Two thirds of consumers in the UK would "break up" with a brand if it suffers a data breach.

That's according to a new report by Talend which highlights the importance of businesses engaging with customers to ensure they provide high-quality data security.

Continue reading →

A majority of cyber security professionals don’t trust the data that they get from their tools according to a new report from risk analysis company Bay Dynamics.

The survey, carried out by research firm Enterprise Management Associates, of more than 400 security professionals in organizations with more than 5,000 employees reveals that 52 percent of threat alerts are improperly prioritized by systems and must be manually re-prioritized.

Continue reading →

News over the past week has been dominated by the fallout from the WannaCry ransomware. Now the hacking group that released the NSA's hacking tool kit into the wild has announced plans to start an exploit subscription service in June.

ShadowBrokers used a blog post to announce that next month will see the launch of "TheShadowBrokers Data Dump of the Month" service. Described as "being like wine of month club," such a subscription service would attract a great deal of interest from intelligence agencies and would-be hackers alike, particularly if -- as the group suggests -- it includes access to Windows 10 exploits.

Continue reading →

The UK government has defended the NHS's cyber-security procedures, days after a number of trusts were taken offline by the WannaCry ransomware.

Security minister Ben Wallace said that the NHS had followed "pretty good procedures" in dealing with the attack.

Continue reading →

The weakest point in any network is usually the endpoint, so effective protection measures are essential to fend off cyber attacks.

Security specialist Guidance Software is launching an updated version of its EnCase Endpoint Security solution aimed at providing enhanced endpoint detection and response (EDR) capabilities for businesses.

Continue reading →

E-signature and security firm DocuSign has confirmed a data breach in which attackers gained access to a database containing customer email addresses. The company says that no other data was revealed in the security breach, but it led to a large phishing campaign.

Attackers used the stolen email addresses to spam people with emails containing an infected Microsoft Word document. The company insists that its core service remains secure, but coming in the wake of the WannaCry ransomware attack, people around the world are on high alert.

Continue reading →

As last Friday's WannaCry (WannaCrypt) ransomware attack continues to cause ripples around the globe, links have emerged between the malware code and the infamous Lazarus Group.

Lazarus is the group responsible for attacks on the Bangladesh Central Bank last year, Sony Pictures Entertainment in 2014, and more financial attacks in at least 18 countries.

Continue reading →

As cyber attacks and security breaches continue to make the headlines, a new study suggests that three out of five companies expect to suffer a breach this year.

The latest Market Pulse survey from identity management company SailPoint also reveals that 33 percent believe they may not even know they’ve been breached.

Continue reading →

The Trump administration is considering a further expansion of the ban on using laptops on commercial flights to cover European travel.

According to Reuters , the US government is reviewing how to make sure lithium batteries that get stored in the luggage don’t explode during flights.

Continue reading →

If the WannaCrypt ransomware attack of the last few days has taught us anything it should be the importance of patching systems to guard against attack.

Yet a study released today suggests the message isn't getting through. The latest US country report from Flexera Software reveals the percentage of US PC users with unpatched Windows operating systems was 9.8 percent in Q1, 2017, up from 7.5 percent last quarter and 6.5 percent in Q1, 2016.

Continue reading →

What seemed to have begun as just another ransomware attack hit the headlines last Friday (May 12th) when it began to attack hospitals and healthcare services in the UK.  It became clear pretty quickly that this was in fact something much bigger however, with problems reported at businesses and government bodies around the world.

Infections by the malware known as WannaCrypt or WannaCry, began in Spain with the Telefonica telecommunications giant one of the first to be hit. It then quickly spread to the United Kingdom, Russia, Japan, Taiwan, the United States, and many others. In total, over 150 countries have been affected by the ransomware since Friday, according to Europol.

Continue reading →

I’ve certainly been highly critical of Microsoft in the past, particularly last year when the company began forcing Windows 10 on to users.

But in the past couple of days I have to admit that I’ve been impressed by the software giant’s response to the global WannaCrypt/WannaCry crisis, and not just in patching Windows XP.

Continue reading →

Microsoft stopped supporting Windows XP back in 2014, but today it releases one more security update for the ancient OS.

The software giant is taking this "highly unusual" step to fight back against the WannaCrypt ransomware cyber attacks that have so far hit nearly 100 countries around the world. And XP is not the only unsupported system receiving this patch.

Continue reading →

In some ways, the new research claiming that people are still the biggest threat to cyber security is hardly surprising; this has been the case for years now. What is surprising is that even with the GDPR only one year away, this hasn't moved on. It seems that organizations are aware of the problem, which of course is a good thing, but isn't it time we began to see research saying that people aren't a threat anymore because organizations have secured their systems against these types of threats and educated their workforces in the process. That kind of research would be much more heartening. Especially so when other research suggests that there's an IT skills shortage coming soon that could make it even more difficult for organizations to secure themselves against cyber threats.

The Institute of Information Security Professionals (IISP) is behind the new research claiming that people are still the biggest threat to cyber security. The research suggests that people are still not cautious enough about phishing scams such as links or attachments in emails or about visiting websites that might not be safe. The IISP also suggests that there is a lack of technical skill that causes problems and interestingly, it also claims that another problem is with organizations making poor critical decisions around strategy and budgets, suggesting that organizations are not focused on the right ways to prevent cyber attacks.

Continue reading →

Hospitals and doctors' surgeries across the UK have been hit by what is being described as a large scale ransomware attack.

The attack is believedto have begun at around 1:30 pm today. Areas affected include East and North Hertfordshire, North Cumbria, Blackpool, and Barts Health in London.

Continue reading →