News

IT for telecoms and internet organisations

• January 17, 2023 17 Jan'23

  StarHub to undertake major network transformation

  Singapore telco StarHub is deploying a hybrid cloud architecture that will enable it to launch sovereign cloud services, among other capabilities

• January 16, 2023 16 Jan'23

  The Security Interviews: Protecting your digital self

  Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?

• January 13, 2023 13 Jan'23

  Unionised contract workers who train Google’s AI win pay rise

  Google contract workers employed at artificial intelligence training supplier RaterLabs have secured their first-ever pay rise, following collective demands that Google fulfil its own commitment to pay its extended workforce a minimum of $15 an hour

• January 11, 2023 11 Jan'23

  Internet shutdowns cost global economy $24bn in 2022

  Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors

• January 11, 2023 11 Jan'23

  Microsoft fixes EoP zero-day on January Patch Tuesday

  On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 06, 2023 06 Jan'23

  Proposed digital fraud refund rules risk excluding many victims

  Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned

• January 06, 2023 06 Jan'23

  Meta to appeal £345m fine for Facebook and Instagram privacy breaches

  Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR

• January 05, 2023 05 Jan'23

  Cyber gang abused free trials to exploit public cloud CPU resources

  A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying

• December 29, 2022 29 Dec'22

  Top 10 technology and ethics stories of 2022

  Here are Computer Weekly’s top 10 technology and ethics stories of 2022

• December 29, 2022 29 Dec'22

  Top 10 Nordic IT stories of 2022

  Here are Computer Weekly's top 10 Nordic IT articles of 2022

• December 28, 2022 28 Dec'22

  Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

  NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness

• December 22, 2022 22 Dec'22

  NCA ‘wrong-footed’ defence lawyers after agreeing to take expert evidence on EncroChat ‘as read’

  The National Crime Agency argued at the Investigatory Powers Tribunal that expert evidence it agreed to ‘take as read’ is limited, flawed and often based on an incorrect interpretation of the law

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 20, 2022 20 Dec'22

  Four-day working week set to stay at Atom bank

  Challenger bank Atom has formalised a four-day working week policy after a successful trial

• December 14, 2022 14 Dec'22

  Advanced Azov data wiper likely to become active threat

  Check Point deep dives into an emergent data wiper strain known as Azov, which is making waves with hundreds of new samples being submitted to VirusTotal daily

• December 14, 2022 14 Dec'22

  Ethical hackers flex their muscles in 2022

  Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  The nature of the CISO role will be in flux in 2023

  As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report

• December 13, 2022 13 Dec'22

  More Uber data exposed in possible supply chain attack

  A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack

• December 12, 2022 12 Dec'22

  Cloud-based fingerprint system for UK police nears completion

  Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 09, 2022 09 Dec'22

  Online Safety Bill returns to Parliament

  MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July

• December 08, 2022 08 Dec'22

  Consumers to get new protections against dodgy apps

  Government’s new code of practice will impose new privacy and security measures on app store operators and developers

• December 08, 2022 08 Dec'22

  Apple to tap third party for physical security keys

  Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys

• December 07, 2022 07 Dec'22

  Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

  Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November

• December 06, 2022 06 Dec'22

  Don’t become an unwitting tool in Russia’s cyber war

  Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?

• December 05, 2022 05 Dec'22

  Fake investment ads persist on Meta’s social networks

  Online adverts for investment scams relating to property and crypto assets are still getting past measures designed to stop them

• December 02, 2022 02 Dec'22

  Twitter ‘replacement’ Hive Social shuts off service in privacy alert

  Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers

• December 01, 2022 01 Dec'22

  LastPass probes new cyber incident related to August attack

  The August 2022 cyber attack on LastPass seems to have begat another incident, according to company CEO Karim Toubba

• November 30, 2022 30 Nov'22

  Microsoft 365 banned in German schools over privacy concerns

  German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US

• November 30, 2022 30 Nov'22

  Latest LockBit ransomware versions have wormable capabilities

  Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter

• November 30, 2022 30 Nov'22

  NIS regulations to be extended to cover MSPs

  The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope

• November 29, 2022 29 Nov'22

  ‘Legal but harmful’ clause dropped from Online Safety Bill

  Online Safety Bill’s ‘legal but harmful’ provision will be dropped by the UK government in favour of public risk assessments, tools to help users control the content they consume, and new criminal offences around self-harm

• November 27, 2022 27 Nov'22

  Plexal inducts six into cyber leadership scheme

  Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders

• November 25, 2022 25 Nov'22

  Data management, backup becoming the CISO's responsibility

  More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year

• November 24, 2022 24 Nov'22

  Meta faces UK lawsuit over surveillance business model

  The High Court case against Meta could set a precedent for millions of UK users to object to their personal data being collected and processed for advertising purposes

• November 23, 2022 23 Nov'22

  UK police arrest 120 in largest-ever cyber fraud crackdown

  The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police

• November 23, 2022 23 Nov'22

  AI accountability held back by ‘audit-washing’ practices

  Algorithmic auditing will be useless in holding artificial intelligence accountable until there are common standards, approaches and goals that scrutinise systems at each stage of development and deployment, says think-tank

• November 23, 2022 23 Nov'22

  South Korea data adequacy pact brings £15m Brexit bonus

  UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m

• November 22, 2022 22 Nov'22

  Ducktail spins new tales to hijack Facebook Business accounts

  The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts

• November 22, 2022 22 Nov'22

  Killnet DDoS hacktivists target Royal Family and others

  Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks

• November 22, 2022 22 Nov'22

  C-suite mystified by cyber security jargon

  Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders

• November 18, 2022 18 Nov'22

  Is Elon Musk’s Twitter safe, and should you stop using it?

  With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use

• November 17, 2022 17 Nov'22

  Brexit deregulation will make UK next Silicon Valley, vows Hunt

  Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’

• November 17, 2022 17 Nov'22

  Another Log4Shell warning after Iranian attack on US government

  The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching

• November 16, 2022 16 Nov'22

  Global network fragmentation a source of increasing risk

  Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures

• November 15, 2022 15 Nov'22

  APP fraud volumes expected to double by 2026, says report

  Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue