News

IT for consulting and business services

• October 19, 2022 19 Oct'22

  Treat cyber crime as a ‘strategic threat’, UK businesses told

  The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community

• October 17, 2022 17 Oct'22

  IR35 reforms repeal scrapped: Government labelled ‘spineless’ over u-turn

  The contracting community has not taken kindly to the news that the government is rowing back its plans to repeal the IR35 reforms in the private and public sectors

• October 14, 2022 14 Oct'22

  Office 365 email encryption flaw could pose risk to user privacy

  A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are

• October 12, 2022 12 Oct'22

  NCSC urges organisations to secure supply chains

  NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers

• September 23, 2022 23 Sep'22

  Mini-Budget 2022: HMRC tells firms to update payroll software ahead of November NI tax cut

  HMRC is urging employers to ensure their payroll software systems are updated now, before the reversal of the previous government’s National Insurance tax hike kicks in

• September 21, 2022 21 Sep'22

  Contractors call for IR35 review and tax cuts in Chancellor’s mini-Budget

  The contractor community is patiently awaiting the outcome of this Friday’s mini-Budget, with hopes for some concrete details on the Prime Minister’s proposed IR35 review and news of a corporation tax cut

• September 15, 2022 15 Sep'22

  Organisations failing to account for digital trust

  The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds

• September 14, 2022 14 Sep'22

  Ex-CISA head Krebs: Disrupt ransomware support networks to win the war

  Speaking at an event hosted by data protection specialist Rubrik, former CISA director Chris Krebs calls for the security community to work collectively to kick out the supports from under ransomware gangs

• September 12, 2022 12 Sep'22

  Contractors lack confidence in prime minister to follow through with promised IR35 review

  Contractor poll suggests lack of faith among freelancers about new prime minister Liz Truss honouring her pledge to review the IR35 rules

• September 12, 2022 12 Sep'22

  CISOs should spend on critical apps, cloud, zero-trust, in 2023

  Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts

• September 05, 2022 05 Sep'22

  UK payments upgrade to add more than £3bn to GDP, but much more on offer

  UK GDP will increase when its ageing payments infrastructure is replaced with the latest technology to enable real-time payments

• August 30, 2022 30 Aug'22

  IAM house Okta confirms 0ktapus/Scatter Swine attack

  Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard

• August 25, 2022 25 Aug'22

  Adaptive RedAlert, Monster ransomwares go cross-platform

  Kaspersky researchers have shared new intelligence on two emergent cyber criminal groups that have adapted their ransomwares to target different operating systems at the same time

• August 25, 2022 25 Aug'22

  Security pros fret about stress and promotion over cyber attacks

  CIISec’s annual report on the state of the security profession reveals some home truths for security leaders

• August 25, 2022 25 Aug'22

  LockBit 3.0 cements dominance of ransomware ecosystem

  Ransomware attacks were up 47% in July compared with the previous month, according to the latest threat data from NCC Group, with the LockBit family largely to blame

• August 24, 2022 24 Aug'22

  Most CISOs think they’ve been attacked by a nation state

  Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack

• August 22, 2022 22 Aug'22

  Kaspersky threat data added to Microsoft Sentinel service

  Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service

• August 22, 2022 22 Aug'22

  Lloyd’s to end insurance coverage for state cyber attacks

  Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 18, 2022 18 Aug'22

  Growing MFA use spurs ‘pass-the-cookie’ attacks

  The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 16, 2022 16 Aug'22

  Why organisations need to harmonise their CIO and CISO roles

  Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time

• August 09, 2022 09 Aug'22

  HS2 sets aside £9.5m to cover cost of IR35 non-compliance

  HS2 has become the latest public sector entity to have fallen foul of the IR35 rules, with its accounts confirming that it is anticipating a tax bill of £9.5m for failing to assess the status of contractors provided to it by a third party

• August 04, 2022 04 Aug'22

  Spyware activity particularly impactful in July

  After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report

• July 28, 2022 28 Jul'22

  Cyber criminals pivot away from macros as Microsoft changes bite

  As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect

• July 28, 2022 28 Jul'22

  Teams in Grenoble work on 6G breakthrough technology

  Even as 5G networks are being rolled out, new requirements are driving scientists, and engineers in Europe are back to the lab to start developing 6G

• July 27, 2022 27 Jul'22

  Consumers left out of pocket as security costs soar

  As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people

• July 27, 2022 27 Jul'22

  Cyber security training ‘boring’ and largely ignored

  Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them

• July 26, 2022 26 Jul'22

  No More Ransom initiative helps 1.5 million people in six years

  One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project

• July 26, 2022 26 Jul'22

  Ducktail infostealer targets Facebook Business users

  Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts

• July 25, 2022 25 Jul'22

  Umbrella IT contractors could get back-dated holiday pay windfall following Supreme Court ruling

  Umbrella industry stakeholders weigh-up the financial implications of a Supreme Court ruling, which could pave the way for IT contractors to submit back-dated claims for holiday pay

• July 25, 2022 25 Jul'22

  Latest Atlassian Confluence vulnerability raises concerns

  CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months

• July 25, 2022 25 Jul'22

  The Security Interviews: Why you need to protect abandoned digital assets

  The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias

• July 22, 2022 22 Jul'22

  Russia could become the world’s largest market for illegal IT

  Russia could become the biggest market for illegal IT equipment as companies try to get round sanctions imposed on the country

• July 21, 2022 21 Jul'22

  Buy ‘plug-n-play’ malware for the price of a pint of beer

  Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report

• July 20, 2022 20 Jul'22

  (ISC)² expands entry-level cyber programme after UK success

  Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

• July 20, 2022 20 Jul'22

  Cato aims to bust cyber myths as it extends network protections

  Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...

• July 19, 2022 19 Jul'22

  European IT services see bumper quarter, but signs of slowing emerge

  Spending on IT and BPO services in Europe saw significant growth in the past quarter, but there are signs of a slowdown

• July 18, 2022 18 Jul'22

  US cyber agency CISA to open London office

  The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America

• July 15, 2022 15 Jul'22

  Log4Shell on its way to becoming ‘endemic’

  US government report concludes that, like Covid, Log4Shell will be with us for a long time to come

• July 14, 2022 14 Jul'22

  Global IT services market shows signs of slowing

  Spending on IT and business process services could be set to reduce over the coming months as the latest ISG figures show early signs of decline

• July 14, 2022 14 Jul'22

  ICO wants to ‘empower people through information’

  Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society

• July 13, 2022 13 Jul'22

  Slippery phish wriggles around MFA protections, says Microsoft

  Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence

• July 13, 2022 13 Jul'22

  July Patch Tuesday brings more than 80 fixes, one zero-day

  While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

• July 12, 2022 12 Jul'22

  MaliBot Android malware spreading fast, says Check Point

  The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point

• July 12, 2022 12 Jul'22

  Microsoft Windows Autopatch now generally available

  Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service

• July 11, 2022 11 Jul'22

  Microsoft VBA macro block will return

  Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure

• July 08, 2022 08 Jul'22

  Stop telling clients to pay ransomware gangs, solicitors told

  The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims