News

IT for media and entertainment industry

• March 16, 2023 16 Mar'23

  Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

  A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly

• March 15, 2023 15 Mar'23

  Chinese Silkloader cyber attack tool falls into Russian hands

  A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators

• March 15, 2023 15 Mar'23

  Microsoft patches Outlook zero-day for March Patch Tuesday

  A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update

• March 13, 2023 13 Mar'23

  Liverpool Football Club signs Wasabi in on-premise-to-cloud storage transition

  Liverpool Football Club has transitioned from lead-footed on-premise infrastructure to Wasabi cloud storage that’s well-suited to its video production and distribution requirements

• March 13, 2023 13 Mar'23

  MI5 to oversee new National Protective Security Authority

  The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets

• February 23, 2023 23 Feb'23

  WithSecure proposes ‘undo’ button for ransomware

  WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening

• February 23, 2023 23 Feb'23

  Santander SME platform harnesses Salesforce

  Bank platform that helps UK small and medium-sized enterprises expand export opportunities is built on cloud technology from Salesforce

• February 22, 2023 22 Feb'23

  Researchers find new bug ‘class’ in Apple devices

  A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix

• February 22, 2023 22 Feb'23

  Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

  Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result

• February 22, 2023 22 Feb'23

  Half of cyber leaders to switch jobs by 2025, citing stress

  A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study

• February 15, 2023 15 Feb'23

  Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

  Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off

• February 15, 2023 15 Feb'23

  Microsoft fixes three zero-days in February update

  February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver

• February 14, 2023 14 Feb'23

  Vidar, nJRAT re-emerge as prominent malware threats in January

  Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry

• February 13, 2023 13 Feb'23

  Russian spear phishing campaign escalates efforts toward critical UK, US and European targets

  Russian hacking group Seaborgium refines its tactics in a continuation of attacks against targets including not-for-profit organisations with geopolitical affiliations

• February 13, 2023 13 Feb'23

  KPMG launches metaverse and digital twin hub in Saudi Arabia

  The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores

• February 13, 2023 13 Feb'23

  Security buyers lack insight into threats, attackers, report finds

  The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report

• February 06, 2023 06 Feb'23

  The Security Interviews: How to overcome data protection compliance challenges

  Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how?

• February 01, 2023 01 Feb'23

  Cloud security top risk to enterprises in 2023, says study

  A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year

• February 01, 2023 01 Feb'23

  UK Cyber Council and ISACA launch audit, assurance programme

  The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros

• January 27, 2023 27 Jan'23

  Hive ransomware gang taken down after FBI hacks back

  The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation

• January 25, 2023 25 Jan'23

  NCSC exposes Iranian, Russian spear-phishing campaign targeting UK

  Spear-phishing campaigns likely linked to Iranian and Russian espionage activity are targeting persons of interest in the UK, warns the NCSC

• January 25, 2023 25 Jan'23

  Boards struggle to resolve cyber risk in digital supply chains

  Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk

• January 24, 2023 24 Jan'23

  UK insurers need to up their game on cyber gaps, says PRA

  Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority

• January 24, 2023 24 Jan'23

  SSRF attacks hit 100,000 businesses globally since November

  There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers

• January 24, 2023 24 Jan'23

  Fake online contest makes Yahoo! most phished brand of Q4 2022

  Yahoo! was the most frequently phished brand during the last three months of 2022, according to a report

• January 17, 2023 17 Jan'23

  Cloudflare urged to clamp down on pirates, counterfeiters

  A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods

• January 17, 2023 17 Jan'23

  Crest throws support behind CyberUp CMA reform campaign

  Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990

• January 16, 2023 16 Jan'23

  The Security Interviews: Protecting your digital self

  Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?

• January 12, 2023 12 Jan'23

  UK government completes trials of age estimation technology

  Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to ...

• January 12, 2023 12 Jan'23

  Guardian confirms Christmas 2022 cyber attack was ransomware

  Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack

• January 11, 2023 11 Jan'23

  Microsoft fixes EoP zero-day on January Patch Tuesday

  On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 05, 2023 05 Jan'23

  Fallout from Guardian cyber attack to last at least a month

  The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time

• January 03, 2023 03 Jan'23

  Test of digital ID tech at Surrey nightclub proclaimed success

  The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID

• December 29, 2022 29 Dec'22

  Top 10 Nordic IT stories of 2022

  Here are Computer Weekly's top 10 Nordic IT articles of 2022

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 20, 2022 20 Dec'22

  Four-day working week set to stay at Atom bank

  Challenger bank Atom has formalised a four-day working week policy after a successful trial

• December 14, 2022 14 Dec'22

  Ethical hackers flex their muscles in 2022

  Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  The nature of the CISO role will be in flux in 2023

  As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 08, 2022 08 Dec'22

  Consumers to get new protections against dodgy apps

  Government’s new code of practice will impose new privacy and security measures on app store operators and developers

• December 08, 2022 08 Dec'22

  Apple to tap third party for physical security keys

  Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys

• December 07, 2022 07 Dec'22

  Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

  Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November

• December 06, 2022 06 Dec'22

  Don’t become an unwitting tool in Russia’s cyber war

  Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?

• November 30, 2022 30 Nov'22

  Latest LockBit ransomware versions have wormable capabilities

  Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter

• November 25, 2022 25 Nov'22

  Data management, backup becoming the CISO's responsibility

  More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year

• November 23, 2022 23 Nov'22

  South Korea data adequacy pact brings £15m Brexit bonus

  UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m