Data breach incident management and recovery
-
News
19 Dec 2024
LockBit ransomware gang teases February 2025 return
An individual associated with the LockBit ransomware gang has broken cover to tease details of a new phase of the cyber criminal operation's activity, which they claim is set to begin in February 2025 Continue Reading
-
Opinion
19 Dec 2024
Innovation, insight and influence: the CISO playbook for 2025 and beyond
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s Continue Reading
-
News
12 Jun 2023
Progress Software releases patch for second MOVEit Transfer vulnerability
Progress Software releases a patch for a second MOVEit Transfer issue, which was uncovered by third-party security specialist Huntress Security during post-incident code scanning Continue Reading
-
News
09 Jun 2023
Extreme Networks emerges as victim of Clop MOVEit attack
Network equipment and services supplier Extreme Networks has revealed its instance of Progress Software’s MOVEit tool was compromised in the ongoing Clop cyber attack Continue Reading
-
News
09 Jun 2023
Barracuda ESG users told to throw away their hardware
Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job Continue Reading
-
News
09 Jun 2023
University of Manchester hit by cyber attack
The University of Manchester has been hit by a cyber attack of an undisclosed nature Continue Reading
-
News
08 Jun 2023
Vulnerability exploitation volumes up over 50% in 2022
Data from Palo Alto Networks’ Unit 42 threat intel specialists reveals insight into the scale of vulnerability exploitation in the wild Continue Reading
-
News
08 Jun 2023
Clop may have been sitting on MOVEit vulnerability for two years
The Clop cyber extortion gang may have been keeping the MOVEit SQL injection vulnerability they used to penetrate the systems of multiple victims secret for two years Continue Reading
-
News
07 Jun 2023
Clop cyber gang claims MOVEit attack and starts harassing victims
The Clop cyber extortion and ransomware operation is demanding organisations pay a ransom to avoid data stolen via an exploited vulnerability in a file transfer product being leaked Continue Reading
-
News
06 Jun 2023
Google launches hacker-backed SME security training scheme
Citing research that shows almost half of SMEs are struggling to recruit cyber security specialists, Google is launching a programme designed to upskill more people to fill thousands of vacant roles Continue Reading
-
News
06 Jun 2023
Victims of MOVEit SQL injection zero-day mount up
The BBC, Boots, and British Airways are among the victims of cyber incidents arising from a recently disclosed vulnerability in the MOVEit file transfer, exploitation of which is spreading fast Continue Reading
-
News
06 Jun 2023
Cyber spotlight falls on boardroom ‘privilege’ as incidents soar
Three quarters of data breaches now involve a significant human element, and the higher up they get in an organisation, the more risks people seem to take, according to Verizon’s annual Data Breach Investigations Report Continue Reading
-
Feature
31 May 2023
Why we need advanced malware detection with AI-powered tools
AI-powered cyber security tools have now developed to a point where they are becoming an effective approach to protecting the organisation. Learn how you can benefit from adopting them Continue Reading
-
News
30 May 2023
Downstream breaches of Capita customers spreading
As many as 90 organisations that used Capita services have now reported data breaches arising from various security incidents at the outsourcer Continue Reading
-
News
26 May 2023
Cisco joins growing Manchester cyber security hub
Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills Continue Reading
-
News
26 May 2023
Bumbling IT security analyst convicted of blackmail offences
A Hertfordshire man has been convicted of blackmail and other offences after piggybacking on an in-progress ransomware attack to try to defraud his employer, but failing to cover his tracks in any meaningful way Continue Reading
-
Opinion
26 May 2023
Five key steps where there is a risk of fraud investigation
When fraud investigators come knocking, there are some important ways in which management and senior IT professionals can make sure their company is best protected. Continue Reading
-
News
25 May 2023
Alert over Chinese cyber campaign targeting critical networks
A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence Continue Reading
-
News
24 May 2023
Almost all ransomware attacks target backups, says Veeam
Some 93% of ransomware attacks go for backups and most succeed, with 60% of those attacked paying the ransom, according to a Veeam survey Continue Reading
-
News
23 May 2023
Cohesity Turing aims AI tools at backup and ransomware
Backup supplier continues to enrich its ecosystem with more artificial intelligence for backup and ransomware, with chat-like reporting functions and new security partners in its alliance Continue Reading
-
E-Zine
23 May 2023
How to secure your software supply chain
In this week’s Computer Weekly, our latest buyer’s guide looks at secure coding, and kicks off by examining the challenges of securing your software supply chain. Cyber law enforcement leaders are calling on firms to end the secrecy around ransomware attacks. And we find out how facial recognition technology is being adopted by retailers. Read the issue now. Continue Reading
-
22 May 2023
Let’s open up and put an end to secrecy and cover-ups in ransomware attacks
The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them Continue Reading
-
19 May 2023
Data breaches in Australia on the rise, says OAIC
The Office of the Australian Information Commissioner reports that data breaches rose by 26% in the second half of 2022 Continue Reading
-
News
16 May 2023
NetApp to promise ransomware warranty payout
NetApp will recover data hit by ransomware or pay a warranty, and has added entry-level SAN arrays and full access to all NetApp software across its hardware families Continue Reading
-
News
16 May 2023
Scality pushes anti-ransomware features in Artesca object storage
Object storage specialist announces v2.0 of Artesca, with a heavy focus on functionality that can protect against ransomware such as object locking, sharding, backup to object etc Continue Reading
-
News
12 May 2023
Let’s put an end to secrecy and cover-ups in ransomware attacks
The NCSC and the ICO are calling for organisations to bite the bullet and be more open about cyber security and ransomware incidents, and the community is firmly behind them Continue Reading
-
News
12 May 2023
How Splunk is driving security automation
Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region Continue Reading
-
News
11 May 2023
Australia to shore up cyber and digital capabilities in Budget 2023
Australia is spending more than A$2bn to strengthen cyber resilience, improve digital government services and fuel AI adoption, among other areas, in its latest budget Continue Reading
-
News
10 May 2023
Black Basta ransomware attack to cost Capita over £15m
Exceptional costs arising from the March 2023 Black Basta ransomware attack on the systems of outsourcer Capita will be somewhere between £15m and £20m, the organisation says Continue Reading
-
News
10 May 2023
Nebulon aims Tripline at ransomware detection in storage
Tripline claims ransomware detection from samples every 30 seconds and works in conjunction with snapshots to deliver recovery from an attack in four minutes Continue Reading
-
News
10 May 2023
How datacentre operators can fend off cyber attacks
Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats Continue Reading
-
News
05 May 2023
Capita pension clients told data may have leaked
Capita has told trustees of some of the pension funds for which it provides outsourced services that their customer data may have been stolen by the Black Basta ransomware operation Continue Reading
-
News
04 May 2023
Inside BlackBerry’s cyber security playbook
BlackBerry’s president of cyber security discusses the company’s cyber security strategy and what it is doing to deliver an integrated set of capabilities for enterprises Continue Reading
-
News
03 May 2023
Cyber Action Plan for Wales launched
The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country Continue Reading
-
News
27 Apr 2023
Google Cloud seals bug that could have led to data breaches
The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed Continue Reading
-
News
26 Apr 2023
Researchers deal blow to Gootloader gang that supported REvil
Thousands of compromised WordPress blogs have been spreading the Gootloader malware for years, but eSentire’s security research team are turning the tables on the gang that played a key role in REvil ransomware attacks Continue Reading
-
News
26 Apr 2023
Ransomware gang exploiting unpatched Veeam backup products
Cyber criminals with links to multiple virulent ransomware strains are exploiting a recently disclosed vulnerability in Veeam’s Backup & Replication product, threat analysts have warned Continue Reading
-
News
25 Apr 2023
CISOs under-supported, under pressure, Trellix finds
The vast majority of CISOs say they are finding it difficult to get sign-off on the resources they need to do their job Continue Reading
-
Podcast
25 Apr 2023
Podcast: Ransomware, data protection and compliance
Ransomware is a huge and ever-present threat, but there are ways to avoid it and to mitigate its effects. We get key practical steps from Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
25 Apr 2023
Almost three-quarters of cyber attacks involve ransomware
Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware Continue Reading
-
News
21 Apr 2023
CyberUK 23: New advice on smart city security issued
The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities Continue Reading
-
News
20 Apr 2023
Bumblebee malware flies on the wings of Zoom and ChatGPT
Bumblebee malware, often used as a stepping stone to ransomware, is now spreading via trojanised installers for popular software applications Continue Reading
-
News
20 Apr 2023
UK Emergency Alert Test sparks cyber fraud warning
Fraudsters and scammers are likely to use the upcoming test of the UK's new mobile Emergency Alert system as bait in their attacks, while misinformation and conspiracy theories spread Continue Reading
-
News
20 Apr 2023
3CX incident may be world’s first double supply chain attack
It’s supply chain attacks all the way down as Mandiant publishes information suggesting that the 3CX software supply chain compromise was initiated via a prior software supply chain compromise Continue Reading
-
News
20 Apr 2023
Capita customer data was stolen in March ransomware attack
Capita says it has uncovered evidence of data exfiltration from a small proportion of its server estate following a cyber attack at the end of March Continue Reading
-
News
19 Apr 2023
CyberUK 23: Ukraine offers masterclass in withstanding cyber war
Russian cyber activity has seen an unprecedented evolution in scale and pace over the past year, but Ukraine’s resilience has enabled it to mount a masterful response, says the NCSC Continue Reading
-
News
19 Apr 2023
CyberUK 23: Irresponsible use of commercial hacking tools a rising threat
Commercial cyber tools and hackers-for-hire pose a growing threat to organisations and individuals worldwide, according to an NCSC report Continue Reading
-
News
19 Apr 2023
UK plc sees fewer cyber breaches and attacks, but lacks resilience
Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears poor Continue Reading
-
News
19 Apr 2023
CyberUK 23: NCSC launches Cyber Advisor service for SMEs
The UK’s NCSC has launched an industry assurance scheme designed to address the needs of SMEs, and is calling for potential advisors to step up and help out Continue Reading
-
News
19 Apr 2023
CyberUK 23: NCSC CEO calls for collaboration and warns against complacency
NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency Continue Reading
-
News
19 Apr 2023
Global finance firms take part in NATO cyber attack simulation
Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure Continue Reading
-
News
19 Apr 2023
CyberUK 23: Alert over mercenary Russian threat to CNI
Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned Continue Reading
-
News
18 Apr 2023
CyberUK 23: NCSC conference centres cyber collaboration
The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda Continue Reading
-
News
18 Apr 2023
UK presses on with post-Brexit data protection reform
The revised version of the Data Protection and Digital Information Bill has had its second reading in Parliament as the government presses on with post-Brexit changes, but critics remain sceptical that the EU will be convinced to maintain the UK's data adequacy agreement Continue Reading
-
News
17 Apr 2023
Restaurants hit by IT problems after BlackCat attack on supplier NCR
Ransomware attack on systems of payments giant causing service outages for restaurants around the world Continue Reading
-
News
17 Apr 2023
Charity data stolen in ransomware attack on supplier
A number of charities in Ireland and the UK have had their data compromised following a ransomware attack on an IT supplier Continue Reading
-
E-Zine
13 Apr 2023
CW EMEA: Under attack and stressed out
In this month's CW EMEA, we look at how cyber attacks are taking a toll on security professionals, damaging their mental health and forcing some to quit. We also look at Finland's allure for tech entrepreneurs, how software is enabling a new business model for a Swedish car manufacturer, and the importance of backup testing. Read the issue now. Continue Reading
-
News
11 Apr 2023
Anne Keast-Butler named as new director of GCHQ
The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ Continue Reading
-
News
11 Apr 2023
KFC, Pizza Hut data stolen in January ransomware attack
Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack Continue Reading
-
News
06 Apr 2023
Clop ransomware booms in March as Fortra zero-day pays off for gang
Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers Continue Reading
-
News
05 Apr 2023
Cops bust Genesis cyber crime marketplace
Multinational Operation Cookie Monster takes down Genesis Market, a crucial source of compromised data used by criminals for fraud and other cyber attacks Continue Reading
-
News
05 Apr 2023
Italy’s ChatGPT ban: Sober precaution or chilling overreaction?
Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms? Continue Reading
-
News
04 Apr 2023
TikTok fined in UK over unlawful use of children’s data
The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13 Continue Reading
-
News
04 Apr 2023
Threat researchers dissect anatomy of a Royal ransomware attack
Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022 Continue Reading
-
News
04 Apr 2023
Over 90% of organisations find threat hunting a challenge
Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report Continue Reading
-
News
03 Apr 2023
Australia’s media and telecoms sector saw most data breaches in 2022
The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture Continue Reading
-
News
03 Apr 2023
Three-day Capita outage was result of cyber attack
Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps Continue Reading
-
News
30 Mar 2023
NHS Highland rapped over data breach affecting HIV patients
NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene Continue Reading
-
News
30 Mar 2023
Reactive approach to cyber procurement risks damaging businesses
Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes Continue Reading
-
News
30 Mar 2023
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors Continue Reading
-
News
29 Mar 2023
New North Korean APT launders crypto to fund spying programmes
Mandiant has attributed an ongoing campaign of malicious activity to a newly designated APT that is engaged in the acquisition and laundering of cryptocurrency to fund the regime’s espionage activities Continue Reading
-
News
29 Mar 2023
How organisations can weaponise data privacy
Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner Continue Reading
-
News
28 Mar 2023
Microsoft expands AI Copilot project into security realm
New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams Continue Reading
-
News
28 Mar 2023
Inside Group-IB’s cyber security playbook
A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market Continue Reading
-
News
28 Mar 2023
Ransomware attacks up 45% in February, LockBit responsible
NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active Continue Reading
-
Definition
27 Mar 2023
triage in IT
Triage is a term referring to the assignment of priority levels to tasks or individuals to determine the most effective order in which to deal with them. Continue Reading
-
Definition
23 Mar 2023
forensic image
A forensic image (forensic copy) is a bit-by-bit, sector-by-sector direct copy of a physical storage device, including all files, folders and unallocated, free and slack space. Continue Reading
-
News
22 Mar 2023
Why Veeam thinks ransomware warranty payouts are unlikely
Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts Continue Reading
-
News
22 Mar 2023
Government launches seven-year NHS cyber strategy
The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike Continue Reading
-
News
21 Mar 2023
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat Continue Reading
-
News
21 Mar 2023
Hitachi Energy emerges as victim of Clop gang’s Fortra attack
The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe Continue Reading
-
News
21 Mar 2023
Ferrari rejects ransom demand after cyber attack
Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data Continue Reading
-
News
21 Mar 2023
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading
-
News
20 Mar 2023
NCSC launches cyber check-up tools for SMEs
The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack Continue Reading
-
News
16 Mar 2023
BEC attacks doubled in 2022, outstripping ransomware
Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading
-
News
16 Mar 2023
Rubrik customer, partner data exposed in possible Clop attack
Rubrik was supposedly compromised by the Clop ransomware gang via a zero-day vulnerability in a managed file transfer software package it uses Continue Reading
-
News
15 Mar 2023
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
-
News
08 Mar 2023
How ForgeRock is tackling identity management
ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy Continue Reading
-
Feature
07 Mar 2023
What can security teams learn from a year of cyber warfare?
With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading
-
News
07 Mar 2023
APAC IT leaders bullish on tech spending
Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas Continue Reading
-
Podcast
06 Mar 2023
Podcast: 2023 compliance and storage outlook
Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
01 Mar 2023
Data breaches in Australia on the rise, says OAIC
Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner Continue Reading
-
News
28 Feb 2023
LastPass attack saw employee’s home computer hacked
The ongoing investigation into a series of linked security incidents at LastPass has found that the attacker was successfully able to compromise a developer’s home PC using a vulnerability in a media software package Continue Reading
-
News
24 Feb 2023
Royal Mail stands firm as LockBit leaks data and renews ransom demand
The LockBit ransomware gang has made good on its threat to leak data exfiltrated from Royal Mail’s systems, but the postal service is not entertaining the possibility of giving in Continue Reading
-
News
23 Feb 2023
WithSecure proposes ‘undo’ button for ransomware
WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening Continue Reading
-
News
22 Feb 2023
UK forces lead live-fire cyber war exercise
The seven-day Defence Cyber Marvel 2 exercise put cyber responders from 11 countries through their paces Continue Reading
-
News
22 Feb 2023
Researchers find new bug ‘class’ in Apple devices
A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix Continue Reading
-
News
21 Feb 2023
Royal Mail resumes full export service after cyber attack
Royal Mail resumes the last of its international services as it recovers from a ransomware attack, while the Post Office offers postmasters compensation for their lost business Continue Reading
-
News
20 Feb 2023
Singapore organisations struggle to operationalise threat intelligence
Organisations in the city-state were satisfied with the quality of their threat intelligence, but they struggled to operationalise the information due to talent shortages and other challenges Continue Reading
-
News
16 Feb 2023
Financial advisory firm Succession Wealth probes cyber attack
Aviva-owned wealth consultancy and financial advisory practice Succession Wealth was hit by an undisclosed security incident on 8 February Continue Reading
-
Opinion
16 Feb 2023
Security Think Tank: New trends and drivers in cyber security training
Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading
-
Opinion
15 Feb 2023
What charities should know about ransomware and reputational threats
The NCSC recently called for charities to elevate their cyber security practice. Find out why charities are a soft target for cyber criminals, and what they can do to fight back Continue Reading