Security policy and user awareness
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
News
04 Mar 2021
Progress towards gender equality in cyber still slow
The cyber security sector is making painfully slow progress towards gender equality, according to a report Continue Reading
-
News
03 Mar 2021
Emergency patch addresses MS Exchange Server zero-days
Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server Continue Reading
-
Feature
01 Mar 2021
Malware researcher speculates on the future of ransomware
Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals. Continue Reading
-
Guide
01 Mar 2021
Essential guide to operation-centric security
To stay ahead of cyber attackers, IT security teams need to take an operation-centric approach, to offer a real-time picture of activity across their estate. Continue Reading
-
Blog Post
28 Feb 2021
Making sense of the UK Cybersecurity Sector
The UK cybersecurity industry is heavily concentrated. Only 150 suppliers, employing 2/3rd of the work force are large enough to provide realistic in-house work experience for trainees/apprentices. ... Continue Reading
-
News
25 Feb 2021
NCSC Cyber Action Plan emphasises SME security
NCSC self-assessment tool launched to help sole traders and micro-businesses tackle their cyber security challenges Continue Reading
-
News
25 Feb 2021
GCHQ sets out rules of the road for AI in cyber
A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security Continue Reading
-
News
25 Feb 2021
Npower shuts off app after credential stuffing attack
Npower customers will have to log in to their accounts on its website after its app was withdrawn following a security breach Continue Reading
-
News
25 Feb 2021
MHRA and other agencies to offer new resources for scam victims
New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance Continue Reading
-
News
24 Feb 2021
Transport for NSW hit by Accellion breach
Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system Continue Reading
-
News
24 Feb 2021
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design Continue Reading
-
News
24 Feb 2021
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it Continue Reading
-
News
24 Feb 2021
Babuk ransomware unsophisticated, but highly dangerous
Intelligence gathered through McAfee’s Mvision service reveals more insight into the emerging Babuk ransomware Continue Reading
-
News
24 Feb 2021
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack Continue Reading
-
Opinion
23 Feb 2021
Rogue drones beware: We’re here to ground you
Eugene Kaspersky exclusively lifts the lid on a mysterious, shiny device that’s been sitting in his office Continue Reading
-
News
23 Feb 2021
AI powers reputational damage insurance policy
Reputational damage has an immediate impact on a company’s share price, and brand loyalty built over many years can be lost in an instant Continue Reading
-
News
23 Feb 2021
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland Continue Reading
-
News
22 Feb 2021
Microphones, smartphones, laptops among items stolen from BBC
A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers Continue Reading
-
News
22 Feb 2021
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem Continue Reading
-
News
19 Feb 2021
NCSC cyber defence scheme blocked thousands of scams in 2019
The NCSC has reported another productive year for its Active Cyber Defence programme Continue Reading
-
News
19 Feb 2021
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger Continue Reading
-
News
18 Feb 2021
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy Continue Reading
-
News
17 Feb 2021
Security pros agree: We need to take a break
As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so Continue Reading
-
News
17 Feb 2021
Emotional intelligence, empathy increasingly valued in CISOs
The pandemic has highlighted the value of soft skills, rather than technical ones, in security Continue Reading
-
Opinion
16 Feb 2021
Security Think Tank: Towards a united state of security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
15 Feb 2021
NCSC recognises UK’s top cyber schools
National Cyber Security Centre CyberFirst Schools initiative has handed out 14 gold, silver and bronze awards recognising excellence in cyber security teaching Continue Reading
-
Opinion
15 Feb 2021
Security Think Tank: Renewed US stability may ease cyber tensions
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
Opinion
12 Feb 2021
Security Think Tank: Biden must address insider security threat first
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
Tip
11 Feb 2021
Use business email compromise training to mitigate risk
Effective BEC training can prevent scams designed to exploit the brain's automatic responses. It starts by teaching employees to slow down and make the unconscious conscious. Continue Reading
-
News
11 Feb 2021
Future security stars shine in first round of CyberFirst Girls contest
There were more than 6,500 participants in the opening heats of the National Cyber Security Centre’s CyberFirst Girls competition this year Continue Reading
-
Feature
11 Feb 2021
Is it time to ban ransomware insurance payments?
The former head of the NCSC recently called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments. Is he on the right track? Continue Reading
-
Opinion
11 Feb 2021
Security Think Tank: Biden’s team can make a difference on security
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Feb 2021
Singtel falls prey to supply chain attack
The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack Continue Reading
-
News
10 Feb 2021
Dating app users warned to watch out for scammers
A vast amount of money was lost to romance scammers last year, and with millions of people isolated in lockdown the problem is getting worse, according to a report Continue Reading
-
News
10 Feb 2021
HelloKitty almost certainly behind CD Projekt ransomware attack
Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis Continue Reading
-
News
10 Feb 2021
Windows 10, Server 2019 users must patch serious zero-day
Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update Continue Reading
-
News
10 Feb 2021
Sim-swapping crooks targeted celebrities, influencers
Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims Continue Reading
-
Opinion
10 Feb 2021
Security Think Tank: UK well-placed to work with Biden on cyber
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
09 Feb 2021
Data breaches are a ticking timebomb for consumers
Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure Continue Reading
-
News
09 Feb 2021
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services Continue Reading
-
News
09 Feb 2021
NHS reports fewer phishing emails in 2020
The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020 Continue Reading
-
Opinion
09 Feb 2021
Security Think Tank: Biden has a chance to renew cyber alliances
As President Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard? Continue Reading
-
News
08 Feb 2021
UK Cyber Security Council to take charge of skills strategy
New government-backed body will be set up to boost careers opportunities and professional standards in the cyber security sector Continue Reading
-
News
08 Feb 2021
Too few UK organisations offering cyber training for remote work
Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers Continue Reading
-
News
05 Feb 2021
EncroChat: Appeal court finds ‘digital phone tapping’ admissible in criminal trials
Appeal Court decides EncroChat-encrypted phone records can be used in criminal trials. Critics say the decision means phone tapping no longer has a ‘clear meaning in the digital age’ Continue Reading
-
News
05 Feb 2021
Google Chrome update to patch serious zero-day
A serious heap buffer overflow vulnerability means Google Chrome users should patch their browsers as soon as possible Continue Reading
-
News
05 Feb 2021
Financial regulatory body bombarded with malicious emails
New disclosures reveal the FCA’s systems bounced almost a quarter of a million malicious emails in a three-month period Continue Reading
-
News
05 Feb 2021
Security firm Stormshield loses source code in cyber attack
Source code from two products developed by French cyber security firm was compromised in a December 2020 incident Continue Reading
-
News
04 Feb 2021
SolarWinds chases multiple leads in breach investigation
Investigators at SolarWinds are exploring multiple theories as to how the company’s systems were compromised Continue Reading
-
News
04 Feb 2021
Fraud and cyber crime still vastly under-reported
The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate Continue Reading
-
Tip
03 Feb 2021
Design a human firewall training program in 5 steps
Follow these five steps to develop human firewall training that's not only effective at preventing social engineering attacks, but also relevant and accessible to employees. Continue Reading
-
News
03 Feb 2021
Crypto malware targets Kubernetes clusters, say researchers
Newly identified Hildegaard malware targets Kubernetes clusters and seems to herald a new campaign from the TeamTNT gang Continue Reading
-
News
03 Feb 2021
‘Classic’ Cerber ransomware targets health sector in high volumes
Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black Continue Reading
-
News
03 Feb 2021
SolarWinds patches two critical CVEs in Orion platform
New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet Continue Reading
-
News
02 Feb 2021
Agent Tesla trojan finds new ways to sneak past defences
Updated versions of Agent Tesla Rat include new techniques that fiddle with code to disable endpoint protection tools on target systems Continue Reading
-
News
01 Feb 2021
Serco confirms Babuk ransomware attack
Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal Continue Reading
-
News
01 Feb 2021
CISOs invisible to their organisations, says BT report
Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard Continue Reading
-
News
29 Jan 2021
Biometrics ethics group addresses public-private use of facial recognition
Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation Continue Reading
-
News
29 Jan 2021
Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters
Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee Continue Reading
-
News
29 Jan 2021
Human factor dominates Australia’s latest data breach numbers
The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report Continue Reading
-
News
28 Jan 2021
Apprenticeships may be a solution to cyber skills shortage, say insiders
Cyber security professionals are open to new approaches to finding sorely needed talent, according to a poll Continue Reading
-
News
28 Jan 2021
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact Continue Reading
-
News
27 Jan 2021
Pandemic response has improved privacy posture, says Cisco
Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report Continue Reading
-
News
27 Jan 2021
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement Continue Reading
-
News
27 Jan 2021
Grindr complaint results in €9.6m GDPR fine
Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices Continue Reading
-
News
27 Jan 2021
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately Continue Reading
-
Opinion
26 Jan 2021
The ransomware routine: pages from the Secret IR Insider’s diary
The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided Continue Reading
-
News
26 Jan 2021
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard Continue Reading
-
News
26 Jan 2021
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group Continue Reading
-
News
26 Jan 2021
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor Continue Reading
-
News
26 Jan 2021
Cyber fraud a national security issue, says Rusi report
A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud Continue Reading
-
Opinion
26 Jan 2021
Security Think Tank: Are security teams the unsung heroes of 2020?
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
-
Opinion
25 Jan 2021
Security Think Tank: Time to rethink stopgap solutions
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
22 Jan 2021
ICO resumes adtech investigation
The UK Information Commissioner’s Office was criticised for ending its investigation into alleged malpractice in advertising technology, but has now resumed its probe Continue Reading
-
News
22 Jan 2021
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation Continue Reading
-
News
21 Jan 2021
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council Continue Reading
-
News
21 Jan 2021
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia Continue Reading
-
Feature
21 Jan 2021
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
News
21 Jan 2021
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked Continue Reading
-
News
21 Jan 2021
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals Continue Reading
-
News
20 Jan 2021
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations? Continue Reading
-
News
20 Jan 2021
Malwarebytes also hit by SolarWinds attackers
The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals Continue Reading
-
Opinion
20 Jan 2021
Security Think Tank: It’s time to secure the collaboration revolution
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
-
News
19 Jan 2021
UK fraud agency deploys ArcGIS dashboard for data sharing
The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000 Continue Reading
-
News
19 Jan 2021
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike Continue Reading
-
News
19 Jan 2021
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA Continue Reading
-
Opinion
19 Jan 2021
Security Think Tank: In 2021, enable, empower and entrust your users
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
18 Jan 2021
MoD reports 18% rise in data loss incidents
The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO Continue Reading
-
News
18 Jan 2021
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering Continue Reading
-
News
17 Jan 2021
NCSC CyberFirst Girls 2021 contest kicks off
UK’s national cyber agency says it has already had hundreds of entrants in spite of the challenges presented by the pandemic Continue Reading
-
News
15 Jan 2021
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading
-
News
14 Jan 2021
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading
-
News
14 Jan 2021
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work Continue Reading
-
Opinion
14 Jan 2021
Security Think Tank: Plan for hybrid working to become normal
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
13 Jan 2021
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline Continue Reading
-
News
13 Jan 2021
Critical zero-day features in first Patch Tuesday of 2021
Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender Continue Reading
-
News
12 Jan 2021
Parler collapse opens door to phishing attacks
The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern Continue Reading
-
Opinion
12 Jan 2021
Security Think Tank: Time for security teams to learn from Covid
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
11 Jan 2021
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading
-
Opinion
11 Jan 2021
Security Think Tank: Don’t bet on a new normal just yet
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading