious URL volumes soar as cyber criminals pull on Threads

  Malicious actors have been quick to exploit the buzz around Meta’s newly launched Threads platform, with thousands of new suspicious domains registered exploiting its branding

• July 07, 2023 07 Jul'23

  Suspicious email reported every five seconds in UK

  National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year

• July 06, 2023 06 Jul'23

  VMware ramps up on sovereign cloud in APAC

  VMware is working with local partners to deliver sovereign cloud services in the region, amid growing sovereignty interests among governments and the need maintain business continuity

• July 06, 2023 06 Jul'23

  Biometrics watchdog calls for public space surveillance review

  The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double...

• July 06, 2023 06 Jul'23

  Meta’s Threads hits app stores, but no EU launch in sight

  Meta’s Twitter competitor makes its debut and signs up millions of users in just 12 hours, but concerns over compliance with the EU’s Digital Markets Act have sunk a pan-European launch for now

• July 05, 2023 05 Jul'23

  Germany: European Court of Justice hears arguments on lawfulness of EncroChat cryptophone evidence

  The European Court of Justice will decide whether the collection and sharing of data intercepted by law enforcement from EncroChat crypto phone network is compatible with European law

• July 05, 2023 05 Jul'23

  UK public increasingly concerned over NHS data sovereignty

  Amid security concerns and AI advances, a majority of the British public still trusts the NHS to store and analyse their health data, but would prefer it remains domiciled in the UK

• July 04, 2023 04 Jul'23

  EU judgment sinks Meta’s argument for targeted ads

  The EU Court of Justice has issued a significant judgment against Meta, ruling that national anti-trust bodies can investigate GDPR breaches, disrupting the platform’s entire basis for carrying out targeted advertising

• July 03, 2023 03 Jul'23

  Over half of ANZ organisations hit by ransomware

  Amid the rising ransomware threat, almost four in five organisations in ANZ expect to pay a ransom if they could recover data and business processes

• July 03, 2023 03 Jul'23

  BlackCat gang claims cyber attack on Barts NHS Trust

  Investigations continue into a claim by the ALPHV/BlackCat ransomware gang that it has stolen 7TB of data from Barts NHS Trust in London

• June 30, 2023 30 Jun'23

  NHS data stolen in Manchester Uni ransomware attack

  The ransomware gang behind the cyber attack on the University of Manchester appears to have got its hands on an NHS dataset being used by the university for research purposes

• June 29, 2023 29 Jun'23

  ‘Shadow’ AI use becoming a driver of insider cyber risk

  Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk

• June 27, 2023 27 Jun'23

  A tenth of kids claim they could hack you

  More and more young people are at risk of being drawn into cyber criminality, and parents must shoulder some of the blame, according to a report

• June 23, 2023 23 Jun'23

  ICO under fire for taking limited action over serious data breaches

  The ICO has come under fire from lawyers and data protection specialists for just issuing written warnings to two public bodies over serious data breaches that placed people’s lives at risk

• June 23, 2023 23 Jun'23

  Phishing and ransomware dominate Singapore’s cyber threat landscape

  Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene

• June 22, 2023 22 Jun'23

  Manchester University students threatened by ransomware gang

  Students and staff members at the University of Manchester are being pressurised by an unnamed ransomware gang

• June 19, 2023 19 Jun'23

  Nakivo adds ransomware scanning and new restore options

  Backup maker adds malware scanning with big names in security to immutable backup copy functionality. “Tape’s not dead” either, with restore from the venerable medium now possible

• June 15, 2023 15 Jun'23

  Clop begins naming alleged MOVEit victims

  Clop uploaded details of 12 new victims to its dark web leak site late on 14 June, many of them likely linked to the ongoing MOVEit cyber attack

• June 14, 2023 14 Jun'23

  Ransomware-stricken Capita to run Action Fraud successor

  A £50m deal to replace the Action Fraud service has been handed to PwC and Capita, which is facing investigations over its handling of customer data in a ransomware incident

• June 14, 2023 14 Jun'23

  Clop’s MOVEit ransom deadline expires

  A seven-day deadline set by Clop for victims of its latest attack to contact it to arrange payment passes today

• June 14, 2023 14 Jun'23

  Cyber attacks against APAC commerce sector surpass 1.1 billion

  Retailers, hotels and travel-related organisations in the region saw over a billion cyber attacks last year amid the surge in e-commerce activity and online travel bookings

• June 13, 2023 13 Jun'23

  Arnold Clark data leak victims prepare legal action

  More than 10,000 people who had their data stolen and leaked in a ransomware attack on the Arnold Clark car dealer network have signed up to a group legal action after facing elevated amounts of fraud

• June 12, 2023 12 Jun'23

  Progress Software releases patch for second MOVEit Transfer vulnerability

  Progress Software releases a patch for a second MOVEit Transfer issue, which was uncovered by third-party security specialist Huntress Security during post-incident code scanning

• June 09, 2023 09 Jun'23

  Extreme Networks emerges as victim of Clop MOVEit attack

  Network equipment and services supplier Extreme Networks has revealed its instance of Progress Software’s MOVEit tool was compromised in the ongoing Clop cyber attack

• June 09, 2023 09 Jun'23

  Barracuda ESG users told to throw away their hardware

  Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job

• June 09, 2023 09 Jun'23

  UK and US move closer to transatlantic data bridge deal

  The British and American governments have committed, in principle, to a new data bridge agreement that will ease the free flow of personal data across the Atlantic

• June 09, 2023 09 Jun'23

  University of Manchester hit by cyber attack

  The University of Manchester has been hit by a cyber attack of an undisclosed nature

• June 08, 2023 08 Jun'23

  CDEI publishes portfolio of AI assurance techniques

  The UK’s Centre for Data Ethics and Innovation has published a variety of case studies to show how different assurance techniques can build and maintain trust in artificial intelligence systems