News

IT for telecoms and internet organisations

August 28, 2025 28 Aug'25
Microsoft refuses to divulge data flows to Police Scotland

Tech giant Microsoft is declining to share key information with Police Scotland about where the sensitive data it uploads to Office 365 will be processed, leaving the force unable to comply with UK-wide data protection laws
August 28, 2025 28 Aug'25
UK cyber security centre helps expose China-based cyber campaign

GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses
August 27, 2025 27 Aug'25
Incident response planning cuts the risk of claiming on cyber security insurance

Proper attention to incident response planning is emerging as a core cyber control when it comes to reducing the risk of having to claim on cyber security insurance, according to a report
August 27, 2025 27 Aug'25
Ransomware activity levelled off in July, says NCC

Ransomware levels held steady in the month of July, although the risk remained as persistent as ever

August 26, 2025 26 Aug'25
Three new Citrix NetScaler zero-days under active exploitation

Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor
August 26, 2025 26 Aug'25
Okta makes AI identity play with Axiom acquisition

Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities
August 25, 2025 25 Aug'25
Ransomware attack volumes up nearly three times on 2024

During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024
August 21, 2025 21 Aug'25
Moscow exploiting seven-year-old Cisco flaw, says FBI

US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software
August 21, 2025 21 Aug'25
Apple iOS update fixes new iPhone zero-day flaw

Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users
August 20, 2025 20 Aug'25
Microsoft starts including PQC algorithms in cyber foundations

Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services

August 20, 2025 20 Aug'25
Commvault users told to patch two RCE exploit chains

Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties
August 20, 2025 20 Aug'25
Warlock claims more victims as cyber attacks hit Colt and Orange

Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt
August 19, 2025 19 Aug'25
Google spins up agentic SOC to speed up incident management

Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite
August 18, 2025 18 Aug'25
Workday hit in wave of social engineering attacks

A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday
August 15, 2025 15 Aug'25
Warlock claims ransomware attack on network services firm Colt

UK network services firm Colt is attempting to recover various customer-facing systems following a cyber attack that has been claimed by the Warlock ransomware gang and may have arisen via a SharePoint flaw
August 15, 2025 15 Aug'25
UK cyber leaders feel impact of Trump cutbacks

The ripple effects of US cyber security cutbacks have reached this side of the Atlantic, according to a report
August 15, 2025 15 Aug'25
Vodafone Greece automates deals for customers, saves 500 staff-days of work

Vodafone Greece hired an implementation partner for a business process management project while its own staff observed and learned how to use the technology
August 12, 2025 12 Aug'25
Eight critical RCE flaws make Microsoft’s latest Patch Tuesday list

Microsoft rolls out fixes for over 100 CVEs in its August Patch Tuesday update
August 12, 2025 12 Aug'25
Researchers firm up ShinyHunters, Scattered Spider link

ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs
August 12, 2025 12 Aug'25
UK work visa sponsors are target of phishing campaign

Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud
August 06, 2025 06 Aug'25
Black Hat USA: Startup breaks secrets management tools

Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms
August 06, 2025 06 Aug'25
Cyber criminals would prefer businesses don’t use Okta

Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use
August 06, 2025 06 Aug'25
NCSC updates CNI Cyber Assessment Framework

Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles
August 05, 2025 05 Aug'25
Attacker could defeat Dell firmware flaws with a vegetable

Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion
August 04, 2025 04 Aug'25
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback

Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers
August 04, 2025 04 Aug'25
Proliferation of on-premise GenAI platforms is widening security risks

Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams
July 30, 2025 30 Jul'25
Scattered Spider tactics continue to evolve, warn cyber cops

CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things
July 30, 2025 30 Jul'25
MS Authenticator users face passkey crunch time

The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now
July 30, 2025 30 Jul'25
AI-enabled security pushes down breach costs for UK organisations

Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study
July 29, 2025 29 Jul'25
Global cyber spend will top $200bn this year, says Gartner

Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year
July 28, 2025 28 Jul'25
European digital market figurehead pleads to Westminster

Big EU industry joins with Europhile MP to persuade obstinate government officials to join the dataspaces intended to become the bedrock of Europe’s digital single market
July 24, 2025 24 Jul'25
SharePoint users hit by Warlock ransomware, says Microsoft

Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware
July 24, 2025 24 Jul'25
Dutch researchers use heartbeat detection to unmask deepfakes

Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate
July 23, 2025 23 Jul'25
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’

Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud
July 22, 2025 22 Jul'25
Microsoft confirms China link to SharePoint hacks

Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
July 22, 2025 22 Jul'25
Chinese cyber spies among those linked to SharePoint attacks

Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors
July 21, 2025 21 Jul'25
Patch ToolShell SharePoint zero-day immediately, says Microsoft

The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised
July 21, 2025 21 Jul'25
The Security Interviews: Jason Nurse, University of Kent

Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more
July 16, 2025 16 Jul'25
Scattered Spider playbook evolving fast, says Microsoft

Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response
July 15, 2025 15 Jul'25
UKtech50 2025: The most influential people in UK technology

Computer Weekly has announced the 15th annual UKtech50 – our definitive list of the movers and shakers in the UK tech sector
July 15, 2025 15 Jul'25
Current approaches to patching unsustainable, report says

Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report
July 14, 2025 14 Jul'25
Brits clinging to Windows 10 face heightened risk, says NCSC

Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC
July 11, 2025 11 Jul'25
UK online safety regime ineffective on misinformation, MPs say

A report from the Commons Science, Innovation and Technology Committee outlines how the Online Safety Act fails to deal with the algorithmic amplification of ‘legal but harmful’ misinformation
July 10, 2025 10 Jul'25
Government funding to help SMEs protect their IP

Scheme will see SMEs and innovative startups working in sensitive sectors receive advice on enhancing cyber and physical security measures to protect their valuable intellectual property
July 08, 2025 08 Jul'25
July Patch Tuesday brings over 130 new flaws to address

Microsoft patched well over 100 new common vulnerabilities and exposures on the second Tuesday of the month, but its latest update is mercifully light on zero-days
July 07, 2025 07 Jul'25
Tech firms complicit in ‘economy of genocide’, says UN rapporteur

A UN special rapporteur has called for technology firms operating in Israel and the Occupied Palestinian Territories to immediately halt their activities, in wider report about the role corporate entities have played in the Israeli state’s ongoing ‘...
July 02, 2025 02 Jul'25
Google fixes type confusion flaw in Chrome browser

An actively exploited type confusion vulnerability in the Google Chrome web browser needs immediate attention from users
July 02, 2025 02 Jul'25
Dutch study uncovers cognitive biases undermining cyber security board decisions

Dutch research reveals how cognitive biases can lead to catastrophic security decisions
July 01, 2025 01 Jul'25
Cloudflare to let customers block AI web crawlers

Publishers and other providers of creative content now have the option to block AI crawlers from accessing and scraping their intellectual property with new tools from Cloudflare.
June 24, 2025 24 Jun'25
UK ransomware costs significantly outpace other countries

UK organisations hit by ransomware attacks paid much higher ransoms than in other countries over the past 12 months, according to study