News
IT for consulting and business services
-
May 09, 2024
09
May'24
Cyber attack victims need to speak up, says ICO
The Information Commissioner’s Office is urging organisations to be transparent and learn from each other’s mistakes as it reveals most of the cyber attacks it responds to stem from the same core errors
-
May 01, 2024
01
May'24
EMEA CISOs must address human factors behind cyber incidents
The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching
-
April 22, 2024
22
Apr'24
NCSC announces PwC’s Richard Horne as CEO
Former PwC and Barclays cyber chief Richard Horne set to join UK’s National Cyber Security Centre as CEO
-
April 22, 2024
22
Apr'24
IT leaders hiring CISOs aplenty, but don’t fully understand the role
Most businesses now have a CISO, but perceptions of what CISOs are supposed to do, and confusion over the value they offer, may be holding back harmonious relations, according to a report
-
April 16, 2024
16
Apr'24
CISOs not yet convinced to invest in AI
CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority
-
April 09, 2024
09
Apr'24
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures
-
April 05, 2024
05
Apr'24
UKtech50 2024 – help us find the most influential people in UK IT
Computer Weekly’s annual search for the 50 most influential people in UK IT is on – let us know who you would like to nominate for this year's list
-
April 03, 2024
03
Apr'24
RDP abused in over 90% of cyber attacks, Sophos finds
Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics
-
March 27, 2024
27
Mar'24
HMRC’s online IR35 status checker tool CEST not updated in five years, FOI confirms
Despite a previous pledge that HMRC’s IR35 online status checker tool will be continually updated as employment cases and tribunals occur, a freedom of information request confirms CEST has not been updated since October 2019
-
March 27, 2024
27
Mar'24
Cyber spies, not cyber criminals, behind most zero-day exploitation
Analysis from Google has found that zero-day vulnerabilities are much more heavily exploited for espionage purposes than for financially motivated cyber crime
-
March 26, 2024
26
Mar'24
Shareholders win when businesses do better at cyber
The more advanced a company’s cyber security performance, and the more engaged its board is with security issues, the greater the return for shareholders, a report has found
-
March 22, 2024
22
Mar'24
Fujitsu won’t sign any new business in Ireland
Fujitsu is closing down its Irish business after a review of the operation’s current performance and market outlook
-
March 21, 2024
21
Mar'24
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow
-
March 20, 2024
20
Mar'24
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks
-
March 18, 2024
18
Mar'24
The Security Interviews: Alex Yampolskiy, SecurityScorecard
Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly
-
March 17, 2024
17
Mar'24
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors
-
March 13, 2024
13
Mar'24
Microsoft AI-powered cyber service to go live in April
After a year being previewed by beta customers, Microsoft’s much vaunted Copilot for Security service is about to go on general release, promising time savings and improved accuracy for hard-pressed security pros
-
March 12, 2024
12
Mar'24
March Patch Tuesday throws up two critical Hyper-V flaws
Two critical vulnerabilities in Windows Hyper-V stand out on an otherwise unremarkable Patch Tuesday
-
March 05, 2024
05
Mar'24
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken
-
February 28, 2024
28
Feb'24
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors
-
February 28, 2024
28
Feb'24
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently
-
February 27, 2024
27
Feb'24
Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns
More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching
-
February 27, 2024
27
Feb'24
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not
-
February 27, 2024
27
Feb'24
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report
-
February 23, 2024
23
Feb'24
ConnectWise users see cyber attacks surge, including ransomware
ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware
-
February 21, 2024
21
Feb'24
CVE volumes set to increase 25% this year
The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist
-
February 14, 2024
14
Feb'24
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues
-
February 13, 2024
13
Feb'24
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences
-
February 06, 2024
06
Feb'24
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies
-
January 25, 2024
25
Jan'24
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023
-
January 24, 2024
24
Jan'24
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year
-
January 24, 2024
24
Jan'24
IR35: Contractors call for off-payroll rules to be scrapped in Spring Budget 2024
A survey of 900 contractors by insurance provider Qdos found that two-thirds want the government to consider scrapping the IR35 rules in the next Budget, which is due to take place in March 2024
-
January 24, 2024
24
Jan'24
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks
-
January 23, 2024
23
Jan'24
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences
-
January 23, 2024
23
Jan'24
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people
-
January 19, 2024
19
Jan'24
MPs flag similarities between HMRC's treatment of Loan Charge contractors and Post Office scandal
The fallout from HMRC's controversial disguised remuneration clampdown, the Loan Charge policy, has been likened to the Post Office Horizon scandal during a House of Commons debate
-
January 17, 2024
17
Jan'24
Victims of 2023 Capita data breaches head to High Court
More than 5,000 people impacted by data breaches arising from two cyber incidents affecting outsourcer Capita have joined a group action lawsuit
-
January 11, 2024
11
Jan'24
Cisco fixes high-impact flaw in unified comms platform
Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product
-
January 10, 2024
10
Jan'24
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors
-
January 09, 2024
09
Jan'24
Babuk Tortilla ransomware decryptor made available
A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla
-
January 03, 2024
03
Jan'24
Artificial intelligence to the front in Sweden’s National Technology Strategy
Sweden focuses in on artificial intelligence in its latest far-reaching national IT strategy
-
December 21, 2023
21
Dec'23
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics
-
December 20, 2023
20
Dec'23
ALPHV/BlackCat operation down, but maybe not out
Multinational law enforcement has targeted the operations of the notorious ALPHV/BlackCat cyber extortion gang, but the group’s members appear to remain defiant
-
December 13, 2023
13
Dec'23
Microsoft’s Christmas present for cyber teams: no zero-days
Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023
-
December 01, 2023
01
Dec'23
The Security Interviews: Mark McClain, SailPoint Technologies
SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come
-
November 27, 2023
27
Nov'23
India's Hexaware creates hundreds of jobs in UK
Hexaware opens IT services operation in Birmingham, with a plan to recruit 250 people in the region by 2025
-
November 14, 2023
14
Nov'23
Engineers slash RPO/RTO as they swap tape for Rubrik backup
Frankham Group ditches archaic tape backup and deploys Rubrik backup appliances and remote disaster recovery facility. Meanwhile, the engineering group assesses a move to the cloud
-
November 07, 2023
07
Nov'23
Post Office disclosure failures delay Horizon scandal inquiry again
Many of the 300,000 emails unearthed could be relevant to evidence from future and past witnesses in the Post Office scandal inquiry
-
November 06, 2023
06
Nov'23
Netherlands starts building its own AI language model
Dutch government allocates €13.5m to develop an open artificial intelligence language model according to national values and guidelines.
-
November 01, 2023
01
Nov'23
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings