SC Magazine UK

SC Media UK specializes in cybersecurity. With over 25 years of experience, we provide expert advice and insights, detailed articles, current news, and unbiased product reviews. Our content is created in collaboration with leading information security professionals and their technical teams.

National, Trade/B2B

English

Magazine

Outlet metrics

Domain Authority

Ranking

Global

N/A

Country

N/A

Articles

ICO Issues Fine After Sensitive Legal Details Leaked on Dark Web

1 week ago | insight.scmagazineuk.com | Dan Raywood

Company were not aware of the breach until informed by the NCA, and were unaware of duty to report to the ICO. Merseyside-based DPP Law Ltd has been fined £60,000 by the Information Commissioner’s Office following a cyber-attack. Following the attack, highly sensitive and confidential personal information was published on the dark web. The ICO’s investigation found DPP failed to put appropriate measures in place to ensure the security of personal information held electronically.
Third of Attacks Attributed to Nation State Threat Actors

1 week ago | insight.scmagazineuk.com | Dan Raywood

Number of ransomware victims increased year-on-year. Around half of all cyber-attacks were attributed to financially motivated cyber-criminals in 2024. According to Cognyte’s Threat Landscape Report for 2025, 49 percent were due to those cyber-criminals, while state-sponsored actors accounted for 36 percent of attacks. Hacktivists accounted for four percent of attacks in 2024.
1TB of Healthcare Data Found on Exposed Database

1 week ago | insight.scmagazineuk.com | Dan Raywood

Personal details were included, with national insurance numbers and user images found. Millions of healthcare related documents were discovered in a breach after a publicly exposed database was discovered. According to a blog by researcher Jeremiah Fowler, the publicly exposed database was not password-protected or encrypted, and contained 7,975,438 files with a total size of 1.1 TB.
New Midnight Blizzard Spear-Phishing Campaign Targets European Diplomatic Organi...

1 week ago | insight.scmagazineuk.com | Dan Raywood

Fraudulent emails claimed to be invitations to a wine-tasting event. The Russian state-backed threat group Midnight Blizzard, also known as APT29 or Cozy Bear, has targeted embassies and other diplomatic organizations across Europe as part of a spear-phishing campaign that began in January. According to Check Point Research, the campaign introduces a previously unseen malware loader called 'GrapeLoader,' and a new variant of the 'WineLoader' backdoor, reports BleepingComputer.
Chinese Attackers Set Sights on Linux Systems, Ivanti Appliances

1 week ago | insight.scmagazineuk.com | Dan Raywood

The SNOWLIGHT malware deploys the VShell remote access trojan on victims. Linux and Ivanti Connect Secure VPN devices have been targeted in separate Chinese malware attack campaigns. According to research by Sysdig, in a report shared with The Hacker News, the China-linked threat actor, known as UNC5174, has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems.
Application Platform-Related Breach Confirmed by Insurer Lemonade

1 week ago | insight.scmagazineuk.com | Dan Raywood

Details were collected over 17 months. Insurance firm Lemonade has confirmed the compromise of thousands of individuals' driver's license numbers. Collected between April 2023 and September 2024 following the exploitation of an online application platform vulnerability. Lemonade said it discovered the issue in March 2025, but has not provided additional details regarding the extent of the incident, which has already been remediated after its discovery last month.
NIST Opens Consultation on Privacy Framework Revisions

1 week ago | insight.scmagazineuk.com | Dan Raywood

Targeted changes, introductions on AI and relocated use guidelines all added to proposed changes. NIST is soliciting feedback on proposed changes to its privacy framework in order to tie it to recently launched cybersecurity guidelines. The draft release, NIST Privacy Framework 1.1 Initial Public Draft, is intended to help organisations manage the privacy risks that arise from personal data flowing through complex information technology systems, the organisation said.
Organisations Remain Challenged by Regulations

1 week ago | insight.scmagazineuk.com | Dan Raywood

Around two-thirds say their compliance programs often fail internal and external standards. The majority of organisations say it is challenging to keep up with the growing number of industry regulations, and most rely on three or more tools to gather audit evidence. According to research by Swimlane, only 29 percent of all organisations say their compliance programs consistently meet internal and external standards.
Fortinet Details External Attack on Devices

1 week ago | insight.scmagazineuk.com | Dan Raywood

Attacker took advantage of a known vulnerability with a new technique. A threat actor exploited known vulnerabilities to gain access to Fortinet devices with a technique to maintain access to vulnerable FortiGate devices. In a statement, Fortinet said that the attacker took advantage of a “known vulnerability with a new technique to maintain read-only access to vulnerable FortiGate devices.” This was after the original access vector was locked down.
Trump Revokes Security Clearance for Chris Krebs and SentinelOne

2 weeks ago | insight.scmagazineuk.com | Dan Raywood

SentinelOne says it will actively cooperate in any review of security clearances held by any of its personnel. Former CISA head Chris Krebs has had “any active security clearance” for him and his associates revoked by President Donald Trump.