A long-awaited update to the US’s Cybersecurity Information Sharing Act (CISA) of 2015 – which lapses at the end of September amid gathering concerns over compliance gaps and increased risk to end-user organisations – is advancing through Congress in Washington DC. The replacement legislation, now named the Widespread Information Management for the Welfare of Infrastructure…
US politicians ponder Wimwig cyber intel sharing law Read More »
With millions of businesses now using Amazon Web Services (AWS) for their cloud computing needs, it’s become a vital consideration for IT security teams and professionals. As such, AWS offers a broad range of cyber security tools to secure AWS-based tech stacks. They cover areas such as data privacy, access management, configuration management, threat detection,…
How cyber security professionals are leveraging AWS tools Read More »
In today’s constantly changing cyber landscape, answering the question “what does best practice now look like?” is far from simple. While emerging technologies and AI-driven security tools continue to make the headlines and become the topics of discussion, the real pivot point for modern security lies not just in the technological advancements but in context,…
Rethinking secure comms: Are encrypted platforms still enough? Read More »
The United States’ Cybersecurity and Infrastructure Security Agency (CISA) is likely to have its funding cut by approximately $495m and may have to lay off around 1,000 employees later this year, according to budget proposals unveiled by President Trump’s administration. In a written statement, the White House said Trump was “laser-focused on eliminating … weaponised…
US cyber agency CISA faces stiff budget cuts Read More »
In the latest deliberations on the Data Use and Access Bill in the House of Lords, I set out two amendments to offer well overdue updating to the Computer Misuse Act (CMA) of 1990. In preparing for committee stage of the bill I remain incredibly grateful to everyone involved with the CyberUp campaign, their analysis…
The Data Bill: It’s time to cyber up Read More »
Two amendments to the Data (Access and Use) Bill that would have established a statutory legal defence for security professionals and ethical hackers to protect them from prosecution under the 1990 Computer Misuse Act (CMA) have failed to make it beyond a House of Lords committee hearing after being withdrawn. The 34-year-old CMA broadly defines…
Latest attempt to override UK’s outdated hacking law stalls Read More »
Despite being taken down and humiliated by the National Crime Agency (NCA) coordinated Operation Cronos in February 2024, an unknown individual(s) associated with, or claiming to represent, the LockBit ransomware gang has broken cover to announce the impending release of a new locker malware, LockBit 4.0. In screengrabs taken from the dark web that have…
LockBit ransomware gang teases February 2025 return Read More »
It has long been held that a surefire way for anybody to protect themselves – and their employer – from falling victim to a cyber attack was not to download any unexpected email attachments, but according to email security specialist Mimecast, cyber criminals seem to be moving away from this tactic. In the first six…
Phishing links becoming bigger threat than email attachments Read More »
Over the first seven-and-a-half months of 2024, the number of newly-disclosed common vulnerabilities and exposures (CVEs) soared 30% year-on-year from 17,114 to 22,254, according to data published by Qualys researchers. However, out of this huge number of flaws, barely a hundredth – 204 or 0.9% – were weaponised by threat actors, said Qualys, the majority…
2024 seeing more CVEs than ever before, but few are weaponised Read More »
On Friday 19 July 2024, the UK awoke to news of a fast-spreading IT outage, seemingly global in its nature, affecting hundreds – if not thousands – of organisations. The disruption began in the early hours of Friday morning in Australia, before spreading quickly across Asia, Europe and the Americas, with the travel industry among…
CrowdStrike update chaos explained: What you need to know Read More »
