News

IT for small and medium-sized enterprises (SME)

• August 18, 2022 18 Aug'22

  Growing MFA use spurs ‘pass-the-cookie’ attacks

  The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 16, 2022 16 Aug'22

  Cyber security accelerator launches in Greater Manchester

  Accelerator will add to Manchester’s growing cyber security ecosystem, which already includes several tech unicorns, arms companies and the offices of GCHQ

• August 16, 2022 16 Aug'22

  Why organisations need to harmonise their CIO and CISO roles

  Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson

• August 10, 2022 10 Aug'22

  Increase in UK startups scaling to exit, but half still struggle

  Despite more startups scaling to the point of exit than ever before, half are still stuck in low growth stages – particularly those working with emerging technologies

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time

• August 04, 2022 04 Aug'22

  Spyware activity particularly impactful in July

  After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report

• August 03, 2022 03 Aug'22

  Finnish AI Region drives digital growth in small businesses

  Helsinki-based SMEs are being offered support and resources to help them get the best out of artificial intelligence technology to improve their operations and create services to sell

• August 03, 2022 03 Aug'22

  DrayTek patches SOHO router bug that left thousands exposed

  Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers

• July 28, 2022 28 Jul'22

  H0lyGh0st ransomware gang faces challenges, but still a threat

  Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat

• July 28, 2022 28 Jul'22

  NCSC startups scheme turns focus to operational technology, SME security

  NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses

• July 28, 2022 28 Jul'22

  Cyber criminals pivot away from macros as Microsoft changes bite

  As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect

• July 28, 2022 28 Jul'22

  Teams in Grenoble work on 6G breakthrough technology

  Even as 5G networks are being rolled out, new requirements are driving scientists, and engineers in Europe are back to the lab to start developing 6G

• July 27, 2022 27 Jul'22

  Consumers left out of pocket as security costs soar

  As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people

• July 27, 2022 27 Jul'22

  Retail software firm PrestaShop warns users about SQL injection attacks

  Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise

• July 27, 2022 27 Jul'22

  Cyber security training ‘boring’ and largely ignored

  Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them

• July 26, 2022 26 Jul'22

  No More Ransom initiative helps 1.5 million people in six years

  One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project

• July 26, 2022 26 Jul'22

  Ducktail infostealer targets Facebook Business users

  Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts

• July 25, 2022 25 Jul'22

  NCSC seeks community input for Cyber Advisor service

  The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward

• July 25, 2022 25 Jul'22

  Latest Atlassian Confluence vulnerability raises concerns

  CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months

• July 22, 2022 22 Jul'22

  Russia could become the world’s largest market for illegal IT

  Russia could become the biggest market for illegal IT equipment as companies try to get round sanctions imposed on the country

• July 21, 2022 21 Jul'22

  Buy ‘plug-n-play’ malware for the price of a pint of beer

  Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report

• July 20, 2022 20 Jul'22

  (ISC)² expands entry-level cyber programme after UK success

  Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

• July 20, 2022 20 Jul'22

  Cato aims to bust cyber myths as it extends network protections

  Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...

• July 19, 2022 19 Jul'22

  European IT services see bumper quarter, but signs of slowing emerge

  Spending on IT and BPO services in Europe saw significant growth in the past quarter, but there are signs of a slowdown

• July 18, 2022 18 Jul'22

  US cyber agency CISA to open London office

  The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America

• July 15, 2022 15 Jul'22

  Log4Shell on its way to becoming ‘endemic’

  US government report concludes that, like Covid, Log4Shell will be with us for a long time to come

• July 14, 2022 14 Jul'22

  Global IT services market shows signs of slowing

  Spending on IT and business process services could be set to reduce over the coming months as the latest ISG figures show early signs of decline

• July 14, 2022 14 Jul'22

  ICO wants to ‘empower people through information’

  Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society

• July 13, 2022 13 Jul'22

  Slippery phish wriggles around MFA protections, says Microsoft

  Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence

• July 13, 2022 13 Jul'22

  July Patch Tuesday brings more than 80 fixes, one zero-day

  While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

• July 12, 2022 12 Jul'22

  MaliBot Android malware spreading fast, says Check Point

  The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point

• July 12, 2022 12 Jul'22

  Microsoft Windows Autopatch now generally available

  Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service

• July 11, 2022 11 Jul'22

  Microsoft VBA macro block will return

  Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure

• July 11, 2022 11 Jul'22

  SMEs lagging on multifactor authentication

  Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report

• July 08, 2022 08 Jul'22

  Stop telling clients to pay ransomware gangs, solicitors told

  The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims

• July 08, 2022 08 Jul'22

  Microsoft appears to reverse VBA macro-blocking

  Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled

• July 07, 2022 07 Jul'22

  MI5, FBI chiefs warn of Chinese cyber espionage threat

  In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• July 05, 2022 05 Jul'22

  Prepare for long-term cyber threat from Ukraine war, says NCSC

  The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams

• July 05, 2022 05 Jul'22

  NCSC CEO: Why we should run towards crises to elevate cyber security

  National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country

• June 29, 2022 29 Jun'22

  New cyber extortion op appears to have hit AMD

  Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data

• June 27, 2022 27 Jun'22

  Brexit a net negative for UK cyber, say CISOs

  Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe

• June 27, 2022 27 Jun'22

  LockBit ransomware gang launches bug bounty programme

  A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware

• June 24, 2022 24 Jun'22

  Black Basta ransomware crew aiming for ‘big leagues’

  Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason

• June 24, 2022 24 Jun'22

  US cyber agency in fresh warning over Log4Shell risk to VMware

  Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability

• June 21, 2022 21 Jun'22

  Government won’t regulate on professional cyber standards

  The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession

• June 21, 2022 21 Jun'22

  New coalition lifts Finland’s 6G status

  Finland is laying the foundations for future European leadership in 6G research and development

• June 17, 2022 17 Jun'22

  British businesses to recognise Google skills certificates

  Google training programmes are being made available to more people in the UK as part of an initiative from the supplier and major UK businesses