Stay in the Know

Latest Cyberattacks

Cybersecurity threats are growing each year, with criminals adopting increasingly sophisticated techniques to exploit businesses like yours. Keep up to date with the latest data breaches and attacks.

General Electric Data Breach: Hacker Claims Sale of Leaked GE Information

IntelBroker reposted the advertisement in the forum's "Leaked" section, yielding notably improved results, possibly due to a lack of initial interest.

British Library says ransomware hackers stole data from HR files

The British Library — one of the largest libraries in the world and the national library of the United Kingdom — said the ransomware gang behind a recent attack on its systems appeared to leak data stolen from its human resources files.

Boeing Cyberattack Unfolds: LockBit Releases Initial 4GB of Stolen Data, Threatens Further Leaks

LockBit's ultimatum related to Boeing data breach follows a two-step process, beginning with the release of approximately 4 gigabytes of sample data, predominantly comprised of the most recent information.

UK logistics firm blames ransomware attack for insolvency, 730 redundancies

KNP Logistics, described by its administrators as one of the United Kingdom’s largest privately owned logistics groups, declared itself insolvent on Monday, blaming a ransomware attack back in June.

Greater Manchester Police officers' details hacked in cyber attack

Police officers' personal details have been hacked after a company was targeted in a cyber attack. The firm in Stockport, which makes ID cards, holds information on various UK organisations including some of the staff employed by Greater Manchester Police (GMP).

MGM Resorts Cybersecurity Breach: Was a 10-Minute Chat All It Took?

What's astounding about the MGM Resorts cyber attack is the simplicity of the hackers' entry. In a brief conversation, they managed to breach a company valued at $33.9 billion.

Record number of cyberattacks targeting critical IT infrastructure reported to UK gov’t this year

Within just the first six months of 2023, organizations operating critical IT infrastructure services in the United Kingdom reported more incidents to government authorities in which cyberattacks had significantly disrupted their operations than in any year previously, according to data obtained under the Freedom of Information Act.

IBM notifies J&J unit Janssen CarePath's customers of unauthorized data access

IBM (IBM.N) said on Wednesday it is notifying customers of Janssen CarePath, a Johnson & Johnson (JNJ.N) unit, of a "data incident" involving unauthorized access of personal information.

Cyber-attack on UK's electoral registers revealed

The UK's elections watchdog has revealed it has been the victim of a "complex cyber-attack" potentially affecting millions of voters. The Electoral Commission said unspecified "hostile actors" had managed to gain access to copies of the electoral registers, from August 2021.

Scottish university UWS targeted by cyber attackers

Data belonging to the University of the West of Scotland (UWS) has been put up for auction by an extortion cybergang. The university first said it was facing a "cyber incident" earlier this month and police have been investigating.

MOVEit hack: BBC, BA and Boots among cyber attack victims

The BBC, British Airways, Boots and Aer Lingus are among a growing number of organisations affected by a mass hack. Staff have been warned personal data including national insurance numbers and in some cases bank details may have been stolen. The cyber criminals broke into a prominent piece of software to gain access to multiple companies in one go.

Spotted: Suspected Russian malware designed to disrupt Euro, Asia energy grids

Malware designed to disrupt electric power grids was likely developed by a Russian contractor, according to Mandiant's threat intel team that discovered the malicious software and dubbed it CosmicEnergy. Mandiant spotted the industrial-equipment malware after it was uploaded to VirusTotal, which is a little unusual — albeit a better way to discover a new software nasty compared to, say, waiting for a massive cyberattack that shuts down critical infrastructure.

NCSC joins partners to issue warning about China state-sponsored cyber activity targeting CNI networks

The UK and agencies in the US, Australia, Canada and New Zealand have issued new advice today (Wednesday) to help organisations detect China state-sponsored activity being carried out against critical national infrastructure networks.

The threat from commercial cyber proliferation

The UK’s National Cyber Strategy commits us to being a “leading responsible and democratic cyber power, able to protect and promote our interests in and through cyberspace in support of national goals”. As such, tackling commercial cyber proliferation and ensuring all cyber capabilities are developed, sold and used in a way that is legal, responsible and proportionate is a policy priority for the UK.

ACD - The Sixth Year

The aim of Active Cyber Defence (ACD) is to “Protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber attacks the majority of the time.” It was launched in 2017 and continues to protect the UK, in a relatively automated way, from a significant proportion of commodity cyber attacks.

Threat Report 24th March 2023

Mandiant report that UNC3886 actor is targeting firewalls, IOT devices and VPNs The cyber security company Mandiant has published a blog detailing ongoing campaigns by a Chinese espionage threat actor it calls UNC3886. The actor takes advantage of technologies that don’t support endpoint detection response, such as firewalls, IoT devices, hypervisors and VPN technologies. The actor has exploited zero-day vulnerabilities and then deployed custom malware as an attack vector before traversing the target environment and gaining persistence. The report that concludes that communication and collaboration across organisations is essential for both vendors and investigators to help mitigate the activity.