Companies are still leaving basic security flaws and points of entry wide open for hackers to exploit. This according to research from security house Positive Technologies, which says that its penetration testers found that enterprises were rife with things like months-old unpatched vulnerabilities and unsecured access points …

Miscreants have developed the first strain of ransomware worm capable of infecting legacy systems, such as Windows XP and 2003. The infamous WannaCry outbreak, which severely affected the UK's NHS, showed just how much damage ransomware can do. ransomware 74 countries hit by NSA-powered WannaCrypt ransomware backdoor: …

NHS trusts across England experienced more than 1,300 hours of downtime in the last three years, according to results from Freedom of Information (FoI) requests. Nearly a third of the trusts (25 out of 80) that responded to an FoI request from Intercity Technology admitted they had experienced outages across their IT systems …

An unusually large wave of phishing emails was spewed out this morning, with recipients warned that all their devices had been infected by WannaCry. Action Fraud UK has said it has already received over 200 reports of the phishy email this morning, while beleaguered IT support contractors – seemingly mostly based in the UK – …

Israel Cyber Week Healthcare regulations oblige medical equipment vendors to focus on developing the next generation of technologies rather than addressing current cybersecurity issues, according to experts presenting at the eighth Israel Cyber Week. Ophir Zilbiger, partner and head of the BDO Cybersecurity Center Israel consultancy, said …

Privacy of medical data and the machinations of surveillance capitalism were under the spotlight at a Cambridge University symposium last week. Much of the day-long event, marking the 20th anniversary of think tank the Foundation for Information Policy Research (FIPR), was spent debating state-backed surveillance in its many …

Roundup May is already upon us, and as usual it has been a busy week for security news. Here's a summary of what didn't make it into El Reg this week, well, until now. Son of a glitch! Brainiacs at Vrije Universiteit in Amsterdam have detailed an attack called GLitch. It exploits Adreno GPUs built into Qualcomm-powered system-on-chips …

Nearly a year has passed since the unprecedented WannaCry cyber attack and the UK's NHS has yet to agree an action plan, according to a report by MPs. Following the incident last June, which caused 20,000 hospital appointments and operations to be cancelled, a Lessons Learned review was published with 22 recommendations for …

The UK's National Health Service has learned from last year's WannaCry attack – and started putting in place disaster recovery measures that will allow it to maintain services in the face of an even fiercer assault. The worldwide spread of WannaCry last May hit hospital networks particularly hard and left doctors and nurses …

As memories of last May's WannaCry cyber attack fade, the healthcare sector and Britain's NHS are still deep in learning. According to October's National Audit Office (NAO) report (PDF), 81 NHS Trusts, 603 primary care organisations and 595 GP practices in England and Wales were infected by the malware, with many others in …

WannaCry, the Windows ransomware that took off last May around the world, has landed on some computers belonging to US aircraft and weaponry manufacturer Boeing. “All hands on deck,” said Mike VanderWel, chief engineer at Boeing Commercial Airplane production engineering, in a memo seen earlier today by the Seattle Times. “It …

Every single one of the 200 NHS trusts in the UK so far assessed for cyber security resilience has failed an on-site assessment, MPs on the Public Accounts Committee were told yesterday. There are a total of 236 trusts. There is no timeline on when the remaining 36 will be checked over. In a hearing about the WannaCry …

The WannaCry outbreak has forced the UK's national health service to overhaul its crisis planning to put new measures in place to avoid further crippling cyber attacks. A UK Department of Health and Social Care postmortem on the May 2017 WannaCry outbreak, published on Thursday, repeats the findings of previous UK government …

Imagine you're an organisation that is looking to implement a DevOps approach to applications and services, or perhaps you’ve already started, but you’re worried about security. DevOps is all about rapid iteration and continuous delivery, but your security folks still want to be able to do checks to ensure systems are as …

Hackers* have improved the reliability and potency of Server Message Block (SMB) exploits used to carry out the hard-hitting NotPetya ransomware attack last year. EternalBlue, EternalSynergy, EternalRomance and EternalChampion formed part of the arsenal of NSA-developed hacking tools that were leaked by the Shadow Brokers …

Acronis has released a free, standalone version of its Acronis Ransomware Protection with AI-based Active Protection tech. It can be used alongside existing backup and antivirus products on Windows systems. The lightweight (20MB) software runs in the background and is said to monitor system processes in real-time to …

Updated NHS Digital has yet to explain why it has taken months to roll out Microsoft's Enterprise Threat Detection Service (ETDS) to only about two per cent of the UK health service's targeted installed base. The ETDS element was included in a custom support agreement that covers all NHS orgs in the UK under a framework penned in …

UK Foreign Office Minister Lord Ahmad of Wimbledon today claimed North Korea was behind the WannaCry ransomware incident. He joins the US government, Canada, Australia, New Zealand, Japan, Microsoft, Google, Kaspersky, Symantec, FireEye, and others, in blaming Kim Jong-un's hackers for unleashing WannaCry on the world. Uncle …