Attacks on industrial control system (ICS) computers went up by .85 percentage points in H2 of 2020 compared to H1, according to new research from Kaspersky. The analysis also found that the variety of malware families targeting ICS computers increased by 30% in this period, with cyber-criminals significantly ramping up attacks against these sectors amid the COVID-19 lockdowns. While industrial organizations have traditionally been an attractive target for malicious actors due to the highly sensitive…

Organisations hit by ransomware attacks are finding themselves paying out more than ever before, according to a new report from Palo Alto Networks. The Unit 42 threat intelligence team at Palo Alto Networks teamed up with the incident response team at Crypsis to produce their latest threat report which looks at the latest trends in ransomware, and compares payment trends to previous years. According to the research, the average payment following a ransomware attack in…

Nearly two-thirds of medium and large-sized businesses suffered a cyber-attack or breach last year, with security efforts suffering during the pandemic, according to the latest government figures. The Cyber Security Breaches Survey 2021 on the face of it showed a slight improvement over last year’s: 39% of UK businesses of all sizes said they were breached or attacked over the previous 12 months versus 46% last year. However, while the report posits that this could…

Half of UK businesses reported cyber-skills gaps last year, with diversity still woefully lacking in most organizations, according to the latest government figures. The DCMS-sponsored Cybersecurity skills in the UK labour market 2021 report was compiled from representative surveys of security sector and wider organizations, as well as analysis of job postings and research with recruitment agencies. It revealed that around 680,000 businesses in the country have staff in charge of cybersecurity that lack the…

Speaking at the Spring Infosecurity Magazine Online Summit, Sean Poris, director, product security at Verizon Media, explored how to run a bug bounty program, outlining the six components of a successful big bounty structure. Poris explained that, by investing in bug bounties, organizations are potentially tapping into “hundreds of thousands of global hackers” that think about software and vulnerabilities in ways that internal staff might not. He also said that knowing and understanding your objectives…

British clothing retailer FatFace is facing a mounting storm of criticism for its handling of a “sophisticated criminal attack” which led to the compromise of customers’ personal data (PII). In an email to customers posted by HaveIGotPwned? founder Troy Hunt this week, the firm revealed that the breached data included customers’ full names, email and home addresses and partial card details (last four digits and CVV). “On January 17, 2021 FatFace identified some suspicious activity within…