News

IT for telecoms and internet organisations

• July 26, 2022 26 Jul'22

  Meta publishes first-ever human rights report

  Meta details its approach to protecting and promoting human rights, but civil society groups say the company has failed to grapple with the human rights risks associated with its own business model

• July 26, 2022 26 Jul'22

  Ducktail infostealer targets Facebook Business users

  Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts

• July 25, 2022 25 Jul'22

  Latest Atlassian Confluence vulnerability raises concerns

  CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months

• July 25, 2022 25 Jul'22

  The Security Interviews: Why you need to protect abandoned digital assets

  The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias

• July 22, 2022 22 Jul'22

  Russia could become the world’s largest market for illegal IT

  Russia could become the biggest market for illegal IT equipment as companies try to get round sanctions imposed on the country

• July 22, 2022 22 Jul'22

  LinkedIn most impersonated brand in phishing attacks

  Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks

• July 21, 2022 21 Jul'22

  GCHQ experts back scanning of encrypted phone messages to fight child abuse

  Ian Levy, technical director of the NCSC, and Crispin Robinson, technical director of GCHQ, back client-side scanning software on mobile phones to detect child abuse

• July 21, 2022 21 Jul'22

  Buy ‘plug-n-play’ malware for the price of a pint of beer

  Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report

• July 21, 2022 21 Jul'22

  UK government introduces data reforms legislation to Parliament

  Proposed changes to UK’s data protection regime include new grounds for data processing, significant powers for the secretary of state to direct the regime’s application, and fewer restrictions on law enforcement’s use of data

• July 20, 2022 20 Jul'22

  (ISC)² expands entry-level cyber programme after UK success

  Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

• July 20, 2022 20 Jul'22

  Cato aims to bust cyber myths as it extends network protections

  Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...

• July 20, 2022 20 Jul'22

  Vodafone upgrades global network with SDN for flexible scalability

  Software-defined networking stack deployed on both IP and optical global internet network controllers

• July 19, 2022 19 Jul'22

  European IT services see bumper quarter, but signs of slowing emerge

  Spending on IT and BPO services in Europe saw significant growth in the past quarter, but there are signs of a slowdown

• July 18, 2022 18 Jul'22

  US cyber agency CISA to open London office

  The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America

• July 15, 2022 15 Jul'22

  Log4Shell on its way to becoming ‘endemic’

  US government report concludes that, like Covid, Log4Shell will be with us for a long time to come

• July 14, 2022 14 Jul'22

  Videogame maker Bandai Namco confirms cyber attack

  Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack

• July 14, 2022 14 Jul'22

  Global IT services market shows signs of slowing

  Spending on IT and business process services could be set to reduce over the coming months as the latest ISG figures show early signs of decline

• July 14, 2022 14 Jul'22

  ICO wants to ‘empower people through information’

  Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society

• July 13, 2022 13 Jul'22

  Slippery phish wriggles around MFA protections, says Microsoft

  Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence

• July 13, 2022 13 Jul'22

  July Patch Tuesday brings more than 80 fixes, one zero-day

  While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

• July 12, 2022 12 Jul'22

  MaliBot Android malware spreading fast, says Check Point

  The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point

• July 12, 2022 12 Jul'22

  Microsoft Windows Autopatch now generally available

  Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service

• July 11, 2022 11 Jul'22

  Microsoft VBA macro block will return

  Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure

• July 08, 2022 08 Jul'22

  Ofcom publishes Online Safety Roadmap

  The roadmap sets out how the online harms regulator will approach implementing the UK’s online safety regime, and tells tech firms to start preparing for the new rules

• July 08, 2022 08 Jul'22

  Stop telling clients to pay ransomware gangs, solicitors told

  The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims

• July 08, 2022 08 Jul'22

  Microsoft appears to reverse VBA macro-blocking

  Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled

• July 07, 2022 07 Jul'22

  MI5, FBI chiefs warn of Chinese cyber espionage threat

  In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests

• July 07, 2022 07 Jul'22

  Tech companies face pressure over end-to-end encryption in Online Safety Bill

  An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• July 05, 2022 05 Jul'22

  Prepare for long-term cyber threat from Ukraine war, says NCSC

  The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams

• July 05, 2022 05 Jul'22

  NCSC CEO: Why we should run towards crises to elevate cyber security

  National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country

• June 29, 2022 29 Jun'22

  New cyber extortion op appears to have hit AMD

  Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data

• June 29, 2022 29 Jun'22

  Romance scammers exploit Ukraine war in cynical campaign

  Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions

• June 27, 2022 27 Jun'22

  Brexit a net negative for UK cyber, say CISOs

  Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe

• June 27, 2022 27 Jun'22

  LockBit ransomware gang launches bug bounty programme

  A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware

• June 24, 2022 24 Jun'22

  Black Basta ransomware crew aiming for ‘big leagues’

  Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason

• June 24, 2022 24 Jun'22

  US cyber agency in fresh warning over Log4Shell risk to VMware

  Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability

• June 21, 2022 21 Jun'22

  Government won’t regulate on professional cyber standards

  The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession

• June 21, 2022 21 Jun'22

  CNI leaders’ attitude to ransomware lackadaisical at best

  A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats

• June 21, 2022 21 Jun'22

  New coalition lifts Finland’s 6G status

  Finland is laying the foundations for future European leadership in 6G research and development

• June 17, 2022 17 Jun'22

  British businesses to recognise Google skills certificates

  Google training programmes are being made available to more people in the UK as part of an initiative from the supplier and major UK businesses

• June 17, 2022 17 Jun'22

  Government responds to Data Reform Bill consultation

  Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit

• June 17, 2022 17 Jun'22

  MoD sets out strategy to develop military AI with private sector

  The UK Ministry of Defence has outlined its intention to work closely with the private sector to develop and deploy a range of artificial intelligence-powered technologies, committing to ‘lawful and ethical AI use’

• June 16, 2022 16 Jun'22

  Office 365 loophole may give ransomware an easy shot at your files

  Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

• June 15, 2022 15 Jun'22

  Patch Tuesday dogged by concerns over Microsoft vulnerability response

  The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure

• June 14, 2022 14 Jun'22

  MS Azure Synapse vulnerability fixed after six-month slog

  Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga

• June 13, 2022 13 Jun'22

  New warning over tech suppliers in thrall to hostile governments

  Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer

• June 10, 2022 10 Jun'22

  Snake Keylogger climbing malware charts, says Check Point

  Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers

• June 10, 2022 10 Jun'22

  Researchers find eight CVEs in single building access system

  A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets

• June 09, 2022 09 Jun'22

  SolarWinds CEO offers to commit staffers to government cyber agencies

  A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response