Data breach incident management and recovery
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
17 Jul 2020
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come Continue Reading
-
News
16 Jul 2020
Russian state hackers attacking Covid-19 researchers
Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world Continue Reading
-
News
16 Jul 2020
Cryptocurrency scammers attack Twitter in insider breach
Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam Continue Reading
-
News
16 Jul 2020
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic Continue Reading
-
News
15 Jul 2020
Video providers slammed by credential stuffing attacks
Attacks on the media sector are spiking as cyber criminals try to gain access to valuable consumer accounts Continue Reading
-
News
14 Jul 2020
Recon vulnerability puts thousands of SAP customers at risk
Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems Continue Reading
-
News
14 Jul 2020
‘Name-and-shame’ ransomware attacks increasing in prevalence
Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research Continue Reading
-
News
14 Jul 2020
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country Continue Reading
-
Opinion
13 Jul 2020
Security Think Tank: Ignore AI overheads at your peril
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
News
13 Jul 2020
NCSC launches pen testing service for remote workers
An expansion to the successful Exercise in a Box toolkit will enable SMEs to probe the cyber security defences of remote workers Continue Reading
-
News
09 Jul 2020
Clearview AI faces ICO investigation over facial recognition
Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices Continue Reading
-
News
09 Jul 2020
Most finance firms are multicloud, but many are unprepared for public cloud cyber attacks
Financial services firms are moving to the cloud at pace, but many are uncertain whether they could cope with an attack on an application based in the public cloud Continue Reading
-
News
09 Jul 2020
More Joker malware apps chucked off Google Play Store
Infamous Joker billing fraud malware continues to sneak past Google’s security controls Continue Reading
-
News
08 Jul 2020
Over 15 billion credentials for sale on dark web
Research by Digital Shadows reveals the scale of the security threat facing consumers as it uncovers 15 billion usernames and passwords stolen in more than 100,000 different data breaches Continue Reading
-
News
07 Jul 2020
Cyber4Summer scheme to divert young people from cyber crime
Cyber4Summer platform will offer 100 different tracks covering a range of security skills to divert them from falling into a life of cyber crime Continue Reading
-
News
07 Jul 2020
MSP Xchanging attacked in ransomware incident
Specialist managed services provider is restoring customer access to systems after an unspecified ransomware incident Continue Reading
-
News
06 Jul 2020
Lorca scale-ups bring diverse security to the fore
London Office for Rapid Cybersecurity Advancement announces the cyber security scale-ups that will make up its fifth cohort Continue Reading
-
News
06 Jul 2020
North Korea behind spate of Magecart attacks
The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec Continue Reading
-
News
02 Jul 2020
Cops take out encrypted comms to disrupt organised crime
The UK’s National Crime Agency, alongside other law enforcement agencies in France and the Netherlands, have busted illicit arms and drugs rings after disabling an encrypted comms platform Continue Reading
-
News
02 Jul 2020
Locked-down teens flock to NCSC CyberFirst training scheme
A record number of 14 to 17-year-olds have signed up to the National Cyber Security Centre’s CyberFirst summer school Continue Reading
-
News
02 Jul 2020
Sodinokibi gang begins dark web celebrity data auctions
Group claims to be auctioning confidential legal data on pop stars Mariah Carey, Nicki Minaj and basketball player LeBron James Continue Reading
-
News
01 Jul 2020
UK’s unsung cyber security heroes sought
Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards Continue Reading
-
News
30 Jun 2020
Australia to invest a record A$1.35bn in cyber security
The Australian government is making its largest ever investment in cyber security over the next decade to identify cyber threats, disrupt foreign cyber criminals and build new capabilities Continue Reading
-
News
30 Jun 2020
ReversingLabs makes over 100 Yara rules publicly available
Threat intelligence specialist is making its IP available on GitHub to support malware hunters in their work Continue Reading
-
News
30 Jun 2020
BNP Paribas uses biometrics to increase contactless payment limit
French bank BNP Paribas is enabling customers to make higher value contactless payments through fingerprint-recognition technology Continue Reading
-
News
29 Jun 2020
Phishing back in vogue as ransomware vector
Researchers have observed an increase in phishing as a means to deliver ransomware payloads – and organisations don’t appear to be prepared Continue Reading
-
News
29 Jun 2020
Evil Corp’s latest ransomware project spreading fast
A new ransomware strain dubbed WastedLocker is spreading rapidly and targeting major corporations Continue Reading
-
News
29 Jun 2020
Making the case for cloud-based security
Cloud-based security tools can hasten threat detection and response, but adoption will depend on where an enterprise is on the cloud readiness scale Continue Reading
-
News
29 Jun 2020
Out of date security laws leave UK plc at risk during pandemic
The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws Continue Reading
-
Opinion
26 Jun 2020
Australian government has failed on cyber security
The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries Continue Reading
-
News
24 Jun 2020
Brits will sell their personal data for pennies
Surprising findings from an Okta report on digital identity suggest Brits would be willing to part with valuable personal data for a surprisingly low amount Continue Reading
-
News
23 Jun 2020
Neurodiversity on the rise among career hackers
More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd Continue Reading
-
News
23 Jun 2020
Twitter contacts business users over data exposure
Issue relates to how web browsers cached confidential data entered in Twitter’s ads and analytics services, but is unlikely to have resulted in compromise Continue Reading
-
News
21 Jun 2020
APAC still hotbed for cyber attacks
Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds Continue Reading
-
News
19 Jun 2020
Australian prime minister confirms country is suffering repeated nation-state cyber attacks
Concern over critical national infrastructure as cyber attackers repeatedly try to gain access to network of organisations operating in multiple sectors Continue Reading
-
E-Zine
18 Jun 2020
CW APAC: Trend Watch – data protection
Asia-Pacific organisations see the importance of having good data protection practices, even as they are still grappling with organisational and operational challenges. In this handbook, Computer Weekly looks at the different levels of preparedness across the region and what firms can do to plug any gaps. Continue Reading
-
News
17 Jun 2020
Cosmetics company Avon offline after cyber attack
Representatives left unable to place orders after company’s back-end systems went offline over a week ago Continue Reading
-
News
15 Jun 2020
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March Continue Reading
-
News
14 Jun 2020
Coronavirus: Enterprise VPN adoption in India set to rise
Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData Continue Reading
-
News
12 Jun 2020
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed Continue Reading
-
News
12 Jun 2020
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors Continue Reading
-
E-Zine
11 Jun 2020
CW Europe: 5G rush in Russia
Russian mobile operators are pooling their resources to help them overcome the technical challenges of creating 5G networks. Also read why Swedbank is rebuilding its anti-money laundering systems, and how a public-private partnership in the Netherlands is combating business email compromise fraud. Continue Reading
-
News
10 Jun 2020
Unsecured Elasticsearch server breached in eight hours flat
Comparitech’s Bob Diachenko wanted to find out how long it would take for hackers to find and attack an unsecured, public internet-facing database, so he set up a honeypot Continue Reading
-
News
10 Jun 2020
Virtual GP practice accidentally exposes patient video calls
A small number of users of Babylon’s GP at Hand service were briefly able to view other patients’ video GP consultations thanks to a bug in a new software feature Continue Reading
-
News
10 Jun 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm Continue Reading
-
News
09 Jun 2020
Honda investigates suspected Snake ransomware attack
Attack disrupts global operations at carmaker, with assembly lines falling silent and sales suspended Continue Reading
-
News
09 Jun 2020
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data Continue Reading
-
News
04 Jun 2020
Dutch organisations invest heavily in compliance – but in vain
Despite the fact that companies in the Netherlands have invested heavily to comply with GDPR legislation introduced two years ago, 90% of them are still discovering fundamental weaknesses in their IT environment Continue Reading
-
News
04 Jun 2020
Data privacy groups pile in on UK contact-tracing app
UK-based digital privacy and free speech campaigning organisation files complaint with the Information Commissioner’s Office about contact-tracing app Continue Reading
-
News
03 Jun 2020
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic? Continue Reading
-
Opinion
02 Jun 2020
A view from the SOC: Maintaining security capabilities during the pandemic
What are the challenges of maintaining security event and incident detection capabilities in these challenging times? Continue Reading
-
News
01 Jun 2020
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending Continue Reading
-
News
29 May 2020
Test and Trace has not passed data protection impact assessment
Public Health England failed to complete the required impact assessment before launching the Covid-19 Test and Trace programme Continue Reading
-
News
29 May 2020
Singapore’s contact-tracing app tops privacy study
Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds Continue Reading
-
Opinion
27 May 2020
Australia is painting a big red cyber target on its critical infrastructure
Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems Continue Reading
-
Feature
27 May 2020
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
E-Zine
26 May 2020
Can Lady Gaga and Madonna get people to take IT security seriously?
In this week’s Computer Weekly, after hackers threatened to release data from a US law firm’s celebrity clients, will people finally take cyber security seriously? Designing software for older users makes systems better for all – we examine how. And the IT chief at TSB explains how the bank recovered from its 2018 IT disaster. Read the issue now. Continue Reading
-
News
25 May 2020
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading
-
News
22 May 2020
EasyJet to be sued over customer data breach
If successful, airline’s potential liability for the loss of millions of customer records could be as high as £18bn Continue Reading
-
Opinion
22 May 2020
Identification and access management: some possible futures
Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading
-
News
20 May 2020
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading
-
News
20 May 2020
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading
-
News
19 May 2020
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading
-
News
19 May 2020
GDPR wholly inappropriate to govern contact-tracing data
Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app Continue Reading
-
News
19 May 2020
Doubts mount over effectiveness of UK contact-tracing app
Studies from BCS and Anomali reveal that a significant proportion of the UK population is not prepared to download the Covid-19 contact-tracing app Continue Reading
-
News
19 May 2020
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading
-
News
19 May 2020
Sodinokibi cyber criminals plot to ‘auction’ Madonna data
The cyber criminal gang behind a recent attack on a New York law firm is planning to auction off its client data, one person at a time Continue Reading
-
Blog Post
19 May 2020
Blue tooth, not privacy, is the problem with NHSX
He would never enable Bluetooth on a mobile phone because of its inherent security problems. It is unclear how many of these have been fixed with the latest releases. But some are unlikely to be ... Continue Reading
-
News
19 May 2020
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading
-
Feature
18 May 2020
Malaysia’s data protection practices still have some way to go
Some Malaysian firms are not using data protection tools to the fullest potential, while others only think about data protection after a breach Continue Reading
-
Blog Post
17 May 2020
Protecting Data or “Saving Lives; Saving Livelihoods”: Which comes first in a post Covid World?
Almost every nation except for those which already had them as a legacy of SARS (e.g. Singapore, South Korea and Taiwan) has had to move fast to produce computer systems that will help support a ... Continue Reading
-
News
15 May 2020
Questions raised after UK’s electrical grid shrugs off cyber attack
Attack on Elexon was resolved within hours with no impact on the national electricity supply, but it could have been much worse Continue Reading
-
News
15 May 2020
Law firm hackers threaten to release dirt on Trump
A new ransom demand of $42m has been made against New York law firm Grubman, Shire, Meiselas and Sacks, and it may be the largest ever, say security experts Continue Reading
-
News
14 May 2020
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading
-
News
13 May 2020
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading
-
Podcast
13 May 2020
Podcast: UK SME planning and compliance for ‘the new normal’
We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading
-
Opinion
13 May 2020
Security Think Tank: Burnt out CISOs are a huge cyber risk
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
13 May 2020
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading
-
News
13 May 2020
Can Lady Gaga and Madonna get people to take security seriously?
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers Continue Reading
-
News
12 May 2020
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading
-
News
12 May 2020
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading
-
Opinion
12 May 2020
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
12 May 2020
APAC firms still coming to grips with data protection
More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain Continue Reading
-
News
12 May 2020
Maze ransomware attack will cost Cognizant at least $50m to $70m
Cognizant’s clients cut off the IT supplier’s access to their networks to contain a Maze ransomware attack – effectively putting projects on hold Continue Reading
-
News
12 May 2020
How Australian firms can plug data protection gaps
Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene Continue Reading
-
News
11 May 2020
Pitney Bowes hit by Maze in second ransomware attack in a year
Shipping services firm falls victim to Maze ransomware just seven months after a previous major attack Continue Reading
-
News
07 May 2020
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading
-
News
06 May 2020
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading
-
Feature
05 May 2020
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
News
05 May 2020
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading
-
News
05 May 2020
GoDaddy owns up to October 2019 data breach
Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts Continue Reading
-
News
05 May 2020
Building security and privacy into contact-tracing apps
Governance and data decentralisation are among measures that organisations can take to allay security and privacy concerns over contact-tracing apps, according to RSA Continue Reading
-
News
04 May 2020
Xen Orchestra latest victim of Salt cryptojackers
More victims of cyber criminals exploiting two critical Salt vulnerabilities are coming forward Continue Reading
-
News
04 May 2020
NHSX contact-tracing app needs legislative oversight
Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app Continue Reading
-
News
04 May 2020
Blogging platform Ghost hacked through Salt vulnerability
Publishing service’s network was taken over by illicit cryptominers after failing to patch a critical vulnerability Continue Reading
-
News
04 May 2020
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study Continue Reading
-
News
04 May 2020
Research institutes warn of necessity for UK contact-tracing app to link to testing
BCS and Cass Business School call for proposed UK contact-tracing app not to be launched without alignment to testing and warns that without this link, NHS will not be able to “big data” its way out of “no data” situation Continue Reading
-
Opinion
01 May 2020
Why you should think before you Zoom
Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential Continue Reading
-
News
30 Apr 2020
Cyber security skills courses go online during pandemic
The government is turning to online learning to find the next generation of cyber security talent Continue Reading
-
News
30 Apr 2020
Critical SaltStack vulnerability affects thousands of datacentres
Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away Continue Reading