Threats and Risks
Ministry of Defence sees 18 per cent rise in data loss incidents
There were 546 incidents involving personal data in 2019-20
Software errors wipes 'thousands' of arrest records from police databases
Home secretary Priti Patel is under fire after a bug led to the loss of 150,000 records from the Police National Computer
Microsoft patches 83 security vulnerabilities in first 2021 Patch Tuesday update
The vulnerabilities include a zero-day flaw that impacts the Microsoft Defender antivirus software
ElectroRAT malware used in extensive operation to extract funds from cryptocurrency wallets
Cybercriminals employed three fake cryptocurrency-related apps to trick users into downloading the malware on their systems
Microsoft warns of Adrozek ad-injection campaign affecting all major browsers
Adrozek adds browser extensions which connect to the attacker's servers, modifies browser settings to inject ads, and disables security features
Half of all cyber intrusions in 2020 deployed ransomware, report
Financial gain is the motive behind two-thirds of attacks with 81 per cent of those using ransomware to achieve their goal says CrowdStrike report
VMware rolls out security updates to address zero-day bug
The bug could enable an attacker to take control of a vulnerable machine running VMware Workspace One Access and other software
Hackers are targeting Covid-19 vaccine distribution chain, IBM warns
Threat actors sending phishing emails in the name of a senior executive from a legitimate Chinese cold chain provider Haier Biomedical
Your personal details could be on sale for less than a dollar
New types of data have gone on sale in the past decade, including personal medical records, PayPal accounts and selfies with personal ID documents
State-backed threat group using crypto mining malware to evade detection and monetise compromised networks
There's a growing trend for state-backed APT groups to carry out financially-motivated crimes, alongside their usual espionage operations
NCSC advises online shoppers to be careful over Black Friday
The festive period is a potentially rewarding period for cyber criminals
Amazon patents a novel technique to identify content pirates on Prime
New method will identify subscribers who make duplicates of Amazon's copyrighted content
DDoS attacks increased 300 per cent in the third quarter of 2020 compared to Q1
Q3 DDoS attacks accounted for 56 per cent of all attacks seen so far this year
Millions of Bumblers' personal information exposed in dating app security flaw
Attackers could steal names, pictures and even information on the kind of partner a Bumble user was seeking
UK firms are paying some of the highest ransoms globally
British companies see Russia as a bigger threat than China
Fraudsters are targeting Christmas shoppers
More people are at risk of being cheated this year, according to UK Finance
Forum on Information and Democracy releases damning report on social media platforms
Adding "friction" to online sharing could help to prevent the fast spread of fake news
Patch Tuesday: Microsoft addresses Windows zero-day vulnerability and 111 others
Patches include one for a zero-day flaw disclosed by Google's researchers last month
Criminal gangs are using fake Microsoft Teams updates to infect networks with Cobalt Strike
Hackers are specifically targeting the education sector where use of collaboration tools is high, according to Microsoft
Credential-related attacks lead to the biggest financial losses, says report
Extreme loss events could cost victims 100 times their annual revenue or more, says the Cyentia Institute
GCHQ begins operation against Russian disinformation on COVID-19 vaccine
GCHQ is using tools that were originally developed to tackle ISIS recruitment in its fight against disinformation
Scammers are exploiting a legitimate Google Drive feature to spread malware
The notifications themselves come from Google, lending some credibility to the attack
Google researchers disclose high-severity vulnerability affecting GitHub
The bug makes GitHub Action's workflow commands vulnerable to injection attacks, according to researchers
A quarter of cyber security incidents are Covid-related, NCSC
Security agency reports a 20 per cent increase in the total number of incidents compared with the annual average