Marks & Spencer chairman Archie Norman has described the recent ransomware attack on the retailer’s systems as something akin to an “out-of-body experience” as he called for cyber attack victims to be brave, bite the bullet, and be open and transparent about their experiences. Speaking before the Business and Trade Sub-Committee on Economic Security, Arms…
Insurance companies are warned to be on their guard against a spreading campaign of network intrusions orchestrated by the Scattered Spider cyber crime collective after evidence emerged that the teenage hacking gang has hit multiple insurance companies in the US amid a months-long resurgence in its activity, according to the Google Threat Intelligence Group (GTIG).…
Scattered Spider widens web to target insurance sector Read More »
Microsoft’s latest Patch Tuesday update landed on schedule on 10 June, with admins facing a much lighter load heading into the summer – at least lighter than of late – with barely 70 security flaws awaiting attention and just two potential zero-day common vulnerabilities and exposures (CVEs) in scope. The two most pressing issues for…
June Patch Tuesday brings a lighter load for defenders Read More »
Cyber security has long been the concern of CIOs, CISOs, and compliance officers. It was a regulatory obligation for many boardrooms – tick the box, demonstrate due diligence, and move on. That approach is no longer tenable. In today’s threat landscape, cyber is not simply a technical risk – it’s a strategic, enterprise-wide concern with…
Cyber security beyond compliance: Why resilience is the new boardroom imperative Read More »
Microsoft has today launched a European Security Programme (ESP) for government bodies in the region, throwing a protective embrace around all 27 European Union (EU) member states, EU accession candidates, European Free Trade Association members, the UK, Monaco and the Vatican. Recognising that the European cyber threat landscape is in a state of flux as…
Microsoft outlines three-pronged European cyber strategy Read More »
With millions of businesses now using Amazon Web Services (AWS) for their cloud computing needs, it’s become a vital consideration for IT security teams and professionals. As such, AWS offers a broad range of cyber security tools to secure AWS-based tech stacks. They cover areas such as data privacy, access management, configuration management, threat detection,…
How cyber security professionals are leveraging AWS tools Read More »
In today’s constantly changing cyber landscape, answering the question “what does best practice now look like?” is far from simple. While emerging technologies and AI-driven security tools continue to make the headlines and become the topics of discussion, the real pivot point for modern security lies not just in the technological advancements but in context,…
Rethinking secure comms: Are encrypted platforms still enough? Read More »
High-profile ransomware incidents affecting leading UK retailers continue to grab headlines, but in the background, total ransomware attack volumes appear to have eased off over the past few weeks, according to NCC Group’s latest monthly Threat Pulse report. NCC’s extensive telemetry observed 416 ransomware attacks in April 2025, down 31% month on month, with 78%…
Ransomware attacks dropped by a third last month Read More »
As Russia continues its relentless assaults on Ukraine despite in defiance of continuing efforts to work towards a peace deal, multiple western security agencies have issued a new advisory warning of a Moscow-backed campaign of cyber intrusions targeting logistics and technology organisations in the West. The campaign, run through Unit 26165 of the Main Directorate…
NCSC: Russia’s Fancy Bear targeting logistics, tech organisations Read More »
Microsoft has issued fixes for a total of five new zero-day vulnerabilities out of a grand total of just over 70 addressable common vulnerabilities and exposures (CVEs) on the fifth Patch Tuesday of 2025 – over 80 when third-party issues are accounted for. In numerical order, this month’s zero days are as follows: CVE-2025-30400, an…
May Patch Tuesday brings five exploited zero-days to fix Read More »
