News

IT for utilities and energy

• December 09, 2025 09 Dec'25

  Microsoft patched over 1,100 CVEs in 2025

  The final Patch Tuesday update of the year brings 56 new CVEs, bringing the year-end total to more than 1,100

• December 04, 2025 04 Dec'25

  Constrained budgets left security teams short-handed in 2025

  With 2024 seeing surges in security funding cuts, lay-offs and hiring freezes, 2025 brought some relief for cyber pros, but constrained budgets are leaving security teams short-staffed

• December 03, 2025 03 Dec'25

  NCSC and BT block a billion dangerous clicks

  A protective service jointly developed by the NCSC and BT has disrupted over a billion potential cyber incidents by stopping members of the public from clicking through to dangerous websites

• November 19, 2025 19 Nov'25

  Cloudflare contrite after worst outage since 2019

  Cloudflare CEO Matthew Prince apologises for the firm’s worst outage in years and shares details of how a change to database system permissions caused a cascading effect that brought down some of the web’s biggest names

• November 18, 2025 18 Nov'25

  Cloudflare outage disrupts public web services

  An outage at web traffic management specialist Cloudflare has caused disruption across the internet

• November 12, 2025 12 Nov'25

  Microsoft users warned over privilege elevation flaw

  An elevation of privilege vulnerability in Windows Kernel tops the list of issues to address in the latest monthly Patch Tuesday update

• November 12, 2025 12 Nov'25

  IT services companies and datacentres face regulation as cyber security bill reaches Parliament

  The Cyber Security and Resilience Bill will require large IT services companies, including datacentres, to report security incidents within 24 hours

• November 05, 2025 05 Nov'25

  Government to broaden ‘narrow’ computing curriculum

  Planned changes to the computer science curriculum announced following independent review recommendations

• November 04, 2025 04 Nov'25

  The Security Interviews: Colin Mahony, CEO, Recorded Future

  Recorded Future’s CEO talks threat intelligence, AI in cyber security and the ever-changing cyber threat landscape

• October 31, 2025 31 Oct'25

  Cyber agencies co-sign Exchange Server security guide

  US and allied cyber agencies team up to try to nudge users to pay more attention to securing Microsoft Exchange Server

• October 29, 2025 29 Oct'25

  Scope of US state-level privacy laws expands rapidly in 2025

  Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge

• October 27, 2025 27 Oct'25

  LockBit 5.0 expands targeting amid ransomware escalation

  The LockBit RaaS operation is back in action, with technical features and expanded targeting, and is contributing to a steadily growing number of ransomware attacks

• October 24, 2025 24 Oct'25

  UK ramps up ransomware fightback with supply chain security guide

  Multinational guidance, developed by the UK and Singapore, is designed to help organisations reinforce their supply chain against ransomware attacks

• October 20, 2025 20 Oct'25

  The Netherlands faces €12bn R&D investment gap as productivity stagnates

  Dutch government unveils nine-point plan to meet European 3% GDP target after its competitiveness ranking plummeted

• October 15, 2025 15 Oct'25

  India’s biggest IT firm to create 5,000 UK jobs

  Indian IT giant will increase its UK-based workforce by thousands over the next three years

• October 15, 2025 15 Oct'25

  AI will create a better world, says Oracle’s Ellison

  Oracle ramped up its plans to lead in all things AI on the opening day of its renamed customer event, AI World, with founder Larry Ellison emphasising AI’s transformative potential

• October 09, 2025 09 Oct'25

  Warlock ransomware may be linked to Chinese state

  The operators of Warlock ransomware who exploited a set of SharePoint Server vulnerabilities earlier this year likely have some kind of link to the Chinese government, researchers claim

• October 08, 2025 08 Oct'25

  Interview: Change management for digitisation and agentic AI

  We speak to Thomas Bodé, chief digital transformation officer at European energy company Met Group, about delivering successful digital initiatives

• October 07, 2025 07 Oct'25

  Alert over Medusa ransomware attacks targeting Fortra MFT

  Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the Medusa ransomware-as-a-service operation.

• October 07, 2025 07 Oct'25

  The Security Interviews: David Bradbury, CSO, Okta

  Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model

• October 01, 2025 01 Oct'25

  US government shutdown stalls cyber intel sharing

  A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.

• September 30, 2025 30 Sep'25

  Apple’s first iOS 26 security update fixes memory corruption flaw

  Apple issues an update for its brand new iOS 26 mobile operating system, fixing a potentially dangerous vulnerability affecting iPhones, iPads and other Mac devices

• September 29, 2025 29 Sep'25

  UK and US urge Cisco users to ditch end-of-life security appliances

  An ongoing campaign of cyber attacks is targeting users of end-of-life Cisco security appliance kit

• September 26, 2025 26 Sep'25

  Over half of India-based companies suffer security breaches

  Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year

• September 26, 2025 26 Sep'25

  Okta CEO: AI security and identity security are one and the same

  At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations

• September 25, 2025 25 Sep'25

  Netherlands establishes cyber resilience network to strengthen public-private digital defence

  Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing

• September 24, 2025 24 Sep'25

  Oktane 2025: Okta takes aim at agentic AI governance gap

  Identity specialist Okta is laying the groundwork for a number of incoming announcements designed to help its customers get to grips with the challenge of securing non-human, agentic identities.

• September 19, 2025 19 Sep'25

  UK cyber action plan lays out path to resilience

  A report produced for the government by academics at Imperial College London and the University of Bristol sets out nine recommendations to strengthen the UK’s cyber sector

• September 17, 2025 17 Sep'25

  Microsoft scores win against Office 365 credential thieves

  Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials

• September 17, 2025 17 Sep'25

  NCC: How RaaS team-ups help Scattered Spider enhance its attacks

  Scattered Spider’s alliances with ransomware-as-a-service gangs act as a force multiplier for the scope, and number, of its cyber attacks, according to NCC Group analysts

• September 16, 2025 16 Sep'25

  Turkish state tightens grip on comms

  Turkish subscriptions to fixed broadband were the lowest in Europe in 2024 and half as common as those in more developed countries

• September 10, 2025 10 Sep'25

  Splunk.conf: Cisco and Splunk expand agentic SOC vision

  The arrival of agentic AI in the security operations centre heralds an era of simplification for security professionals, Splunk claims

• September 10, 2025 10 Sep'25

  Could an environmental legal challenge derail government’s fast-tracked datacentre builds?

  The UK government is under fire after details emerged that it has waved through three large-scale datacentre planning applications without conducting an environmental impact assessment first

• September 09, 2025 09 Sep'25

  Splunk.conf: Splunk urges users to eat their ‘cyber veggies’

  The dawn of AI-enabled cyber attacks makes it even more important for defenders to bring their A-game, particularly when it comes to getting the basics right

• September 05, 2025 05 Sep'25

  US politicians ponder Wimwig cyber intel sharing law

  US cyber data sharing legislation is set to replace an Obama-era law, but time is running out to get it over the line, with global ramifications for the security industry, and intelligence and law enforcement communities

• August 28, 2025 28 Aug'25

  UK cyber security centre helps expose China-based cyber campaign

  GCHQ cyber security centre and its international partners release details of malicious cyber activity linked to Chinese businesses

• August 27, 2025 27 Aug'25

  Incident response planning cuts the risk of claiming on cyber security insurance

  Proper attention to incident response planning is emerging as a core cyber control when it comes to reducing the risk of having to claim on cyber security insurance, according to a report

• August 27, 2025 27 Aug'25

  Ransomware activity levelled off in July, says NCC

  Ransomware levels held steady in the month of July, although the risk remained as persistent as ever

• August 26, 2025 26 Aug'25

  Three new Citrix NetScaler zero-days under active exploitation

  Citrix patches three new vulnerabilities in its NetScaler lines warning of active zero-day exploitation by an undisclosed threat actor

• August 26, 2025 26 Aug'25

  Okta makes AI identity play with Axiom acquisition

  Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities

• August 25, 2025 25 Aug'25

  Ransomware attack volumes up nearly three times on 2024

  During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024

• August 21, 2025 21 Aug'25

  Moscow exploiting seven-year-old Cisco flaw, says FBI

  US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco's operating system software

• August 21, 2025 21 Aug'25

  Apple iOS update fixes new iPhone zero-day flaw

  Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users

• August 20, 2025 20 Aug'25

  Microsoft starts including PQC algorithms in cyber foundations

  Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services

• August 20, 2025 20 Aug'25

  Commvault users told to patch two RCE exploit chains

  Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties

• August 19, 2025 19 Aug'25

  Google spins up agentic SOC to speed up incident management

  Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite

• August 18, 2025 18 Aug'25

  Workday hit in wave of social engineering attacks

  A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday

• August 15, 2025 15 Aug'25

  UK cyber leaders feel impact of Trump cutbacks

  The ripple effects of US cyber security cutbacks have reached this side of the Atlantic, according to a report

• August 12, 2025 12 Aug'25

  Eight critical RCE flaws make Microsoft’s latest Patch Tuesday list

  Microsoft rolls out fixes for over 100 CVEs in its August Patch Tuesday update

• August 12, 2025 12 Aug'25

  Researchers firm up ShinyHunters, Scattered Spider link

  ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs