News

IT for consulting and business services

• March 24, 2023 24 Mar'23

  National Crime Agency sting operation infiltrates cyber crime market

  The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks

• March 24, 2023 24 Mar'23

  Accenture to cut 19,000 jobs globally

  Accenture is cutting ‘structural’ costs which includes a reduction of 19,000 staff and a consolidation of office space

• March 21, 2023 21 Mar'23

  Ransomware gangs harass victims to ‘bypass’ backups

  Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order

• March 20, 2023 20 Mar'23

  BBC cracks down on TikTok after review

  The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences

• March 17, 2023 17 Mar'23

  UK TikTok ban gives us all cause to consider social media security

  The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for

• March 16, 2023 16 Mar'23

  BEC attacks doubled in 2022, outstripping ransomware

  Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks

• March 16, 2023 16 Mar'23

  Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

  A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly

• March 15, 2023 15 Mar'23

  Chinese Silkloader cyber attack tool falls into Russian hands

  A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators

• March 15, 2023 15 Mar'23

  Microsoft patches Outlook zero-day for March Patch Tuesday

  A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update

• March 13, 2023 13 Mar'23

  MI5 to oversee new National Protective Security Authority

  The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets

• March 06, 2023 06 Mar'23

  Over 50s and IR35: How retired IT workers could help close the tech sector skills gap

  With the UK government wanting to get more people who took early retirement in the wake of the pandemic back to work, recruitment experts ponder if encouraging them to work on a freelance basis could close the IT sector’s skills gap

• February 23, 2023 23 Feb'23

  WithSecure proposes ‘undo’ button for ransomware

  WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening

• February 22, 2023 22 Feb'23

  Researchers find new bug ‘class’ in Apple devices

  A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix

• February 22, 2023 22 Feb'23

  Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

  Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result

• February 22, 2023 22 Feb'23

  Half of cyber leaders to switch jobs by 2025, citing stress

  A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study

• February 21, 2023 21 Feb'23

  HMRC slammed for ‘needlessly’ pursuing CEST-assured outside-IR35 contractor

  HMRC stands accused of needlessly drawing out an IR35-related investigation into an engineering contractor’s tax affairs by ignoring the findings of its own Check Employment Status for Tax tool

• February 15, 2023 15 Feb'23

  Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

  Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off

• February 15, 2023 15 Feb'23

  Microsoft fixes three zero-days in February update

  February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver

• February 14, 2023 14 Feb'23

  Vidar, nJRAT re-emerge as prominent malware threats in January

  Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry

• February 13, 2023 13 Feb'23

  KPMG launches metaverse and digital twin hub in Saudi Arabia

  The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores

• February 13, 2023 13 Feb'23

  Security buyers lack insight into threats, attackers, report finds

  The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report

• February 06, 2023 06 Feb'23

  The Security Interviews: How to overcome data protection compliance challenges

  Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how?

• February 03, 2023 03 Feb'23

  LockBit gang confirms Ion cyber attack as disruption continues

  The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February

• February 02, 2023 02 Feb'23

  Suspected LockBit ransomware attack causes havoc in City of London

  A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders

• February 01, 2023 01 Feb'23

  Cloud security top risk to enterprises in 2023, says study

  A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year

• February 01, 2023 01 Feb'23

  UK Cyber Council and ISACA launch audit, assurance programme

  The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros

• January 31, 2023 31 Jan'23

  Tech Nation to shutter after more than a decade

  Tech Nation due to shutter after losing core funding to Barclays Eagle Labs, which will take over its role in supporting UK technology startups and scaleups

• January 27, 2023 27 Jan'23

  Hive ransomware gang taken down after FBI hacks back

  The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation

• January 25, 2023 25 Jan'23

  Will mass big tech lay-offs affect employment prospects of IT contractors in 2023?

  With some of the biggest tech firms in the world announcing mass redundancies, will the flood of new entrants to the jobs market affect the prospects of IT contractors already looking for work amid the cost-of-living crisis?

• January 25, 2023 25 Jan'23

  Boards struggle to resolve cyber risk in digital supply chains

  Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk

• January 24, 2023 24 Jan'23

  UK insurers need to up their game on cyber gaps, says PRA

  Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority

• January 24, 2023 24 Jan'23

  SSRF attacks hit 100,000 businesses globally since November

  There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers

• January 23, 2023 23 Jan'23

  CIO interview: Ed Higgs, group director of IT shared services, Rentokil Initial

  The pest control provider has consolidated 77 datacentres globally to just three – but with a corporate culture of acquisitions, there’s still a lot more to do

• January 17, 2023 17 Jan'23

  Crest throws support behind CyberUp CMA reform campaign

  Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990

• January 13, 2023 13 Jan'23

  Unionised contract workers who train Google’s AI win pay rise

  Google contract workers employed at artificial intelligence training supplier RaterLabs have secured their first-ever pay rise, following collective demands that Google fulfil its own commitment to pay its extended workforce a minimum of $15 an hour

• January 12, 2023 12 Jan'23

  Government accused of leaving umbrella company regulation in limbo by shelving enforcement body

  The UK government is coming under pressure to reveal the state of its plans to regulate umbrella companies after it emerged that the enforcement body it promised to create is unlikely to materialise

• January 11, 2023 11 Jan'23

  Microsoft fixes EoP zero-day on January Patch Tuesday

  On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 04, 2023 04 Jan'23

  Why India’s Mphasis chose West Yorkshire for tech hub

  IT services firm Mphasis is moving more service delivery to the UK with around 1000 tech recruits planned for Northern England

• January 03, 2023 03 Jan'23

  CDO interview: Lisa Heneghan, global chief digital officer, KPMG

  The advisory and consultancy firm’s former UK CDO has stepped up into a global role – with a whole new set of challenges and opportunities around taking digital transformation further

• December 29, 2022 29 Dec'22

  Top 10 Nordic IT stories of 2022

  Here are Computer Weekly's top 10 Nordic IT articles of 2022

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 20, 2022 20 Dec'22

  Four-day working week set to stay at Atom bank

  Challenger bank Atom has formalised a four-day working week policy after a successful trial

• December 14, 2022 14 Dec'22

  Ethical hackers flex their muscles in 2022

  Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  The nature of the CISO role will be in flux in 2023

  As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 08, 2022 08 Dec'22

  Apple to tap third party for physical security keys

  Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys