Hackers and cybercrime prevention
-
News
21 Oct 2024
Can AI be secure? Experts discuss emerging threats and AI safety
International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence Continue Reading
-
Feature
15 Oct 2024
Reinventing security operations for the modern threat landscape
The growing pace of digital transformation has opened new avenues for attackers, making traditional security measures obsolete. Organisations must modernise their security operations to fortify their defences and navigate the evolving threat landscape Continue Reading
-
News
09 Apr 2021
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
- Definition 08 Apr 2021
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
-
News
07 Apr 2021
Unpatched SAP applications are target-rich ground for hackers
Report from SAP and cyber threat research company Onapsis warns that hackers are attacking mission-critical SAP business applications that contain unpatched vulnerabilities Continue Reading
-
News
06 Apr 2021
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
-
Definition
06 Apr 2021
side-channel attack
A side-channel attack is a security exploit that aims to gather information from or influence the program execution of a system by measuring or exploiting indirect effects of the system or its hardware -- rather than targeting the program or its code directly. Continue Reading
-
News
01 Apr 2021
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities Continue Reading
-
Feature
31 Mar 2021
How to build a honeypot to increase network security
Create a honeypot that will trap attackers and monitor their activities to enhance your organization's network security. This step-by-step guide takes you through the process. Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
Blog Post
30 Mar 2021
New cyberthreats remind us of the need for hyper-vigilance
This is a guest post by Kerry Singleton, managing director for cyber security at Cisco Asia-Pacific, Japan and China In recent weeks, we’ve seen a number of significant cybersecurity threats ... Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
26 Mar 2021
Leading Israeli IoT firm lands in US as worldwide malware attacks surge
With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential Continue Reading
-
News
26 Mar 2021
‘Major’ security flaw detected in 5G core network slicing design
Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
25 Mar 2021
Facebook disrupts Chinese espionage operation
Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority Continue Reading
-
News
25 Mar 2021
More than £34.5m stolen in pandemic scams over past year
City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations Continue Reading
-
News
24 Mar 2021
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
-
News
24 Mar 2021
Apparent drop in cyber incidents highlights underlying problems
UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report Continue Reading
-
News
24 Mar 2021
UK faces significant cyber talent shortfall
Cyber security sector is struggling to attract the talented workforce it needs Continue Reading
-
News
24 Mar 2021
Cyber criminals forging Covid-19 vaccine certificates
Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon Continue Reading
-
Feature
24 Mar 2021
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
Opinion
23 Mar 2021
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
E-Zine
23 Mar 2021
Would the UK really nuke a cyber attacker?
In this week’s Computer Weekly, did the UK’s defence and security review really suggest a nuclear response to a cyber attack? Data visualisation has been widely used to explain the Covid-19 pandemic, but not always that effectively. And jewellery retailer Pandora explains how it kept the personal touch as customers went online. Read the issue now. Continue Reading
-
News
22 Mar 2021
$50m ransomware demand on Acer is highest ever
Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
19 Mar 2021
Security Think Tank: Properly protecting CNI demands specificity
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
18 Mar 2021
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Average ransomware cost triples, says report
The average amount paid out by ransomware victims has grown almost threefold to more than $300,000 per incident, according to a report Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
News
15 Mar 2021
UK plans ‘full spectrum’ approach to national cyber security
PM Boris Johnson expands on proposed National Cyber Force and plans to set up a north of England Cyber Corridor Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
Opinion
15 Mar 2021
Security Think Tank: CNI operators are in an unenviable position
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
-
News
12 Mar 2021
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
-
News
12 Mar 2021
Brewer Molson Coors targeted in cyber attack
Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers Continue Reading
-
Opinion
12 Mar 2021
Security Think Tank: US security efforts may centre on collaboration
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Mar 2021
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
-
News
11 Mar 2021
After Emotet takedown, Trickbot roars up threat charts
Malicious actors are turning to new tricks as Emotet fades away Continue Reading
-
News
11 Mar 2021
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading
-
E-Zine
11 Mar 2021
CW Europe: Nordic tech startups create blueprint for post-Covid working environment
Business can learn lessons from Nordic tech startups to prepare employees to return to the office after Covid restrictions end. Also read why Netherlands police need a training ‘roadmap’ to get them up to speed to tackle cyber crime. Continue Reading
-
News
10 Mar 2021
Patch Tuesday overshadowed by Microsoft Exchange attacks
Microsoft’s March Patch Tuesday update drops amid ongoing fall-out from widespread Exchange attacks Continue Reading
-
News
09 Mar 2021
Significant jump in number of hackers reporting vulnerabilities to companies
Since the onset of the Covid-19 pandemic, the number of hackers reporting security vulnerabilities and bugs to enterprises has increased by nearly two-thirds Continue Reading
-
News
09 Mar 2021
EBA restores services after Microsoft Exchange attack
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online Continue Reading
-
E-Zine
09 Mar 2021
Are you ready to return to the office?
In this week’s Computer Weekly, a year after lockdown began, we look at employers’ changing attitudes to returning to the workplace. We find out how the software developer community has coped during the Covid-19 pandemic. And we examine the cyber security concerns prompted by latest social media craze, Clubhouse. Read the issue now. Continue Reading
-
News
08 Mar 2021
US teases retaliation over state-backed cyber attacks
Consequences for alleged perpetrators of the SolarWinds attack are expected within the next few weeks Continue Reading
-
News
05 Mar 2021
Williams F1 car launch disrupted by data leak
Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack Continue Reading
-
News
05 Mar 2021
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago Continue Reading
-
Feature
05 Mar 2021
Dealing with the challenge of beg bounties
The rise of so-called beg bounties is becoming a challenge for security teams, and can be a drain on time and resources. But what is a beg bounty, and how does it differ from a bug bounty? Continue Reading
-
News
05 Mar 2021
Singapore Airlines the latest victim of supply chain attack
A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system Continue Reading
-
News
04 Mar 2021
Microsoft Exchange CVEs more widely exploited than thought
US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer Continue Reading
-
News
04 Mar 2021
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product Continue Reading
-
News
04 Mar 2021
Veritas looks beyond NetBackup for growth in ASEAN
Veritas has seen increased demand for its availability tools as it looks to address backup and recovery requirements from cloud, database and VMware workloads Continue Reading
-
Tip
03 Mar 2021
Technical controls to prevent business email compromise attacks
Technical controls are at the heart of preventing successful business email compromise attacks. Learn about those and extra considerations to keep your business secure. Continue Reading
-
News
03 Mar 2021
Emergency patch addresses MS Exchange Server zero-days
Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server Continue Reading
-
Blog Post
02 Mar 2021
A sobering reminder for more vigilant supply chain security
This is a guest post by Gaurav Chhiber, vice-president of Asia-Pacific and Japan at IronNet Cybersecurity The recent and unfolding news about the Russian APT 29, or Cozy Bear, SolarWinds breach is ... Continue Reading
-
News
26 Feb 2021
Cyber extortionist threatened to bomb NHS targets
A German court has convicted a 33-year-old Italian man for making extortion and bomb threats against NHS hospitals at the height of the Covid-19 pandemic’s first wave last year Continue Reading
-
News
25 Feb 2021
NCSC Cyber Action Plan emphasises SME security
NCSC self-assessment tool launched to help sole traders and micro-businesses tackle their cyber security challenges Continue Reading
-
News
25 Feb 2021
Npower shuts off app after credential stuffing attack
Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach Continue Reading
-
News
25 Feb 2021
MHRA and other agencies to offer new resources for scam victims
New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance Continue Reading
-
News
24 Feb 2021
Transport for NSW hit by Accellion breach
Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system Continue Reading
-
News
24 Feb 2021
Babuk ransomware unsophisticated, but highly dangerous
Intelligence gathered through McAfee’s Mvision service reveals more insight into the emerging Babuk ransomware Continue Reading
-
News
24 Feb 2021
Bombardier is latest victim of Accellion supply chain attack
Canadian aviation company joins the growing list of Accellion breach victims Continue Reading
-
News
24 Feb 2021
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack Continue Reading
-
Opinion
23 Feb 2021
Rogue drones beware: We’re here to ground you
Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office Continue Reading
-
News
23 Feb 2021
XDR makes cyber a Stroll in the park for Aston Martin F1
Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet Continue Reading
-
News
23 Feb 2021
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland Continue Reading
-
News
22 Feb 2021
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem Continue Reading
-
21 Feb 2021
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation-state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
News
19 Feb 2021
NCSC cyber defence scheme blocked thousands of scams in 2019
The NCSC has reported another productive year for its Active Cyber Defence programme Continue Reading
-
News
19 Feb 2021
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger Continue Reading
-
News
18 Feb 2021
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy Continue Reading
-
News
17 Feb 2021
North Korean Lazarus Group hackers indicted in US
Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures Continue Reading
-
News
17 Feb 2021
Egregor ransomware arrests confirmed
Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware Continue Reading
-
Quiz
17 Feb 2021
Malware quiz: Test your knowledge of types and terms
Malware trends are constantly evolving, but older techniques are still often used in cyber attacks today. Test your knowledge of existing and emerging threats in this malware quiz. Continue Reading
-
News
17 Feb 2021
Law firm and cyber criminals clash over source of stolen data
Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees Continue Reading
-
News
16 Feb 2021
North Korea accused of Pfizer Covid vaccine cyber attack
South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour Continue Reading
-
News
16 Feb 2021
RDP, SSH exposures off the charts thanks to remote working
The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report Continue Reading
-
News
16 Feb 2021
Egregor ransomware associates arrested amid disruption
Undisclosed number of arrests made in Ukraine after investigators tracked bitcoin ransom payments Continue Reading
-
Opinion
16 Feb 2021
Security Think Tank: Towards a united state of security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
16 Feb 2021
Batman Begins cyber attack a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services Continue Reading
-
E-Zine
16 Feb 2021
How Covid-19 has hit IT salaries and job prospects
In this week’s Computer Weekly, our salary survey reveals the impact of the coronavirus pandemic on IT professionals’ wages and job security. A potentially deadly cyber attack on a US water plant highlights the risks to critical infrastructure. And we find out how NHS Scotland is using tech to support its vaccine roll-out. Read the issue now. Continue Reading
-
News
15 Feb 2021
NCSC recognises UK’s top cyber schools
National Cyber Security Centre CyberFirst Schools initiative has handed out 14 gold, silver and bronze awards recognising excellence in cyber security teaching Continue Reading
-
Opinion
15 Feb 2021
Security Think Tank: Renewed US stability may ease cyber tensions
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
Opinion
12 Feb 2021
Security Think Tank: Biden must address insider security threat first
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
Tip
11 Feb 2021
Use business email compromise training to mitigate risk
Effective BEC training can prevent scams designed to exploit the brain's automatic responses. It starts by teaching employees to slow down and make the unconscious conscious. Continue Reading
-
News
11 Feb 2021
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy Continue Reading
-
News
11 Feb 2021
Low-complexity CVEs a growing concern
Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments Continue Reading
