Home Distractions a Major Cause of Cybersecurity Errors During Lockdown Nearly half (43%) of UK and US employees have made errors leading to cybersecurity repercussions, according to a new study from Tessian. The analysis, undertaken in April during the height of the COVID-19 pandemic, suggests that the disruption and additional stress and distractions of remote working…

Password Reuse to Blame for Fifth of Account Takeovers Email account takeover (ATO) attacks often last for over a week and result from employees reusing passwords across multiple sites, according to new research from Barracuda Networks. The security vendor teamed up with researchers at UC Berkeley to study the lifecycle of email ATO attacks, examining…

Cloud Misconfigurations a Major Compliance Risk Cloud misconfigurations are considered a data security risk by 95% of IT decision makers in the UK, according to a new study from Trend Micro. The findings highlight how human error is a major cause of organizations’ compliance problems and is obstructing their digital transformation. Of those who regard cloud…

Blackbaud Breach Hits Nine More Universities A combined ransomware and data breach attack on a US cloud computing provider in May has affected many more universities and non-profits than at first thought. Infosecurity reported on Wednesday how the University of York in northern England had notified affected staff and students that their personal details may have been…

Three-Quarters of UK Businesses Facing Compliance Problems Following Lockdown Three-quarters (75%) of UK data protection officers (DPOs) anticipate the Covid-19 lockdown will cause difficulties in meeting data compliance obligations, potentially leading to large fines, according to a study by Guardum. In the survey, 72% of DSOs expect a backlog of data subject access requests (DSARs) upon…

NCSC Introduces Remote Working Testing Tool for Small Businesses An exercise which will enable small businesses to test their cyber resilience while staff work remotely has been launched by the National Cyber Security Center (NCSC). Part of its Exercise in a Box toolkit, the ‘Home and Remote Working’ exercise is aimed at helping SMEs to reduce the risk…

Personal Data of the Average user Held by at Least 39 Different Organisations At least 39 different organizations hold personal data of the average UK citizen, providing a wide-range of opportunities for hackers to access sensitive information. This is according to Nomidio’s State of Identity 2020 Analysis, which also found that almost a quarter of Brits are…

SurveyMonkey Phishers Go Hunting for Office 365 Credentials Security researchers are warning of a new phishing campaign that uses malicious emails from legitimate SurveyMonkey domains in a bid to bypass security filters. The phishing emails in question are sent from a real SurveyMonkey domain but crucially have a different reply-to domain, according to Abnormal Security. “Within…

95% of Brits Unable to Consistently Identify Phishing Messages Just 5% of Brits are able to recognize all scam emails and texts, a study from Computer Disposals Limited has found. Scam emails purporting to be from Facebook were shown to be most likely to trick people. Additionally, participants found it harder to spot scams via SMS messages compared…

Fraudsters Conducting Malvertising Campaign Via Inactive Domains A number of inactive websites have been compromised and are redirecting visitors to unwanted URLs, many of which are malicious. This is according to a new study by Kaspersky, which uncovered over 1000 inactive domains that send users to second-hand pages as a way for fraudsters to make money or even infect…