News

IT for consulting and business services

• April 12, 2023 12 Apr'23

  April Patch Tuesday fixes zero-day used to deliver ransomware

  A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update

• April 12, 2023 12 Apr'23

  Gartner: Rebalance cyber investment towards human-centric elements

  Security decision-makers need to reprioritise their investment outlooks towards people, rather than technology, according to the latest market forecast from Gartner

• April 11, 2023 11 Apr'23

  UKtech50 2023: Help us find the most influential people in UK IT

  Computer Weekly’s annual search for the 50 most influential people in UK IT is back – let us know who you would like to nominate for this year’s list

• April 05, 2023 05 Apr'23

  Quick-acting Rorschach ransomware appears out of nowhere

  Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains

• April 05, 2023 05 Apr'23

  CGI signs up to prison leaver employment initiative

  IT supplier is working with training company specialised in helping prison leavers to find recruitment in the tech sector

• April 04, 2023 04 Apr'23

  Threat researchers dissect anatomy of a Royal ransomware attack

  Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022

• April 04, 2023 04 Apr'23

  Over 90% of organisations find threat hunting a challenge

  Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report

• March 31, 2023 31 Mar'23

  Generative AI central to Accenture’s tech vision

  Generative AI will play a central role over the next 10 years as the digital and physical world become more and more integrated

• March 30, 2023 30 Mar'23

  OSC&R supply chain security framework goes live on Github

  The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework

• March 30, 2023 30 Mar'23

  NCSC issues revised security Board Toolkit for business leaders

  National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools

• March 30, 2023 30 Mar'23

  Climate change vs technology: Study suggests tech investments could mitigate environmental risks

  Bloomberg Media report, sponsored by investment firm Mubadala, highlights human impacts of various industry megatrends, including climate change and technology adoption

• March 28, 2023 28 Mar'23

  Alan Turing Institute unveils strategy to support UK AI

  The strategy is built around helping the UK government realise its artificial intelligence ambitions, and focuses on areas where the UK can play a transformative role in shaping AI development

• March 28, 2023 28 Mar'23

  Apple security updates fix 33 iPhone vulnerabilities

  A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels

• March 28, 2023 28 Mar'23

  Ransomware attacks up 45% in February, LockBit responsible

  NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active

• March 27, 2023 27 Mar'23

  CBI launches campaign to boost UK tech unicorns

  The CBI has launched a campaign to transform the UK’s technology unicorns into decacorns valued at $10bn, with specific policy recommendation due to be published later in 2023

• March 24, 2023 24 Mar'23

  National Crime Agency sting operation infiltrates cyber crime market

  The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks

• March 24, 2023 24 Mar'23

  Accenture to cut 19,000 jobs globally

  Accenture is cutting ‘structural’ costs which includes a reduction of 19,000 staff and a consolidation of office space

• March 21, 2023 21 Mar'23

  Ransomware gangs harass victims to ‘bypass’ backups

  Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order

• March 20, 2023 20 Mar'23

  BBC cracks down on TikTok after review

  The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences

• March 17, 2023 17 Mar'23

  UK TikTok ban gives us all cause to consider social media security

  The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for

• March 16, 2023 16 Mar'23

  BEC attacks doubled in 2022, outstripping ransomware

  Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks

• March 16, 2023 16 Mar'23

  Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

  A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly

• March 15, 2023 15 Mar'23

  Chinese Silkloader cyber attack tool falls into Russian hands

  A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators

• March 15, 2023 15 Mar'23

  Microsoft patches Outlook zero-day for March Patch Tuesday

  A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update

• March 13, 2023 13 Mar'23

  MI5 to oversee new National Protective Security Authority

  The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets

• March 06, 2023 06 Mar'23

  Over 50s and IR35: How retired IT workers could help close the tech sector skills gap

  With the UK government wanting to get more people who took early retirement in the wake of the pandemic back to work, recruitment experts ponder if encouraging them to work on a freelance basis could close the IT sector’s skills gap

• February 23, 2023 23 Feb'23

  WithSecure proposes ‘undo’ button for ransomware

  WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening

• February 22, 2023 22 Feb'23

  Researchers find new bug ‘class’ in Apple devices

  A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix

• February 22, 2023 22 Feb'23

  Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

  Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result

• February 22, 2023 22 Feb'23

  Half of cyber leaders to switch jobs by 2025, citing stress

  A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study

• February 21, 2023 21 Feb'23

  HMRC slammed for ‘needlessly’ pursuing CEST-assured outside-IR35 contractor

  HMRC stands accused of needlessly drawing out an IR35-related investigation into an engineering contractor’s tax affairs by ignoring the findings of its own Check Employment Status for Tax tool

• February 15, 2023 15 Feb'23

  Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

  Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off

• February 15, 2023 15 Feb'23

  Microsoft fixes three zero-days in February update

  February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver

• February 14, 2023 14 Feb'23

  Vidar, nJRAT re-emerge as prominent malware threats in January

  Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry

• February 13, 2023 13 Feb'23

  KPMG launches metaverse and digital twin hub in Saudi Arabia

  The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores

• February 13, 2023 13 Feb'23

  Security buyers lack insight into threats, attackers, report finds

  The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report

• February 06, 2023 06 Feb'23

  The Security Interviews: How to overcome data protection compliance challenges

  Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how?

• February 03, 2023 03 Feb'23

  LockBit gang confirms Ion cyber attack as disruption continues

  The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February

• February 02, 2023 02 Feb'23

  Suspected LockBit ransomware attack causes havoc in City of London

  A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders

• February 01, 2023 01 Feb'23

  Cloud security top risk to enterprises in 2023, says study

  A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year

• February 01, 2023 01 Feb'23

  UK Cyber Council and ISACA launch audit, assurance programme

  The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros

• January 31, 2023 31 Jan'23

  Tech Nation to shutter after more than a decade

  Tech Nation due to shutter after losing core funding to Barclays Eagle Labs, which will take over its role in supporting UK technology startups and scaleups

• January 27, 2023 27 Jan'23

  Hive ransomware gang taken down after FBI hacks back

  The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation

• January 25, 2023 25 Jan'23

  Will mass big tech lay-offs affect employment prospects of IT contractors in 2023?

  With some of the biggest tech firms in the world announcing mass redundancies, will the flood of new entrants to the jobs market affect the prospects of IT contractors already looking for work amid the cost-of-living crisis?

• January 25, 2023 25 Jan'23

  Boards struggle to resolve cyber risk in digital supply chains

  Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk

• January 24, 2023 24 Jan'23

  UK insurers need to up their game on cyber gaps, says PRA

  Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority

• January 24, 2023 24 Jan'23

  SSRF attacks hit 100,000 businesses globally since November

  There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers

• January 23, 2023 23 Jan'23

  CIO interview: Ed Higgs, group director of IT shared services, Rentokil Initial

  The pest control provider has consolidated 77 datacentres globally to just three – but with a corporate culture of acquisitions, there’s still a lot more to do

• January 17, 2023 17 Jan'23

  Crest throws support behind CyberUp CMA reform campaign

  Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990

• January 13, 2023 13 Jan'23

  Unionised contract workers who train Google’s AI win pay rise

  Google contract workers employed at artificial intelligence training supplier RaterLabs have secured their first-ever pay rise, following collective demands that Google fulfil its own commitment to pay its extended workforce a minimum of $15 an hour